The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

As many non-tech savvy people think that Bitcoin looks like a Gold coin as illustrated in many stock images, perhaps these robbers also planned to rob a cryptocurrency exchange thinking that way. All jokes apart, we saw one such attempt on Tuesday morning, when three men armed with handguns entered the offices of a Canadian Bitcoin exchange in Ottawa, and restrained four of its employees. The intruders then struck one of the employees in the head with a handgun, asking them to make an outbound transaction from the cryptocurrency exchange. A fifth employee in another cabin, who remained unseen in an office, called the police before any assets could be taken, and the robbers left empty-handed. One of the suspects arrested later Wednesday after arriving police officers saw him run into a ravine north of Colonnade Road and deployed "extensive resources," including K-9 unit officers, to find him, CBC News reports . "Police are looking for two additional suspects,...

The antitrust fine has hit Qualcomm badly. The European Commission has levied a fine of €997 Million, approximately $1.2 Billion, against U.S. chipmaker Qualcomm Inc. for violating antitrust laws in a series of deals with Apple by "abusing its market dominance in LTE baseband chipsets." According to the European Union (EU), Qualcomm paid Apple billions of dollars to make the iPhone-maker exclusively use its 4G chips in all its iPhones and iPads, reducing competition from other competing manufacturers in the LTE baseband chip industry like Intel. The European Commission launched an investigation in 2015, which revealed that Qualcomm abused its market dominance in LTE baseband chipsets and struck a deal with Apple in 2011, which meant the iPhone maker would have to repay Qualcomm if it decided to use a rival's chipsets until the end of 2016, hurting innovation in the chip sector. "This meant that no rival could effectively challenge Qualcomm in this market, ...

A critical remote code execution vulnerability has been reported in Electron —a popular web application framework that powers thousands of widely-used desktop applications including Skype, Signal, Wordpress and Slack—that allows for remote code execution. Electron is an open-source framework that is based on Node.js and Chromium Engine and allows app developers to build cross-platform native desktop applications for Windows, macOS and Linux, without knowledge of programming languages used for each platform. The vulnerability, assigned as the number CVE-2018-1000006, affects only those apps that run on Microsoft Windows and register themselves as the default handler for a protocol like myapp://. "Such apps can be affected regardless of how the protocol is registered, e.g. using native code, the Windows registry, or Electron's app.setAsDefaultProtocolClient API," Electron says in an advisory published Monday. The Electron team has also confirmed that applications...

The year 2017 saw some of the biggest cybersecurity incidents—from high profile data breaches in Equifax and Uber impacting millions of users to thousands of businesses and millions of customers being affected by the global ransomware threats like WannaCry and NotPetya . The year ended, but it did not take away the airwaves of cybersecurity incidents, threats, data breaches, and hacks. The scope and pace of such cybersecurity threats would rise with every passing year, and with this rise, more certified cybersecurity experts and professionals would be needed by every corporate and organisation to prevent themselves from hackers and cyber thieves. That's why jobs in the cybersecurity field have gone up 80 percent over the past three years than any other IT-related job. So, this is the right time for you to consider a new career as a cybersecurity professional. But before getting started, you need to gain some valuable cyber security certifications that not only boost yo...

Don't install Intel's patches for Spectre and Meltdown chip vulnerabilities. Intel on Monday warned that you should stop deploying its current versions of Spectre/Meltdown patches , which Linux creator Linus Torvalds calls 'complete and utter garbage.' Spectre and Meltdown are security vulnerabilities disclosed by researchers earlier this month in many processors from Intel, ARM and AMD used in modern PCs, servers and smartphones (among other devices), which could allow attackers to steal your passwords, encryption keys and other private information. Since last week, users are reporting that they are facing issues like spontaneous reboots and other 'unpredictable' system behaviour on their affected computers after installing Spectre/Meltdown patch released by Intel. Keeping these problems in mind, Intel has advised OEMs, cloud service providers, system manufacturers, software vendors as well as end users to stop deploying the current versions of it...

A Google security researcher has discovered a severe vulnerability in Blizzard games that could allow remote attackers to run malicious code on gamers' computers. Played every month by half a billion users—World of Warcraft, Overwatch, Diablo III, Hearthstone and Starcraft II are popular online games created by Blizzard Entertainment . To play Blizzard games online using web browsers, users need to install a game client application, called ' Blizzard Update Agent ,' onto their systems that run JSON-RPC server over HTTP protocol on port 1120, and " accepts commands to install, uninstall, change settings, update and other maintenance related options. " Google's Project Zero team researcher Tavis Ormandy discovered that the Blizzard Update Agent is vulnerable to a hacking technique called the " DNS Rebinding " attack that allows any website to act as a bridge between the external server and your localhost. Just last week, Ormandy revealed a simi...

Cybercriminals have stolen a massive trove of Norway's healthcare data in a recent data breach, which likely impacts more than half of the nation's population. An unknown hacker or group of hackers managed to breach the systems of Health South-East Regional Health Authority (RHF) and reportedly stolen personal info and health records of some 2.9 million Norwegians out of the country's total 5.2 million inhabitants. Health South-East RHA is a healthcare organisation that manages hospitals in Norway's southeast region, including Østfold, Akershus, Oslo, Hedmark, Oppland, Buskerud, Vestfold, Telemark, Aust-Agder and Vest-Agder. The healthcare organisation announced the data breach on Monday after it had been alerted by HelseCERT, the Norwegian CERT department for its healthcare sector, about an "abnormal activity" against computer systems in the region. HelseCERT also said the culprits behind the data breach are "advanced and professional" hacke...

Remember " Crackas With Attitude "? A notorious pro-Palestinian hacking group behind a series of embarrassing hacks against United States intelligence officials and leaked the personal details of 20,000 FBI agents , 9,000 Department of Homeland Security officers, and some number of DoJ staffers in 2015. Believe or not, the leader of this hacking group was just 15-years-old when he used "social engineering" to impersonate CIA director and unauthorisedly access highly sensitive information from his Leicestershire home, revealed during a court hearing on Tuesday. Kane Gamble , now 18-year-old, the British teenager hacker targeted then CIA director John Brennan , Director of National Intelligence James Clapper , Secretary of Homeland Security Jeh Johnson, FBI deputy director Mark Giuliano , as well as other senior FBI figures. Between June 2015 and February 2016, Gamble posed as Brennan and tricked call centre and helpline staff into giving away broadband and...

OnePlus has finally confirmed that its online payment system was breached, following several complaints of fraudulent credit card transactions from its customers who made purchases on the company's official website. In a statement released today, Chinese smartphone manufacturer admitted that credit card information belonging to up to 40,000 customers was stolen by an unknown hacker between mid-November 2017 and January 11, 2018. According to the company, the attacker targeted one of its systems and injected a malicious script into the payment page code in an effort to sniff out credit card information while it was being entered by the users on the site for making payments. The malicious script was able to capture full credit card information, including their card numbers, expiry dates, and security codes, directly from a customer's browser window. " The malicious script operated intermittently, capturing and sending data directly from the user's browser. It ha...

A global mobile espionage campaign collecting a trove of sensitive personal information from victims since at least 2012 has accidentally revealed itself—thanks to an exposed server on the open internet. It's one of the first known examples of a successful large-scale hacking operation of mobile phones rather than computers. The advanced persistent threat (APT) group, dubbed Dark Caracal , has claimed to have stolen hundreds of gigabytes of data, including personally identifiable information and intellectual property, from thousands of victims in more than 21 different countries, according to a new report from the Electronic Frontier Foundation (EFF) and security firm Lookout. After mistakenly leaking some of its files to the internet, the shadowy hacking group is traced back to a building owned by the Lebanese General Directorate of General Security (GDGS), one of the country's intelligence agencies, in Beirut. "Based on the available evidence, it's likely...

Even after many efforts made by Google last year, malicious apps always somehow manage to make their ways into Google app store. Security researchers have now discovered a new piece of malware, dubbed GhostTeam , in at least 56 applications on Google Play Store that is designed to steal Facebook login credentials and aggressively display pop-up advertisements to users. Discovered independently by two cybersecurity firms, Trend Micro and Avast , the malicious apps disguise as various utility (such as the flashlight, QR code scanner, and compass), performance-boosting (like file-transfer and cleaner), entertainment, lifestyle and video downloader apps. Like most malware apps, these Android apps themselves don't contain any malicious code, which is why they managed to end up on Google's official Play Store. Once installed, it first confirms if the device is not an emulator or a virtual environment and then accordingly downloads the malware payload, which prompts the victim to...

Security researchers have spotted a new malware campaign in the wild that spreads an advanced botnet malware by leveraging at least three recently disclosed vulnerabilities in Microsoft Office. Dubbed Zyklon , the fully-featured malware has resurfaced after almost two years and primarily found targeting telecommunications, insurance and financial services. Active since early 2016, Zyklon is an HTTP botnet malware that communicates with its command-and-control servers over Tor anonymising network and allows attackers to remotely steal keylogs, sensitive data, like passwords stored in web browsers and email clients. Zyklon malware is also capable of executing additional plugins, including secretly using infected systems for DDoS attacks and cryptocurrency mining. Different versions of the Zyklon malware has previously been found being advertised on a popular underground marketplace for $75 (normal build) and $125 ( Tor-enabled build). According to a recently published report...