computer virus | Breaking Cybersecurity News | The Hacker News

Nothing is immune to being hacked when hackers are motivated. The same proved by hackers on Friday, when more than 2,000 computer systems at San Francisco's public transit agency were apparently got hacked. San Francisco's Municipal Transportation Agency, also known as MUNI, offered free rides on November 26th after MUNI station payment systems and schedule monitors got hacked by ransomware and station screens across the city started displaying a message that reads: " You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681 ,Enter. " According to the San Francisco Examiner, MUNI confirmed a Ransomware attack against the station fare systems, which caused them to shut down ticket kiosks and make rides free this weekend. As you can see, the above message delivered by the malware followed by an email address and ID number, which can then be used to arrange ransom payments. MUNI Spokesman Paul Rose said his agency was investigating the m

Apple Mac Computers are considered to be much safer than Windows at keeping viruses and malware out of its environment, but that's simply not true anymore. It's not because Mac OS X is getting worse every day, but because hackers are getting smart and sophisticated these days. The bad news for Mac users is that malware targeting webcams and microphones has now come up for Mac laptops as well. Patrick Wardle, an ex-NSA staffer who heads up research at security intelligence firm Synack, discovered a way for Mac malware to tap into your live feeds from Mac's built-in webcam and microphone to locally record you even without detection. Wardle is the same researcher who has discovered a number of security weaknesses in Apple products, including ways to bypass the Gatekeeper protections in OS X. Wardle also released a free tool called RansomWhere? earlier this year that has generic detection capabilities for Mac OS X ransomware variants. Wardle is scheduled to present h

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Hey! Wait! Wait! Wait! Don't plug in that USB stick into your laptop. It could infect your computer with malware and viruses. Australia's Victoria Police Force has issued a warning regarding unmarked USB flash drives containing harmful malware being dropped inside random people's letterboxes in the Melbourne suburb of Pakenham. It seems to one of the latest tactics of cyber criminals to target people by dropping malware-laden USB sticks into their mailboxes, in the hope unsuspecting users will plug the infected devices into their personal or home computers. The warning, published on the official website of the Victoria Police, one of Australia's state police departments, reads: "Members of the public are allegedly finding unmarked USB drives in their letterboxes. Upon inserting the USB drives into their computers victims have experienced fraudulent media streaming service offers, as well as other serious issues [malware]. The USB drives are belie

Unlike specially crafted malware specifically developed to take advantage of Windows operating system platform, cyber attackers have started creating cross-platform malware for wider exploitation. Due to the rise in popularity of Mac OS X and other Windows desktop alternatives, hackers have begun designing cross-platform malware modularly for wide distribution. Cross-platform malware is loaded with specialized payloads and components, allowing it to run on multiple platforms. One such malware family has recently been discovered by researchers at Kaspersky Lab, which run on all the key operating systems, including Windows, Linux, and Mac OS X. Stefan Ortloff, a researcher from Kaspersky Lab's Global Research and Analysis Team, first discovered the Linux and Windows variants of this family of cross-platform backdoor, dubbed Mokes , in January this year. Now, the researcher today confirmed the existence of an OS X variant of this malware family, explaining a technical breakd

What's the worst that could happen when a Ransomware malware hits University? Last month, the IT department of the University from where I have done my graduation called me for helping them get rid of a Ransomware infection that locked down all its student's results just a day before the announcement. Unfortunately, there was no decrypter available for that specific ransomware sample, but luckily they had the digital backup for the examination results in the form of hundreds of excel sheets. So, somehow backup helped administrator to re-compile complete result once again into the database, but this delayed the announcement for over 30 days. However, the situation is not same every time. Recently, the University of Calgary in Alberta  paid a ransom of $20,000 to decrypt their computer systems' files and regain access to its own email system after getting hit by a ransomware infection. The University fell victim to ransomware last month, when the malware instal

Security researchers have discovered a sophisticated piece of malware that uses tricks from the Stuxnet sabotage malware and is specifically designed to target industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. Researchers at the security firm FireEye Labs Advanced Reverse Engineering said on Thursday that the malware, dubbed " IRONGATE ," affects Siemens industrial control systems. The malware only works in a simulated environment and is probably just a proof-of-concept that is likely not used in wild; therefore is not yet advanced enough to impact real-world systems . The Irongate malware "is not viable against operational Siemens control systems," the cybersecurity firm said in its blog post , and the malware "does not exploit any vulnerabilities in Siemens products." The researchers found this malware fascinating due to its mode of operation that included some Stuxnet-like behavior. The Stuxnet sab

Russian authorities have arrested a gang of 50 hackers suspected of stealing more than 1.7 Billion Rubles ( over US$25 Million ) from banks and other financial institutions in the country since 2011. The same criminal gang had tried to steal a further 2.273 Billion Roubles by issuing false payment instructions, but that were blocked. The group allegedly used a Trojan called " Lurk " to set up a network of bots on infected computers to carry out the attacks, according to Russia's FSB ( Federal Security Service ). Initially identified in 2012, Lurk is a "fileless" Trojan that runs in RAM and has mostly been used for collecting banking credentials, especially for banks in Eastern Europe and the Russian Federation. The criminal gang allegedly seeded some of Russia's most popular websites with Lurk. Once infected, the malware downloaded more software modules, allowing the hackers to gain remote access to victims' computers. The hackers then stole

In Brief Two International hackers, Aleksandr Andreevich Panin and Hamza Bendelladj, have been sentenced to a combined 24 years and 6 months in prison for their roles in developing and distributing SpyEye banking trojan, a powerful botnet similar to the infamous ZeuS malware. Both hackers were charged with stealing hundreds of millions of dollars from banking institutions worldwide. Masterminds behind the development and distribution of the infamous " SpyEye " botnet have finally been sentenced to a combined total of 24 years and 6 months in prison. Aleksandr Andreevich Panin and Hamza Bendelladj have been sentenced for their roles in developing and distributing SpyEye malware that is said to have caused hundreds of millions of dollars in losses to the financial sector, the U.S. Justice Department said  on Wednesday. SpyEye, a successor to the notorious Zeus banking malware , has affected financial institutions since 2009. Once infected, the malware connects t

Do you deal with MS Word files on the daily basis? If yes, then are you aware that even opening a simple doc file could compromise your system? It is a matter to think that the virus does not directly affect you, but it is you who let the virus carry out the attack by enabling deadly "Macros" to view the doc contents that are generally on eye-catching subjects like bank invoice. How Macros are Crippling your System? The concept of Macros dates back to 1990s. You must be familiar with this message: " Warning: This document contains macros. " A Macro is a series of commands and actions that help to automate some tasks. Microsoft Office programs support Macros written in Visual Basic for Applications (VBA), but they can also be used for malicious activities like installing malware. Hackers are cleverly using this technique on the shade of social engineering by sending the malicious Macros through doc file or spreadsheet with an eye-catching subject in t

If you receive a mail masquerading as a company's invoice and containing a Microsoft Word file, think twice before clicking on it. Doing so could cripple your system and could lead to a catastrophic destruction. Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised websites to lure the victims into installing a deadly ransomware, dubbed " Locky ," into their systems. So if you find .locky extension files on your network shares, Congratulations! You are infected and left with just two solutions: Rebuild your PC from scratch or Pay the ransom. Locky ransomware is spreading at the rate of 4000 new infections per hour , which means approximately 100,000 new infections per day . Microsoft MACROS are Back It is hard to digest the fact that, in this 2016, even a single MS Word document could compromise your system by enabling ' Macros .' This is where the poin

Over the last few years, we have seen several types of Ransomware malware that demand a whopping amount of money from users for the retrieval of their locked, compromised sensitive files. We have also witnessed the birth of decryption solution for some of the Ransomware like Cryptolocker (partial), Coinvault , Rescue Kit . One more solution has recently been released for decryption of newly emerging ransomware, dubbed as Hydracrypt and Umbrecrypt that are propagated through Angler Exploit Kit. Both of the malware belong to CrypBoss ransomware family. The source code of CrypBoss Ransomware was leaked last year on Pastebin, which was later analyzed by Fabian Wosar, a security researcher at Emsisoft. With the help of CrypBoss Source code, Wosar was successfully able to crack the encryption algorithm of the ransomware and quickly made the decryption tool for CrypBoss and its variants ( Hydracrypt and Umbrecrypt ). It is found that both Hydracrypt and Umbrec

Yes, you heard me right. A newly discovered Facebook hacking tool actually has the capability to hack Facebook account, but YOURS , and not the one you desire to hack. How to Hack Facebook account? How to Hack my Girlfriends Facebook account? My boyfriend is cheating on me, How do I hack his Facebook Account? These are the queries that most of the Internet users search on Google. But Beware! If you come across any Facebook hacking tool that promises you to help you hack your friends Facebook accounts, you may end up downloading a hacking tool that could hack you, instead of them. Facebook  Hacking Tool that Can Really Hack, But Your Accounts Dubbed Remtasu , the tool is marketing itself as a Facebook hacking tool but actually is a Windows-based Trojan that has accelerated globally over the past year, and has now capability to disguise itself as an app for accessing people's Facebook account credentials. The tool contains a Keylogger that can captur

The Dridex banking trojan that is widely being used by cyber criminals to distribute malware onto users' machines has now been found distributing a security software. A portion of the Dridex banking Trojan botnet may have been hacked or compromised by an unknown Whitehat Hacker, who replaced the malicious links with  Avira Antivirus  installers. What is Dridex Banking Trojan? How it Works? Dridex malware – also known as Bugat and Cridex – is believed to have been created by cyber criminals in Eastern Europe in an effort to harvest online banking details. Even after a high-profile takedown operation in late 2015, the Dridex botnet seems to be active again. The Dridex virus typically distributes itself through spam messages or emails that include malicious attachments, most often a Microsoft Office file or Word document integrated with malicious macros. Once the malicious file has been clicked, the macros download and install the main payload of the virus – th

You should be very careful while visiting websites on the Internet because you could be hit by a new upgrade to the World's worst Exploit Kit – Angler , which lets hackers develop and conduct their own drive-by attacks on visitors' computers with relative ease. Many poorly-secured websites are targeting Windows users with a new "Cocktail" of malware that steals users' passwords before locking them out from their machines for ransom. Yes, stealing Windows users' passwords before encrypting their data and locking their PCs for ransom makes this upgrade to the Angler Exploit Kit nastier. Here's How the New Threat Works: Once the Angler exploit kit finds a vulnerable application, such as Adobe Flash, in visitor's computer, the kit delivers its malicious payloads, according to a blog post published by Heimdal Security. The First Payload infects the victim's PC with a widely used data thief exploit known as Pony that systematic

Security researchers at Symantec have uncovered a new Backdoor Trojan that grants hackers remote access and some control over infected machines. " Duuzer ," as dubbed by the researchers, has been targeting organizations in South Korea and elsewhere in an attempt to steal valuable information. The Trojan is designed to infect both 32-bit and 64-bit computers running Windows 7, Windows Vista, and Windows XP. Duuzer gives attackers remote access to the compromised computer, allowing them to: Collect system and drive information Create, enumerate, and end processes Access, modify and delete files Upload and Download additional files Change the time attributes of files Execute malicious commands Steal data from infected system Know about victim's Operating System Duuzer Infects via Spear Phishing or Watering Hole Attacks It is currently unclear how the malware is being distributed, but according to Symantec Researchers, the most obvious routes ar

Security researchers have uncovered a new piece of Adware that replaces your entire browser with a dangerous copy of Google Chrome , in a way that you will not notice any difference while browsing. The new adware software, dubbed " eFast Browser ," works by installing and running itself in place of Google Chrome The adware does all kinds of malicious activities that we have seen quite often over the years: Generates pop-up, coupon, pop-under and other similar ads on your screen Placing other advertisements into your web pages Redirects you to malicious websites containing bogus contents Tracking your movements on the web to help nefarious marketers send more crap your way to generating revenue Therefore, having eFast Browser installed on your machine may lead to serious privacy issues or even identity theft. What's Nefariously Intriguing About this Adware? The thing that makes this Adware different from others is that instead of taking contr

A network of compromised Linux servers has grown so powerful that it can blow large websites off the Internet by launching crippling Distributed Denial-of-service (DDoS ) attacks of over 150 gigabits per second (Gbps). The distributed denial-of-service network, dubbed XOR DDoS Botnet , targets over 20 websites per day , according to an advisory published by content delivery firm Akamai Technologies. Over 90 percent of the XOR DDoS targets are located in Asia, and the most frequent targets are the gaming sector and educational institutions. XOR creator is supposed to be from China, citing the fact that the IP addresses of all Command and Control (C&C) servers of XOR are located in Asia, where most of the infected Linux machines also reside. How XOR DDoS Botnet infects Linux System? Unlike other DDoS botnets , the XOR DDoS botnet infects Linux machines via embedded devices such as network routers and then brute forces a machine's SSH service to gain ro