Web attacks | Breaking Cybersecurity News | The Hacker News

The popular copy and paste website ' Pastebin ' created a decade ago for software developers and even by hackers groups to share source code, dumps and stolen data, has more recently been leveraged by cyber criminals to target millions of users. Compromising a website and then hosting malware on it has become an old tactic for hackers, and now they are trying their hands in compromising vast majority of users in a single stroke. Researchers have discovered that hackers are now using Pastebin to spread malicious backdoor code. According to a blog post published yesterday by a senior malware researcher at Sucuri , Denis Sinegubko, the hackers are leveraging the weakness in older versions of the RevSlider , a popular and a premium WordPress plugin. The plugin comes packaged and bundled into the websites' themes in such a way that many website owners don't even know they have it. In order to exploit the vulnerability, first hackers look for a RevSlider plugin i

According to a Security Analyst ' Maarten Boone ' working  at Fox-IT company, the Developer of notorious Blackhole Exploit Kit  developer ' Paunch ' and his partners were arrested in Russia recently. Blackhole Exploit Kit  which is responsible for the majority of web attacks today, is a crimeware that makes it simple for just about anyone to build a botnet . This Malware kit was developed by a hacker who uses the nickname "Paunch" and his Team, has gained wide adoption and is currently one of the most common exploit frameworks used for Web-based malware delivery. The Blackhole exploit kit is a framework for delivering exploits via compromised or third-party websites, serve up a range of old and new exploits for Oracle's Java, Adobe's Flash and other popular software to take control of victim's machines. It the point of writing No Police Authority or Press has confirmed the claim made by Maarten about the arrest of Malware author. Plea

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

The call for papers for The Hackers Conference 2013 is now open.  #THC2013  is a hacker conference taking place in New Delhi , India on August 25th, 2013.  The Hackers Conference is an unique event, where the best of minds in the hacking world, leaders in the information security industry and the cyber community along with policymakers and government representatives on cyber security meet face-to -face to join their efforts to co-operate in addressing the most topical issues of the Internet Security space. This is the second edition of the Conference . Following the huge success of the conference last year the current edition of the conference brings back to you all the knowledge, all the fun in a better, grander way! The Conference will be held in New Delhi, on the 25 of August 2013, and will get together industry leaders, Government representatives, Academia and underground Black-hat hackers to share knowledge and leading-edge ideas about information security and