The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

You all are quite aware of phishing attacks , and for those who are not, Phishing scams are typically fraudulent email messages, masquerading as a well known and trustworthy entity in an attempt to gather personal and financial information from victims. However, phishing attacks have become more sophisticated recently. The Pro-hacker group, Syrian Electronic Army (SEA) is also popular for its advance phishing attack and had purposely targeted twitter account and websites of various popular brands like Forbes, Microsoft, Obama, Facebook, CNN, eBay and PayPal in the past using phishing techniques. Security researchers have seen an increase in the number of phishing attacks every day, but recently a tricky scam came across by the researchers at the Symantec , which is targeting Google Docs and Google Drive users. Under this phishing scam, an email with a subject of " Documents ", tricks recipient to view an ' important document ' stored on the Google Docs by cli...

Despite so many warnings from Microsoft and Cyber Security Experts, Windows XP is still being used by a number of Government organizations, Financial institutions as well as big Corporations all around the world. If we look at the statistics then almost 30% of computers you will find that still run Windows XP , including banks, airline companies, and other huge enterprises, the count in real is likely to be even higher than the estimated. But If you stick with Windows XP after April 8 2014 , you might be at a great risk as XP will take its last breath officially on that day and will die! This fact poses danger to its users as they will be exposed to all kinds of threats. Almost thirteen years after it was 'first released' i.e. April 8 when the Redmond, Washington-headquartered Corporation will stop support for its longest running and most successful OS, Windows XP. Continue using Windows XP after April 8, it will serve you as a Dead Zombie, because Microsoft w...

The Internet is becoming a dangerous place day-by-day and especially for those innocent web users who rely on 3rd party services. The latest bad news is that the World's largest and most widely used Google's free public DNS (Domain name system) resolvers  raised   security red flags yesterday. DNS is the master address list for the Internet, which translates IP addresses into human readable form and vice versa. According to Internet monitoring firm BGPmon , Google's DNS server 8.8.8.8 /32 was hijacked yesterday for 22 minutes. The Google's DNS server handles around 150 billion queries a day and during the 22 minutes of hijacking, millions of Internet users, including Financial institutions , Governments were redirected to BT's (British multinational telecommunications services company) Latin America division in Venezuela and Brazil. It is suspected that Hackers exploited a well-known  vulnerability in the so-called Border Gateway Protocol ( BGP) , whi...

This News will blow everyone's mind! If you are a bitcoins holder then you might be aware of  MtGox , Once the World's biggest Bitcoin exchange .  MtGox  filed for bankruptcy last month after saying it lost some 8,50,000 Bitcoins to hackers and suddenly went dark with no explanations. A few days ago, some unknown hacker breached into the personal blog and Reddit account of MTgox CEO,  Mark Karpeles  to level charges of fraud. But, Hackers are very clever to avail every eventuality they get. After compromising the MtGox CEO's blog, the hacker posted a 716MB ZIP file, MtGox2014Leak.zip , which contains the data dump and specialized software tools for remote access to MtGox data, but these software tools turned out to be a Bitcoin wallet stealing malware , according to the research carried out by the Kaspersky Lab Expert , Sergey Lozhkin. The application was actually a malware, which was created to search and steal Bitcoin wallet files fr...

So, How do you currently monitor your logs and events, including network, servers, databases, applications, your router, firewall or Windows servers?  Obviously, If you have thousands of machines on your network.. It will become more complicated. Due to the massive boom in the cyber attacks and security breaches that result in financial losses and damages the goodwill of the reputed corporations, the demand for SIEM tools is increasing continuously among the IT security professionals and system administrators. Security Information & Event Management (SIEM) is the best solution, that has evolved over the years to become one of the most trusted and reliable solutions for log management, security, and compliance. SIEM systems provide a holistic view of an organization's Information technology (IT) Security by collecting logs and other security-related documentation for analysis. But SIEM systems are typically expensive to deploy and complex to operate and manag...

The Pro-hacker group, very well known as Syrian Electronic Army (SEA) aligned with president Bashar al-Assad, had recently taken down Forbes Website, sending a reminder to the international community that cyber warfare is alive and well, and this time the group has targeted U.S Central Command (CENTCOM) . Just a few minutes ago the SEA group has uploaded a screenshot and claims that they have compromised central repository of CENTCOM. From the screenshot, it appears that the group has hacked into the repository of Army Knowledge Online (AKO) , which   provides web-based enterprise information services to the United States Army, joint, and Department of Defense customers. " This is part of an on-going operation and we have already successfully penetrated many central repositories. #SEA " Hacking Group tweeted. The Group has  threatened to expose hundreds of secret documents that the group has obtained from the recent hack. "In the coming days we will updat...

TWITTER is taking users' privacy and security very seriously and in an effort to prevent Government snooping, the company has secured your Twitter emails with with TLS (Transport Layer Security). Twitter emails were previously using a plain text communication protocol, that now has been upgraded to an encrypted (TLS or SSL) connection using STARTTLS . In a blog post, Twitter announced : " Since mid-January, we have been protecting your emails from Twitter using TLS in the form of StartTLS. StartTLS encrypts emails as they transit between sender and receiver and is designed to prevent snooping. It also ensures that emails you receive from Twitter haven't been read by other parties on the way to your inbox if your email provider supports TLS. " " These email security protocols are part of our commitment to continuous improvement in privacy protections and complement improvements like our securing of web traffic with forward secrecy and always-on HTT...

IT Infrastructure of organizations is growing ever more distributed, complex and difficult to manage. To manage such networks, a log management solution is not enough. The AlienVault Unified Security Management™ (USM) platform is the perfect solution to help manage the flood of information and analyze it in real time, to find evidence of security incidents. So, in this article we will introduce you to a security monitoring solution that provides real-time threat detection and speeds incident response. The AlienVault Unified Security Management™ (USM) platform provides all of the essential security controls required for complete security visibility, and is designed to enable any IT or security practitioner to benefit from results on day one. Powered by the latest AlienVault Labs Threat Intelligence and the Open Threat Exchange™ (OTX ) —the world's largest crowd-sourced threat intelligence exchange—AlienVault USM delivers a unified, simple and affordable solution for threat ...

Hackers are very smart on gaining from every opportunity they get and this time the lost  Malaysian Airlines flight MH370  gave them a chance to hijack, not the plane, but you all sitting over their operating your Facebook account and having an eye on every news related to the Mysterious Malaysian plane. Spammers are taking advantage of the lost Malaysian plan and spam spreading malware on the Facebook, abusing the mystery behind the Malaysia airplane MH370 that has gone missing by the time it flew from Kuala Lumpur to Beijing. The hackers are redirecting Facebook users to the malicious websites using a fake Facebook post, claims that missing Malaysian Airlines flight MH370,  a Boeing 777-200 aircraft  has been found in the Bermuda Triangle with its passengers still alive and invites users to click a link to view breaking news video footage. Title of the fake video: Malaysia Plane MH370 Has Been Spotted Somewhere Near Bermuda Triangle. Shocking Videos Release T...

The US intelligence agency NSA ( National Security Agency ) broke the Silence on the claim that it has reportedly  'infected millions of computers around the world with malware' and that it is 'impersonating U.S. Social media or other websites ', emphasized the claim as inaccurate. The document provided previously by NSA whistleblower Edward Snowden , analyzed by Glenn Greenwald from  The Intercept claimed that the NSA is spreading surveillance malware on computers and networking devices around the world that are capable to spam out millions of pieces of sophisticated malware at a time on a large scale.  Moreover, the report also claimed that the NSA could silently masquerade as legit websites, such as Facebook, or other sites and therefore intercepting victims' online activities, but the agency denied the claims issuing a statement on Thursday. The statement released by the agency notes: " Recent media reports that allege NSA has infected millions of...

Till Now we all have heard about the Ransomware Malware that encrypts your files or lock down your computer and ask for a random amount to be paid in a specified duration of time to unlock it, but this cyber threat has forced somebody for the terrible murder and suicide. It's true! This could be an extent of Ransomware that has marked its history by someone's blood. Marcel Datcu , a 36 year old man, living in the village of Movila Miresii , who was married in 2013 and living happily with his family, killed his 4 year old baby and then himself committed suicide after his computer got infected with " police ransomware ," a Romanian Newspaper, Braila24 reports. Ransomware is one of the most blatant and obvious criminal's money making schemes out there, from which Cryptolocker threat had touched the peak, and cyber criminals have developed many Cryptolocker versions ( prisonlocker, linkup, icepole, cryptobit ) by which you have to safeguard your system. According t...

Besides collecting metadata and inserting backdoor to the devices and softwares, the US National Security Agency (NSA) has an eye on each post, picture, message you have ever sent on Facebook. I know you won't be feeling free considering your privacy, but, this is what the NSA is doing to you. The new revelation from the Glenn Greenwald 's desk remove the mask from one more secret surveillance operation carried out by the US intelligence agency NSA, the extensive program dubbed as ' TURBINE ', according to the classified files provided previously by NSA whistleblower Edward Snowden . Yes, the NSA, who has been working with its dedicated hacking unit, Tailored Access Operations (TAO) from the past several years on enlarging its caliber to infect devices with spyware and creating its own command-and-control servers to manage millions of infected systems at a time. The secret documents presented by The Intercept  website shows that the NSA with its British counterpa...