#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

computer forensics | Breaking Cybersecurity News | The Hacker News

Category — computer forensics
Classmate of Lulzsec Hacker arrested and accused as another Lulzsec teammate

Classmate of Lulzsec Hacker arrested and accused as another Lulzsec teammate

Sep 01, 2012
The two students accused of Sony Pictures hack participated in Cyber Defense Competition team exercises at the University of Advanced Technology in Arizona. US authorities have reportedly arrested a second suspected member of hacking group LulzSec on charges of taking part in an extensive computer breach of Sony Pictures Entertainment. Raynaldo Rivera, 20, of Tempe, Arizona, surrendered to the FBI in Phoenix six days after a federal grand jury in Los Angeles returned an indictment charging him with conspiracy and unauthorised impairment of a protected computer. In September 2011 charged Cody Kretsinger, then 23, with being Recursion. This week, meanwhile, the FBI announced the arrest of Raynaldo Rivera, 20, after he was recently indicted by a federal grand jury on charges of conspiracy and the unauthorized impairment of a protected computer. Two men who've been arrested on charges that they hacked into the website of Sony Pictures Entertainment and posted stolen data studied to
Oracle releases patches for Java vulnerability CVE-2012-4681

Oracle releases patches for Java vulnerability CVE-2012-4681

Aug 31, 2012
Oracle has released a new patch which kills off a vulnerability in Java 7 that was being exploited by malware developers. " Due to the high severity of these vulnerabilities, Oracle recommends that customers apply this Security Alert as soon as possible ," Eric Maurice, the company's director of software security assurance. The out-of-band Security Alert CVE-2012-4681 includes fixes for "three distinct but related vulnerabilities and one security-in-depth issue" affecting Java running within the browser. Users with vulnerable versions of Java installed can have malware silently planted on their systems just by browsing to a hacked or malicious website unknowingly.Java is a free programming language widely used to enable every day programs and website elements to function, including some games, apps and chat, as well as enterprise apps. The attacks using this vulnerability so far have been Windows-based, the exploit was demonstrated on other platforms supported by Java
Agentic AI in SOCs: A Solution to SOAR's Unfulfilled Promises

Agentic AI in SOCs: A Solution to SOAR's Unfulfilled Promises

Sep 25, 2024Artificial Intelligence / SOC Automation
Security Orchestration, Automation, and Response (SOAR) was introduced with the promise of revolutionizing Security Operations Centers (SOCs) through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of technology and 10 years of advancements, SOAR hasn't fully delivered on its potential, leaving SOCs still grappling with many of the same challenges. Enter Agentic AI—a new approach that could finally fulfill the SOC's long-awaited vision, providing a more dynamic and adaptive solution to automate SOC operations effectively. Three Generations of SOAR – Still Falling Short SOAR emerged in the mid-2010s with companies like PhantomCyber, Demisto, and Swimlane, promising to automate SOC tasks, improve productivity, and shorten response times. Despite these ambitions, SOAR found its greatest success in automating generalized tasks like threat intel propagation, rather than core threat detection, investigation, and response (TDIR) workloads.
Saudi Aramco Oil Producer's 30,000 workstations victim of Cyber Attack

Saudi Aramco Oil Producer's 30,000 workstations victim of Cyber Attack

Aug 27, 2012
Saudi Aramco, the world's biggest oil producer, has resumed operating its main internal computer networks after a virus infected about 30,000 of its workstations in mid-August. Immediately after the Aug. 15 attack, the company announced it had cut off its electronic systems from outside access to prevent further attacks. Saudi Aramco said the virus "originated from external sources" and that its investigation into the matter was ongoing. There was no mention of whether this was related to this month's Shamoon attacks. " The disruption was suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network, " Saudi Aramco said over Facebook . " We would like to emphasize and assure our stakeholders, customers and partners that our core businesses of oil and gas exploration, production and distribution from the wellhead to the distribution network were unaffected and are functioning as reliably as ever
cyber security

How to Stay Safe From Insider & User Offboarding Risks

websiteWing SecuritySaaS Security / Insider Threat
Unrevoked permissions for offboarded employees is just one of the risks that can result in data breaches.
Turkish hackers hack FC Spartak Moscow Soccer team

Turkish hackers hack FC Spartak Moscow Soccer team

Aug 24, 2012
Turkish hackers recently hacked the Web site of soccer team FC Spartak Moscow after the Russian team's fans burned Turkish flags and pictures of Atatürk during a Champions League playoff match against Turkish team Fenerbahce on August 21. A portrait of Atatürk next to a Turkish flag was also posted on the website. The group replaced the website's original content with a statement that called on the team to "immediately apologize." " You will immediately apologize to the Turkish Republic and the Turkish people. No crime goes without punishment, and FIFA may forgive you, but we won't ," The Spartak site was running again by Thursday afternoon after the club used its Twitter account to blame the incident on 'Turkish hackers. Spartak Moscow fans burned flags and posters of modern Turkey's founding father, Mustafa Kemal Atatürk, during their team's 2-1 victory over the Istanbul giants in the first leg of their Champions League playoff.
For the LULZ of it, I apologize to Lulzsec

For the LULZ of it, I apologize to Lulzsec

Aug 24, 2012
Note : This Article Cross posted from our Magazine's 13th Issue - August 2012 called "BOTNET | The Hacker News Magazine", Written by Ann Smith (Executive Editor, The Hacker News Magazine). You can Download full magazine free here . Shame on me.  When someone mentioned Lulzsec I would slightly bristle and turn a mighty heel towards the "real" movement.  You know, the Anons that are taking down corruption and terror, targeting the real enemies of the world.  If you were doing it for the LULZ of it, well, you were playing in the proverbial sand box and I thought you were hindering, instead of helping.  I even wrote an editorial spanking them for releasing the emails of servicemen who had signed up for a porn site.   Then, I read the book, WE ARE ANONYMOUS by Parmy Olson. Every person who considers themselves Anonymous or who  sympathizes and rallies for the cause, must read this book.  You will not only get a good education from this history of the movement but also get t
LulzSec Leader Sabu Gets 6-Month Sentencing Delay for helping Feds

LulzSec Leader Sabu Gets 6-Month Sentencing Delay for helping Feds

Aug 23, 2012
Today was the day that Hector Xavier Monsegur, a.k.a. Sabu, Xavier DeLeon, and Leon, was supposed to be sentenced for the 12 counts of computer hacking conspiracies and other crimes he pleaded guilty to, including the infamous hacks of HBGary Federal, HBGary, Sony, Fox, and PBS, but he has had his sentencing delayed, perhaps as a reward for assisting the US police with their enquiries and investigations. Monsegur allegedly rooted out the vulnerabilities used in the hacks conducted by LulzSec, which went on a high-profile tear in 2011 that exposed emails, documents, and other information of its victim organizations. Sabu is the hacker nom de plume of 28-year-old New Yorker Hector Monsegur, an unemployed father of two who allegedly commanded a loosely organized, international team of perhaps thousands of hackers from his nerve center in a public housing project on New York's Lower East Side. According to the FBI, he could face a maximum sentence of 124 years and six months for 12 offe
Philippine police arrest 357 foreigners for cyber fraud

Philippine police arrest 357 foreigners for cyber fraud

Aug 23, 2012
Police on Thursday rounded up 357 foreigners accused of duping Taiwanese and Chinese citizens in an online scam in what an official described as the largest single-day operation against organized crime in the country.  Director Samuel Pagdilao Jr., CIDG director, said CIDG and Paocc agents led by Senior Supt. Ranier Idio raided 20 houses in several subdivisions in Quezon, Manila, Marikina, Cainta and Antipolo cities at around 6:30 a.m. on Thursday and they rounded up the foreigners. The suspects were brought to the Police National Training Institute (PNTI) in Camp Vicente Lim in Laguna. They face charges for violating the Access Device Act. The syndicate's operations involve the use of the internet, wherein the group will call unsuspecting victims in China, claiming that they represent police, prosecutor's office, courts, insurance companies, banks, and other financial institutions. The syndicate raked in at least P20 million ($472,000) each day using the scam, Pagdilao said.
Airport VPN hacked using Citadel malware

Airport VPN hacked using Citadel malware

Aug 16, 2012
It sounds like an air traveler's nightmare, Researchers at Trusteer recently uncovered a variant of the Citadel Trojan targeting the virtual private network (VPN) credentials used by employees at a major airport.The firm would not disclose the name of the airport because the situation is being investigated by law enforcement. Many businesses use VPNs to provide outside workers with access to secure data. Incursions on these networks often involve advanced "Man in the Browser" malware such as the Citadel, Zeus, and SpyEye programs. The man-in-the-browser (MITB) assault first used form-grabbing malware, which steals data entered into web forms before it is passed over the internet, to steal the airport employees' VPN usernames and passwords, Amit Klein, Trusteer's chief technology officer, said in a blog post. "This was potentially very dangerous, but we don't know whether the attacker group was targeting the financial system of the airport for economic gain or if the attack wa
Mariposa botnet creator goes on trial

Mariposa botnet creator goes on trial

Aug 09, 2012
26-year-old Slovenian hacker known as Iserdo stands thought to have been behind the Mariposa botnet is on trial in Slovenia, charged with having masterminded an international cybercrime gang. At its height, the Mariposa botnet infected up to 12.7 million PCs, with more than half of the Fortune 1,000 companies believed to have been compromised, including 40 major banks. Once a computer had been compromised and brought into the botnet, operators could steal information from innocent users - including credit card details and banking passwords. Computer crime-fighting authorities had succeeded in bringing down the Mariposa botnet at the end of 2009, FBI officials worked with Spanish and Slovenian authorities to track down Mariposa's mastermind, Iserdo. He was said to charge between $500 for basic versions of the botnet code and up to $1,300 for more advanced ones, which included customised features, such as capabilities which allowed its operators to to steal credit cards and onlin
Alleged Anonymous hacker arrested for Facebook threat

Alleged Anonymous hacker arrested for Facebook threat

Aug 05, 2012
Hong Kong police said Sunday they had arrested a 21-year-old man believed to be a member of the international hacker group Anonymous, after he reportedly said on social networking site Facebook that he would hack several government websites. " The Internet is not a virtual world of lawlessness ," a police spokesman said, adding that the man was required to report back to the police in October. He faces up to five years imprisonment if found guilty.The man is a member of the global hacker group Anonymous, the South China Morning Post said. The group is said to have 20 members in the semi-autonomous Chinese territory, which guarantees civil liberties not seen on the mainland, including freedom of speech. The police spokesman declined to confirm his link to Anonymous. The last posting on the "Anonymous HK" Facebook page on July 22 urged authorities to show "respect" to citizens.
Russian Hacker Arrested For DDoS Attacks on Amazon

Russian Hacker Arrested For DDoS Attacks on Amazon

Jul 22, 2012
Dmitry Olegovich Zubakha, a  Russian  man accused of launching distributed-denial-of-service (DDOS) attacks on Amazon.com, has been arrested this week by authorities in Cyprus based on an international warrant, the Department of Justice revealed. Zubakha, a native of Moscow, was indicted for two denial of service attacks in 2008 on the Amazon.com website. The indictment, unsealed Thursday, also details denial of service attacks on Priceline.com and eBay. " Orders from Amazon.com customers dropped significantly, as legitimate customers were unable to access the website and complete their e-commerce transactions during the pendency of the attack ," read an indictment unsealed in district court in western Washington on Thursday. The botnet involved requested "large and resource-intensive web pages" on a magnitude of between 600 and 1,000 percent of normal traffic levels, according to the indictment. The hacker is charged with conspiracy to intentionally cause damage
Open letter to the Australian people from Mother of Julian Assange

Open letter to the Australian people from Mother of Julian Assange

Jul 19, 2012
There have been numerous public statements made about WikiLeaks and its editor-in-chief Julian Assange that are factually inaccurate.Prime Minister Julia Gillard said about WikiLeaks, "It's illegal." Attorney General Nicola Roxon said my son "fled Sweden." The media repeatedly states, "Assange is charged or facing charges" in relation to Swedish sex allegations. If you want to know  The Truth About Julian Assange And Wikileaks , Please read our previous Story " One Man Fights for 7 Billion People, One Mother Battles to Wake Them Up " Letter is as below, To read complete Press Release ( Click Here) Dear Member of Parliament, We (Wikileaks Australian Citizens Alliance) are writing to you on behalf of Christine Assange, (Julian Assange's mother) who is currently in the UK, waiting for the UK Supreme Court Ruling on her son's appeal against extradition to Sweden. This ruling will be handed down later today (EST) and we, like Chris
Hacker wanted by FBI held in India For Carding Crimes

Hacker wanted by FBI held in India For Carding Crimes

Jul 14, 2012
Nikhil Kolbekar, aka HellsAngel, was arrested on July 11 in Mumbai, India. Eric Bogle, known as Swat Runs Train, and Justin Mills, or xTGxKAKAROT, were taken into custody in Canada, respectively Colorado, US.  HellsAngel and  Bogle is suspected of selling complete credit card details, including names, addresses, social security numbers, birth dates, and bank account information. He also sold remote desktop protocol (RDP) access data that could be utilized to breach computers in countries such as Turkey, India, Czech Republic, Brazil, Germany, France, Italy, Spain, Sweden, and others. The suspect, Nikhil Kolbekar, was produced before the Esplanade Court on Thursday and has been remanded in judicial custody. He will be produced before the Patiala House court in Delhi on July 25, with the US pressing for his extradition through the Interpol. Carding refers to various criminal activities associated with stealing personal identification information and financial information belonging to
Bulgarian Hackers Group arrested

Bulgarian Hackers Group arrested

Jul 06, 2012
Bulgarian Hackers Group arrested Bulgarian authorities say that after months of investigation they have busted the "most powerful hacker group" in the country, the Cyber Warrior Invasion. The operation was conducted by Bulgaria's Sector for Computer Crimes, Intellectual Property and Gambling and the territorial units of the Chief Directorate for Fight with Organized Crime in the municipalities of Pleven, Shumen, Plovdiv, Burgas, Haskovo, Stara Zagora and Kyustendil. Using cyber "terrorist" methods, the group had attacked more than 500 websites worldwide, including those of financial institutions, web-based companies, and governmental and non-governmental organizations. On the confiscated computers, police discovered databases with large amounts of stolen emails, social network profiles and associated passwords, as well as stolen credit card data. The site www.cwi-group.org was used by the members of the group to coordinate their activities. Constantly changing its location and usin
DNSChanger Malware : Thousands May Lose Net Access On July 9th July

DNSChanger Malware : Thousands May Lose Net Access On July 9th July

Jul 05, 2012
Thousands May Lose Net Access On July 9th July The warnings about the Internet problem have been splashed across Facebook and Google. Internet service providers have sent notices, and the FBI set up a special website. Thousands of Canadians could be among the hundreds of thousands of people around the world who might lose Internet access on July 9.That's the day the FBI will shut down all the "clean servers" it set up to combat a massive hacking operation. Last November the FBI arrested and charged six Estonian men behind the malware as part of Operation Ghost Click. These hackers were able to make a fortune off their project, raking in millions for ads placed on their fraudulent websites.On the eve of the arrests, the FBI hired Paul Vixie, chairman of the Internet Systems Consortium (ISC) to install two temporary Internet servers that would prevent infected users from losing access to the Internet once the DNSChanger botnet was shut down. DNS (Domain Name System) is a
Indian Navy Computers hacked by Chinese Hackers

Indian Navy Computers hacked by Chinese Hackers

Jul 04, 2012
Chinese hackers allegedly plant bug via flash drives on India navy's computers, which relayed sensitive data to China IP addresses. The sniffing tool was found in the naval computers exactly as INS Arihant, India's first nuclear missile submarine, was in trials at the targeted facility in Visakhaptnam. The virus had reportedly created a hidden folder, collected specific files and documents based on certain "key words" it had been programmed to identify. It remained hidden on the pen drives until they were put in computers connected to the internet, after which the bug quietly sent files to the specific IP addresses. Officials of the Indian Navy stated for The Indian Express that " an inquiry has been convened and findings of the report are awaited. It needs to be mentioned that there is a constant threat in the cyber domain from inimical hackers worldwide ." So far, India has arrested six officers for procedural lapses which led to the breach. It is not clear if any of
Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks

Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks

Jun 27, 2012
Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks The Zemra DDoS Bot is currently sold in various forums for about 100 € and detected by Symantec as Backdoor.Zemra . Zemra first appeared on underground forums in May 2012. This crimeware pack is similar to other crime packs, such as Zeus and SpyEye, in that is has a command-and-control panel hosted on a remote server. Zemra uses a simple panel with an overview of all statistics is needed.With the help of two graphs can be seen operating machinery and the region location.In addition, statistics on online and for more information. You have a chance to see everything online Socks5 and export them to the list.Traffic is encrypted and protected using the algorithm AES, each client communicates with a unique generated key. Note : In " Tools Yard " we have Posted Zemra Source Code , Only for Educational Purpose. A brief functional: • Intuitive control panel • DDos (HTTP / SYN Flood / UDP) • Loader (Load and ru
Operation Card Shop : FBI Arrested 24 Credit Card Cyber Criminals

Operation Card Shop : FBI Arrested 24 Credit Card Cyber Criminals

Jun 27, 2012
Operation Card Shop : FBI Arrested 24 Credit Card Cyber Criminals The FBI has arrested 24 cybercriminals part of an international law enforcement operation aiming to arrest and prosecute the users of a sting operation called "Carder Profit". The suspects, collared after a two-year investigation dubbed "Operation Card Shop," allegedly stole credit card and banking data and exchanged it with each other online. " We put a major dent in cybercrime ," she said. " This is an unprecedented operation. "In the sting, which they called Operation Card Shop, undercover investigators created an online bazaar to catch buyers and sellers of credit card data and other private financial information. They also aimed at people who clone and produce the physical credit cards that are then used to buy merchandise. Some CarderProfit users apparently learned of the involvement of the feds months ago. A Twitter user with the name @JoshTheGod wrote that "has informants and most likly to be belie
Hacker made calls worth £10,000 from public phone

Hacker made calls worth £10,000 from public phone

Jun 27, 2012
Hacker made calls worth £10,000 from public phone Computer expert Dariusz Ganski, of Sunny Bank, Kingswood, used a router to tap into BT phone boxes and made hours of calls to expensive numbers. He make calls worth £10,000 of premium-line bills and he has been jailed for 18 months. Prosecutor David Maunder commented: " Police located the vehicle and they found Mr Ganski with two laptop computers and numerous mobile telephones." Bristol Crown Court heard that the 27-year-old committed his crimes to get electronic credits for music and on-line games, while still on licence from prison for almost identical offences. Ganski made 648 calls, totalling nearly 43 hours, from a phone box in Kelston, North East Somerset. BT was alerted to unpaid calls costing them about £7,700 on that box. He said: " Your counsel says you're intelligent. What a waste that what you really do is go round defrauding companies in this way. "
The tale of LulzSec, two admits targeting websites

The tale of LulzSec, two admits targeting websites

Jun 27, 2012
The tale of LulzSec  two admits targeting websites Two British members of the notorious Lulz Security hacking collective have pleaded guilty to a slew of computer crimes, in the latest blow against online troublemakers whose exploits have grabbed headlines and embarrassed governments around the world. LulzSec members Ryan Cleary , 20, and Jake Davis , 19, pleaded guilty in a London court to launching distributed denial of service (DDoS) attacks last year against several targets, including the CIA, the Arizona State Police, PBS, Sony, Nintendo, 20th Century Fox, News International and the U.K.'s Serious Organized Crime Agency and National Health Service Ryan Cleary is from Essex, United Kingdom who was arrested by Metropolitan Police on June 21 2011 and charged with violating the Computer Misuse Act and the Criminal Law Act 1977. He was accused of being a member of LulzSec but was not a member of the said group although he admitted that he did run one of the IRC channels that t
Cybersecurity
Expert Insights / Articles Videos
Cybersecurity Resources