The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Another day, Another data breach! This time sensitive and personal data of millions of transporters in Sweden, along with the nation's military secrets, have been exposed, putting every individual's as well as national security at risk. Who exposed the sensitive data? The Swedish government itself. Swedish media is reporting of a massive data breach in the Swedish Transport Agency (Transportstyrelsen) after the agency mishandled an outsourcing deal with IBM, which led to the leak of the private data about every vehicle in the country, including those used by both police and military. The data breach exposed the names, photos and home addresses of millions of Swedish citizen, including fighter pilots of Swedish air force, members of the military's most secretive units, police suspects, people under the witness relocation programme, the weight capacity of all roads and bridges, and much more. The incident is believed to be one of the worst government information...

Here we are with our weekly roundup, briefing this week's top cyber security threats, incidents and challenges. This week has been very short with big news from shutting down of two of the largest Dark Web marketplaces and theft of millions of dollars in the popular Ethereum cryptocurrency to the discovery of new Linux malware leveraging SambaCry exploit. We are here with the outline of this week's stories, just in case you missed any of them. We recommend you read the entire thing ( just click 'Read More' because there's some valuable advice in there as well ). Here's the list of this Week's Top Stories: 1. Feds Shuts Down AlphaBay and Hansa Dark Web Markets — Dream Market Under Suspicion On Thursday, Europol announced that the authorities had shut down two of the largest criminal Dark Web markets — AlphaBay and Hansa — in what's being called the largest-ever international operation against the dark web's black market conducted by the...

By now you might be aware of the took down of two of the largest online dark websites— AlphaBay and Hansa —in what's being called the largest-ever international operation against the dark web's black market conducted by the FBI, DEA (Drug Enforcement Agency) and Dutch National Police. But the interesting aspect of the takedown was that the federal authorities shut down AlphaBay , but took control of the Hansa market and kept it running for at least a month in an effort to monitor the activities of its visitors. The visitors of Hansa market also included a massive flood of Alphabay refugees, as the seizer of AlphaBay Market forced their visitors to join the Hansa market for illegal trading and purchasing. However, not just Hansa, after AlphaBay's shutdown , many of its users also joined another website known as Dream Market, which is believed to be the second-largest dark web marketplace, ahead of Hansa. After the shutdown of both AlphaBay and Hansa, Dream Market ...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

What could be the best way to take over and disrupt cyber espionage campaigns? Hacking them back? Probably not. At least not when it's Microsoft, who is continuously trying to protect its users from hackers, cyber criminals and state-sponsored groups. It has now been revealed that Microsoft has taken a different approach to disrupt a large number of cyber espionage campaigns conducted by " Fancy Bear " hacking group by using the lawsuit as a tool — the tech company cleverly hijacked some of its servers with the help of law. Microsoft used its legal team last year to sue Fancy Bear in a federal court outside Washington DC, accusing the hacking group of computer intrusion, cybersquatting, and reserving several domain names that violate Microsoft's trademarks, according to a detailed report published  by the Daily Beast. Fancy Bear — also known as APT28, Sofacy, Sednit, and Pawn Storm — is a sophisticated hacking group that has been in operation since at least ...

With the growing number of cyber attacks and breaches, a significant number of companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded. Following major companies and organisations, the non-profit group behind Tor Project – the largest online anonymity network that allows people to hide their real identity online – has finally launched a " Bug Bounty Program ." The Tor Project announced on Thursday that it joined hands with HackerOne to start a public bug bounty program to encourage hackers and security researchers to find and privately report vulnerabilities that could compromise the anonymity network. HackerOne is a bug bounty startup that operates bug bounty programs for companies including Yahoo, Twitter, Slack, Dropbox, Uber, General Motors – and even the United States Department of Defense for Hack the Pentagon initiative. Bug bo...

It's finally confirmed — In a coordinated International operation, Europol along with FBI, DEA (Drug Enforcement Agency) and Dutch National Police have seized and taken down AlphaBay , one of the largest criminal marketplaces on the Dark Web. But not just AlphaBay , the law enforcement agencies have also seized another illegal dark web market called HANSA , Europol confirmed in a press release today. According to Europol, both underground criminal markets are "responsible for the trading of over 350,000 illicit commodities including drugs, firearms and cybercrime malware." On July 4th, AlphaBay suddenly went down without any explanation from its administrators, which left its customers in panic. Some of them even suspected that the website's admins had pulled an exit scam and stole user funds. However, last week it was reported that the mysterious shut down of the dark web marketplace was due to a series of raids conducted by the international authorities....

A security researcher has discovered a code injection vulnerability in the thumbnail handler component of GNOME Files file manager that could allow hackers to execute malicious code on targeted Linux machines. Dubbed Bad Taste , the vulnerability ( CVE-2017-11421 ) was discovered by German researcher Nils Dagsson Moskopp, who also released proof-of-concept code on his blog to demonstrate the vulnerability. The code injection vulnerability resides in "gnome-exe-thumbnailer"  — a tool to generate thumbnails from Windows executable files (.exe/.msi/.dll/.lnk) for GNOME, which requires users to have Wine application installed on their systems to open it. Those who are unaware, Wine is a free and open-source software that allows Windows applications to run on the Linux operating system. Moskopp discovered that while navigating to a directory containing the .msi file, GNOME Files takes the filename as an executable input and run it in order to create an image thumbna...

An unknown hacker has just stolen nearly $32 million worth of Ethereum – one of the most popular and increasingly valuable cryptocurrencies – from Ethereum wallet accounts linked to at least three companies that seem to have been hacked. This is the third Ethereum cryptocurrency heist that came out two days after an alleged hacker stole $7.4 million worth of Ether from trading platform CoinDash, and two weeks after an unknown attacker hacked into South Korean cryptocurrency exchange Bithumb and stole more than $1 Million in Ether and Bitcoins from user accounts. On Wednesday, Smart contract coding company Parity issued a security alert , warning of a critical vulnerability in Parity's Ethereum Wallet software, which is described as "the fastest and most secure way of interacting with the Ethereum network." Exploiting the vulnerability allowed attackers to compromise at least three accounts and steal nearly 153,000 units of Ether worth just almost US$32 million...

If you are hoverboard rider, you should be concerned about yourself. Thomas Kilbride, a security researcher from security firm IOActive, have discovered several critical vulnerabilities in Segway Ninebot miniPRO that could be exploited by hackers to remotely take "full control" over the hoverboard within range and leave riders out-of-control. Segway Ninebot miniPRO is a high-speed, self-balancing, two-wheel, hands-free electric scooter, also known as SUV of hoverboards, which also allows it riders to control the hoverboard by a Ninebot smartphone app remotely. Ninebot smartphone app allows riders to adjust light colours, modify safety features, run vehicle diagnostics, set anti-theft alarms, and even remotely commanding the miniPRO scooter to move. But the security of powerful miniPRO was so sick that Thomas hardly took 20 seconds to hack it and hijack remote control of it. In a blog post published today, Thomas has disclosed a series of critical security vul...

As part of its ongoing Vault 7 leaks , the whistleblower organisation WikiLeaks today revealed about a CIA contractor responsible for analysing advanced malware and hacking techniques being used in the wild by cyber criminals. According to the documents leaked by WikiLeaks, Raytheon Blackbird Technologies, the Central Intelligence Agency (CIA) contractor, submitted nearly five such reports to CIA as part of UMBRAGE Component Library (UCL) project between November 2014 and September 2015. These reports contain brief analysis about proof-of-concept ideas and malware attack vectors — publically presented by security researchers and secretly developed by cyber espionage hacking groups. Reports submitted by Raytheon were allegedly helping CIA's Remote Development Branch (RDB) to collect ideas for developing their own advanced malware projects. It was also revealed in previous Vault 7 leaks that CIA's UMBRAGE malware development teams also borrow codes from publicly avail...

Remember SambaCry ? Almost two months ago, we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software, allowing a hacker to remotely take full control of a vulnerable Linux and Unix machines. We dubbed the vulnerability as SambaCry, because of its similarities to the Windows SMB vulnerability exploited by the WannaCry ransomware that wreaked havoc across the world over two months ago. Despite being patched in late May, the vulnerability is currently being leveraged by a new piece of malware to target the Internet of Things (IoT) devices, particularly Network Attached Storage (NAS) appliances, researchers at Trend Micro warned . For those unfamiliar: Samba is open-source software (re-implementation of SMB/CIFS networking protocol), which offers Linux/Unix servers with Windows-based file and print services and runs on the majority of operating systems, including Linux, UNIX, IBM System 390, and OpenVMS. Shortly after the publi...

Security researchers have discovered a critical remotely exploitable vulnerability in an open-source software development library used by major manufacturers of the Internet-of-Thing devices that eventually left millions of devices vulnerable to hacking. The vulnerability (CVE-2017-9765), discovered by researchers at the IoT-focused security firm Senrio, resides in the software development library called gSOAP toolkit (Simple Object Access Protocol) — an advanced C/C++ auto-coding tool for developing XML Web services and XML application. Dubbed " Devil's Ivy ," the stack buffer overflow vulnerability allows a remote attacker to crash the SOAP WebServices daemon and could be exploited to execute arbitrary code on the vulnerable devices. The Devil's Ivy vulnerability was discovered by researchers while analysing an Internet-connected security camera manufactured by Axis Communications. "When exploited, it allows an attacker to remotely access a video ...