The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Law enforcement authorities from Europe and Russia have arrested five members of an international cyber criminal gang for stealing $3.2 million cash from ATMs using malware. Three of the suspects, Andrejs Peregudovs (41), of Latvia, Niklae Penkov (34) of Moldova, and Mihail Colibaba (30) of Romania, were arrested in Taiwan by the Taiwanese Criminal Investigation Bureau last summer, have already been sentenced to 5 years in prison for their role in a massive ATM heist operation, involving 22 individuals from 6 countries. The European-based cyber criminal gang used a variety of different hacking techniques to infect ATMs with malware and force them to dispense cash. According to Europol that began its investigation in early 2016, the gang used spear-phishing emails containing malicious attachments to target bank employees and penetrate the bank's internal networks. From there, the cyber crooks then located and hacked into the network of ATMs from the inside, and used a m...

In an effort to expand its certificate authority capabilities and build the "foundation of a more secure web," Google has finally launched its root certificate authority. In past few years, we have seen Google taking many steps to show its strong support for sites using HTTPS, like: Giving more preference to HTTPS websites in its search rankings than others. Warning users that all HTTP pages are not secure. Starting an industry-wide initiative, Certificate Transparency − an open framework to log, audit, and monitor certificates that CAs have issued. However, Google has been relying on an intermediate Certificate Authority (Google Internet Authority G2 - GIAG2) issued by a third party, with the latest suppliers being GlobalSign and GeoTrust, which manages and deploys certificates to Google's products and services. Google announced Thursday the creation of its own certified, and independent Root Certificate Authority called Google Trust Services , allowing...

Hacking password for a Facebook account is not easy, but also not impossible. We have always been advising you to enable two-factor authentication — or 2FA — to secure your online accounts, a process that requires users to manually enter, typically a six-digit secret code generated by an authenticator app or received via SMS or email. So even if somehow hackers steal your login credentials, they would not be able to access your account without one-time password sent to you. But, Are SMS-based one-time passwords Secure? US National Institute of Standards and Technology (NIST) is also no longer recommending SMS-based two-factor authentication systems , and it's not a reliable solution mainly because of two reasons: Users outside the network coverage can face issues Growing number of sophisticated attacks against OTP schemes So, to beef up the security of your account, Facebook now support Fido-compliant Universal 2nd Factor Authentication (U2F), allows users to log into ...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

The biggest mistake companies make with data security is leaving all their secrets unprotected at one place, which if attacked, they are all gone in one shot. An unnamed law enforcement agency has reportedly accessed billions of compromised usernames, email IDs, and their passwords, collected by LeakedSource, a popular breach notification service. LeakedSource, launched in late 2015, that exposed some of the largest data breaches in 2016, including LinkedIn , DailyMotion , Rambler.ru , Last.fm , VK.com , Weebly, and Foursquare , might be facing a permanent shut down after law enforcement officers allegedly raided its operator. The LeakedSource website that allowed visitors to look up for their account details that had been collected from multiple data breaches has suddenly disappeared, and its associated social media accounts have been suspended. The data breach aggregation service had always been criticized for its unethical policy of allowing anyone to look up hacked acco...

It seems like the new American President's Twitter account could easily be hacked due to security blunders he made with the most powerful Twitter account in the world, experts warned. Days after we got to know that the newly inaugurated President Donald Trump was still using his old, insecure Android smartphone, it has now been revealed that the official @POTUS Twitter account was linked to a private Gmail account. Since we are already aware of the potential scandal with government officials using outside email systems following the hack of private e-mail servers of Hillary Clinton and George W. Bush , the choice of using private, non-government email address by Trump has raised serious concerns about the security of the White House's closely watched account. To gain control of the official @POTUS Twitter account, which may or may not is secured with some form of two-factor authentication , all an attacker needs to do is hack the email address associated with the acc...

The IT threat landscape has changed dramatically over the last three-four years. With no shortage of threat actors, from hacktivists to nation-states, criminals to terrorists, all of them are now after something new. It's no more just about stealing your money, credit cards and defacing websites, as now they are after the intellectual property, mass attacks and most importantly, our critical infrastructures. We have long-discussed nightmare scenarios of cyber attacks against nation's critical infrastructure, but now these scenarios have come to the real world, and we have seen many such incidents in the past years. The latest example is cyber attacks against Ukrainian power grid . Just two weeks back, Ukraine's national power company Ukrenergo confirmed that electricity outage on 17-18th December last year was caused by a cyber attack. Such sophisticated cyber attacks have revealed the extent of vulnerabilities in the systems that are operating the most critic...

" Linux doesn't get viruses " — It's a Myth. A new Trojan has been discovered in the wild that turns Linux-based devices into proxy servers, which attackers use to protect their identity while launching cyber attacks from the hijacked systems. Dubbed Linux.Proxy.10 , the Trojan was first spotted at the end of last year by the researchers from Russian security firm Doctor Web, who later identified thousand of compromised machines by the end of January this year and the campaign is still ongoing and hunting for more Linux machines. According to researchers, the malware itself doesn't include any exploitation module to hack into Linux machines; instead, the attackers are using other Trojans and techniques to compromise devices at the first place and then create a new backdoor login account using the username as " mother " and password as " fucker ." Once backdoored and the attacker gets the list of all successfully compromised Linux ma...

AlphaBay, possibly the largest active dark web marketplace at the moment, has paid a hacker after he successfully exploited vulnerabilities in the internal mailing system of the website and hijacked over 200,000 private unencrypted messages from several users. The hacker, using the pseudonym Cipher0007, disclosed two "high-risk bugs" two days ago on Reddit that allowed him to gain access to troves of private messages belonging to buyers and sellers on the dark website, AlphaBay admins announced on Tuesday. It turns out that the messages were not encrypted by default, which gave the hacker ability to view all messages between vendors and buyers selling and purchasing everything from illicit drugs to exploits, malware, and stolen data. Over 218,000 Private Messages of Anonymous Dealers Exposed To prove he had successfully compromised the AlphaBay website, the hacker posted five screenshots of random user private conversations, showing that AlphaBay users had op...

2017 is the year of Artificial Intelligence (A.I.), Big Data, Virtual Reality (VR) and Cyber Security with major companies like Google, Facebook, Apple, IBM and Salesforce and technology pioneers like SpaceX founder Elon Musk investing in these hot technologies. Since everyone seems to be talking about the hottest trend — artificial intelligence and machine learning — broadly, 62 percent of large enterprises will be using AI technologies by 2018, says a report from Narrative Science. But why AI is considered to be the next big technology? Because it can enhance and change everything about the way we think, interact, manufacture and deliver. Last year, we saw a significant number of high-profile hacks targeting big organizations, governments, small enterprises, and individuals — What's more worrisome? It's going to get worse, and we need help. No doubt, we, the human, can find vulnerabilities but can not analyze millions of programs with billions of lines of codes at o...

HummingBad – an Android-based malware that infected over 10 million Android devices around the world last year and made its gang an estimated US$300,000 per month at its peak – has made a comeback. Security researchers have discovered a new variant of the HummingBad malware hiding in more than 20 Android apps on Google Play Store. The infected apps were already downloaded by over 12 Million unsuspecting users before the Google Security team removed them from the Play Store. Dubbed HummingWhale by researchers at security firm Check Point, the new malware utilizes new, cutting-edge techniques that allow the nasty software to conduct Ad fraud better than ever before and generate revenue for its developers. The Check Point researchers said the HummingWhale-infected apps had been published under the name of fake Chinese developers on the Play Store with common name structure, com.[name].camera, but with suspicious startup behaviors. "It registered several events on boot,...

China is long known for its strict Internet censorship laws through the Great Firewall of China – China's Golden Shield project that employs a variety of tricks to censor Internet and block access to various foreign websites in the country by its government. The Great Firewall has blocked some 171 out of the world's 1,000 top websites, including Google, Facebook, Twitter, Tumblr, Dropbox, and The Pirate Bay. Therefore, to thwart these restrictions and access these sites, hundreds of millions of Chinese citizens use virtual private networks (VPNs). But now, the Chinese government has announced the mass shutdown of VPNs in the country, making it harder for internet users to bypass its Great Firewall, according to a report published by the South China Morning Post. 'Clean-Up' of China's Internet Connections Calling it a "clean-up" of China's Internet connections, the Ministry of Industry and Information Technology said on Sunday that it had...

A security researcher has discovered a critical vulnerability in Facebook that could allow attackers to delete any video of the social networking site shared by anyone on their wall. The flaw has been discovered by security researcher Dan Melamed in June 2016, allowing him not only to remotely delete any video on Facebook shared by anyone without having any permission or authentication but also to disable commenting on the video of your choice. Here's how to exploit this flaw: In order to exploit this vulnerability, Melamed first created a public event on the Facebook page and uploaded a video on the Discussion part of the event. While uploading the video, the researcher tampered the POST request using Fiddler and then replace the Video ID value of his video with Video ID value of any other video on the social media platform. Although Facebook responded to this issue with a server error, i.e. " This content is no longer available, " but the new video was s...