The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Thousands of Social Security numbers have been stolen from the computers of a New York state agency. The Social Security Administration in New York City reports that a subcontractor, who was working for the Office of Temporary Disability Assistance on computer infrastructure upgrades, illegally downloaded approximately 15,000 Social Security numbers. These numbers were taken from computers belonging to private contractors working for the agency, which is responsible for deciding Social Security disability claims. The commissioner of Social Security, Michael Astrue, confirmed that the accused worker has been arrested and is now in the custody of the New York State Police. According to Astrue, the unauthorized download of information occurred in a limited number of cases. However, investigations are ongoing, and the full extent of the damage is still unknown. Individuals whose information was compromised will be notified. They will also be offered free credit monitoring and a special ...

The Australian police have arrested a 33-year-old man accused of hacking into nearly 100 online accounts. The Australian Federal Police’s high-tech crime unit has been monitoring the suspect since last September. This surveillance began when a local telecom company alerted the authorities to suspicious activity within its network. The man allegedly hacked into private and business Internet accounts, downloading data and engaging in other fraudulent activities. The suspect was arrested yesterday, and police confiscated his computer equipment. He now faces charges related to computer intrusion, including unauthorized access, modification, or impairment with intent to commit a serious offense. Neil Gaughan, the national manager of high-tech crime operations and assistant commissioner, stated that this arrest serves as a reminder for people to protect their online safety. "Anyone can be targeted by criminals online; it’s important to be aware of the risks and take appropriate act...

The police have changed their approach to a phone hacking incident that could affect Andy Coulson. Coulson, the media adviser for the Prime Minister, was previously an editor for the News of the World. The police have taken steps to halt the flow of information that could implicate high-ranking journalists at the News of the World. Changes in policy might have significant implications for Andy Coulson. The police have announced they will no longer provide public figures with information about phone hacking. This decision relates to data, computer records, and tapes seized from Glenn Mulcaire, a private detective. It is suspected that the data implicates senior journalists in a phone hacking incident. Allegedly, these journalists instructed Mulcaire to investigate well-known individuals, including politicians and sports stars. Police recently admitted they did not fully investigate the data during their initial inquiry. The police have stated they will not continue investigating ...

In 2006, Li Jun, a Chinese man, was jailed for creating the ‘Fujacks’ worm. Recently, he appears to be attempting to rehabilitate his public image by making a donation to a panda research center in China. Li Jun was arrested in February 2007 and charged with writing and selling the "Panda Burning Joss Sticks" worm for approximately $13,000. Interestingly, Chinese police later convinced him to create a tool to repair the damage caused by the worm to infected users. The worm earned its nickname because it replaced file icons on infected PCs with the image of a stylized panda bear holding three joss sticks. Now, having been released from prison, Li Jun has reportedly donated 50,000 yuan ($7,500) to the Chengdu Research Giant Panda Breeding Center to support the care of a bear cub born there five months ago. China has a deep fascination with pandas, making this gesture a potential PR move. However, his team seemed to overextend this theme by claiming to the Xinhua news agen...

A lot of people are gawking at Gawker Media this morning, though not for reasons that will bring much cheer to its founder, Nick Denton. Gawker, the parent company of popular blogs like Gizmodo, Lifehacker, Jezebel, and ValleyWag, has suffered a significant breach. A hacker group known as Gnosis has taken over the site. Gnosis accessed Gawker's source code and posted it on torrent sites. They also hacked into Gawker's content management system, posting a fake story on the home page linking to the source code torrents. Additionally, the group infiltrated the site's database, gaining access to the email addresses and passwords of Gawker's staff and over 1 million registered readers. These details have also been released on torrent sites, available for free download. Why is Gnosis targeting Gawker? They believe Gawker was picking on 4chan, a group known for creating the vigilante group Anonymous and various internet memes like lolcats and Rickrolling. Gnosis hacked Gawke...

When Ben Franklin famously wrote, “An ounce of prevention is worth a pound of cure,” he wasn't thinking about cybercrime. Yet, in today's world of phishing, shoulder-surfing, and spyware, his advice is more relevant than ever. Unfortunately, some people will take advantage of any opportunity to rip you off. Just as you take precautions when handling cash, you should be vigilant when using credit or debit cards, whether in person or online. Tips for Protecting Your Account Information and Avoiding Payment Card Scams Prevent Online Intrusions Use updated anti-virus and anti-spyware software. Only download information from trusted sites, and don’t click on pop-up windows or suspicious links in emails. These can be tricks to install spyware, which can record your keystrokes to steal account or other confidential information. Use Secure Websites When purchasing items online, look for safety symbols like the padlock icon in the browser’s status bar, an “s” after “http” in the U...

India has mandated that all government ministries and departments secure their websites with proper certification. This directive follows the hacking of the Central Bureau of Investigation (CBI) website by a group calling themselves the "Pakistani Cyber Army." The National Informatics Centre has been instructed to host websites only after these ministries and departments provide security certification and comply with government guidelines, according to India's Press Information Bureau (PIB). The CBI website was defaced by hackers over a week ago. The attackers claimed their actions were in retaliation for similar hacks on Pakistani websites. A CBI spokeswoman stated that the site would undergo a thorough security audit and fix all vulnerabilities before being restored. Importantly, the agency's internal IT systems remained uncompromised. As of Wednesday morning, the CBI site had not yet been restored. India's Minister of State for Communications and IT, Sachin...

"Operation Payback" is evolving, as attackers have initiated a fax-based campaign against companies that severed ties with WikiLeaks. Hacktivists from the group "Anonymous" are urging members to send faxes to Amazon, MasterCard, PayPal, Visa, Tableau Software, and Moneybookers. This action aims to create a fax-based version of denial-of-service attacks, according to Netcraft. Over the past few days, the group has launched distributed-denial-of-service (DDoS) attacks against websites of several companies and organizations, including MasterCard and Visa. Paul Mutton from Netcraft blogged, "This latest campaign by the Anonymous group is analogous to the distributed denial of service attacks it has been carrying out against websites over the past week. In essence, this has turned into a DDoS attack against fax machines. The group started the fax-attacks on Dec. 13 at 13:00 GMT and published a list of target fax numbers in their call to arms." "The Anon...

In New York on Sunday, lawmakers urged President Obama to expand the U.S. State Department’s foreign policy mechanisms to address crime and security on the Internet. They cited recent attacks on companies severing ties with WikiLeaks as a main reason for these changes. At Symantec's New York City office, Senator Kirsten Gillibrand and Representative Yvette D. Clarke urged the President to adopt proposals to protect New York businesses and infrastructure. These proposals would put foreign countries that fail to enforce cybersecurity laws on notice and even apply sanctions to those that do not cooperate. For the past week, MasterCard, Visa, PayPal, and other American companies faced coordinated attacks after cutting ties with WikiLeaks. The lawmakers explained during a press event that the global cyber assault was "intended to flood the companies' websites with traffic," blocking access and leaving them unavailable to customers. In addition to these attacks, State De...

The United States could soon face a significant shortage of computer science professionals unless it starts graduating more students in this field. At a time when computer hacking and security are critical issues for both the government and the private sector, the U.S. is producing only 9,000 computer science graduates annually. Among them, only 700 specialize in computer and information systems security. This number is far from sufficient, especially when considering that a single defense contractor, Booz Allen Hamilton, alone needs 1,000 computer security specialists. Meanwhile, the military is dealing with the rapid rise of cyber warfare. It is becoming increasingly clear that while a traditional military attack on the United States is unlikely, the nation's economic system could be vulnerable to a cyber attack. Conversely, the U.S. can leverage its cyber capabilities to attack other countries. For instance, in September, Iran's nuclear program was disrupted by a computer...

A Dutch hacker collective called Revspace aims to "re-educate" Dutch teens suspected of cyberattacks against Mastercard, Visa, and the Dutch National Prosecutors Office, transforming them into "ethical hackers." Last week, Dutch police arrested a 16-year-old boy for participating in web attacks against MasterCard and Visa as part of a grassroots effort to support WikiLeaks. On Saturday, another teenager was arrested in Hoogezand-Sappemeer for admitting to flooding the website of the Dutch prosecutor. The 19-year-old, known online as Awinee, reportedly encouraged others to join the attack. The teen was released today. Martijn Gonlag, who admitted to using the tool, claimed he only wanted to test software and did not support Wikileaks. Both arrests were straightforward because the teenagers used LOIC (Low Orbit Ion Cannon), a tool that lacks security features like anonymization. The attackers' IP addresses were visible in all packets sent during the attacks, as...

The emergence of cyber-crime, which transcends man-made boundaries, has underscored the urgent need for global cooperation among law enforcement agencies to prevent and solve these crimes, according to a senior Dubai Police official. At the Third International Conference on Interpol for the Middle East and North Africa, Major General Khamis Mattar Al Mazeina, Dubai Police Deputy Commander-in-Chief, highlighted the importance of international cooperation. He cited an example where such cooperation enabled Dubai to arrest a child molester accused of crimes in a European country while the perpetrator was in the UAE. Dubai Police have made significant progress in combating cyber-crime, particularly after establishing a dedicated department to address high-tech crimes emerging alongside rapid technological growth. Speaking at the conference held at the Dubai Police Academy, Al Mazeina emphasized Interpol's interest in leveraging global police resources, given the far-reaching impact o...