network hacking | Breaking Cybersecurity News | The Hacker News

A Security researcher has discovered a unique attack method that can be used to steal credentials from a locked computer ( but, logged-in ) and works on both Windows as well as Mac OS X systems. In his blog post published today, security expert Rob Fuller demonstrated and explained how to exploit a USB SoC-based device to turn it into a credential-sniffer that works even on a locked computer or laptop. Fuller modified the firmware code of USB dongle in such a way that when it is plugged into an Ethernet adapter, the plug-and-play USB device installs and acts itself as the network gateway, DNS server, and Web Proxy Auto-discovery Protocol (WPAD) server for the victim's machine. The attack is possible because most PCs automatically install Plug-and-Play USB devices, meaning "even if a system is locked out, the device [dongle] still gets installed," Fuller explains in his blog post . "Now, I believe there are restrictions on what types of devices are allowed to

We have been hearing a lot about Rule 41 after the US Department of Justice has pushed an update to the rule. The change to the Rule 41 of the Federal Rules of Criminal Procedure grants the FBI much greater powers to hack legally into any computer across the country, and perhaps anywhere in the world, with just a single search warrant authorized by any US judge. However, both civil liberties groups and tech companies have blasted the proposed change, saying it is an affront to the Fourth Amendment and would allow the cops and Feds in America to hack remotely into people's computers and phones around the world. Google, Electronic Frontier Foundation (EFF), Demand Progress, FightForTheFuture, TOR (The Onion Router), Private Internet Access and other VPN providers have joined their hands to block changes to Rule 41. " The U.S. government wants to use an obscure procedure—amending a federal rule known as Rule 41— to radically expand their authority to hack," the

The  ransomware industry surged in 2023  as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070.  But 2024 is starting off showing a very different picture.  While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048 cases. This is a 22% decrease in ransomware attacks compared to Q4 2023. Figure 1: Victims per quarter There could be several reasons for this significant drop.  Reason 1: The Law Enforcement Intervention Firstly, law enforcement has upped the ante in 2024 with actions against both LockBit and ALPHV. The LockBit Arrests In February, an international operation named "Operation Cronos" culminated in the arrest of at least three associates of the infamous LockBit ransomware syndicate in Poland and Ukraine.  Law enforcement from multiple countries collaborated to take down LockBit's infrastructure. This included seizing their dark web domains and gaining access to their backend sys

Hacking into computer, networks and websites could easily land you in jail. But what if you could freely test and practice your hacking skills in a legally safe environment? Facebook just open-sourced its Capture The Flag (CTF) platform to encourage students as well as developers to learn about cyber security and secure coding practices. Capture the Flag hacking competitions are conducted at various cyber security events and conferences, including Def Con, in order to highlight the real-world exploits and cyber attacks. The CTF program is an effective way of identifying young people with exceptional computer skills, as well as teaching beginners about common and advanced exploitation techniques to ensure they develop secure programs that cannot be easily compromised. Facebook  CTF Video Demo: Since 2013, Facebook has itself hosted CTF competitions at events across the world and now, it is opening the platform to masses by releasing its source code on GitHub. "

Security researchers have discovered a massive security flaw that could let hackers and cybercriminals listen to private phone calls and read text messages on a potentially vast scale – no matter if the cellular networks use the latest and most advanced encryption available. The critical flaw lies in the global telecom network known as Signal System 7 that powers multiple phone carriers across the world, including AT&T and Verizon , to route calls, texts and other services to each other. The vulnerability has been discovered by the German researchers who will present their findings at a hacker conference in Hamburg later this month. "Experts say it's increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world's billions of cellular customers," said The Washington Post, which first uncovered flaws in the system earlier this year. NUMBER OF SECURITY FLAWS IN SS7 SS7 or

Home Depot , the nation's largest home improvement retailer, announced on Thursday that a total of 56 million unique payment cards were likely compromised in a data breach at its stores, suggesting that the data breach on Home improvement chain was larger than the Target data breach that occurred last year during Christmas holidays. The data theft occurred between April and September at Home Depot stores in both the United States and Canada, but the confirmation comes less than a week after the retailer first disclosed the possibility of a breach. " We apologize to our customers for the inconvenience and anxiety this has caused, and want to reassure them that they will not be liable for fraudulent charges, " Home Depot CEO Frank Blake said in a statement. " From the time this investigation began, our guiding principle has been to put our customers first, and we will continue to do so. " It is believe that the cybercriminals successfully compromised the

A notable number of cell phone towers around the United States are rogue that, according to latest report, could spoof legitimate towers and intercept calls. The research carried out by ESD America , a defense and law enforcement technology firm based in Las Vegas, shows that a rogue cell phone towers, also known as "interceptors", may process the call. ESD America, the company that makes the super-secure CryptoPhone, makes one of the oldest and most expensive high-security cell phones in the market. It provides equipment and training to more than 40 countries with a goal to provide technical security assistance to government and corporate clients across Asia. SEVERAL ROGUE CELL PHONE TOWERS DISCOVERED While field-testing its secure Android handset, the CryptoPhone 500 , the firm came across the existence of a series of fake base stations along the Eastern seaboard of the US. Les Goldsmith, the CEO of ESD America, told the US publication Popular Science tha

What do you expect from your cat to come back with?? Perhaps with a mouse or a bird – none of your use. But what if she come back with your neighbours' wifi details? Really Interesting! A creative security researcher has found a way to use his pet cat mapping dozens of vulnerable Wi-Fi networks in his neighborhood. Gene Bransfield , a security researcher with Tenacity, managed to turn his wife's grandmother's pet cat Coco into a roaming detector for free Wifi networks by just using a custom-built collar , which was made from a Wi-Fi card, GPS module, Spark Core chip, battery and some fetching leopard print fabric. Bransfield dubbed his experiment " Warkitteh " – on the concept of " Wardriving ", where hackers used unsecured Wi-Fi connections from a parked car. He decided to turn his cat into a hacker because he found the idea amusing, and also because cats are the one that consumes as much as 15 per cent of internet traffic, with the popularity among the internet users.

Which Wireless Router do you have at your Home or Office? If it's a Linksys Router you could be in the danger to a new malware that attacks your firmware and replicates itself. Security researcher Johannes B. Ullrich from the SANS Technology Institute has warned about a self-replicating malware which is exploiting authentication bypass and code-execution vulnerabilities in the Linksys wireless routers. The Malware named as ' THE MOON ', scans for other vulnerable devices to spread from router to router and Johannes confirmed that the malicious worm has already infected around 1,000 Linksys E1000, E1200, and E2400 routers. In order to hack the Router, malware remotely calls the Home Network Administration Protocol (HNAP), allows identification, configuration and management of networking devices. The Malware first request the model and firmware version of the router using HNAP and if the device founds vulnerable, it sends a CGI script exploit to get the local command execution

Security experts at Mandiant intelligence firm have discovered a new intrusion into the network of The Washington Post , it is the third time in the last three years. In time I'm writing it is still not clear the extension of the attack neither an estimation of the losses. Mandiant reported the incident to The Washington Post this week, confirming that exposed data include employees' credentials hash. " Hackers broke into The Washington Post's servers and gained access to employee user names and passwords, marking at least the third intrusion over the past three years, company officials said Wednesday. " a post of the news agency said. Early 2013 the New York Times has announced that during the previous months it was a victim of cyber espionage coordinated by Chinese hacker s, similar attacks was conducted against principal Americans news agencies. The hackers have tried to compromise the email account of journalists to steal sensitive information, they tried

JPMorgan Chase , one of the world's biggest Banks has recently announced that it was the victim of a cyber attack and warned round 465,000 of its holders of prepaid cash cards on the possible exposure of their personal information. In the Security Breach that took place on the bank's website www.ucard.chase.com  in July, around 465,000 accounts are compromised i.e. 2% of the overall 25 million UCard users. JPMorgan confirmed that there is no risk for holders of debit cards, credit cards or prepaid Liquid cards. They informed the law enforcement in September, and till now no information on how attackers have conducted the attack has been disclosed. The JPMorgan spokesman Michael Fusco declared that the investigation allowed the identification of victim accounts and the data stolen, the bank already notifying the cardholders of the incident. JPMorgan representative also remarked that hackers haven't stolen money from any user's account, due this reason the company is not i

The Wall Street Journal reported that Iranian hackers have successfully penetrated unclassified US Navy computers , the allegations were made by US officials that consider the attacks a serious intrusion within the Government network. " The U.S. Officials said the attacks were carried out by hackers working for Iran's government or by a group acting with the approval of Iranian leaders. The most recent incident came in the week starting Sept. 15, before a security upgrade, the officials said. Iranian officials didn't respond to requests to comment." US officials revealed that a group of Iranian state-sponsored hackers have repeatedly violated US Navy computer systems for cyber espionage purpose, despite no sensitive information has been leaked the event is considered very concerning. US Intelligence fears that such attacks could expose confidential information like the blueprints of a new cyber weapon. US officials added that Congress has been bri

A vulnerability in AirDroid application  which provides wireless management of your Android phone or tablet from any browser on the same Wi-Fi network allow hackers  to perform Dos attack from your Android device. Cross Site scripting or  XSS vulnerability in the browser version of AirDroid allows an attacker is able to send a malicious text message to the browser associated with the account when attacker is able to get access to a phone with AirDroid installed. According to advisory posted by US-Cert , When this message is viewed on the AirDroid web interface an attacker can conduct a cross-site scripting attack, which may be used to result in information leakage, privilege escalation, and/or denial of service on the host computer. Vulnerability is currently not patched and also AirDroid team didn't annouce any update regarding fix. As a general good security practice, only allow connections from trusted hosts and networks. Flaw registered as  CVE-2013-0134

It's not a mystery, every nation is worried of the level of security of its infrastructure, the United States are among the most concerned governments due the high number of cyber-attack against its networks. US Government representative such us former States Secretary of Defense Leon Panetta and Secretary of Homeland Security Janet Napolitano warned in more than one occasion on the possible consequences of a cyber offensive and declared the necessity to improve the cyber capabilities of the country.  Senators are interested to evaluate the level of protection of nuclear stockpile of foreign governments against cyber attacks, question has been raised after that Pentagon's chief cyber officer admitted to ignore if countries such as Russia or China have adopted efficient countermeasures. Nelson and Armed Services Committee Chairman Sen. Carl Levin, D-Mich. will request to national intelligence an assessment about the ability of foreign states to safeguard networked

Today social media are spreading a shocking news, authors of Stuxnet virus that hit Iranian nuclear program in 2010 according a new research proposed by Symantec security company started in 2005 and contrary to successive instance of the malware he was designed to manipulate the nuclear facility's gas valves. The attacker strategy was to destroy the nuclear plant causing an explosion due the sabotage of gas valves, hackers purpose was physical destruction of the targets, due this reason the press and security community labeled Stuxnet as first cyber weapon of the history.  Francis deSouza, Symantec's president of products and services, during an interview with Bloomberg revealed that the version detected was a sort of beta version of the final weapon and that in the period between 2005 and 2009 the authors were testing its capabilities. " It looks like now the weapon tried a few things before it hit on what would actually work ,"' " It is clear that this has been a soph

Security tools company Pwnie Express is making a network hacking focused Android device called the Pwn Pad . The device is based on the Google Nexus 7 specs, with USB-based Bluetooth, Ethernet and WiFi to gauge the security of a network beyond what Google's tablet can manage on its own. Pwn Pad  will be introduced at the RSA security conference in San Francisco next week and Pwnie Express is also releasing the Pwn Pad source code. This will allow hackers to download the software and get it up and running on other types of Android phones and tablets. " Every pen tester we know has a phone and a tablet and a laptop, but none of them has been able to do pen-testing from the tablet ," says Dave Porcello, Pwnie Express's CEO said to  wired . Most interesting part is that, first time the most popular wireless hacking tools like Aircrack-ng and Kismet introduced on an Android device.  The complete list of the tool available  in this suite are:  Wireless Tools: Aircrac

If you are a BlackBerry Enterprise Network user, here is something you need to be careful about. BlackBerry Enterprise Server (BES) users have been warned that an image-based exploit could allow hackers to access and execute code on the servers used to support corporate users of BlackBerry smartphones.  The flaw that been rated as high severity and actual vulnerability in BlackBerry Enterprise Servers resulted from how the server processes image files. Scenario to Exploit Vulnerability :  A malicious person writes a special code and then embeds it in a TIFF image file. The person then convinces a Blackberry smart phone user (whose phone is connected to a corporate BES) to view the TIFF file. As soon as the image file loads on the phone, the code runs on the Blackberry Enterprise server and either opens up a back door in the network or causes the network to crash altogether as instructed in the basic code. " RIM is not aware of any attacks on or specifically target

What if you could easily host malicious websites, send phishing emails, and manage compromised hosts across diverse internet addresses? This week's Cobalt Strike adds the ability to manage multiple attack servers at once. Here's how it works: When you connect to two or more servers, Cobalt Strike will show a switch bar with buttons for each server at the bottom of your window. Click a button to make that server active. It's a lot like using tabs to switch between pages in a web browser. To make use of multiple servers, designate a role for each one. Assign names to each server's button to easily remember its role. Dumbly connecting to multiple servers isn't very exciting. The fun comes when you seamlessly use Cobalt Strike features between servers. For example: Designate one server for phishing and another for reconnaissance. Go to the reconnaissance server, setup the system profiler website. Use the phishing tool to deliver the reconnaissance website through