cybercriminals | Breaking Cybersecurity News | The Hacker News

Home Depot , the nation's largest home improvement retailer, announced on Thursday that a total of 56 million unique payment cards were likely compromised in a data breach at its stores, suggesting that the data breach on Home improvement chain was larger than the Target data breach that occurred last year during Christmas holidays. The data theft occurred between April and September at Home Depot stores in both the United States and Canada, but the confirmation comes less than a week after the retailer first disclosed the possibility of a breach. " We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges, " Home Depot CEO Frank Blake said in a statement. " From the time this investigation began, our guiding principle has been to put our customers first, and we will continue to do so. " It is believe that the cybercriminals successfully compromised the...

We have already seen vulnerability in Remote Desktop Protocol (RDP) is a potential dangers of desktop remote-access tools commonly used by IT departments to handle help-desk issues and by administrators to manage virtualized machines. According to reports from krebsonsecurity, A Russian company called " dedicated express " ( Dedicatexpress.com ) is selling access to private company servers for as little as $4. Cyber criminals have hacked around 17,000 computers worldwide using such insecure applications in server and selling them in underground markets. Although almost 300,000 compromised systems have passed through this service since its inception in early 2010. New customers who contact the service's owner via instant message and pay a $20 registration fee via WebMoney, a virtual currency. The price of any hacked server is calculated based on several qualities, including the speed of its processor and the number of processor cores, the machine's downlo...

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider's storage security controls and default settings. "In just the past few months, I have witnessed two different methods for executing a ransomware attack using nothing but legitimate cloud security features," warns Brandon Evans, security consultant and SANS Certified Instructor. Halcyon disclosed an attack campaign that leveraged one of Amazon S3's native encryption mechanisms, SSE-C, to encrypt each of the target buckets. A few months prior, security consultant Chris Farris demonstrated how attackers could perform a similar attack using a different AWS security feature, KMS keys with external key material, using simple scripts generated by ChatGPT. "Clearly, this topic is top-of-mind for both threat actors and ...

Symantec has reported an increase in spam messages containing .gov URLs. Cybercriminals are using 1.usa.gov links in their spam campaigns to trick users into thinking the links lead to genuine US government Web sites. Spammers have created these shortened URLs through a loophole in the URL shortening service provided by bit.ly. USA.gov and bit.ly have collaborated, enabling anyone to shorten a .gov or .mil URL into a trustworthy 1.usa.gov URL. The click rate of the campaign has been significant, redirecting more than 16,000 victims over a five day period to a malicious website designed to look like a CNBC news article pushing several work from home scams. According to researchers from security firm Symantec , they simply leveraged an open-redirect vulnerability present on the official government site of Vermont (Vermont.gov) . Therefore, something like 1.usa.gov/…/Rxpfn9 takes you to labor.vermont.gov/LinkClick.aspx?link=[spam site] which then redirects you ...

Wordpress Security Team is sending out warning messages to thousands of wordpress users that their account has been compromised recently. Warning message include " We recently detected suspicious activity on your WordPress.com account. To protect your identity and keep your site safe, we've reset your password. " Message continue " To reset your password and get access to your account and blog, please visit WordPress.com. Click on "Forgot password?" in the Login toolbar to get started. It is very important that your password be unique because using the same password across different web applications increases the risk of your account being hacked. " Note: Wordpress officially has not announce yet any security breach news on their website, but these warning mails are silently received by compromised account holders. Method of hack is still not confirmed. But hacking 15000 blogs from wordpress server and posting same article on all sites most ...

Computer hacking is truly an epidemic. It's not enough to apply the latest patches to your servers and workstations or otherwise defend yourself reactively. If you're in charge of your network's security, you must understand how hackers minds work and what tools they're using for their attacks.  Also one of the best ways to protect yourself is to think like a hacker. Evil hackers aren't just a threat to national security. They're a threat to your privacy and even your livelihood. Your personal information? Nothing more than a commodity in their billion-dollar black-market enterprise. There's no product that can prevent hackers from plastering passwords and usernames on the Web. But some white hat hackers are not only chasing these cybercriminals but also thwarting the attacks before they can be launched. Vulnerabilities appear in your environment every day. For example, everyone wants to use their tablet or smart phone to conduct business. A...

The U.S. have admitted they believe a series of cyber attacks on domestic banks and some foreign oil companies carried out over the last year are the handy work of a group of hackers linked to the Iranian government. Defence Secretary Leon Panetta said the cyberthreat from Iran has grown, and declared that the Pentagon is prepared to take action if America is threatened by a computer-based assault. The hackers are apparently part of a group of less than 100 computer security specialists from Iranian universities and network security firms, according to an unnamed US government official. American officials have said they are able to discover the source of the recent cyberattacks. We do welcome this and announce our readiness for any international cooperation to find the source of the attacks. The Iranian official said Tehran has already offered help to boost the companies cybersecurity, as Iran has itself recently been the victim of cyberattacks on its offshore oil platforms....

Users should be aware that Cyber criminals are finding new ways to install malicious software on devices. The latest threat to Android phone users, according to the FBI , is a "work-at-home opportunity that promises a profitable payday just for sending out email." The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher .  Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out email. A link within these advertisements leads to a website that is designed to push Loozfon on the user's device. The malicious application steals contact details from the user's address book and the infected device's phone number . FinFisher is a spyware capable of taking over the components of a mobile device. Whe...

As warned by Izz ad-Din al-Qassam Cyber Fighters They launched another distributed denial-of-service (DDOS) attack against the website of Regions Financial Corp (regions.com) and SunTrust. The computer attacks burden the bank websites with heavy traffic volume that causes slow service for the sites or makes them completely unavailable. In a Pastebin post dated Oct. 8, the hacktivist group announced the planned Oct. 9 attack against Capital One, the Oct. 10 attack against SunTrust and an Oct. 11 takedown date for Regions Financial Corp and THEY DID IT. SunTrust ( suntrust.com ) spokesman Michael McCoy confirmed SunTrust's site had been hit by an uptick in traffic. "We have seen increased online traffic today and experienced intermittent service availability of some online functions," he said. A couple of days ago, Regions representatives told Fox Business that the organization was aware of the threats. At the time, they claimed they were "taking every mea...

Antivirus company Symantec has detected a malicious campaign in which hackers managed to deceive thousands of people allegedly signed by a paid proxy service. They expose that hundreds of thousands of users signing up for a cheap and supposedly legitimate proxy service have ended up downloading malware and being ensnared into a botnet. Three months ago, Symantec researchers started an investigation into a piece of malware called Backdoor.Proxybox that has been known since 2010, but has shown increasing activity recently. " The malware is Backdoor.Proxybox, and our investigation has revealed an entire black hat operation, giving us interesting information on the operation and size of this botnet, and leading us to information that may identify the actual malware author ," Symantec. The service - ProxyBox - supposedly provides access to its entire list of thousands of proxies for only $40 a month, which is obviously too cheap a price for the provider to break eve...