#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

cyber crime detective | Breaking Cybersecurity News | The Hacker News

Category — cyber crime detective
Hackers stole Credit Card details from 63 'Barnes & Noble' stores

Hackers stole Credit Card details from 63 'Barnes & Noble' stores

Oct 24, 2012
Over 60 Barnes & Noble stores have been used by hackers to gain the credit card data, including the PINs, of customers. The New York  company is warning customers to check for unauthorized transactions and to change their personal identification numbers or PINs. It hasn't said how many accounts may have been compromised. The scheme didn't affect Barnes & Noble's Nook tablets or mobile apps, the chain's member database, or any Barnes & Noble College Bookstores. B&N says it caught the problem in mid-September, and that it's safe now to use credit and debit cards at its stores. The New York Times reported that the hackers had already made purchases on some customer credit cards. Federal authorities are investigating. Barnes & Noble said it is working with banks and card issuers to identify compromised accounts so that additional fraud-protection measures can be taken. All keypads at the stories have been removed and shipped to a site where they c
"Warning Zombies Ahead!" - Road sign board Hacked

"Warning Zombies Ahead!" - Road sign board Hacked

Oct 11, 2012
Drivers may have gotten a chuckle out of an electronic message board in Maine warning of zombies, but city officials were not amused. A Portland, Maine road sign is changed to a zombie warning on Wednesday, Oct. 10, 2012. It originally read " Night work 8 pm-6 am. Expect delays. " An electronic message board that typically warns motorists about impending roadwork instead read: " Warning Zombies Ahead! " as shown. City spokeswoman Nicole Clegg says the signs are a safety precaution and changing it could have led to driver distraction. She tells The Portland Press Herald tampering with a safety device is a misdemeanor punishable by up to a year in jail and a $1,000 fine. Subscribe  to our  Daily News-letter via email  - Be First to know about Security and Hackers.
Cyber Story Time: The Boy Who Cried "Secure!"

Cyber Story Time: The Boy Who Cried "Secure!"

Nov 21, 2024Threat Detection / Pentesting
As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation (ASV) tools?" We've covered that pretty extensively in the past, so today, instead of covering the " What is ASV?" I wanted to address the " Why ASV?" question. In this article, we'll cover some common use cases and misconceptions of how people misuse and misunderstand ASV tools daily (because that's a lot more fun). To kick things off, there's no place to start like the beginning. Automated security validation tools are designed to provide continuous, real-time assessment of an organization's cybersecurity defenses. These tools are continuous and use exploitation to validate defenses like EDR, NDR, and WAFs. They're more in-depth than vulnerability scanners because they use tactics and techniques that you'll see in manual penetration tests. Vulnerability scanners won't relay hashes or combine vulnerabilities to further attacks, whic
Hacker group RedHack faces up to 24 years in prison for terrorist crimes

Hacker group RedHack faces up to 24 years in prison for terrorist crimes

Oct 08, 2012
As part of an investigation launched by Başsavcıvekilliği in Ankara on March 20 arrested seven people, including college students. 13 of the indictment prepared by the prosecutor's office in Ankara Was adopted by the High Criminal Court.  Court has accepted an indictment against RedHack, a Turkish hacker group, seeking prison sentences of 8.5 to 24 years for its members as " members of a terrorist group ."  The suspects include three held under arrest  - Duygu Kerimoğlu, Alaattin Karagenç and Uğur Cihan Oktulmuş, under arrest for the past seven months. The suspects stand accused of membership in an armed terrorist organization, illegally obtaining confidential documents and personal information and accessing information systems without permission. Scope of the assessment: " Hierarchical and structured in order to be organized as a terrorist organization, titling, and posting bills realized by events, actions, photographs published on the internet, attacked and seized action
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Hackers deface Philippines Department of Environment website

Hackers deface Philippines Department of Environment website

Oct 07, 2012
Hackers incensed by the Philippines' controversial cybercrime law have attacked government sites that deliver emergency information during natural disasters. The website of the Department of Environment and Natural Resources (DENR) was hacked on Saturday, despite calls from Malacañang for a ceasefire. Home page message, "Sorry Admin, Hacked!" and a symbol of a crescent moon and a star, both found on Flag of Turkey (take a look on the red Text). But the site, www.denr.gov.ph , was restored after a minutes. Last Monday,  Anonymous Hackers defaced 11 government  websites. President Benigno Aquino's spokeswoman Abigail Valte appealed for a stop to the attacks, on the websites and social media accounts of the weather service, the earthquake and tsunami monitoring service and the social welfare agency. Hackers announce their next target on their twitter accounts that they've been eyeing " Senator Vicente C. Sotto III " website's.
TinKode sentenced by a Romanian court and $120000 Fine

TinKode sentenced by a Romanian court and $120000 Fine

Oct 05, 2012
" Cernaianu Manole Razvan " akka TinKode , the Romanian behind attacks against NASA, Oracle, the Pentagon, and U.S. Army, was sentenced this week to a two-year suspended sentence, according to local media reports and was ordered to pay damages totalling more than US$120,000. He was arrested in January for his part in a number of attacks. According to Cernianu's case file summary on the Romanian Ministry of Justice Web portal, he was sentenced on September 26 and received six prison sentences of one or two years for separate computer-related offenses. The offenses included: gaining unauthorized access to a protected computer system; transferring data from a computer system without authorization; affecting the normal operation of a computer system by deleting, modifying or sending electronic data; creating, selling or distributing a devices or a computer program designed to be used in computer crimes; creating, selling or distributing a password or access cod
Swedish authorities raid on PRQ prompts new cyber attack from Anonymous

Swedish authorities raid on PRQ prompts new cyber attack from Anonymous

Oct 03, 2012
Computer hackers claiming to be from the Anonymous network took over the official website of Sweden's National Board of Health and Welfare. The attacks come just days after police on Monday raided a Stockholm-based webhosting company, PRQ, and a video was posted on YouTube - allegedly made on behalf of the hacker group Anonymous - warning Swedish authorities of repercussions. Hacktivist network Anonymous has warned that Sweden's Riksbank will suffer a cyber-attack on Wednesday night.  " It's come to our attention that Swedish government raided PRQ servers in order to shut down numerous file sharing and torrent websites ," " This has gone too far. This is unacceptable. Anonymous says this stops right now. You don't fuck with The Internet… Today we hit their wallets hard. "  wrote the Anonymous group on 4chan. The Riksbank is taking the threat seriously: " We recognize this as a public threat against websites and we are always trying to keep the web as safe as possible. We have
Internet freedom : Anonymous Brings Philippines Government Sites Offline

Internet freedom : Anonymous Brings Philippines Government Sites Offline

Oct 03, 2012
Hacker groups that are against the controversial Cybercrime Prevention Law for its effect on the country's freedom of expression defaced 11 more government websites since 11 p.m. Monday A message which said, " Hacked by M4N1L4 PR1D3, PHILIPPINE CYBER ARMY AND -=TheFamilyPride=- ," appeared on the homepage of PNP's Police Community Relations Group (PCRG). "Private X" and "Anonymous Philippines" hacked websites of the Department of Interior and Local Government, the One-Stop Information Shop for Technologies in the Philippines of the Department of Science and Technology, National Telecommunications Commission (NTC), Philippine Nuclear Institute, Intellectual Property Office of the Philippines, Tourism website of the City of San Fernando, Optical Media Board, Pilipinas Anti-Piracy Team, Department of Health's Smoke Free Philippines, Marina Industry Authority and the Maritime Training Council. The Twitter account of the Department of Social Welfare and Services was
Anonymous dump 2.5 GB data from email of priest accused for child abuse

Anonymous dump 2.5 GB data from email of priest accused for child abuse

Sep 13, 2012
In July 2012 Italy police have arrested a Catholic priest over allegations he abused a teen girl. Father Don Giacomo Ruggeri , 43, was immediately suspended from all priestly duties and police had raided his home and seized his computer. Anonymous Hackers today publish 2.5 GB of private mails from the Gmail of a priest recently protagonist of a story related to alleged child abuse on  official blog of Anonymous Italy. " The story of Don Ruggeri is yet another demonstration of how your institution has undermined the principles that should inspire. Fomented hatred and stigma toward anyone who shows a sexual orientation different from what you call "natural", in line with a model of patriarchal society and discriminating. The real unnaturalness is disgusting in your modus operandi. Your greed, your greed is posted ." Hacker upload a series of documents containing more than 2 gigabytes of messages received and sent e-mail account on DepositFiles. In a statement by A
The 10 Most Infamous Student Hackers of All Time

The 10 Most Infamous Student Hackers of All Time

Sep 10, 2012
Hacking has always been inherently a young person's game. The first usage of the word "hacker" was to describe pranksters meddling with the phones at MIT. Many hackers have cited boredom, a desire for change, or the thrill of going somewhere one is not supposed to go as their motivation for hacking, all of which could apply to scores of common activities on college campuses. While today's hacking scene is dominated by large hacking groups like Anonymous and Masters of Deception, many of the greatest hacks ever have been pulled off by college, high school, and even middle school kids who rose to infamy armed only with a computer and the willingness to cross the bounds of legality. 1.) Sven Jaschan: In the words of one tech expert , "His name will always be associated with some of the biggest viruses in the history of the Internet." The viruses: the Sasser and NetSky worms that infected millions of computers and have caused millions of dollars of damage since their release in 2004. The
BASTARDS!!

BASTARDS!!

Sep 08, 2012
Last month, those assholes in the California State Assembly passed a resolution urging state educational institutions to more aggressively crack down on criticism of the State of Israel on campuses, which the resolution defines as "anti-Semitism." The anti-democratic resolution is the latest step in the broader campaign to stifle and suppress dissent on California's increasingly volatile campuses. Get this, it passed without public discussion. The vote on the resolution came when most students were between semesters and away from their campuses. The resolution uses the classic trick employed by defenders of Israel's Zionist regime: lumping together any criticism of the Israeli state's policies or of the US government's support for them with racist attacks on Jews. The bulk of the resolution is dedicated to defining criticism of the state of Israel as "anti-Semitism."  It lists the following as examples of "anti-Semitism": • "language or behavior [that] demonizes and delegitimizes Is
CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions

Sep 08, 2012
Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS (Hypertext Transfer Protocol Secure) connections. From the security researchers who created and demonstrated the BEAST (Browser Exploit Against SSL/TLS) tool for breaking SSL/TLS encryption comes another attack that exploits a flaw in a feature in all versions of TLS. The new attack has been given the name CRIME by the researchers.The CRIME attack is based on a weak spot in a special feature in TLS 1.0, but exactly which that feature is has not been revealed by the researchers. They will say that all versions of TLS/SSL including TLS 1.2, on which the BEAST attack did not work are vulnerable. Once they had the cookie, Rizzo and Duong could return to whatever site the user was visiting and log in using her credentials. HTTPS should prevent this type of session hijacking because it encrypts session cookies while in transit or when stored in the browser. But the new attack, devis
Oracle releases patches for Java vulnerability CVE-2012-4681

Oracle releases patches for Java vulnerability CVE-2012-4681

Aug 31, 2012
Oracle has released a new patch which kills off a vulnerability in Java 7 that was being exploited by malware developers. " Due to the high severity of these vulnerabilities, Oracle recommends that customers apply this Security Alert as soon as possible ," Eric Maurice, the company's director of software security assurance. The out-of-band Security Alert CVE-2012-4681 includes fixes for "three distinct but related vulnerabilities and one security-in-depth issue" affecting Java running within the browser. Users with vulnerable versions of Java installed can have malware silently planted on their systems just by browsing to a hacked or malicious website unknowingly.Java is a free programming language widely used to enable every day programs and website elements to function, including some games, apps and chat, as well as enterprise apps. The attacks using this vulnerability so far have been Windows-based, the exploit was demonstrated on other platforms supported by Java
Saudi Aramco Oil Producer's 30,000 workstations victim of Cyber Attack

Saudi Aramco Oil Producer's 30,000 workstations victim of Cyber Attack

Aug 27, 2012
Saudi Aramco, the world's biggest oil producer, has resumed operating its main internal computer networks after a virus infected about 30,000 of its workstations in mid-August. Immediately after the Aug. 15 attack, the company announced it had cut off its electronic systems from outside access to prevent further attacks. Saudi Aramco said the virus "originated from external sources" and that its investigation into the matter was ongoing. There was no mention of whether this was related to this month's Shamoon attacks. " The disruption was suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network, " Saudi Aramco said over Facebook . " We would like to emphasize and assure our stakeholders, customers and partners that our core businesses of oil and gas exploration, production and distribution from the wellhead to the distribution network were unaffected and are functioning as reliably as ever
Turkish hackers hack FC Spartak Moscow Soccer team

Turkish hackers hack FC Spartak Moscow Soccer team

Aug 24, 2012
Turkish hackers recently hacked the Web site of soccer team FC Spartak Moscow after the Russian team's fans burned Turkish flags and pictures of Atatürk during a Champions League playoff match against Turkish team Fenerbahce on August 21. A portrait of Atatürk next to a Turkish flag was also posted on the website. The group replaced the website's original content with a statement that called on the team to "immediately apologize." " You will immediately apologize to the Turkish Republic and the Turkish people. No crime goes without punishment, and FIFA may forgive you, but we won't ," The Spartak site was running again by Thursday afternoon after the club used its Twitter account to blame the incident on 'Turkish hackers. Spartak Moscow fans burned flags and posters of modern Turkey's founding father, Mustafa Kemal Atatürk, during their team's 2-1 victory over the Istanbul giants in the first leg of their Champions League playoff.
LulzSec Leader Sabu Gets 6-Month Sentencing Delay for helping Feds

LulzSec Leader Sabu Gets 6-Month Sentencing Delay for helping Feds

Aug 23, 2012
Today was the day that Hector Xavier Monsegur, a.k.a. Sabu, Xavier DeLeon, and Leon, was supposed to be sentenced for the 12 counts of computer hacking conspiracies and other crimes he pleaded guilty to, including the infamous hacks of HBGary Federal, HBGary, Sony, Fox, and PBS, but he has had his sentencing delayed, perhaps as a reward for assisting the US police with their enquiries and investigations. Monsegur allegedly rooted out the vulnerabilities used in the hacks conducted by LulzSec, which went on a high-profile tear in 2011 that exposed emails, documents, and other information of its victim organizations. Sabu is the hacker nom de plume of 28-year-old New Yorker Hector Monsegur, an unemployed father of two who allegedly commanded a loosely organized, international team of perhaps thousands of hackers from his nerve center in a public housing project on New York's Lower East Side. According to the FBI, he could face a maximum sentence of 124 years and six months for 12 offe
Philippine police arrest 357 foreigners for cyber fraud

Philippine police arrest 357 foreigners for cyber fraud

Aug 23, 2012
Police on Thursday rounded up 357 foreigners accused of duping Taiwanese and Chinese citizens in an online scam in what an official described as the largest single-day operation against organized crime in the country.  Director Samuel Pagdilao Jr., CIDG director, said CIDG and Paocc agents led by Senior Supt. Ranier Idio raided 20 houses in several subdivisions in Quezon, Manila, Marikina, Cainta and Antipolo cities at around 6:30 a.m. on Thursday and they rounded up the foreigners. The suspects were brought to the Police National Training Institute (PNTI) in Camp Vicente Lim in Laguna. They face charges for violating the Access Device Act. The syndicate's operations involve the use of the internet, wherein the group will call unsuspecting victims in China, claiming that they represent police, prosecutor's office, courts, insurance companies, banks, and other financial institutions. The syndicate raked in at least P20 million ($472,000) each day using the scam, Pagdilao said.
Airport VPN hacked using Citadel malware

Airport VPN hacked using Citadel malware

Aug 16, 2012
It sounds like an air traveler's nightmare, Researchers at Trusteer recently uncovered a variant of the Citadel Trojan targeting the virtual private network (VPN) credentials used by employees at a major airport.The firm would not disclose the name of the airport because the situation is being investigated by law enforcement. Many businesses use VPNs to provide outside workers with access to secure data. Incursions on these networks often involve advanced "Man in the Browser" malware such as the Citadel, Zeus, and SpyEye programs. The man-in-the-browser (MITB) assault first used form-grabbing malware, which steals data entered into web forms before it is passed over the internet, to steal the airport employees' VPN usernames and passwords, Amit Klein, Trusteer's chief technology officer, said in a blog post. "This was potentially very dangerous, but we don't know whether the attacker group was targeting the financial system of the airport for economic gain or if the attack wa
Mariposa botnet creator goes on trial

Mariposa botnet creator goes on trial

Aug 09, 2012
26-year-old Slovenian hacker known as Iserdo stands thought to have been behind the Mariposa botnet is on trial in Slovenia, charged with having masterminded an international cybercrime gang. At its height, the Mariposa botnet infected up to 12.7 million PCs, with more than half of the Fortune 1,000 companies believed to have been compromised, including 40 major banks. Once a computer had been compromised and brought into the botnet, operators could steal information from innocent users - including credit card details and banking passwords. Computer crime-fighting authorities had succeeded in bringing down the Mariposa botnet at the end of 2009, FBI officials worked with Spanish and Slovenian authorities to track down Mariposa's mastermind, Iserdo. He was said to charge between $500 for basic versions of the botnet code and up to $1,300 for more advanced ones, which included customised features, such as capabilities which allowed its operators to to steal credit cards and onlin
Open letter to the Australian people from Mother of Julian Assange

Open letter to the Australian people from Mother of Julian Assange

Jul 19, 2012
There have been numerous public statements made about WikiLeaks and its editor-in-chief Julian Assange that are factually inaccurate.Prime Minister Julia Gillard said about WikiLeaks, "It's illegal." Attorney General Nicola Roxon said my son "fled Sweden." The media repeatedly states, "Assange is charged or facing charges" in relation to Swedish sex allegations. If you want to know  The Truth About Julian Assange And Wikileaks , Please read our previous Story " One Man Fights for 7 Billion People, One Mother Battles to Wake Them Up " Letter is as below, To read complete Press Release ( Click Here) Dear Member of Parliament, We (Wikileaks Australian Citizens Alliance) are writing to you on behalf of Christine Assange, (Julian Assange's mother) who is currently in the UK, waiting for the UK Supreme Court Ruling on her son's appeal against extradition to Sweden. This ruling will be handed down later today (EST) and we, like Chris
Hacker wanted by FBI held in India For Carding Crimes

Hacker wanted by FBI held in India For Carding Crimes

Jul 14, 2012
Nikhil Kolbekar, aka HellsAngel, was arrested on July 11 in Mumbai, India. Eric Bogle, known as Swat Runs Train, and Justin Mills, or xTGxKAKAROT, were taken into custody in Canada, respectively Colorado, US.  HellsAngel and  Bogle is suspected of selling complete credit card details, including names, addresses, social security numbers, birth dates, and bank account information. He also sold remote desktop protocol (RDP) access data that could be utilized to breach computers in countries such as Turkey, India, Czech Republic, Brazil, Germany, France, Italy, Spain, Sweden, and others. The suspect, Nikhil Kolbekar, was produced before the Esplanade Court on Thursday and has been remanded in judicial custody. He will be produced before the Patiala House court in Delhi on July 25, with the US pressing for his extradition through the Interpol. Carding refers to various criminal activities associated with stealing personal identification information and financial information belonging to
Expert Insights / Articles Videos
Cybersecurity Resources