The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Remember the hacker who claimed to have breached FireEye late July this year? That alleged hacker has been arrested and taken into custody Thursday by international law enforcement, FireEye CEO Kevin Mandia informed the media. Late July, the hacker, whose name has not yet been disclosed, managed to hack the personal online accounts of a ‎Senior Threat Intelligence Analyst at Mandiant—a Virginia-based cybersecurity firm owned by the FireEye—and leaked nearly 32 megabytes of data belonging to Peretz. At that time, the hacker claimed that he had started #LeakTheAnalyst operation that aimed at doxing the security analysts who hunt hackers. The hacker also claimed to have had complete access to the company's internal networks since 2016. "Let's trash their reputation in the field," the hacker said. "It was fun to be inside a giant company named "Mandiant" we enjoyed watching how they try to protect their clients and how their dumb analysts are trying to reve...

The Hacker News (THN), the widely-read cybersecurity news source for hackers and technologists, is celebrating its 7th Anniversary today. This is a huge milestone for THN and our team, but this day really belongs to you—our readers. Without you, we would not be here, and we appreciate you for reading, commenting, and sharing our content every day. 7-years ago today we started this website with an aim to provide a dedicated platform to deliver latest cybersecurity news and threat updates for everyone, including students, enthusiasts, technologists, security researchers and hackers as well. Times flies when you are having fun! "Over 6,700 Posts, 33,500 Comments And 293 Million Pageviews" We have always admitted that we do not cover everything, never did, never could, we just cover things that are important to our readers and impact a broader audience. So this is the actual difference between The Hacker News and a full-fledged media outlet. Since November 1, 20...

Last month the popular torrent website The Pirate Bay caused some uproar by adding a Javascript-based cryptocurrency miner to its site with no opt-out option, utilizing visitors' CPU power to mine Monero coins in an attempt to gain an extra source of revenue. Now D-Link has been caught doing the same, although there's high chance that its website has been hacked. D-Link's official website for Middle East (www.dlinkmea.com) has been found secretly adding a JavaScript-based cryptocurrency miner, according to a blog post published by security firm Seekurity on Tuesday. Seekurity team was made aware of the issue after Facebook user Ahmed Samir reported that visiting on D-Link Middle East website caused his web browser utilizing a "super high CPU" power usage. As shown in the screenshot below, a separate domain was loaded using a hidden iFrame for each page view, which included the cryptocurrency mining script. Five days after Seekurity team reported th...

Ever since the launch of Windows 10, Microsoft has been heavily pushing its Edge browser, claiming it to be the best web browser over its competitors like Mozilla Firefox, Opera and Google Chrome in terms of speed and battery performance. However, Microsoft must admit that most users make use of Edge or Internet Explorer only to download Chrome, which is by far the world's most popular internet browser. Something hilarious happened recently during a live demonstration when a Microsoft engineer caught on a video switching from Edge to Chrome after the default Windows 10 browser stopped responding in the middle of the presentation. That is really embarrassing. The incident happened in the middle of a Microsoft Ignite conference, where the Microsoft presenter Michael Leworthy was demonstrating how to one can migrate their applications and data to Microsoft Azure cloud service. See what happens in the video below: However, Leworthy was forced to pause his Azure presenta...

Do you know? Thousands of websites use HTML5 Canvas —a method supported by all major browsers that allow websites to dynamically draw graphics on web pages—to track and potentially identify users across the websites by secretly fingerprinting their web browsers. Over three years ago, the concern surrounding browser fingerprinting was highlighted by computer security experts from Princeton University and KU Leuven University in Belgium. In 2014, the researchers demonstrated how browser's native Canvas element can be used to draw unique images to assign each user's device a number (a fingerprint) that uniquely identifies them. These fingerprints are then used to detect when that specific user visits affiliated websites and create a profile of the user's web browsing habits, which is then shared among advertising partners for targeted advertisements. Since then many third-party plugins and add-ons (ex. Canvas Defender ) emerged online to help users identify and block ...

A highly critical vulnerability has been discovered in Oracle's enterprise identity management system that can be easily exploited by remote, unauthenticated attackers to take full control over the affected systems. The critical vulnerability tracked as CVE-2017-10151, has been assigned the highest CVSS score of 10 and is easy to exploit without any user interaction, Oracle said in its advisory  published Monday without revealing many details about the issue. The vulnerability affects Oracle Identity Manager (OIM) component of Oracle Fusion Middleware—an enterprise identity management system that automatically manages users' access privileges within enterprises. The security loophole is due to a "default account" that an unauthenticated attacker over the same network can access via HTTP to compromise Oracle Identity Manager. Oracle has not released complete details of the vulnerability in an effort to prevent exploitation in the wild, but here the "def...

While scrolling on Facebook how you decide which link/article should be clicked or opened? Facebook timeline and Messenger display title, description, thumbnail image and URL of every shared-link, and this information are enough to decide if the content is of your interest or not. Since Facebook is full of spam, clickbait and fake news articles these days, most users do not click every second link served to them. But yes, the possibility of opening an article is much higher when the content of your interest comes from a legitimate and authoritative website, like YouTube or Instagram. However, what if a link shared from a legitimate website lands you into trouble? Even before links shared on Facebook could not be edited, but to stop the spread of misinformation and false news, the social media giant also removed the ability for Pages to edit title, description, thumbnail image of a link in July 2017. However, it turns out that—spammers can spoof URLs of the shared-links t...

Are you a proud iPhone owner? If yes, this could freak you up. Trust me! Your iPhone has a serious privacy concern that allows iOS app developers to take your photographs and record your live video using both front and back camera—all without any notification or your consent. This alarming privacy concern in Apple's mobile operating system was highlighted by an Austrian developer and Google engineer, Felix Krause, who detailed the issue in his blog post published Wednesday. The issue, Krause noted, is in the way Apple's software handles camera access. Apparently, there is a legitimate reason for many apps, such as Facebook, WhatsApp, and Snapchat, to request access to your camera, in an effort to take a photo within the app. So, this permissions system is not a bug or a flaw instead it is a feature, and it works exactly in the way Apple has designed it, but Krause said any malicious app could take advantage of this feature to silently record users activities. iPhon...

A new widespread ransomware worm, known as " Bad Rabbit ," that hit over 200 major organisations, primarily in Russia and Ukraine this week leverages a stolen NSA exploit released by the Shadow Brokers this April to spread across victims' networks. Earlier it was reported that this week's crypto-ransomware outbreak did not use any National Security Agency-developed exploits, neither EternalRomance nor EternalBlue , but a recent report from Cisco's Talos Security Intelligence revealed that the Bad Rabbit ransomware did use EternalRomance exploit. NotPetya ransomware (also known as ExPetr and Nyetya) that infected tens of thousands of systems back in June also leveraged the EternalRomance exploit , along with another NSA's leaked Windows hacking exploit EternalBlue, which was used in the WannaCry ransomware outbreak. Bad Rabbit Uses EternalRomance SMB RCE Exploit Bad Rabbit does not use EternalBlue but does leverage EternalRomance RCE exploit to spread...

If your smart devices are smart enough to make your life easier, then their smart behaviour could also be exploited by hackers to invade your privacy or spy on you, if not secured properly. Recent research conducted by security researchers at threat prevention firm Check Point highlights privacy concern surrounding smart home devices manufactured by LG. Check Point researchers discovered a security vulnerability in LG SmartThinQ smart home devices that allowed them to hijack internet-connected devices like refrigerators, ovens, dishwashers, air conditioners, dryers, and washing machines manufactured by LG. ...and what's worse? Hackers could even remotely take control of LG's Hom-Bot, a camera-equipped robotic vacuum cleaner, and access the live video feed to spy on anything in the device's vicinity. This hack doesn't even require hacker and targeted device to be on the same network. Dubbed HomeHack , the vulnerability resides in the mobile app and cloud app...

The official blog of jQuery—most popular JavaScript library used by millions of websites—has been hacked by some unknown hackers, using the pseudonym "str0ng" and "n3tr1x." jQuery's blog website ( blog.jquery.com ) runs on WordPress—the world's most popular content management system (CMS) used by millions of websites. While there is no evidence yet if the server (code.jquery.com) that host jQuery file was also compromised, The Hacker News took a screenshot (as shown above) and can confirm that the hackers merely published a simple blog post to deface the website. The defaced blog post URL — https://blog.jquery.com/2017/10/26/hacked/ (now removed). Since the above-mentioned blog post was published under the name of Leah Silber, a core member of jQuery team, it seems hackers were able to make their post live by compromising Silber's account—probably by reusing her password leaked in a previous data breach. If not, the hackers might have gained...

When yesterday I was reporting about the sudden outbreak of another global ransomware attack ' Bad Rabbit ,' I thought what could be worse than this? Then late last night I got my answer with a notification that Coinhive has been hacked — a popular browser-based service that offers website owners to embed a JavaScript to utilise their site visitors' CPUs power to mine the Monero cryptocurrency for monetisation. Reportedly an unknown hacker managed to hijack Coinhive's CloudFlare account that allowed him/her to modify its DNS servers and replace Coinhive's official JavaScript code embedded into thousands of websites with a malicious version. https://coin-hive[.]com/lib/coinhive.min.js Hacker Reused Leaked Password from 2014 Data Breach Apparently, hacker reused an old password to access Coinhive's CloudFlare account that was leaked in the Kickstarter data breach in 2014. "Tonight, Oct. 23th at around 22:00 GMT our account for our DNS provi...