The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

In Brief Microsoft has issued its first Patch Tuesday for 2017 , and it's one of the smallest ever monthly patch releases for the company, with only four security updates to address vulnerabilities in its Windows operating system as well as Adobe Flash Player. Meanwhile, Adobe has also released patches for more than three dozen security vulnerabilities in its Flash Player and Acrobat/Reader for Windows, MacOS, and Linux desktops. According to the Microsoft Advisory, only one security bulletin is rated critical, while other three are important. The bulletins address security vulnerabilities in Microsoft's Windows, Windows Server, Office, Edge and Flash Player. The only security bulletin rated as critical is the one dedicated to Adobe Flash Player, for which Microsoft distributed security patches through Windows Update. Other security bulletins that addresses flaws in Microsoft products are as follows: Bulletin 1 — MS17-001 This security update resolves just one v...

The Shadow Brokers who previously stole and leaked a portion of the NSA hacking tools and exploits is back with a Bang! The hacking group is now selling another package of hacking tools, " Equation Group Windows Warez ," which includes Windows exploits and antivirus bypass tools, stolen from the NSA-linked hacking unit, The Equation Group. For those unfamiliar with the topic, The Shadow Brokers is a notorious group of black-hat hackers who, in August 2016, leaked exploits, security vulnerabilities, and "powerful espionage tools" created by The Equation Group. On Saturday, the Shadow Brokers posted a message on their ZeroNet based website, announcing the sale of the entire " Windows Warez " collection for 750 Bitcoin (around US$678,630). The data dump contains many windows hacking tools, categorized as following: Fuzzing tools (used to discover errors and security loopholes) Exploit Framework Network Implants Remote Administration Tools (RAT) Remot...

Ransomware has turned on to a noxious game of Hackers to get paid effortlessly. Once again the heat was felt by the Los Angeles Valley College (LAVC) when hackers managed to infect its computer network with ransomware and demanded US$28,000 payment in Bitcoins to get back online. The cyber-attack occurred over winter break and caused widespread disruption to online, financial aid, email and voicemail systems, including locking out 1,800 students and staffs from their computers. As the situation was gone out of its hand, the Los Angeles Community College District (LACCD) agreed to pay the ransom demand of $28,000 in Bitcoin to criminals to resume their operations after gaining the decryption keys, the school newspaper, The Valley Star, reports . The cyber criminals gave the college a week to pay the ransom and threatened to delete all the data if they were not paid. Also Read: RansomFree Tool Detects Never-Seen-Before Ransomware Before It Encrypts Your Data Just like mos...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

It's time to say goodbye to Yahoo! While Yahoo's core internet business was being sold to Verizon for $4.8 Billion , the remaining portions of the company left behind is renaming itself to Altaba Inc, which marks the sad ending of one of the most familiar brand names on the internet. In a public filing with the Securities and Exchange Commission (SEC) on Monday, the company announced that after the planned sale of its core business to telecom giant Verizon, the leftover would change its brand name to Altaba. So, the company's branding you are familiar with will integrate with Verizon, and it is possible that the telecom titan may continue to use the Yahoo brand for some of the services that it will acquire in the deal. The remaining company under the new name Altaba Inc. is hanging on to its 15% ownership of Alibaba and 35.5% stake in Yahoo Japan, which is a joint venture with Softbank. Marissa Mayer to Leave Yahoo Board The newly formed company will operat...

The ransomware attacks on poorly secured MongoDB installations have doubled in just a day. A hacker going by the handle Harak1r1 is accessing, copying and deleting unpatched or badly-configured MongoDB databases and then threatening administrators to ransom in exchange of the lost data. It all started on Monday when security researcher Victor Gevers identified nearly 200 instances of a MongoDB installation that have been erased and held for ransom , asking victims to pay hefty ransoms for the data to be restored. By Tuesday, this number reached approximately 2,000 databases as reported by Shodan Founder John Matherly, and by Friday, Gevers and fellow security researcher Niall Merrigan updated this count to 10,500. However, according to recent statistics compiled by Merrigan, the number of compromised systems have reached more than double to 27,000, over the course of about 12 hours. What's worse? Initial attacks saw ransoms of 0.2 Bitcoins (nearly US$184) to the ...

Image Source: Book - Protect Your Windows Network from Perimeter to Data The United States' trade watchdog has sued Taiwan-based D-link, alleging that the lax security left its products vulnerable to hackers. The Federal Trade Commission (FTC) filed a lawsuit ( pdf ) against D-Link on Thursday, arguing that the company failed to implement necessary security protection in its routers and Internet-connected security cameras that left "thousands of consumers at risk" to hacking attacks. The move comes as cyber criminals have been hijacking poorly secured internet-connected devices to launch massive DDoS attacks that can force major websites offline. Over two months back, a nasty IoT botnet, known as Mirai, been found infecting routers, webcams, and DVRs built with weak default passwords and then using them to DDoS major internet services. The popular Dyn DNS provider was one of the victims of Mirai-based attack that knocked down the whole internet for many users...

It might be the easiest bug bounty program ever. Netgear launched on Thursday a bug bounty program to offer up to $15,000 in rewards to hackers who will find security flaws in its products. Since criminals have taken aim at a rapidly growing threat surface created by millions of new Internet of things (IoT) devices, it has become crucial to protect routers that contain the keys to the kingdom that connects the outside world to the IP networks that run these connected devices. To combat this issue, Netgear, one of the biggest networking equipment providers in the world, has launched a bug bounty program focusing on its products, particularly routers, wireless security cameras and mesh Wi-Fi systems. Bug bounty programs are cash rewards given by companies or organizations to white hat hackers and researchers who hunt for serious security vulnerabilities in their website or products and then responsibly disclose for the patch release. Also Read:   How Hackers Hack Bank ...

What you'll do if Ransomware infects you? Should you pay or not to recover your files? Believe me, the FBI advises - Pay off the criminals to get your files back if you don't have a backup. But paying off a ransom to cyber criminals is definitely not a wise option because there is no guarantee that you'll get the decryption key in return. In the latest incident, the new variant of KillDisk ransomware has been found encrypting Linux machines, making them unbootable with data permanently lost. What is KillDisk? KillDisk is a destructive data wiping malware that has previously been used to sabotage companies by randomly deleting files from the computers. KillDisk is the same component associated with the Black Energy malware that was used to hit several Ukrainian power stations in 2015, cutting power for thousands of people. But according to ESET security researchers, the nasty KillDisk disk wiper malware is back with new variants that target Windows and Lin...

Update: A hacker yesterday claimed to have hacked the FBI's website running on Plone CMS, but it seems it wasn't hacked using any zero-day vulnerability in Plone. We contacted Plone security team and updated this story (see below) with official statements. A hacker, using Twitter handle CyberZeist , has claimed to have hacked the FBI's website (fbi.gov) and leaked personal account information of several FBI agents publically. CyberZeist had initially exposed the flaw on 22 December, giving the FBI time to patch the vulnerability in its website's code before making the data public. The hacker exploited a zero-day vulnerability in the Plone CMS , an Open Source Content Management software used by FBI to host its website, and leaked personal data of 155 FBI officials to Pastebin , including their names, passwords, and email accounts. CyberZeist tweeted multiple screenshots as proof of his claims, showing his unauthorized access to server and database files usi...

Ransomware has been around for a few years, but in last two years, it has become one of the fastest growing threats to businesses and users across the world, so will be in 2017. Ransomware is a piece of malware that encrypts files on your computer with strong encryption algorithms and then demands a ransom money in Bitcoin to decrypt the data so you can regain access to your encrypted files. We have seen some nastier ransomware infections over the past couple of years. The most interesting one was Popcorn Time that decrypts victims files for free if they pass the infection on to other people. Now, a new strain of ransomware takes the infection to a whole new level of craziness. Dubbed Koolova , the ransomware will restore your encrypted files for free, just like Popcorn Time. The only difference between both the infections is that you don't have to infect others to get free decryption key. Instead, all you have to do is educate yourself about ransomware by reading two...

What a good start of the New Year for those holding Bitcoins! Web-based digital currency Bitcoin has passed $1,110 for the first time on the Bitstamp Price Index (BPI) since early November 2013. Bitcoin broke the barrier on 1 January and now is trading above $1,150 mark at the time of writing, marking a bright beginning to 2017 for the digital currency. At the time of writing, 1 Bitcoin = $1158.99. Bitcoin is a revolutionary virtual currency that has no central authority; instead, it relies on thousands of computers worldwide that validate transactions and add new Bitcoins to the system. The world's first and most famous cryptocurrency is developed around Blockchain, which is a complex cryptographic protocol and a global computer's network that oversees and verifies which Bitcoins have been spent by whom. The identity of the people spending Bitcoins is extremely difficult to trace because of its anonymous nature. Therefore, the currency is very popular among criminal...

The U.S. Federal Trade Commission has announced a "prize competition" for creating a software or hardware-based solution with the ability to auto-patch vulnerable Internet of Things (IoT) devices. Today we are surrounded by a number of Internet-connected devices. Our homes are filled with tiny computers embedded in everything from security cameras, TVs and refrigerators to thermostat and door locks. While IoT is going to improve life for many, the number of security risks due to lack of stringent security measures and encryption mechanisms in the devices have increased exponentially, giving attackers a large number of entry points to affect you in some or the other way. Remember Mirai Botnet ? A botnet of just 100,000 hijacked IoT devices was used to flood the Dyn DNS service with unwanted requests and close down the Internet for Millions of Users a few months ago. At that time, Chinese firm Hangzhou Xiongmai Technology admitted its smart products – DVRs and ...