#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Instant Messaging | Breaking Cybersecurity News | The Hacker News

DarkGate Malware Spreading via Messaging Services Posing as PDF Files

DarkGate Malware Spreading via Messaging Services Posing as PDF Files
Oct 13, 2023 Malware / Cyber Threat
A piece of malware known as  DarkGate  has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams. In these attacks, the messaging apps are used to deliver a Visual Basic for Applications ( VBA ) loader script that masquerades as a PDF document, which, when opened, triggers the download and execution of an AutoIt script designed to launch the malware. "It's unclear how the originating accounts of the instant messaging applications were compromised, however it is hypothesized to be either through leaked credentials available through underground forums or the previous compromise of the parent organization," Trend Micro  said  in a new analysis published Thursday. DarkGate, first documented by Fortinet in November 2018, is a  commodity malware  that incorporates a wide range of features to harvest sensitive data from web browsers, conduct cryptocurrency mining, and allow its operators to remotely control the infected hosts. It also

Atlassian's HipChat Hacked — Users' Data May Have Been Compromised

Atlassian's HipChat Hacked — Users' Data May Have Been Compromised
Apr 25, 2017
Atlassian's group chat platform HipChat is notifying its users of a data breach after some unknown hacker or group of hackers broke into one of its servers over the weekend and stole a significant amount of data, including group chat logs. What Happened? According to a security notice published on the company's website today, a vulnerability in a "popular third-party" software library used by its HipChat.com service allowed hackers to break into its server and access customer account information. However, HipChat did not say exactly which programming blunder the hackers exploited to get into the HipChat cloud server. What type of Information? Data accessed by the hackers include user account information such as customers' names, email addresses and hashed password information. Besides information, attackers may have obtained metadata from HipChat "rooms" or groups, including room name and room topic. While metadata is not as critical as d

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024
Feb 14, 2024Financial Security / Cyber Threats
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more limited resources. The FinServ Threat Landscape Recent trends show an alarming increase in sophisticated cyber-attacks. Cybercriminals now deploy advanced techniques like deep fake technology and AI-powered attacks, making it increasingly difficult for banks to differentiate between legitimate and malicious activities. These developments necessitate a shift towards more sophisticated and adaptive cybersecurity measures. Take these industry statistics, for example. Financial firms report 703 cyberattack attempts per week.1 On average, 270 attacks (entailing unauthorized access of data, appl

OTR.to — Secure 'Off-the-Record' p2p Encrypted Messaging Service

OTR.to — Secure 'Off-the-Record' p2p Encrypted Messaging Service
Mar 10, 2015
In this post-Snowden era of mass surveillance, being out-of-reach from the spying eyes really doesn't mean they can not get you. So, if you are concerned about your data privacy and are actually searching for a peer-to-peer encrypted messaging service, then it's time to get one. " Otr.to " — an open-source peer-to-peer browser-based messaging application that offers secure communication by making use of "Off-the-Record" (OTR) Messaging , a cryptographic protocol for encrypting instant messaging applications. OTR (Off-the-Record) is one of the most secure cryptographic protocol that offers strong encryption for real time communications i.e. Chatting and Messaging services. Off-the-Record simply means that there is nothing on the record, so nobody can prove that two parties had an Internet chat conversation or said anything specific. ORT.to uses WebRTC to exchange messages via decentralized peer-to-peer communication , which means chat logs bet

The Critical State of AI in the Cloud

cyber security
websiteWiz.ioArtificial Intelligence / Cloud Security
Wiz Research reveals the explosive growth of AI adoption and what 150,000+ cloud accounts revealed about the AI surge.

Researcher Found TextSecure Messenger App Vulnerable to Unknown Key-Share Attack

Researcher Found TextSecure Messenger App Vulnerable to Unknown Key-Share Attack
Nov 03, 2014
Do you use  TextSecure Private Messenger  for your private conversations? If yes, then Are you sure you are actually using a Secure messaging app? TextSecure , an Android app developed by Open WhisperSystems , is completely open-source and claims to support end-to-end encryption of text messages. The app is free and designed by keeping privacy in mind. However, while conducting the first audit of the software, security researchers from Ruhr University Bochum found that the most popular mobile messaging app is open to an Unknown Key-Share attack . After Edward Snowden revealed state surveillance programs conducted by the National Security Agency, and meanwhile when Facebook acquired WhatsApp , TextSecure came into limelight and became one of the best alternatives for users who want a secure communication. " Since Facebook bought WhatsApp , instant messaging apps with security guarantees became more and more popular ," the team wrote in the paper titled,

BitTorrent Unveiled New Decentralized "Bleep" Instant Messenger

BitTorrent Unveiled New Decentralized "Bleep" Instant Messenger
Jul 31, 2014
Pretty good news for privacy-oriented people! BitTorrent unwraps its new instant messaging program that doesn't store your metadata and helps you with encrypted communication to keep your online conversations private, whether its voice or text communications. BitTorrent named its Online chat service as " Bleep ", a decentralised peer-to-peer voice and text communications platform that offers end-to-end encryption, therefore is completely safe from the prying eyes. In order to spread users' voice and text conversations, Bleep make use of the BitTorrent distributed network rather than a centralised server. Unlike Skype or Google Hangouts, Bleep comes with with a completely decentralized design, giving you extremely strong anonymity. WHY BLEEP? " We never see your messages or metadata, " said Jaehee Lee, the senior product manager for Bleep, in a blog post announcing the new app on Wednesday. " As far as we're concerned, anything you say is 'bleep'

XMPP Makes Encryption Mandatory for Instant Messaging Service Operators

XMPP Makes Encryption Mandatory for Instant Messaging Service Operators
May 20, 2014
The most popular open source Instant messaging application based on the ' Extensible Messaging and Presence Protocol ' (XMPP), formerly known as Jabber that enables you to connect with other people over the Internet will begin refusing unencrypted connections as from today. In an announcement yesterday, The XMPP Standard Foundation (XSF) informs that a large number of XMPP service operators and software developers permanently turned on mandatory encryption for client-to-server and server-to-server connections from today in order to harden the security of the messaging service. Many XMPP-based services operate independently, so it is tough to enforce all of them to use Encryption . ' While XMPP is an open distributed network, obviously no single entity can "mandate" encryption for the whole network - but as a group we are moving in the right direction ,' reads the blog post. ' If you use an XMPP service provided by someone else and you encounter problems contact

Tor Instant Messaging Bundle - A New Anonymous and Encrypted messaging Software

Tor Instant Messaging Bundle - A New Anonymous and Encrypted messaging Software
Mar 01, 2014
We are living in an era of Mass Surveillance,  conducted by the Government Agencies like the NSA and GCHQ, and we ourselves gave them an open invitation as we all have sensors in our pockets that track us everywhere we go i.e. Smartphone. Encryption and security are more important today than any other time in our history. So, the best proactive way to keep your tracks clear is - Always use only trusted privacy tools and services . The same folks behind the Anonymity Tool, Tor Browser Bundle is currently working on a new Privacy tool called ' Tor Instant Messaging Bundle ' (TIMB), that will help you with encrypted communication to keep your online conversations private. The Tor is the free software that lets users browse the Internet anonymously and mostly used by activists, journalists and to conceal their online activities from prying eyes. Tor Instant Messaging Bundle, or TIMB is a real time anonymous chat system, that will simply route all of your chat dat
Cybersecurity Resources