The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Russian cyber security and antivirus vendor Kaspersky Lab has made available the much awaited KasperskyOS , a secure-by-design operating system based on Microkernel architecture which is specially designed for network devices, industrial control systems and the Internet of Things. The operating system is not made for your average home PC; instead, it is meant to protect industrial systems and embedded devices from cyber attacks by preventing any third-party or malicious code from executing. Kaspersky Lab CEO Eugene Kaspersky confirmed the rumors of a new operating system on his official blog published on Monday, saying this project under the codename 11-11 has been in the works for 14 years and has been designed from scratch. The reason behind developing KasperskyOS is simple: Growing Internet-of-Things and embedded devices in industrial control systems (ICS) to power critical infrastructure. It's quite easy for most companies to get rid of the virus-infected computer, ...

Ukraine has once again been a target of a potential hacking attack that infected computer systems from dozens of Ukrainian businesses with highly sophisticated malware, allowing hackers to exfiltrate sensitive data and eavesdrop on their network. Late last year, the country also suffered a power outage caused by the same group of hackers that targeted Ukraine's power grid with the BlackEnergy malware in late 2015, causing 225,000 residents to lose electricity. Now security researchers from threat intelligence firm CyberX have uncovered an advanced malware-based operation that has already siphoned over 600 gigabytes of data from about 70 victim organizations, including critical infrastructure, news media, and scientific research. Operation BugDrop: Damages and Modus Operandi Dubbed " Operation BugDrop ," the large-scale malware campaign has been perpetrated against targets in the Ukraine, though targets from other countries include Russia, Saudi Arabia, and Austr...

During the 2016 presidential election campaign, we reported about how insecure was the mail servers operated by the Trump organization that anyone with little knowledge of computers can expose almost everything about Trump and his campaign. Now, some unknown hackers calling themselves "Pro_Mast3r" managed to deface an official website associated with President Donald Trump's presidential campaign fundraising on Sunday. The hacker, claiming to be from Iraq, reportedly defaced the server, secure2.donaldjtrump.com, which is behind CloudFlare's content management system and security platform. The server appears to be an official Trump campaign server, reported Ars, as the certificate of the server is legitimate, " but a reference to an image on another site is insecure, prompting a warning on Chrome and Firefox that the connection is not secure. " The defaced website displayed an image of a black hat man and included a text message, which reads: Ha...

Are you a programmer? If yes, then you would know the actual pain of... "forgetting a semicolon," the hide and seek champion since 1958. Typos annoy everyone. Remember how a hacker's typo stopped the biggest bank heist in the history, saved $1 billion of Bangladesh bank from getting stolen. But this time a typo in the Zerocoin source code costs the company more than $585,000 in losses. Zerocoin cryptocurrency protocol is designed to add true cryptographic anonymity to Zcoin transactions that take full advantage of "Zero-Knowledge proofs" to ensure the complete financial privacy of users. Zcoin announced Friday that " a typographical error on a single additional character " in the Zerocoin source code helped an attacker to steal 370,000 Zerocoin, which is over $585,000 at today's price. "We estimate the attacker has created about 370,000 Zcoins which has been almost completely sold except for about 20,000+ Zcoin and absorbed on...

Microsoft is once again facing embarrassment for not patching a vulnerability on time. Yes, Google's Project Zero team has once again publicly disclosed a vulnerability  ( with POC exploit ) affecting Microsoft's Windows operating systems ranging from Windows Vista Service Pack 2 to the latest Windows 10 that had yet to be patched. A few months back, the search engine giant disclosed a critical Windows vulnerability to the public just ten days after revealing the flaw to Microsoft. However, this time Google revealed the vulnerability in Windows to the public after Microsoft failed to patch it within the 90-day window given by the company. Google's Project Zero member Mateusz Jurczyk responsibly reported a vulnerability in Windows' Graphics Device Interface (GDI) library to Microsoft Security Team on the 9th of June last year. The vulnerability affects any program that uses this library, and if exploited, could potentially allow hackers to steal informatio...

A group of highly sophisticated state-sponsored hackers is spying on the Israeli military by hacking into the personal Android phones of individual soldiers to monitor their activities and steal data. A newly released research by Lookout and Kaspersky suggests that more than 100 Israeli servicemen from the Israeli Defense Force (IDF) are believed to have been targeted with spyware. Dubbed ViperRAT , the malware has specifically been designed to hijack Israeli soldiers' Android-based smartphones and remotely exfiltrate data of high value, including photos and audio recordings, directly from the compromised devices. Modus Operandi Identified According to the security firms, IDF personnel had been compromised by social engineering techniques — where the soldiers were lured via Facebook Messenger and other social networks into entering communications with hackers who posed as attractive women from various countries like Canada, Germany, and Switzerland. The soldiers wer...

Ransomware has been around for a few years, but in last two years, it has become an albatross around everyone's neck, targeting businesses, hospitals , financial institutions and personal computers worldwide and extorting millions of dollars. Ransomware is a type of malware that infects computers and encrypts their content with strong encryption algorithms, and then demands a ransom to decrypt that data. It turned out to be a noxious game of Hackers to get paid effortlessly . Initially, ransomware used to target regular internet users, but in past few months, we have already seen the threat targeting enterprises, educational facilities , and hospitals, hotels , and other businesses. And now, the threat has gone Worse! This PoC Ransomware Could Poison Water Supply! Researchers at the Georgia Institute of Technology (GIT) have demonstrated the capability of ransomware to take down the critical infrastructure our cities need to operate, causing havoc among people. ...

Security researchers have discovered a chip flaw that could nullify hacking protections for millions of devices regardless of their operating system or application running on them, and the worse — the flaw can not be entirely fixed with any mere software update. The vulnerability resides in the way the memory management unit (MMU), a component of many CPUs, works and leads to bypass the Address Space Layout Randomization (ASLR) protection. ASLR is a crucial security defense deployed by all modern operating systems from Windows and Linux to macOS, Android, and the BSDs. In general, ASLR is a memory protection mechanism which randomizes the location where programs run in a device's memory. This, in turn, makes it difficult for attackers to execute malicious payloads in specific spots in memory when exploiting buffer overflows or similar bugs. In short, for attackers, it's like an attempt to burglarize a house blindfolded. But now a group of researchers, known as VUSe...

Has Yahoo rebuilt your trust again? If yes, then you need to think once again, as the company is warning its users of another hack. Last year, Yahoo admitted two of the largest data breaches on record. One of which that took place in 2013 disclosed personal details associated with more than 1 Billion Yahoo user accounts . Well, it's happened yet again. Yahoo sent out another round of notifications to its users on Wednesday, warning that their accounts may have been compromised as recently as last year after an ongoing investigation turned up evidence that hackers used forged cookies to log accounts without passwords. The company quietly revealed the data breach in security update in December 2016, but the news was largely overlooked, as the statement from Yahoo provided information on a separate data breach that occurred in August 2013 involving more than 1 billion accounts. The warning message sent Wednesday to some Yahoo users read: "Based on the ongoing i...

Security researchers have discovered a new Mac malware allegedly developed by APT28 Russian cyber espionage group who is believed to be responsible for 2016 presidential election hacking scandal. A new variant of the X-Agent spyware is now targeting Apple macOS system that has previously been used in cyber attacks against Windows, iOS, Android, and Linux devices. The malware is designed to steal web browser passwords, take screenshots of the display, detect system configurations, execute files and exfiltrate iPhone backups stored on the computer. The X-Agent malware is tied to Russian hacking group known as APT28 — also known as Fancy Bear, Sofacy, Sednit, and Pawn Storm — that has been operating since at least 2007 and is allegedly linked to the Russian government. "Our past analysis of samples known to be linked to APT28 group shows a number of similarities between the Sofacy/APT28/Sednit Xagent component for Windows/Linux and the Mac OS binary that currently forms...