#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Cyber threats | Breaking Cybersecurity News | The Hacker News

Category — Cyber threats
Facebook Unveils ThreatData, a framework for Web Security

Facebook Unveils ThreatData, a framework for Web Security

Mar 26, 2014
Defending and Analysis of online threats and malwares   have become more challenging nowadays and especially for larger businesses like the popular social networking site - Facebook. To encounter malware, phishing, and other online threats, Facebook has taken an important step forward. Facebook has unveiled its latest security-focused platform, dubbed as ' ThreatData ', which is a framework that aims to standardize its methods for collecting and analyzing data. The ThreatData framework is implemented to import information about the various online threats, malware, phishing and other internet risks, then storing it proficiently for real-time and long-term analysis as well. It consists of three high level components i.e. Feeds, Data storage, and Real-time response. FEEDS:  Feeds will collect data from a distinct source and implement them via a lightweight interface. " Here are some examples of feeds we have implemented: Malware file hashes from VirusTotal; Malicious
Learn How SolarWinds Log & Event Manager (LEM) helps you to keep your Network Secure

Learn How SolarWinds Log & Event Manager (LEM) helps you to keep your Network Secure

Mar 15, 2014
So, How do you currently monitor your logs and events, including network, servers, databases, applications, your router, firewall or Windows servers?  Obviously, If you have thousands of machines on your network.. It will become more complicated. Due to the massive boom in the cyber attacks and security breaches that result in financial losses and damages the goodwill of the reputed corporations, the demand for SIEM tools is increasing continuously among the IT security professionals and system administrators. Security Information & Event Management (SIEM) is the best solution, that has evolved over the years to become one of the most trusted and reliable solutions for log management, security, and compliance. SIEM systems provide a holistic view of an organization's Information technology (IT) Security by collecting logs and other security-related documentation for analysis. But SIEM systems are typically expensive to deploy and complex to operate and manage. 
The Secret Weakness Execs Are Overlooking: Non-Human Identities

The Secret Weakness Execs Are Overlooking: Non-Human Identities

Oct 03, 2024Enterprise Security / Cloud Security
For years, securing a company's systems was synonymous with securing its "perimeter." There was what was safe "inside" and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem installations and controlled networks. Data and applications now reside in distributed cloud environments and data centers, accessed by users and devices connecting from anywhere on the planet. The walls have crumbled, and the perimeter has dissolved, opening the door to a new battlefield: identity . Identity is at the center of what the industry has praised as the new gold standard of enterprise security: "zero trust." In this paradigm, explicit trust becomes mandatory for any interactions between systems, and no implicit trust shall subsist. Every access request, regardless of its origin,
AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1

AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1

Mar 14, 2014
IT Infrastructure of organizations is growing ever more distributed, complex and difficult to manage. To manage such networks, a log management solution is not enough. The AlienVault Unified Security Management™ (USM) platform is the perfect solution to help manage the flood of information and analyze it in real time, to find evidence of security incidents. So, in this article we will introduce you to a security monitoring solution that provides real-time threat detection and speeds incident response. The AlienVault Unified Security Management™ (USM) platform provides all of the essential security controls required for complete security visibility, and is designed to enable any IT or security practitioner to benefit from results on day one. Powered by the latest AlienVault Labs Threat Intelligence and the Open Threat Exchange™ (OTX ) —the world's largest crowd-sourced threat intelligence exchange—AlienVault USM delivers a unified, simple and affordable solution for threat
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Police Ransomware threat of huge Fine forced Family to Commit Suicide

Police Ransomware threat of huge Fine forced Family to Commit Suicide

Mar 13, 2014
Till Now we all have heard about the Ransomware Malware that encrypts your files or lock down your computer and ask for a random amount to be paid in a specified duration of time to unlock it, but this cyber threat has forced somebody for the terrible murder and suicide. It's true! This could be an extent of Ransomware that has marked its history by someone's blood. Marcel Datcu , a 36 year old man, living in the village of Movila Miresii , who was married in 2013 and living happily with his family, killed his 4 year old baby and then himself committed suicide after his computer got infected with " police ransomware ," a Romanian Newspaper, Braila24 reports. Ransomware is one of the most blatant and obvious criminal's money making schemes out there, from which Cryptolocker threat had touched the peak, and cyber criminals have developed many Cryptolocker versions ( prisonlocker, linkup, icepole, cryptobit ) by which you have to safeguard your system. According t
Beware! Cyber Criminals may spoil your Valentine's Day

Beware! Cyber Criminals may spoil your Valentine's Day

Feb 11, 2014
Valentine's Day   - a day of hearts, Chocolates, Flowers and Celebrations when people express their emotions to their loved ones and most of us send E-cards, purchase special gifts with the help of various Online Shop Sites and many other tantrums making them feel special. While you are busy in Googling ideal gifts for your loved ones, the Cyber thieves are also busy in taking advantage of such events by spreading various malware , phishing campaigns and fraud schemes as these days come out to be a goldmine for the cyber criminals. Online Shopping Scams are popular among Cyber criminals as it is the easiest way for hackers to steal money in easy and untraceable ways. Security Researchers at Anti virus firm - Trend Micro discovered various Valentine's Day threats which are common at such occasion i.e. A flower-delivery service and it appears to be a normal promotional e-mail, but the links actually lead to various survey scams. The Malware threats also arr
BIOS Malware that can remotely destroy any computer, NSA claimed

BIOS Malware that can remotely destroy any computer, NSA claimed

Dec 16, 2013
During a CBS Interview show " 60 Minutes ", The National Security Agency (NSA) officials claimed that China has developed a BIOS based malware that can remotely destroy any computer. Obviously NSA is struggling to repair its image and in an effort to justify their extensive Surveillance programs, The NSA Director General Keith Alexander and Information Assurance Director Debora Plunkett made a number of claims. During that interview NSA officials said that they had foiled a malware attack that could have taken down the U.S. economy. " One of our analysts actually saw that the nation state had the intention to develop and to deliver, to actually use this capability to destroy computers ," Plunkett said. They have mentioned that this malware was distributed via social engineering and targeted emails, although the NSA director mentioned that their researchers worked with computer manufacturers and able to close the respective vulnerability . " This is t
China: 'We are ready for International cooperation to deal with cyber security Challenges'

China: 'We are ready for International cooperation to deal with cyber security Challenges'

Nov 06, 2013
Yesterday at Stanford University in the United States, Cyber Security Experts and Leaders from more than 40 countries gathered to talk about the cyberspace security problems and cooperation among countries. The need for international cooperation in cybersecurity is evident, due to the nature of cyberspace itself. Cyberspace or the Internet is "borderless" in nature. Cai Mingzhao , Minister of the State Council Information Office of China said that China is keen to continue working with other countries to deal with cyber security Challenges. Interesting! When China is itself the culprit in major Cyber Threats and attacks. " To maintain cyber security, we need to strengthen international cooperation, " and " We are ready to expand our cooperation with other countries and relevant international organizations on the basis of equality and mutual benefit, " he said . He said that the China is a victim of cyber security breaches, where more than 80% of Chinese i
DDoS Attacks : A Serious unstoppable menace for IT security communities

DDoS Attacks : A Serious unstoppable menace for IT security communities

Oct 18, 2013
It should be the busiest day of the year for your business, but your website has just disappeared off the Internet and orders have dried up. If this happens to you, then you likely just become yet another victim of a distributed denial of service (DDoS) attack . By now, everyone who uses the Internet has come across DDoS attacks . It is one of the oldest attack technologies on the web, and a popular way of paralyzing the huge data centers. Just yesterday we have reported about a massive 100Gbps DDoS attack that hit World's 3rd Largest Chinese Bitcoin exchange for 9 hours. Arbor Networks, a leading provider of DDoS and advanced threat protection solutions, today released data on global distributed denial of service (DDoS) attack trends for the first three quarters of 2013, revealed that this kind of attack still represents a serious menace for IT security communities.  The document provides an interesting overview into Internet traffic patterns and threat evolutio
National Security threats to be detailed at 'The Hackers Conference' 2013 | #THC2013

National Security threats to be detailed at 'The Hackers Conference' 2013 | #THC2013

Aug 17, 2013
The recent "disconcerting" reports that India was being spied upon by American intelligence agencies has opened an all new chapter in the cyber security space. The revelation that the Indian embassy in the US was among the list of 38 diplomatic missions which were being spied upon by American intelligence agencies, as per the latest top secret US National Security Agency documents leaked by the whistleblower Edward Snowden has raised questions like How much of liberty should the cyber space grant to maintain national security and at what cost?  So far, legality is the main rationale US officials have used to defend the government's PRISM spying program. It's all perfectly legal, approved by govt. and the courts, but a more potent argument might be just because something is legal doesn't necessarily make it a good thing. In the context of the recent findings and the debate that it has just drawn, The Hackers Conference 2013 will raise important questions on the th
Cyber security scenario according to WebSense

Cyber security scenario according to WebSense

Mar 12, 2013
It's time of stocktaking, principal security firm are proposing their analysis to synthesize actual situation on cyber security, 2012 is widely considered a year when the malware has increased significantly thanks to the contributions of various actors that we will analyze shortly. WebSense has published a new interesting study, 2013 Threat Report , that confirms an extraordinary growth of cyber threats, the data that most of all alert the security community is the increasing number of sophisticated attacks able to elude traditional defense mechanisms. The analysis revealed that technologies most exposed to cyber attacks continue to be mobile platforms and social media, internet is confirmed as primary channel for cyber menaces, let's consider in fact that number of malicious web sites grew nearly 600% and 85% are represented by legitimate web hosts. Another concerning phenomenon is the use of Email as vector for cyber menace, attackers consider this carrier as
Cyber threats a major risk to business

Cyber threats a major risk to business

Oct 22, 2012
When it comes to security, small and midsize businesses are largely unaware of the risks they face. Cybercrime is a serious problem which affects businesses of all sizes and can have devastating consequences. U.S. small businesses should understand they cannot completely remain safe from cyber-threats if they do not take the necessary precautions. Although such threats existed long before malware emerged, data theft, fraud and industrial spying are all now typically conducted through cyber-attacks. The picture painted is of an environment under siege, with an alarming 41% of businesses acknowledging themselves less than ready to face cyber-threats. Kaspersky Lab and B2B International recently conducted a survey among IT professionals working for large and medium-sized businesses to find out what IT specialists thought of corporate security solutions, to determine their level of knowledge about current threats, the sort of problems they most often face, and their ability to e
Microsoft Warns of Serious Flaw in Internet Explorer

Microsoft Warns of Serious Flaw in Internet Explorer

Dec 27, 2011
Microsoft has issued a warning about a significant flaw in the Internet Explorer browser that could allow hackers to control unprotected computers. The vulnerability permits hackers to inject malware into any system by tricking users into visiting malicious websites. This affects anyone using Internet Explorer (IE) versions 6 to 8. The exploit code for this bug has already been published. Although Microsoft has stated there is no current evidence of its use by criminals, they are "investigating" and working on a permanent fix, according to a report by the Daily Mail. Dave Forstrom, director of Microsoft's Trustworthy Computing group, said, "We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact." The bug targets how the browser manages a computer's memory when processing Cascading Style Sheets (CSS), which are design instructions that dictate the appearance of most web pages. Hackers can inject their own
Experts Discuss Stuxnet's Long-Term Impact on Cybersecurity

Experts Discuss Stuxnet's Long-Term Impact on Cybersecurity

Dec 18, 2010
Stuxnet has both fascinated and horrified the cybersecurity community throughout 2010. Its multiple zero-day exploits, stealth capabilities, and precise control over industrial machinery mark it as a prime example of advanced cyber threats. Stuxnet represents both a nightmare and a dream for security researchers due to its sophisticated design and capabilities. Today, I moderated a panel on cybersecurity and infrastructure at the Washington Press Club, hosted by The Atlantic . I was eager to hear the panelists' insights on Stuxnet. I asked them to delve deeper than the usual "This is an existence proof of our worst fears" rhetoric and to identify more nuanced implications. The most intriguing response came from Bill Hunteman, senior advisor for cybersecurity at the Department of Energy. "This is just the beginning," Hunteman remarked. He explained that the advanced hackers who created Stuxnet "did all the hard work," and now the methods they develope
New Trojan Targets User Credentials on Popular Sites

New Trojan Targets User Credentials on Popular Sites

Dec 17, 2010
A new information-stealing Trojan, believed to be of Chinese origin, has been identified by Avira researchers. This malware targets usernames and passwords for a variety of popular websites, including YouTube, Google, and PayPal, as well as Chinese sites like Youku, Tudou, Sogou, and Soho. The stolen credentials are sent to a server in China, reinforcing the researchers' belief about its origin. Unlike typical Trojans that modify registry keys or exploit the autorun feature to ensure execution, this Trojan exhibits unique behavior. It specifically targets shortcuts on the desktop or in special folders. The Trojan duplicates itself and places copies in folders containing the linked files, often executables. It renames the original files to click_[original-file-name].exe and assigns the original file names to its copies. As a result, each time a user clicks on a shortcut, the Trojan runs. To avoid detection for as long as possible, these copies are programmed to execute the rename
CBI Website Hacked by Pakistani Cyber Army, NIC Security Questioned

CBI Website Hacked by Pakistani Cyber Army, NIC Security Questioned

Dec 06, 2010
The recent hacking of the Central Bureau of Investigation's (CBI) website by a group called the 'Pakistani Cyber Army' has raised concerns about the security measures of servers maintained by the National Informatics Centre (NIC). The NIC is responsible for government server maintenance. While the NIC remains silent on the issue, sources in the security establishment suggest that the NIC's safety mechanisms were inadequate. Several reminders had been sent to NIC, urging them to upgrade their hardware. The CBI's official website was hacked on the night of December 3rd to 4th. The CBI has registered a case against unknown individuals in connection with the hacking. A report titled "Shadows in the Cloud" by a Canadian think-tank, comprising the "Information Warfare Monitor" and "Shadows Server," earlier this year indicated evidence of a cyber-espionage network. This network compromised government, business, and academic computer systems
New Rules Enable Military Assistance During Domestic Cyber-Attacks

New Rules Enable Military Assistance During Domestic Cyber-Attacks

Oct 31, 2010
The Obama administration has revised federal policy, enabling the military to assist during a domestic cyber-attack, reported the New York Times on Oct. 21. Typically, the military cannot deploy units within the country's borders, except for natural disasters, and even then, a presidential order is required. However, under a new agreement between the Department of Defense and the Department of Homeland Security, military cyber experts can now be called upon if critical computer networks in the United States are attacked. Robert J. Butler, the Pentagon's deputy assistant secretary for cyber policy, told the Times that this policy change will allow agencies to focus on how to respond to such attacks more effectively. The two agencies "will help each other in more tangible ways than they have in the past," Butler stated in an article in Defense News, an Army Times publication. He added that closer collaboration will provide "an opportunity to explore new ways for
Expert Insights / Articles Videos
Cybersecurity Resources