#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
AI Security

Hacktivism | Breaking Cybersecurity News | The Hacker News

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

May 04, 2024 Cyber Espionage / Network Security
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as  APT28 , drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The Czech Republic's Ministry of Foreign Affairs (MFA), in a statement, said some unnamed entities in the country have been attacked using a security flaw in Microsoft Outlook that came to light early last year. "Cyber attacks targeting political entities, state institutions and critical infrastructure are not only a threat to national security, but also disrupt the democratic processes on which our free society is based," the MFA  said . The security flaw in question is  CVE-2023-23397 , a now-patched critical privilege escalation bug in Outlook that could allow an adversary to access Net-NTLMv2 hashes and then use them to authenticate themselves by means of a relay attack. G
A New Age of Hacktivism

A New Age of Hacktivism

Feb 22, 2024 Hacktivism / Information Warfare
In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives.  We understand hacktivism as a form of computer hacking that is done to further the goals of political or social  activism 1 . While  activism  describes a normal, non-disruptive use of the Internet in order to support a specific cause (online petitions, fundraising, coordinating activities),  hacktivism  includes operations that use hacking techniques with the intent to disrupt but not to cause serious harm (e.g., data theft, website defacements, redirects, Denial-of-Service attacks). Cyber operations that inherit a willingness or intent to cause harm to physical property, severe economic damage or loss of life would be referred to as  cyberterrorism, 2, 3  Th
How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting

How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting

Jul 22, 2024vCISO / Business Security
As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.
Major Cyber Attack Paralyzes Kyivstar - Ukraine's Largest Telecom Operator

Major Cyber Attack Paralyzes Kyivstar - Ukraine's Largest Telecom Operator

Dec 13, 2023 Cyber Attack / Geopolitics
Ukraine's biggest telecom operator Kyivstar has  become  the victim of a " powerful hacker attack ," disrupting customer access to mobile and internet services. "The cyberattack on Ukraine's #Kyivstar telecoms operator has impacted all regions of the country with high impact to the capital, metrics show, with knock-on impacts reported to air raid alert network and banking sector as work continues to restore connectivity," NetBlocks  said  in a series of posts on X (formerly Twitter). Kyivstar, which is owned by Dutch-domiciled multinational telecommunication services company VEON,  serves  nearly 25 million mobile subscribers and more than 1 million home internet customers. The company said the attack was "a result of" the war with Russia and that it has notified law enforcement and special state services. While Kyivstar is working to restore the services, the internet watchdog noted that the telco is largely offline. That said, Kyivstar has yet t
cyber security

Free OAuth Investigation Checklist - How to Uncover Risky or Malicious Grants

websiteNudge SecuritySaaS Security / Supply Chain
OAuth grants provide yet another way for attackers to compromise identities. Download our free checklist to learn what to look for and where when reviewing OAuth grants for potential risks.
U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown

U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown

Nov 06, 2023
The U.S. Department of the Treasury imposed sanctions against a 37-year-old Russian woman for taking part in the laundering of virtual currency for the country's elites and cybercriminal crews, including the Ryuk ransomware group. Ekaterina Zhdanova, per the department, is said to have facilitated large cross border transactions to assist Russian individuals to gain access to Western financial markets and circumvent international sanctions. "Zhdanova utilizes entities that lack Anti-Money Laundering/Combatting the Financing of Terrorism (AML/CFT) controls, such as OFAC-designated Russian cryptocurrency exchange Garantex Europe OU (Garantex)," the treasury department  said  last week.  "Zhdanova relies on multiple methods of value transfer to move funds internationally. This includes the use of cash and leveraging connections to other international money laundering associates and organizations." It's worth noting that Garantex was  previously sanctioned
Both Sides in Russia-Ukraine War Heavily Using Telegram for Disinformation and Hacktivism

Both Sides in Russia-Ukraine War Heavily Using Telegram for Disinformation and Hacktivism

Mar 04, 2022
Cyber criminals and hacktivist groups are increasingly using the Telegram messaging app to coordinate their activities, leak data, and spread disinformation, as the Russia-Ukraine conflict enters its eighth day. A new analysis by Israeli cybersecurity company Check Point Research has  found  that "user volume grew a hundred folds daily on Telegram related groups, peaking at 200,000 per group." Prominent among the groups are anti-Russian cyber attack groups, including the Ukraine government-backed IT Army, which has urged its more 270,000 members to conduct distributed denial-of-service (DDoS) attacks against Russian entities. Other hacktivist-oriented Telegram groups used to coordinate the attacks on Russian targets via DDoS, SMS or call-based attacks are Anna_ and Mark_, Check Point researchers noted. That said, there may be more to these attacks than meets the eye. "It seems that many of the hacktivist groups are more focused on building self-reputation and recei
PandaLabs Predicts Major Cybersecurity Trends for 2011

PandaLabs Predicts Major Cybersecurity Trends for 2011

Dec 23, 2010
PandaLabs, the antimalware laboratory of Panda Security, has predicted several major cybersecurity threats for 2011. These include hacktivism, cyber warfare, profit-driven malware, social engineering, and adaptive malicious codes. Additionally, there will be increased threats to Mac users, new attacks on 64-bit systems, and more zero-day exploits. Here is a summary of PandaLabs' top ten security trends for 2011: Malware Creation : In 2010, PandaLabs observed significant growth in malware, identifying 20 million new strains, more than in 2009. Currently, Panda's Collective Intelligence database contains over 60 million classified threats. Although the year-on-year growth rate has peaked, it was 50% in 2010, down from over 100% in previous years. Cyber Warfare : Incidents like Stuxnet and the WikiLeaks cables, which suggested Chinese government involvement in cyber-attacks on Google, marked a turning point in cyber conflicts. Stuxnet targeted uranium centrifuges in nuclear pla
Vigilance Urged After Anti-Islamist Group Members' Details Leaked Online

Vigilance Urged After Anti-Islamist Group Members' Details Leaked Online

Dec 20, 2010
A controversial anti-Islamist group has advised its members to stay vigilant following a leak of their details online. Hundreds of names and addresses linked to the English Defence League (EDL) were exposed after hackers breached one of the organization's websites. The group warned its members about potential reprisals and advised them to "remain extra vigilant regarding their home and personal safety." The security breach occurred last weekend when hackers accessed a clothing website connected to the EDL. The attackers, identifying themselves as the "Mujahideen Hacking Unit," obtained lists of individuals who had recently purchased items from the site or donated money to the group. The EDL has gained attention over the past year by organizing protests against what it terms the "Islamification" of Britain. Although the group claims it is neither racist nor anti-Muslim, opponents like United Against Fascism argue that the EDL's agenda is clearly I
Anonymous Claims Responsibility for Moneybookers Attack

Anonymous Claims Responsibility for Moneybookers Attack

Dec 16, 2010
Anonymous, a loosely affiliated group of Internet vigilantes, has claimed responsibility for various Internet attacks against organizations perceived as hostile to WikiLeaks. Today, the group sought to portray itself as more focused on symbolic protest rather than outright disruption. These claims come amid reports that the online payment site Moneybookers was taken offline by a distributed denial of service (DDoS) attack launched by Anonymous members. In a statement released today, Anonymous organizers contended that they are not a group of hackers but a "gathering" of average Internet citizens. "We do not want to steal your personal information or credit card numbers. We also do not seek to attack critical infrastructure of companies such as Mastercard, Visa, PayPal, or Amazon," the statement read. Instead, the focus has been on attacking corporate websites or the online "public face" of companies seen as anti-WikiLeaks. The group described these acti
Anonymous Launches Fax-Based Attack on WikiLeaks Opponents

Anonymous Launches Fax-Based Attack on WikiLeaks Opponents

Dec 14, 2010
"Operation Payback" is evolving, as attackers have initiated a fax-based campaign against companies that severed ties with WikiLeaks. Hacktivists from the group "Anonymous" are urging members to send faxes to Amazon, MasterCard, PayPal, Visa, Tableau Software, and Moneybookers. This action aims to create a fax-based version of denial-of-service attacks, according to Netcraft. Over the past few days, the group has launched distributed-denial-of-service (DDoS) attacks against websites of several companies and organizations, including MasterCard and Visa. Paul Mutton from Netcraft blogged, "This latest campaign by the Anonymous group is analogous to the distributed denial of service attacks it has been carrying out against websites over the past week. In essence, this has turned into a DDoS attack against fax machines. The group started the fax-attacks on Dec. 13 at 13:00 GMT and published a list of target fax numbers in their call to arms." "The Anon
Dutch Teens Arrested for Cyberattacks on Mastercard and Visa

Dutch Teens Arrested for Cyberattacks on Mastercard and Visa

Dec 14, 2010
A Dutch hacker collective called Revspace aims to "re-educate" Dutch teens suspected of cyberattacks against Mastercard, Visa, and the Dutch National Prosecutors Office, transforming them into "ethical hackers." Last week, Dutch police arrested a 16-year-old boy for participating in web attacks against MasterCard and Visa as part of a grassroots effort to support WikiLeaks. On Saturday, another teenager was arrested in Hoogezand-Sappemeer for admitting to flooding the website of the Dutch prosecutor. The 19-year-old, known online as Awinee, reportedly encouraged others to join the attack. The teen was released today. Martijn Gonlag, who admitted to using the tool, claimed he only wanted to test software and did not support Wikileaks. Both arrests were straightforward because the teenagers used LOIC (Low Orbit Ion Cannon), a tool that lacks security features like anonymization. The attackers' IP addresses were visible in all packets sent during the attacks, as
Anonymous Clarifies Its Identity and Mission in Recent Statement

Anonymous Clarifies Its Identity and Mission in Recent Statement

Dec 11, 2010
On December 10, 2010, Anonymous released a press statement to clarify its identity and objectives. Who is Anonymous? Anonymous, often misunderstood, is not a conventional group. Instead, it is an internet gathering without formal structure. Both Anonymous and the media acknowledge the perceived internal disagreements within the group. However, this does not imply a failure in their command structure. The decentralized nature of Anonymous is based on shared ideas rather than hierarchical directives. Unique in its form, Anonymous learns through trial and error. The collective is now working on better communication of core values to its members. They also aim to inform the public and media about their identity and principles. Contrary to popular belief, Anonymous is not a group of hackers. Members are average internet citizens driven by frustration over daily injustices. They do not seek to steal personal information or credit card details, nor do they intend to attack critical infras
Anonymous Targets WikiLeaks Critics in Operation Payback Campaign

Anonymous Targets WikiLeaks Critics in Operation Payback Campaign

Dec 11, 2010
Do you support WikiLeaks? Are you angry at critics trying to suppress it? Maybe you're considering joining online protests to shut down the websites of its opponents. Don't. A group of vigilantes named Anonymous has turned their Operation Payback campaign, previously targeting antipiracy organizations, on PayPal, Visa, MasterCard, Senator Joe Lieberman, Sarah Palin, and others who have criticized WikiLeaks or stopped doing business with the document-sharing project. The fallout from WikiLeaks has reached a fever pitch since the site began releasing diplomatic cables last month, causing embarrassment for U.S. diplomatic efforts. Launching denial-of-service (DOS) attacks against target websites to send a message and disrupt their operations is the modern-day equivalent of walking the picket line with a sign. However, the electronic version is illegal. "Participating in a botnet with the intention of shutting down a website violates the Computer Fraud and Abuse Act,"
Indian Cyber Army Hacks OGRA Website in Retaliation

Indian Cyber Army Hacks OGRA Website in Retaliation

Dec 04, 2010
In a troubling trend of tit-for-tat website defacements, a group of Indian hackers known as the 'Indian Cyber Army' hacked the Oil & Gas Regulatory Authority (OGRA) website [ www.ogra.org.pk ] on Saturday. The website was later restored by the site administrators. The message left on the OGRA page stated that the hack was in response to an attack on over 200 Indian websites by the 'Pakistan Cyber Army'. The message read: "You Have Been Hacked By The 'INDIAN CYBER ARMY'. This Is a Retaliation Of Hacking 'CBI'." Previously, a group of Pakistani hackers, identifying themselves as 'Predators PK,' had hacked over 200 Indian websites. This attack was a form of retaliation for a recent cyber assault on Pakistani sites carried out by the Indian Cyber Army (ICA). Unlike the ICA attack, which was cited as 'revenge for 26/11', the message inserted by the Pakistani hackers did not suggest ideological motivations, but rather pure revenge. Pakistani Hacker's Perspective The Pakist
Moroccan Hacktivists Target Foreign Sites, Sparking International Cyber Conflicts

Moroccan Hacktivists Target Foreign Sites, Sparking International Cyber Conflicts

Oct 31, 2010 Cyber Attack / Hacktivism
Hacktivists are militant hackers attacking sites in Egypt, Morocco, Spain, and Israel. Their screen messages resemble banners used in protests, supporting various political, social, or religious ideologies. Active in Morocco, they often hack sensitive security systems. Behind their computer screens, these hackers meticulously encode and decode IT security systems, seeking the slightest vulnerability to launch attacks. Known as hackers in Morocco, they relentlessly penetrate local and foreign sites. Egypt, Kuwait, and Israel have all fallen victim to their actions. Rise of Hacktivism These hackers are not casual credit card thieves but belong to a new category of activists known as "hacktivists." The Internet fuels this underground movement, but their ideological beliefs keep it alive. "It is the oldest form of hacking. Many developing countries resort to this mode of protest," says Ali El Azzouzi, a Moroccan IT security expert. Recently, Morocco, like many other
Cybersecurity
Expert Insights
Cybersecurity Resources