The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

German police are seeking your help in gathering information related to a MAC address that could lead to the cell phone device used by a DHL blackmailer who last year parceled out bombs at different addresses in Brandenburg and Berlin. Between November 2017 and April 2018, someone used German parcel delivery service DHL to sent out several so-called improvised explosive devices (IEDs) in packets, demanding €10 million worth of bitcoins from the parcel service. In one event, a parcel containing nails, screws, and fireworks explosive powder was received by a pharmacy adjacent to the German Christmas market during 2017 Christmas, which eventually caused the evacuation of the market. German police later discovered a message inside that package in which the blackmailer threatened to send more parcels in the pre-Christmas season unless DHL made a 10 million euro payment in Bitcoin. During the investigation, the German police successfully communicated with the alleged blackmailer m...

It should come as no surprise that cybersecurity is one of the most important and lucrative fields in the world right now, and it's becoming more important every day—thanks to a growing number of cyber attacks that are targeting everything from individuals and startups to Fortune 500 companies and entire government agencies. So it should also come as no surprise that demand for talented and trained cybersecurity professionals who know how to thwart and retaliate against these attacks is skyrocketing. The 2018 Supercharged Cybersecurity Bundle offers a massive trove of resources that will give you the skills you need to join the fight against cybercriminals of all backgrounds, and the entire bundle is available for 95% off at just $29.99. With 10 most popular cyber security books (listed below), spanning 12 hours of in-depth instruction, this bundle walks you through everything from the more theoretical and abstract elements of cybersecurity to its most essential tools and platfo...

Google has removed 85 apps from its Play Store after finding out that they were pushing aggressive, full-screen adware to Android users. With the rise in the mobile market, Adware has become one of the most prevalent mobile threats in the world. Adware has traditionally been used to aggressively push ads like banners or pop-ups on mobile screens to make money for its makers. The now-removed 85 apps in question disguised as games, streaming TV, and remote control simulator apps in the Google Play store and had collectively been installed by nine million users all over the world. Researchers from cyber security company Trend Micro spotted these apps which has the ability to bombard user devices with full-screen advertisements at regular intervals or when users unlock their device by monitoring their screen unlocking functionality. The apps can display ads even when you are not browsing the internet, hide themselves and run in the background on infected devices. The most popul...

Microsoft has issued its first Patch Tuesday for this year to address 49 CVE-listed security vulnerabilities in its Windows operating systems and other products, 7 of which are rated critical, 40 important and 2 moderate in severity. Just one of the security vulnerabilities patched by the tech giant this month has been reported as being publicly known at the time of release, and none are being actively exploited in the wild. All the seven critical-rated vulnerabilities lead to remote code execution and primarily impact various versions of Windows 10 and Server editions. Two of the 7 critical flaws affect Microsoft's Hyper-V host OS that fails to properly validate input from an authenticated user on a guest operating system, three affect the ChakraCore scripting engine that fails to properly handle objects in memory in Edge, one affects Edge directly that occurs when the browser improperly handles objects in memory, and one impacts the Windows DHCP client that fails to pro...

German federal police have arrested a 20-year-old local student for stealing and publishing a massive trove of personal data of hundreds of politicians , journalists and other public figures last month. The young man, whose identity has not been revealed by the police, was arrested after police raided his parent's house in west-central German State of Hesse on Sunday and recovered a computer that the suspect tried to destroy 2 days before the search and a data backup. The suspect, who believed to have acted alone, has admitted of carrying out the mass hacking of German politicians out of anger at their political statements, BKA Federal Criminal Police revealed. "The accused was interrogated on 07.01.2019 by the senior prosecutor and officials of the Federal Criminal Police Office. He comprehensively acknowledged the allegations against him and provided information on his own offenses," the BKA said in a press release . "Due to a lack of grounds for detentio...

Well, there's some good news for hackers and vulnerability hunters, though terrible news for tech manufacturers! Exploit vendor Zerodium is now willing to offer significantly higher payouts for full, working zero-day exploits that allow stealing of data from WhatsApp, iMessage and other online chat applications. Zerodium—a startup by the infamous French-based company Vupen that buys and sells zero-day exploits to government agencies around the world—said it would now pay up to $2 million for remote iOS jailbreaks and $1 million for exploits that target secure messaging apps. Get $2 Million for Remotely Jailbreaking An iPhone Previously, Zerodium was offering $1.5 million for persistent iOS jailbreaks that can be executed remotely without any user interaction (zero-click)—but now the company has increased that amount to $2 million. The company is now offering $1.5 million for a remote iOS jailbreak that requires minimal user interaction (i.e., single-click)—the amount h...

Popular cryptocurrency exchange Coinbase has suspended all transactions of Ethereum Classic (ETC)—the original unforked version of the Ethereum network—on their trading platforms, other products and services after detecting a potential attack on the cryptocurrency network that let someone spend the same digital coins twice. Why is this attack concerning? The heist resulted in the loss of $1.1 million worth of the Ethereum Classic digital currency. The digital currency immediately fell in price after the news came out. Coinbase revealed Monday that it identified "a deep chain reorganization" of the Ethereum Classic blockchain (or 51 percent attack of the network), which means that someone controlling the majority of miners on the network (over 50%) had modified the transaction history. After reorganizing the Ethereum blockchain, the attackers were able to what's called "double spend" about 219,500 ETC by recovering previously spent coins from the rightfu...

The United States' National Security Agency (NSA) is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by WikiLeaks in CIA Vault 7 leaks, but the tool once again came to light after Senior NSA Adviser Robert Joyce announced to publicly release the tool for free in his RSA Conference session description. Reverse engineering tool is a disassembler, for example, IDA-Pro, that help researchers identify certain portions of a program to see how they work by reading information like its processor instructions, instruction lengths, and more. GHIDRA is a Java-based reverse engineering framework that features a graphical user interface (GUI) and has been designed to run on a variety of platforms including Windows, macOS, and Linux operating systems, and also supports a variety of processor ...

A massive data breach at the popular online role-playing game 'Town of Salem' has reportedly impacted more than 7.6 million players, the game owner BlankMediaGames (BMG) confirmed Wednesday on its online forum. With the user base of more than 8 million players, Town of Salem is a browser-based game that enables gamers (which range from 7 to 15 users) to play a version of the famous secret role game Town, Mafia, or Neutrals. The data breach was first discovered and disclosed on December 28 when a copy of the compromised Town of Salem database was anonymously sent to DeHashed, a hacked database search engine. Over 7.6 Million Users Accounts Compromised The database included evidence of the server compromise and access to the complete gamer database which contained 7,633,234 unique email addresses (most-represented of the email providers being Gmail, Hotmail, and Yahoo.com). After analyzing the complete database, DeHashed disclosed that the compromised data contained...

Germany has been hit with the biggest hack in its history. A group of unknown hackers has leaked highly-sensitive personal data from more than 100 German politicians, including German Chancellor Angela Merkel, Brandenburg's prime minister Dietmar Woidke, along with some German artists, journalists, and YouTube celebrities. The leaked data that was published on a Twitter account ( @_0rbit ) and dated back to before October 2018 includes phone numbers, email addresses, private chats, bills, credit card information and photos of victims' IDs. Although it is yet unclear who perpetrated this mass hack and how they managed to perform it, the leaked data appears to be collected unauthorizedly by hacking into their smartphones. The hack targeted all of Germany's political parties currently represented in the federal parliament, including the CDU, CSU, SPD, FDP, Left party (Die Linke) and Greens, except for the far-right Alternative for Germany (AfD). While Justice Minister...