The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Popular cryptocurrency exchange Coinbase has suspended all transactions of Ethereum Classic (ETC)—the original unforked version of the Ethereum network—on their trading platforms, other products and services after detecting a potential attack on the cryptocurrency network that let someone spend the same digital coins twice. Why is this attack concerning? The heist resulted in the loss of $1.1 million worth of the Ethereum Classic digital currency. The digital currency immediately fell in price after the news came out. Coinbase revealed Monday that it identified "a deep chain reorganization" of the Ethereum Classic blockchain (or 51 percent attack of the network), which means that someone controlling the majority of miners on the network (over 50%) had modified the transaction history. After reorganizing the Ethereum blockchain, the attackers were able to what's called "double spend" about 219,500 ETC by recovering previously spent coins from the rightfu...

The United States' National Security Agency (NSA) is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by WikiLeaks in CIA Vault 7 leaks, but the tool once again came to light after Senior NSA Adviser Robert Joyce announced to publicly release the tool for free in his RSA Conference session description. Reverse engineering tool is a disassembler, for example, IDA-Pro, that help researchers identify certain portions of a program to see how they work by reading information like its processor instructions, instruction lengths, and more. GHIDRA is a Java-based reverse engineering framework that features a graphical user interface (GUI) and has been designed to run on a variety of platforms including Windows, macOS, and Linux operating systems, and also supports a variety of processor ...

A massive data breach at the popular online role-playing game 'Town of Salem' has reportedly impacted more than 7.6 million players, the game owner BlankMediaGames (BMG) confirmed Wednesday on its online forum. With the user base of more than 8 million players, Town of Salem is a browser-based game that enables gamers (which range from 7 to 15 users) to play a version of the famous secret role game Town, Mafia, or Neutrals. The data breach was first discovered and disclosed on December 28 when a copy of the compromised Town of Salem database was anonymously sent to DeHashed, a hacked database search engine. Over 7.6 Million Users Accounts Compromised The database included evidence of the server compromise and access to the complete gamer database which contained 7,633,234 unique email addresses (most-represented of the email providers being Gmail, Hotmail, and Yahoo.com). After analyzing the complete database, DeHashed disclosed that the compromised data contained...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Germany has been hit with the biggest hack in its history. A group of unknown hackers has leaked highly-sensitive personal data from more than 100 German politicians, including German Chancellor Angela Merkel, Brandenburg's prime minister Dietmar Woidke, along with some German artists, journalists, and YouTube celebrities. The leaked data that was published on a Twitter account ( @_0rbit ) and dated back to before October 2018 includes phone numbers, email addresses, private chats, bills, credit card information and photos of victims' IDs. Although it is yet unclear who perpetrated this mass hack and how they managed to perform it, the leaked data appears to be collected unauthorizedly by hacking into their smartphones. The hack targeted all of Germany's political parties currently represented in the federal parliament, including the CDU, CSU, SPD, FDP, Left party (Die Linke) and Greens, except for the far-right Alternative for Germany (AfD). While Justice Minister...

I hope you had biggest, happiest and craziest New Year celebration, but now it's time to come back at work and immediately update your systems to patch new security flaws that could exploit your computer just by opening a PDF file. Adobe has issued an out-of-band security update to patch two critical vulnerabilities in the company's Acrobat and Reader for both the Windows and macOS operating systems. Though the San Jose, California-based software company did not give details about the vulnerabilities, it did classify the security flaws as critical since they allow privilege escalation and arbitrary code execution in the context of the current user. Both the vulnerabilities were reported to Adobe by security researchers--Abdul-Aziz Hariri and Sebastian Apelt—from Trend Micro's Zero Day Initiative (ZDI). Critical Adobe Acrobat and Reader Vulnerabilities The first vulnerability, reported by Apelt and identified as CVE-2018-16011, is a use-after-free bug that can lead...

A group of hackers has hijacked tens of thousands of Google's Chromecast streaming dongles, Google Home smart speakers and smart TVs with built-in Chromecast technology in recent weeks by exploiting a bug that's allegedly been ignored by Google for almost five years. The attackers, who go by Twitter handles @HackerGiraffe and @j3ws3r, managed to hijack Chromecasts' feeds and display a pop-up, spreading a security warning as well as controversial YouTube star PewDiePie propaganda. The hackers are the same ones who hijacked more than 50,000 internet-connected printers worldwide late last year by exploiting vulnerable printers to print out flyers asking everyone to subscribe to PewDiePie YouTube channel. This time, the hackers remotely scanned the internet for compatible devices, including Chromecasts, exposed to the internet through poorly configured routers that have Universal Plug and Play [UPnP] enabled by default. The hackers then exploited a design flaw in Chrome...

Google has finally patched a privacy vulnerability in its Chrome web browser for Android that exposes users' device model and firmware version, eventually enabling remote attackers to identify unpatched devices and exploit known vulnerabilities. The vulnerability, which has not yet given any CVE number, is an information disclosure bug that resides in the way the Google Chrome for Android generates 'User Agent' string containing the Android version number and build tag information, which includes device name and its firmware build. This information is also sent to applications using WebView and Chrome Tabs APIs, which can be used to track users and fingerprint devices on which they are running. For example: Mozilla/5.0 (Linux; Android 5.1.1; Nexus 6 Build/LYZ28K ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.34 Mobile Safari/537.36 Yakov Shafranovich, a contributor at Nightwatch Cybersecurity firm, initially reported this issue to Google three years a...

Kickass Torrents (KAT cr) was once a hugely popular online portal, renowned for its vast archive of movies, music, TV shows, and other media. It was a treasure trove for those seeking rare content and for users looking to share their creations. However, Kickass Torrents faced significant opposition. The movie and music industries saw the site as a threat to their revenue, accusing it of promoting copyright infringement. Despite this, the Kickass Torrents team continued to advocate for its users, claiming they were providing a valuable service. The Downfall and Resurgence of Kickass Torrents Eventually, legal action caught up with Kickass Torrents. In July 2017, U.S. authorities shut down the site after its owner, Artem Vaulin, was charged with allowing the distribution of copyrighted material. Following the shutdown, a group of loyal contributors founded the Katcr.co forum, aiming to restore the popular torrent site to its former glory. Many wondered if this was the end for Kicka...

The FBI just saved the Christmas. The U.S. Justice Department announced earlier today that the FBI has seized domains of 15 "DDoS-for-hire" websites and charged three individuals running some of these services. DDoS-for-hire , or "Booter" or "Stresser," services rent out access to a network of infected devices, which then can be used by anyone, even the least tech-savvy individual, to launch distributed denial-of-service (DDoS) attacks against any website and disrupt its access. In recent years, multiple hacking groups ruined Christmas Day for millions of gamers by taking down PlayStation, Xbox networks and other gaming servers using massive DDoS attacks. "Booter services such as those named in this action allegedly cause attacks on a wide array of victims in the United States and abroad, including financial institutions, universities, internet service providers, government systems, and various gaming platforms," the DoJ said. ...

The US Department of Justice on Thursday charged two Chinese hackers associated with the Chinese government for hacking numerous companies and government agencies in a dozen countries. The Chinese nationals, Zhu Hua (known online as Afwar, CVNX, Alayos and Godkiller) and Zhang Shilong (known online as Baobeilong, Zhang Jianguo and Atreexp), are believed to be members of a state-sponsored hacking group known as Advanced Persistent Threat 10 ( APT 10 ) or Cloudhopper that has been working from over a decade to steal business and technology secrets from companies and government agencies around the world. According to the indictment , the alleged hackers targeted more than 45 companies and government agencies from 2006 to 2018 and stole "hundreds of gigabytes" of sensitive data and personal information from its targets. Both Hua and Shilong worked for Huaying Haitai Science and Technology Development Company and are alleged to have committed these crimes at the directio...

A security researcher with Twitter alias SandboxEscaper today released proof-of-concept (PoC) exploit for a new zero-day vulnerability affecting Microsoft's Windows operating system. SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day vulnerabilities, leaving all Windows users vulnerable to the hackers until Microsoft patched them. The newly disclosed unpatched Windows zero-day vulnerability is an arbitrary file read issue that could allow a low-privileged user or a malicious program to read the content of any file on a targeted Windows computer that otherwise would only be possible via administrator-level privileges. The zero-day vulnerability resides in "MsiAdvertiseProduct" function of Windows that's responsible for generating "an advertise script or advertises a product to the computer and enables the installer to write to a script the registry and shortcut information used to assign or publish a prod...

Microsoft today issued an out-of-band security update to patch a critical zero-day vulnerability in Internet Explorer (IE) Web browser that attackers are already exploiting in the wild to hack into Windows computers. Discovered by security researcher Clement Lecigne of Google's Threat Analysis Group, the vulnerability, tracked as CVE-2018-8653, is a remote code execution (RCE) flaw in the IE browser's scripting engine. According to the advisory, an unspecified memory corruption vulnerability resides in the scripting engine JScript component of Microsoft Internet Explorer that handles execution of scripting languages. If exploited successfully, the vulnerability could allow attackers to execute arbitrary code in the context of the current user. "If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, ...