#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

social engineering | Breaking Cybersecurity News | The Hacker News

SEANux — Syrian Electronic Army To Release its Own Linux-based Distribution

SEANux — Syrian Electronic Army To Release its Own Linux-based Distribution
Oct 13, 2014
Lots of Linux distributions are offered free of cost on the Internet by a number of companies, non-commercial organizations and by many individuals as well, and now, the notorious Syrian Electronic Army (SEA) has announced their own Linux distribution known as SEANux . A Linux distribution is a coordinated collection of software consisting of a customized version of the kernel together with hundreds of open source (i.e., free) utilities, installers, programming languages and application programs. Some of the most popular distributions are Fedora (formerly Red Hat), SuSE, Debian, Ubuntu, Kali Linux, Tails OS and Mint Linux. SEA (Syrian Electronic Army) is the same group of hackers who made the headlines in past year by launching advance phishing attacks against media organisations, usually Western media outlets. The group is reportedly aligned with president Bashar al-Assad and had purposely targeted social media accounts of a number of high-profile media outlets inclu

Book — Unmasking the Social Engineer: The Human Element of Security

Book — Unmasking the Social Engineer: The Human Element of Security
Aug 06, 2014
If we talk about old days, a hacker often rely on the natural helpfulness as well as weaknesses of people whom he wanted to target. This tactic to break into a computer network by gaining the confidence of an authorized user and get them to reveal information that compromises the network's security is known as Social Engineering . WHAT IS SOCIAL ENGINEERING Social engineering is nothing but a non technical kind of intrusion that relies heavily on human interaction and involves manipulating people so they give up confidential information. Social engineering was very effective those old days as well as today, as major targets are made victims using this old trick only and it is also one of the important components of many types of exploits like: Virus writers use social engineering tactics to persuade people to run malicious email attachments Phishers use social engineering tactics to convince people to disclose their sensitive information such as banking credentia

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

Facebook Self-XSS Scam Fools Users into Hacking Themselves

Facebook Self-XSS Scam Fools Users into Hacking Themselves
Jul 29, 2014
Scammers have again targeted more than one billion active users of the popular social networking giant Facebook, to infect as many victims as possible. Not by serving fake post, neither by providing malicious video link, instead this time scammers have used a new way of tricking Facebook users into injecting or placing malicious JavaScript or client-side code into their web browsers. This malicious code could allow an attacker to gain access to victims' accounts, thereby using it for fraud, to send spams, and promoting further attacks by posting the scam on timeline to victims' friends. This technique is known as Self Cross-site Scripting or Self XSS. Self-XSS (Self Cross-Site Scripting) scam is a combination of social engineering and a browser vulnerability , basically designed to trick Facebook users' into providing access to their account. Once an attacker or scammer gets access to users' Facebook account, they can even post and comment on things on users' behalf.

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Gameover ZeuS Trojan Targets Users of Monster.com Employment Portal

Gameover ZeuS Trojan Targets Users of Monster.com Employment Portal
Mar 26, 2014
Zeus Trojan is one of the most popular families of Banking Trojan, which was also used in a targeted malware campaign against a Salesforce.com customer at the end of the last month and researchers found that the new variant of Zeus Trojan has web crawling capabilities that are used to grab sensitive business data from that customer's CRM instance. 'GameOver' Banking Trojan is also a variant of Zeus financial malware that spreads via phishing emails. GameOver Zeus Trojan makes fraudulent transactions from your bank once installed in your system with the capability to conduct Distributed Denial of Service, or DDoS, attack using a botnet , which involves multiple computers flooding the financial institution's server with traffic in an effort to deny legitimate users access to the site. TAREGET - EMPLOYMENT WEBSITES Now, a new variant of GameOver Zeus Trojan has been spotted, targeting users of popular employment websites with social engineering attacks , implemented t

Gameover Malware, variant of ZeuS Trojan uses Encryption to Bypass Detection

Gameover Malware, variant of ZeuS Trojan uses Encryption to Bypass Detection
Feb 04, 2014
The year begins with the number of new variants of malware that were discovered by various security researchers. The new variants are more complex, sophisticated and mostly undetectable. Two years back in 2012, the FBI warned us about the ' GameOver ' banking Trojan, a variant of Zeus financial malware that spreads via phishing emails. GameOver makes fraudulent transactions from your bank once installed in your system with the capability to conduct Distributed Denial of Service, or DDoS, attack using a botnet, which involves multiple computers flooding the financial institution's server with traffic in an effort to deny legitimate users access to the site. But that wasn't the end; a new variant of the same family of banking Trojan has been discovered by researchers that are being delivered by cyber criminals to users' machines, making it easier for the banking malware to evade detection and steal victim's banking credentials. Malcovery's Gary Warner explains

BIOS Malware that can remotely destroy any computer, NSA claimed

BIOS Malware that can remotely destroy any computer, NSA claimed
Dec 16, 2013
During a CBS Interview show " 60 Minutes ", The National Security Agency (NSA) officials claimed that China has developed a BIOS based malware that can remotely destroy any computer. Obviously NSA is struggling to repair its image and in an effort to justify their extensive Surveillance programs, The NSA Director General Keith Alexander and Information Assurance Director Debora Plunkett made a number of claims. During that interview NSA officials said that they had foiled a malware attack that could have taken down the U.S. economy. " One of our analysts actually saw that the nation state had the intention to develop and to deliver, to actually use this capability to destroy computers ," Plunkett said. They have mentioned that this malware was distributed via social engineering and targeted emails, although the NSA director mentioned that their researchers worked with computer manufacturers and able to close the respective vulnerability . " This is t

New Phishing attack targets Italian Postal and Financial service again

New Phishing attack targets Italian Postal and Financial service again
Oct 21, 2013
A phishing attack is a complex combination of technology and psychology. There are numerous ways in which people are being made fools and they can be conned by hitting on unsecured website links. Sophos experts detected this week an intriguing case of phishing against the Italian postal service Poste Italiane , the scheme attracted the researcher's attention due the reuse of an old social engineering trick. The brand Poste Italiane includes postal, Financial and payment services in its product portfolio and was considered top brand victims by recent F-Secure Threat report. The number of attacks against Poste Italiane is remarkable, the purpose is always to induce its customers into unwittingly submitting their credentials to fake login sites. In the recent attack criminals sent the classic email containing an HTML attachment which the recipient is enticed into opening. " To activate the "Security web Postepay " you need to : - Downlo

Importance of Logs and Log Management for IT Security

Importance of Logs and Log Management for IT Security
Oct 02, 2013
IT Security is the name of the game and no matter how big or small the size of your organization, you will always invest enough on securing certain aspects of your IT network. In many organizations, it starts with monitoring your network for vulnerabilities that may enter the network to access potentially sensitive information in the form of security attacks . For example, you may have firewalls as your first line of defense, followed by vulnerability management, intrusion detection and prevention systems, managing your network configurations and so on.  These are crucial because: Your routers can be easily breached without proper configuration and restrictions.  If a firewall isn't configured correctly, a hacker can easily spot a port that is accidentally left open and can gain access to the network.  Rogue access points, botnet malware and social engineering can make your wireless a porthole into your LAN. Why Logs? The very purpose of IT security is to be

Russian Hacker put up an Android Firefox Zero-Day Exploit for Sale

Russian Hacker put up an Android Firefox Zero-Day Exploit for Sale
Sep 13, 2013
A Russian Exploit writer and underground Hacker who goes by the handle " fil9 " put up an Android Firefox Zero-Day Exploit for Sale in an open Exploit Market. Author claims a Zero Day vulnerability in Firefox for Android, which works on Firefox versions 23/24/26 (Nightly). The advertisement was spotted by Joshua, Malware Intelligence Analyst at Malwarebytes. Hacker Selling exploit with a starting price of $460 only. According to the proof of concept video uploaded by the Hacker, the exploit forces the mobile Firefox browser to download and execute a malicious app, on just visiting a malicious link only. What's worrisome is that many major websites are compromised frequently and a large number of visitors of those hacked sites can fall victim to this attack. " The biggest problem in this situation is that Firefox automatically executes certain known files once they're downloaded, and doesn't give users an option to disable this. Without some sort of

UK banks hit by Ramnit banking malware and social engineering attacks

UK banks hit by Ramnit banking malware and social engineering attacks
May 01, 2013
A dangerous variant of the Ramnit malware has been discovered targeting the UK's financial sector. Trusteer claims to have discovered an interesting trojan based attack technique that injects highly convincing and interactive real-time messages into the user Web stream that they encounter when logging into a UK online banking session. The Ramnit worm was discovered in 2010, but in 2011 researchers spotted a new strain that had incorporated source code from the notorious Zeus banking trojan. Cyber criminals are stepping up their use of social engineering techniques to bypass increasingly security-aware users of online banking and e-commerce sites.   The malware reportedly avoids detection by going into an idle sleep mode until its intended victim logs into their online bank account, at which point it activates and presents them with a fraudulent phishing message. Ramnit circumvented the OTP feature at the target bank using a 'Man in the Browser' attack to in

Social Engineering Skype Support team to hack any account instantly

Social Engineering Skype Support team to hack any account instantly
Apr 10, 2013
You can install the industry's strongest and most expensive firewall. You can educate employees about basic security procedures and the importance of choosing strong passwords. You can even lock-down the server room, but how do you protect a company from the threat of social engineering attacks? For any of you that are involved in security awareness efforts, you know what I am talking about. It could happen tomorrow, it could happen today or it might already have happened. In a recent disclosure  posted by renowned hacker and developer  DarkCoderSc (Jean-Pierre LESUEUR) explained that how one can easily Socially Engineer Microsoft Skype Support team to get access to any skype account. From a social engineering perspective, employees are the weak link in the chain of security measures in place. He simply used the weakness of Skype password recovery system itself. One simply need to request a new password to Skype support and asking to change the password. After  

Zendesk security breach, "We've been hacked"

Zendesk security breach, "We've been hacked"
Feb 22, 2013
Customer service software provider Zendesk announced a security breach, that affected three major Zendesk clients i.e Tumblr, Pinterest and Twitter and allowed hackers into their systems. The hacks come just days after Apple , Twitter and Facebook revealed that their employees computers fell victim to unauthorized access. The company believes the hacker downloaded the email addresses of Tumblr, Twitter, and Pinterest customers who attempted to get support from the companies.  Stolen information might be exploited via social-engineering attacks. " Our ongoing investigation indicates that the hacker had access to the support information that three of our customers store on our system. We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately and are working with them to assist in their response. " Zendesk discov

Android Malware that can DDoS Attacks from your smartphone

Android Malware that can DDoS Attacks from your smartphone
Dec 28, 2012
The Russian anti-virus vendor Doctor Web has found a new malicious program for Android which allows hacker groups to carry out mobile denial of service attacks. While it's not entirely clear how the Trojan is spread, researchers suspect that the attackers use social engineering tactics since the malware appears to disguise itself as a Google Play clone. This malware works in the background without your knowledge. Once it is activated it searches for its command and control center and sends out information regarding your device there. One piece of information that will be sent is your phone number. The criminals will be using this number to send text messages to your phone to control the malware. Dubbed TheAndroid.DDoS.1.origin, creates an application icon, similar to that of Google Play. If the user decides to use the fake icon to access Google Play, the application will be launched. When it receives a DDoS attack command, the malware starts to send data packets to the sp

Cyber Criminals phishing with smart subdomains to earn millions

Cyber Criminals phishing with smart subdomains to earn millions
Dec 06, 2012
Like many other security issues that now affect computer users, there is a growing threat known as phishing". Phishing attacks are perpetrated by criminals who send deceptive emails in order to lure someone into visiting a fraudulent web site or downloading malicious software, expressly for stealing sensitive information such as credit card numbers, account information, passwords, etc. Cyber criminals continue to evolve and refine their attack tactics to evade detection and use techniques that work. Spear phishing emails are on the rise because they work. We have notice many times that Spear Phishing Attacks are really Successful in order to compromise Enterprise Networks and Stealing Data. From last one month I was getting mails from an unknown spoofed email id regrading a paypal warning with subject " Your account has been limited until we hear from you ! " Guess what, even I am not using that email for my Paypal account, from here I just judge that it's

Airline, Myspace, Banks, Government websites vulnerable to Hackers

Airline, Myspace, Banks, Government websites vulnerable to Hackers
Nov 04, 2012
Cross Site Scripting (XSS) is currently the most common vulnerability in the world. This is vulnerability of some host which allows anyone to inject code/scripts into the page. The injected scripts could be html tags, javascript script, vbscript scripts. A Hacker with virtual name ' Human mind cracker ' expose similar v ulnerabilities in some big and Important sites, like  Israel airline, Myspace, MTV website, Sweden government, Bangladesh bank, Nasa subdomain, Brown University, Afghanistan government website and Rome government website. In a pastebin note , hacker disclose the vulnerabilities and exact working links. These Cross Site Scripting existence is because of the lack of filtering engines to user inputs at websites, forms and web servers. Most of the time readers thinks that XSS is a very minor bug and having very less impact. But if implemented in a better way, that can harm all the visitors who will visit infected site. One of the biggest risk h

Hacker leaks source code of NASA website belongs to US Government computer

Hacker leaks source code of NASA website belongs to US Government computer
Oct 26, 2012
A Hacker going by name - " LegitHacker97 " claiming that he successfully access a NASA subdomain website , that actually belongs to a US Government computer, as mentioned on homepage. ***** WARNING ***** This is a US Government computer Hacker also dump a  82.51 MB (compressed or 337 MB uncompressed) Archive five days ago on internet, includes the complete source code of the website (in ASP). After watching the pastebin note , we tried to contact the hacker for collecting more information about the hack. Hacker describe The Hacker News via mail that," This was hacked by a major LFI vulnerability which allowed me to upload my own shell (backdoor to the site) and I took advantage of it by downloading all off the website ! ". He add ," But now vulnerability is fixed ". I download the dump from the link posetd by hacker in pastebin note and tried to match the files with NASA website and subdomains, and found that these file actually belo

Advance Phishing Attacks using HTML5 Fullscreen API

Advance Phishing Attacks using HTML5 Fullscreen API
Oct 12, 2012
Do your ever use YouTube Instant Search engine (a really fast way to search YouTube) ? That was developed by a 21 years old developer name - Feross Aboukhadijeh in 2012. Chad Hurley, CEO and co-founder of YouTube, was so impressed that he immediately offered him a job at YouTube. He a web developer, designer, computer security researcher. Recently he has developed an attack concept that exploits the fullscreen application programming interface in HTML5 in order to carry out advance phishing attacks. The HTML5 "Fullscreen API" allow web developers to display web contents in full-screen mode, that is, filling-up the display screen completely. Fullscreen API is perhaps known for its spoofing potential, leading to major browser vendors canvassing for the implementation of an overlay to notify users when full-screen is activated. Feross demonstrated how the Fullscreen API can aid phishing attack portals appear rather innocuous to the end users, by utilizing the A
Cybersecurity Resources