The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

OTTAWA Federal security agencies are working to deal with cyber threats, Prime Minister Stephen Harper said Thursday. He wouldn't speak directly to what the government calls an "unauthorized attempt" to access computer networks at the Treasury Board. The attack left civil servants in key departments without Internet access. Jay Denney, a spokesperson for Treasury Board president Stockwell Day, said security officials have taken action against the threat in line with the government's security policy. "There are no indications that any data relating to Canadians was compromised by this unauthorized attempt," said Denney. Details of the federal budget, expected to be delivered next month, are also apparently still secret.

After observing an increase in the number of phishing attacks and several other cyber crimes, the cyber police have intensified patrolling of the social networking sites. Police, with the help of IT experts, will keep a check on any hate posts or groups created in cyberspace. The action reportedly came after the recent incident where Dr Babasaheb Ambedkar's picture was defaced and it lead to riots in the Khar on Tuesday. Websites are patrolled round the clock to check for any objectionable content. Pages or groups that harm the sensitivities of people could be removed or the website could be brought down to avoid any incidents that could affect the law and order situation. All such hate postings will be forwarded to the India Computer Emergency Response Team (ICERT), a government body working under the ministry of information technology. The ICERT will then take up the matter to its logical conclusion by sending communication to these networking sites, asking them to block or remove t...

Operation Bahrain ( #opbahrain ) - Anonymous Press Release ! Dear Free-Thinking Citizens of THE WORLD,  The Bahrainian government has shown by its actions that it intends to  brutally enforce its reign of injustice by limiting free speech and  access to truthful information to its citizens and the rest of the  world. It is time to call for an end to this oppressive regime. The most  basic human right is the transparency of one's government, and  Bahrain's is no exception. By interfering with the freedom to hold peaceful protests, the Bahrainian  government has made itself a clear enemy of its own citizens and of  Anonymous. The actions of this regime will not be forgotten, nor will  they be forgiven.   When people are faced with such injustices, Anonymous hears those cries, and  we will assist in bringing to justice those who commit criminal acts  against the innocent. We will not remain silent and let these crimes...

A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real news outlets: CNN, BBC, CNBC, or regional media. They publish fake stories that feature public figures, central banks, or financial brands, all claiming to back new ways to earn passive income. The goal? Build trust quickly and steer readers toward professional-looking scam platforms like Trap10, Solara Vynex, or Eclipse Earn. Scammers use sponsored ads on Google, Meta, and blog networks to push traffic to these sites. Ads often carry clickbait headlines—"You won't believe what a prominent public figure just revealed"—paired with official photos or national flags to make them feel legit. Clicking the ad directs users to a fake article, which then redirects them to a fraudulent trading platform. Many of these scams follow a...

Foreign hackers successfully penetrated the computer systems of the Canadian federal government. Last month was the first sign that the system had been compromised. The attacks, said to have come from China, hit both the Finance Department and the Treasury Board. Although no statements have been made aside from the government saying that there was an "attempt to access", the CBC's sources confirm that the hackers were able to remotely control computers in the offices of senior government executives, hoping to unlock entire government data systems. After realizing what had happened, government security officials immediately brought both departments offline. We haven't been informed whether anything was taken but CBC mentioned that its "Highly placed sources" told them that the  "cyberattacks were traced back to computer servers in China" but, really a hacker could likely make it appear to come from any server around the world. We're looking into this and we'll update if and when we...

THE BBC'S MUSIC WEBSITES have been hacked to stream malware using drive-by downloads for anyone browsing the infected webpages. Hackers set the drive-by malware up at the BBC's 6 Music website and the BBC 1Xtra radio station website. Researchers at the insecurity outfit Websense found the exploits and put its report up on its security labs blog. "The BBC - 6 Music Web site has been injected with a malicious iframe, as have areas of the BBC 1Xtra radio station Web site," an anonymous Websense insecurity researcher wrote. Websense claims the injected iframe is at the bottom of the BBC 6 Music webpage and has been set up to automatically download some dodgy code from a .cc website. Apparently the hack is exactly the same on the BBC's 1Xtra website. "If an unprotected user browsed to the site they would be faced with drive-by downloads, meaning that simply browsing to the page is enough to get infected with a malicious executable," Websense continued. ...

Late last year, activists attacked websites belonging to companies that refused to do business with WikiLeaks, an online group that has disclosed classified U.S. government documents. When the activists, who called themselves Anonymous, found out they were being investigated by the Internet security company HBGary Federal, the group hacked the company's servers and stole thousands of private e-mails. And then it dumped them onto the Internet. It was an embarrassment for the security company to get hacked — but the content of some of those e-mails is raising concerns. 'Brazen' E-mails HBGary Federal was trying to use social networks to unmask the members of Anonymous, so Anonymous struck back. One man, who calls himself Owen, says his Anonymous colleagues broke into the company's servers. Hackers have a name for what they did. "They decided to just rape his servers and take all the information they wanted," he says. "Forgive that term ... 'R...

Cyber Crime has now reached to hacking information from the mobile phones. The 3G technology recently launched by the mobile service providers is in much rage nowadays. The 3G technology allows a user to access internet on a good quality network on the cellphone. As such hackers will now target the 3G users for accessing their personal information and this in turn will result into increased cyber-crime", said Sunny Vaghela, the cyber-crime expert while talking to TOI. When questioned is there any solution to this new problem, Vaghela mentioned that as of now there exists no solution to prevent hacking from taking place from a mobile phone but he added that certain steps can be taken to minimise the cases of hacking. "Never reply to the e-mails that offer lottery prize money. Always keep your anti-virus updated and do not download pictures of celebrities from mails sent by anonymous sender. Also avoid downloading songs from Pakistani wesbites. All these steps if taken can ...

A computer security firm working to expose members of hacker group "Anonymous" pulled out of a premier industry conference here due to threats of real-world attacks on its employees. HBGary personnel have been peppered with threatening messages since Anonymous hackers looted data from its computer systems earlier this month, according to a message on the California firm's website Wednesday. "In addition to the data theft, HBGary individuals have received numerous threats of violence, including threats at our tradeshow booth," the company said. "In an effort to protect our employees, customers and the RSA Conference community, HBGary has decided to remove our booth and cancel all talks." Cyber security specialists and national security officials are in San Francisco this week to share insights on topics ranging from guarding "smart" power grids to blocking attacks on smartphones and computer tablets. Anonymous, the hacker group behind online ...

It has really got to hurt when you run a computer security company and an outlaw hacker group manages to steal and post on the Internet embarrassing emails connecting you to much-publicized plans for crushing the enemies of large corporations through unsavory means like disinformation and cyberattacks. Especially when it happens just before one of the security industry's largest annual conferences, at which you have not only been invited to speak but have rented a booth and set up meetings with numerous executives of potential customers. That was the situation facing Greg Hoglund, CEO of HBGary Inc. of Sacramento, at the start of this week's RSA security conference in San Francisco after a pro-WikiLeaks group of hackers calling themselves "Anonymous" posted tens of thousands of emails detailing, among other things, the fact that a spin-out company called HBGary Federal helped develop proposals to combat critics of Bank of America and the U.S. Chamber of Commerce thr...

Last month's compromise of the UK website of the natural ingredients cosmetic firm Lush and the theft of its customers' credit card details must have hurt the company but unfortunately, its troubles are not over yet. "We are sorry to have to announce that the Lush Australian and New Zealand websites have been hacked," it says in a statement posted on the sites in question, whose contents have been completely removed while security checks are performed. "We have been alerted today to advise us that entry has been gained and customer personal data may have been obtained by the hackers. We urgently advise customers who have placed an online order with Lush Australia and New Zealand to contact their bank to discuss if canceling their credit cards is advisable," encourages the company. Whether that means that Lush hasn't been storing that data in encrypted format or whether it really wants to cover all bases just in case, it's anyone's guess. It...

The exploits of Anonymous to hack the systems of firms providing spying services to governments and corporations suggest that the WikiLeaks mini-era has been surpassed. Much of WikiLeaks promise to protect sources is useless if the sources are not whistleblowers needing a forum for publication. Instead publishers of secret information grab it directly for posting to Torrent for anybody to access without mediation and mark-up by self-esteemed peddlers of protection, interpretationa and authentication, including media cum scholars. Ars Technica descriptions of the how the Anonymous hack are the best technical reading of Internet derring-do yet and far exceeds the much simpler rhetorical version of WikiLeaks security carefully bruited as if invulnerable but is not according to Daniel Domscheit-Berg's revelations. AnonLeaks.ru  is a remarkable advance of WikiLeaks. And promises much more by the same means and methods most associated with official spies -- NSA and CIA have long...

The Anonymous attack on HBGary may have amused some who enjoyed the sight of a security firm left embarrassed and exposed, but it should send a shiver down the spine of any IT administrator responsible for securing their own company. Because can you honestly put your hand on your heart and say a hack like the one against HBGary couldn't happen at your organisation too? As Ars Technica explains, a weakness in a third-party CMS product used by HBGary's website allowed Anonymous hackers to steal passwords that employees used to update the webpages. Unfortunately they were passwords that weren't encrypted strongly enough, and were possible to crack with a rainbow-table based attack. Amongst those exposed were CEO Aaron Barr and COO Ted Vera. Worse still, it appears that Aaron Barr and Ted Vera were using the same passwords for their Twitter and LinkedIn accounts, and even for an account which administered the entire company's email. By exploiting software vulnerabilities,...