hacking group | Breaking Cybersecurity News | The Hacker News

So far, nobody had an idea that who was behind WannaCry ransomware attacks? But now there is a clue that lies in the code. Neel Mehta, a security researcher at Google, found evidence that suggests the WannaCry ransomware, that infected 300,000 machines in 150 countries over the weekend, is linked to a state-sponsored hacking group in North Korea, known for cyber attacks against South Korean organizations. What's Happening? What is WannaCry? This is the fifth day since the WannaCry ransomware attack surfaced, that leverages a critical Windows SMB exploit and still infecting machines across the world using newly released variants that don't have any "kill switch" ability. In case, if you have landed on WannaCry story for the first time, and don't know what's going on, you are advised to also read this simple, summarized, but detailed explanation: WannaCry: What Has Happened So Far & How to protect your PCs WannaCry: First Nation-State Powered Ran

Carbanak – One of the most successful cybercriminal gangs ever that's known for the theft of one billion dollars from over 100 banks across 30 countries back in 2015 – is back with a BANG! The Carbanak cyber gang has been found abusing various Google services to issue command and control (C&C) communications for monitoring and controlling the machines of unsuspecting malware victims. Forcepoint Security Labs researchers said Tuesday that while investigating an active exploit sent in phishing messages as an RTF attachment, they discovered that the Carbanak group has been hiding in plain site by using Google services for command and control. "The Carbanak actors continue to look for stealth techniques to evade detection," Forcepoint's senior security researcher Nicholas Griffin said in a blog post . "Using Google as an independent C&C channel is likely to be more successful than using newly created domains or domains with no reputation." Th

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

One of the FBI's Most Wanted Hackers who was arrested in Germany earlier this year has pleaded guilty to federal charges for his role in a scheme that hacked computers and targeted the US government, foreign governments, and multiple US media outlets. Peter Romar, 37, pleaded guilty Wednesday in a federal court in Alexandria to felony charges of conspiring to receive extortion proceeds and to illegally access computers in his role as a member of the infamous hacking group calling itself the Syrian Electronic Army (SEA), the Department of Justice (DoJ) announced . Romar was previously extradited from Germany on request of the United States. "Cybercriminals cannot hide from justice," said U.S. Attorney Dana J. Boente for the Eastern District of Virginia. "No matter where they are in the world, the United States will vigorously pursue those who commit crimes against U.S. citizens and hold them accountable for their actions." In March, the US charged thr

It seems like the NSA has been HACKED! Update: The NSA Hack — What, When, Where, How, Who & Why? Explained Here. An unknown hacker or a group of hackers just claimed to have hacked into " Equation Group " -- a cyber-attack group allegedly associated with the United States intelligence organization NSA -- and dumped a bunch of its hacking tools (malware, private exploits, and hacking tools) online. I know, it is really hard to believe, but some cybersecurity experts who have been examining the leak data, exploits and hacking tools, believe it to be legitimate. Hacker Demands $568 Million in Bitcoin to Leak All Tools and Data Not just this, the hackers, calling themselves " The Shadow Brokers ," are also asking for 1 Million Bitcoins ( around $568 Million ) in an auction to release the 'best' cyber weapons and more files. Also Read:   Links Found between NSA, Regin Spy tool and QWERTY Keylogger Widely believed to be part of the NSA, Equati

Twitter account of another high profile has been hacked! This time, it's Twitter CEO Jack Dorsey. OurMine claimed responsibility for the hack, which was spotted after the group managed to post some benign video clips. The team also tweeted at 2:50 AM ET today saying " Hey, its OurMine,we are testing your security, " with a link to their website that promotes and sells its own "services" for which it has already made $16,500. Although the tweets posted by the group did not contain any harmful content, both the tweet and linked to a short Vine video clip have immediately been removed. Ourmine is the same group of hackers from Saudi Arabia that previously compromised some social media accounts of other CEOs including: Google's CEO Sundar Pichai Facebook's CEO Mark Zuckerberg Twitter's ex-CEO Dick Costolo Facebook-owned virtual reality company Oculus CEO Brendan Iribe Since all tweets posted to Dorsey's account came through Vine,

The man who runs the biggest social network and continuously implements new security measures to boost its billion users security, himself failed to follow basics of Internet security for his own online accounts. Yes, I'm talking about Facebook CEO Mark Zuckerberg , who had his Twitter and Pinterest accounts compromised on Sunday. The hacker group from Saudi Arabia, dubbed OurMine , claimed responsibility for the hack and guess how the group did it? Thanks to the LinkedIn data breach ! The hackers tweeted that they found Zuck's account credentials in the recent LinkedIn data breach, from which they took his SHA1-hashed password string and then broke it and tried on several social media accounts. Also Read: Hacker Removed Zuckerberg's Facebook Cover Photo The group, which has more than 40,000 Twitter followers, then successfully broke into Zuck's Twitter ( @finkd ) and Pinterest profile and defaced its banners with its logo as well as tweeted out some offens

SWIFT Bank Hackers have attacked another bank in the Philippines using the same modus operandi as that in the $81 Million Bangladesh Bank heist . Security researchers at Symantec have found evidence that malware used by the hacking group shares code similarities with the malware families used in targeted attacks against South Korean and US government, finance, and media organizations in 2009. These historic attacks were attributed to the North Korean hacking group known as Lazarus , who hacked Sony Pictures in 2014. Also Read:   How Hackers Stole $80 Million from Bangladesh Bank . " At first, it was unclear what the motivation behind these attacks were, however, code sharing between Trojan.Banswift (used in the Bangladesh attack used to manipulate SWIFT transactions) and early variants of Backdoor.Contopee provided a connection, " Symantec blog post says. In past few months, some unknown hackers have been targeting banks across the world by gaining access to SWIFT, the worldwi

Without adequate analysis and algorithms, mass surveillance is not the answer to fighting terrorism and tracking suspects. That's what President Obama had learned last year when he signed the USA Freedom Act , which ends the bulk collection of domestic phone data by US Intelligence Agencies. There is no doubt that US Government is collecting a vast quantity of data from your smartphone to every connected device i.e. Internet of the things , but… Do they have enough capabilities to predict and identify terrorists or cyber criminals or state-sponsored hackers before they act? Well, if they had, I would not be getting chance to write about so many brutal cyber attacks , data breaches, and terrorist attacks that not only threatened Americans but also impacted people worldwide. The Ex-NSA technical director William E. Binney, who served the US National Security Agency for over 30-years, said last year in the front of Parliamentary Joint Committee that forcing analysts t

Another 15-year-old teenager got arrested from the land of cakes, Scotland, by British Police for breaking into the FBI Systems on 16th February. Under the Britain's anti-hacking law, Computer Misuse Act 1990 , the boy has been arrested for his role in hacking and unauthorized access to the digital material. Federal Agents had fled to Glasgow in an attempt to carry out a raid on his home before proceeding with the boy's arrest. "He has since been released and is the subject of a report to the procurator fiscal," a Police Spokesman told a Scottish journal. As with the present scenario, reports say that the boy could be extradited to the United States to face the Intrusion and hacking charges. Second Member of the Hacking Group Arrested The suspect is believed to be an active member of the notorious hacking group called " Crackas with Attitude " aka "CWA", Motherboard confirms . Another member of the same group got arrested f

The Group of teenage hackers, which previously hacked into the personal email of the CIA director John Brennan and published a large trove of sensitive data, has now had its hands on even more important and presumably secure target. Hackers Accessed Law Enforcement Private Portal The hacking group, Crackas With Attitude ( CWA ), claims it has gained access to a Law Enforcement Portal through which one can access: Arrest records Tools for sharing information about terrorist events and active shooters The system in question is reportedly known as the Joint Automated Booking System ( JABS ), which is only available to the Federal Bureau of Investigation (FBI) and law enforcement. Hackers Gained Access to FBI's Real-Time Chat System Moreover, the hacking group also says it has gained access to another tool that is something like a real-time chat system for the FBI to communicate with other law enforcement agents around the US. Two days ago, CWA published

A State-sponsored Cyber Espionage Group -- most likely linked to the Chinese government becomes the first group to target the so-called " Air-Gapped Networks " that aren't directly connected to the Internet. What are Air-Gapped systems? Air-gapped systems are known to be the most safest and secure systems on the earth. These systems are isolated from the Internet or any other Internet-connected computers or external networks. Air-gapped systems are generally used in the critical situations that demand high security like in payment networks to process debit and credit card transactions, military networks, and in industrial control systems that operate critical infrastructure of the Nation. Why Air-Gapped? It is very difficult to siphon data from Air-Gapped systems because it requires a physical access to the target system or machine in order to do that and gaining physical access is possible only by using removable devices such as a firewire cab

China finally admits it has special cyber warfare units — and a lot of them. From years China has been suspected by U.S. and many other countries for carrying out several high-profile cyber attacks, but every time the country strongly denied the claims. However, for the first time the country has admitted that it does have cyber warfare divisions – several of them, in fact. In the latest updated edition of a PLA publication called The Science of Military Strategy , China finally broke its silence and openly talked about its digital spying and network attack capabilities and clearly stated that it has specialized units devoted to wage war on computer networks. An expert on Chinese military strategy at the Center for Intelligence Research and Analysis, Joe McReynolds told TDB that this is the first time when China has explicit acknowledged that it has secretive cyber-warfare units, on both the military as well as civilian-government sides. CHINESE CYBER WARFARE UNI

The U.S. National Security Agency (NSA) may be hiding highly-sophisticated hacking payloads in the firmware of consumer hard drives over the last 15 to 20 years in a campaign, giving the agency the means to eavesdrop on thousands of targets' computers, according to an analysis by Kaspersky labs and subsequent reports. 'EQUATION GROUP' BEHIND THE MALWARE The team of malicious actors is dubbed the the " Equation Group " by researchers from Moscow-based Kaspersky Lab, and describes them as " probably one of the most sophisticated cyber attack groups in the world," and "the most advanced threat actor we have seen. " The security researchers have documented 500 infections by Equation Group and believes that the actual number of victims likely reaches into the tens of thousands because of a self-destruct mechanism built into the malware. TOP MANUFACTURERS' HARD DRIVES ARE INFECTED Russian security experts reportedly uncovered sta

A UK man linked to the notorious hacking group, Lizard Squad , that claimed responsibility for knocking Sony's PlayStation Network and Microsoft's Xbox Live offline on Christmas Day has been arrested by the United Kingdom police. Lizard Squad launched simultaneous Distributed Denial-of-Service ( DDoS ) attacks against the largest online gaming networks, Xbox Live and PlayStation Network, on Dec. 25, 2014. Then offered to sell its own Lizard-branded DDoS-for-hire tool called Lizard Stresser . SECOND ARREST As part of an investigation, the UK Regional Organised Crime Unit, in collaboration with the Federal Bureau of Investigation (FBI), have arrested an 18 year old teenager in Southport, near Liverpool, UK on Friday morning, and seized his electronic and digital devices as well. So far, this is the second arrest made in connection to the attack after Thames Valley Police arrested a 22-year old , named Vinnie Omari , also believed to have been an alleged member of Liz

A 22-year-old man linked to the notorious hacking group, Lizard Squad, that claimed responsibility for knocking Sony's PlayStation Network and Microsoft's Xbox Live offline on Christmas Day was arrested by the United Kingdom police on Monday. Lizard Squad launched simultaneous Distributed Denial-of-Service ( DDoS ) attacks against the largest online gaming networks, Xbox Live and PlayStation Network, on Dec. 25. Then offered to sell its own Lizard-branded DDoS-for-hire tool called Lizard Stresser. Vinnie Omari , an alleged member of Lizard Squad, arrested by the police investigating PayPal thefts and cyber-fraud offences occurred in 2013-14 while raiding his London home. Law enforcement officials reportedly seized phones, laptops and an Xbox from his home. "The arrest is in connection with an ongoing investigation into cyber-fraud offences which took place between 2013 and August 2014 during which victims reported funds being stolen from their PayPal accounts,"

Nearly a decade-long cyber espionage group that targeted a variety of Eastern European governments and security-related organizations including the North Atlantic Treaty Organization (NATO) has been exposed by a security research firm. The US intelligence firm FireEye released its latest Advanced Persistent Threat ( APT ) report on Tuesday which said that the cyber attacks targeting various organisations would be of the interest to Russia, and " may be " sponsored by the Russian government. The Report entitled " APT28: A Window Into Russia's Cyber Espionage Operations " published by FireEye has " evidence of long-standing, focused operations that indicate a government sponsor - specifically, a government based in Moscow. " " Despite rumours of the Russian government's alleged involvement in high-profile government and military cyber attacks, there has been little hard evidence of any link to cyber espionage, " Dan McWhort

Chinese hackers infiltrated the databases of three Israeli defense contractors and stole plans for Israel's Iron Dome missile defense system, according to an investigation by a Maryland-based cyber security firm ' Cyber Engineering Services Inc. (CyberESI) '. Not just this, the hackers were also able to nab plans regarding other missile interceptors, including Unmanned Aerial Vehicles, ballistic rockets and the Arrow III missile interceptor which was designed by Boeing and other U.S.-based companies. The intrusions were thought to be executed by Beijing's infamous " Comment Crew " hacking group – a group of cyber warriors linked to the Chinese People's Liberation Army (PLA) – into the corporate networks of top Israeli defense technology companies, including Elisra Group, Israel Aerospace Industries, and Rafael Advanced Defense Systems, between 10 October 2011 and 13 August 2012. The three Israeli defense technology companies were responsible for the developmen

The Iranian hacking group, which calls itself the " Ajax Security Team ", was quite famous from last few years for websites defacement attacks , and then suddenly they went into dark since past few months. But that doesn't mean that the group was inactive, rather defacing the websites, the group was planning something bigger. The Group of hackers at Ajax Security Team last defaced a website in December 2013 and after that it transitioned to sophisticated malware-based espionage campaigns in order to target U.S. defense organizations and Iranian dissidents, according to the report released by FireEye researchers. " The transition from patriotic hacking to cyber espionage is not an uncommon phenomenon. It typically follows an increasing politicization within the hacking community, particularly around geopolitical events ," researchers Nart Villeneuve, Ned Moran, Thoufique Haq and Mike Scott wrote in the report. " This is followed by increasing links between the hacking