The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: hacking

FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

October 14, 2020Ravie Lakshmanan
A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in addition to deploying point-of-sale (POS) malware targeting financial, retail, restaurant, and pharmaceutical sectors. "Recent FIN11 intrusions have most commonly led to data theft, extortion and the disruption of victim networks via the distribution of CLOP ransomware ," Mandiant said . Although FIN11's activities in the past have been tied to malware such as FlawedAmmyy , FRIENDSPEAK , and MIXLABEL, Mandiant notes significant overlap in TTPs with another threat group that cybersecurity researchers call TA505 , which is behind the infamous Dridex banking Trojan and Locky ransomware that'
55 New Security Flaws Reported in Apple Software and Services

55 New Security Flaws Reported in Apple Software and Services

October 09, 2020Ravie Lakshmanan
A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker to "fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account, retrieve source code for internal Apple projects, fully compromise an industrial control warehouse software used by Apple, and take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources." The flaws meant a bad actor could easily hijack a user's iCloud account and steal all the photos, calendar information, videos, and documents, in addition to forwarding the same exploit to all of their contacts. The findings were  reported by Sam Curry  along with Brett Buerhaus, Ben Sadeghipo
Researchers Find Vulnerabilities in Microsoft Azure Cloud Service

Researchers Find Vulnerabilities in Microsoft Azure Cloud Service

October 08, 2020Ravie Lakshmanan
As businesses are increasingly migrating to the cloud, securing the infrastructure has never been more important. Now according to the latest research, two security flaws in Microsoft's Azure App Services could have enabled a bad actor to carry out server-side request forgery ( SSRF ) attacks or execute arbitrary code and take over the administration server. "This enables an attacker to quietly take over the App Service's git server, or implant malicious phishing pages accessible through Azure Portal to target system administrators," cybersecurity firm Intezer said in a report published today and shared with The Hacker News. Discovered by  Paul Litvak of Intezer Labs, the flaws were reported to Microsoft in June, after which the company subsequently addressed them. Azure App Service is a cloud computing-based platform that's used as a hosting web service for building web apps and mobile backends. When an App Service is created via Azure, a new Docker env
A Handy Guide for Choosing a Managed Detection & Response (MDR) Service

A Handy Guide for Choosing a Managed Detection & Response (MDR) Service

October 07, 2020The Hacker News
Every company needs help with cybersecurity. No CISO ever said, "I have everything I need and am fully confident that our organization is fully protected against breaches." This is especially true for small and mid-sized enterprises that don't have the luxury of enormous cybersecurity budgets and a deep bench of cybersecurity experts. To address this issue, especially for small and mid-sized enterprises, we've seen a sharp rise in Managed Detection and Response (MDR) services. MDR is essentially an outsourced cybersecurity expert service that monitors a company's environment and provides an improved ability to detect, investigate, and respond to threats. Think of it as augmenting your existing staff with a group of highly skilled cybersecurity experts. MDR Services Cynet recently published a new whitepaper that reviewed all of the services provided by their MDR team, which they refer to as "CyOps" [you can download the whitepaper here] . Interestin
JPMorgan Hack — Three Men Charged in Biggest Bank Hack in History

JPMorgan Hack — Three Men Charged in Biggest Bank Hack in History

November 10, 2015Swati Khandelwal
The US government has charged hackers over the largest ever hacking case in financial history. The US Court of the Southern District of New York has charged three men accused of hacking into many financial institutions, including JPMorgan Chase that, according to the officials, was "the largest theft of user data from a U.S. financial institution in history." JPMorgan Chase is one of the world's biggest banks that controls total assets worth more than $2.59 Trillion . The Hackers targeted at least nine financial institutions between 2012 and mid-2015, including JPMorgan Chase, brokerages and a major business news publication, and stolen information of " over 100 Million customers ," Bloomberg reported Tuesday. The three men, including Gery Shalon , Ziv Orenstein , and Joshua Samuel Aaron were charged with 23 counts, including hacking, identity theft, securities fraud, and money laundering, among others. A separate indictment was also
Lockpickers 3D-Printed Master Key for TSA Luggage Locks and BluePrint Leaked Online

Lockpickers 3D-Printed Master Key for TSA Luggage Locks and BluePrint Leaked Online

September 11, 2015Swati Khandelwal
Here're a good news and bad news for you. The good news is that if you lose the keys for your TSA-compliant "Travel Sentry" luggage locks then you can just 3D print your very own TSA master keys. The bad news is that anyone can now 3D print their own master keys to open your bags. Yes, the security of 300 Million TSA-approved Travel Sentry luggage locks has been compromised , and now anyone with a 3D printer can unlock every single TSA-approved padlocks. Thanks to a security blunder by the American government agency. A security researcher with online moniker " Xyl2k " published the 3D printing files for a range of master keys with blueprints to GitHub , allowing anyone to 3D print his or her own copies of TSA-approved locks—the ones the authorities can unlock with their keys during airport inspections. How did the Researcher get the Print? A story about the " Secret Life " of Baggage in the hands of the US Transportation Securi
Chinese Government targets Uyghur group by malware attack

Chinese Government targets Uyghur group by malware attack

February 14, 2013Mohit Kumar
An old vulnerability in Word for OS X is being used in increasing levels of attacks,  probably government-sponsored hacking programs  against Uyghur group, including Tibetans, NGOs and human rights organizations. A number of attacks have been seen directed at the World Uyghur Congress, a Munich-based organization that promotes human rights. Potential victims are often tricked by so-called spear phishing attacks, the targets receive an e-mail with a subject relevant to their interests, and a Word document attached.  When they open the document, TinySHell exploits a vulnerability and then infects the computer. Exploit allows long-term monitoring or even control of the compromised system though a backdoor it installs. The malware is configured to connect to command and control servers that have been used for years in APT attacks. All the attacks use exploits for the CVE-2009-0563 (Microsoft Office) vulnerability and The backdoor also includes hard-coded functionality to
Hacker dump database from US Government and Military websites

Hacker dump database from US Government and Military websites

October 27, 2012Mohit Kumar
Internet Activist and collective hacker group "NullCrew" released a huge dump of 7,000 names-passwords database from US Government websites and 2000 names-passwords database from Military websites. Hacker claimed to hack into five websites, including Montana's Official State Website, United Nations, Louisiana Department of Environmental Quality, Texas Juvenile Justice Department, Force Health Protection & Readiness, domains are -  unescoetxea.org , www.mt.gov , www.la.gov, www.texas.gov and fhpr.osd.mil respectiverly. Few days back two Nullcrew members,  null and 0rbit_g1rl claimed to perform the hack into above sites using few vulnerabilities such as " Unproperly sanitized code, leading to disclosure of all files on a server and Boolean blind SQL injection " and they threatened to release the database soon. Today in a announcement via Twitter, hacker leaked the Database including 2000 and more Military, Air Force and Army officials us
Cyber threats a major risk to business

Cyber threats a major risk to business

October 22, 2012Mohit Kumar
When it comes to security, small and midsize businesses are largely unaware of the risks they face. Cybercrime is a serious problem which affects businesses of all sizes and can have devastating consequences. U.S. small businesses should understand they cannot completely remain safe from cyber-threats if they do not take the necessary precautions. Although such threats existed long before malware emerged, data theft, fraud and industrial spying are all now typically conducted through cyber-attacks. The picture painted is of an environment under siege, with an alarming 41% of businesses acknowledging themselves less than ready to face cyber-threats. Kaspersky Lab and B2B International recently conducted a survey among IT professionals working for large and medium-sized businesses to find out what IT specialists thought of corporate security solutions, to determine their level of knowledge about current threats, the sort of problems they most often face, and their ability to e
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.