The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Reportedly, at least one senior cyber security analyst working with Mandiant, a Virginia-based cybersecurity firm owned by the FireEye, appears to have had its system compromised by hackers, exposing his sensitive information on the Internet. On Sunday, an anonymous group of hackers posted some sensitive details allegedly belonged to Adi Peretz , a ‎Senior Threat Intelligence Analyst at Mandiant, claiming they have had complete access to the company's internal networks since 2016. The recent hack into Mandiant has been dubbed Operation # LeakTheAnalyst . Further Leaks from Mandiant Might Appear The hackers have leaked nearly 32 megabytes of data—both personal and professional—belonging to Peretz on Pastebin as proof, which suggests they have more Mandiant data that could be leaked in upcoming days. "It was fun to be inside a giant company named "Mandiant" we enjoyed watching how they try to protect their clients and how their dumb analysts are trying to reverse ...

Image Credit: @tjhorner Today, election hacking is not just about hacking voting machines, rather it now also includes hacking and leaking dirty secrets of the targeted political parties—and there won't be a perfect example than the last year's US presidential election . But, in countries like America, even hacking electronic voting machines is possible—that too, in a matter of minutes. Several hackers reportedly managed to hack into multiple United States voting machines in a relatively short period—in some cases within minutes, and in other within a few hours—at Def Con cybersecurity conference held in Las Vegas this week. Citing the concern of people with the integrity and security of American elections , for the first time, Def Con hosted a " Voting Machine Village " event, where tech-savvy attendees tried to hack some systems and help catch vulnerabilities. Voting Machine Village provided 30 different pieces of voting equipment used in American election...

In order to comply with Chinese censorship law , Apple has started removing all virtual private network (VPN) apps from the App Store in China, making it harder for internet users to bypass its Great Firewall. VPN service providers that provide services in China has accused the United States tech giant of complying with Chinese stringent cyberspace regulations. In a blog post , the developers of ExpressVPN reported that Apple informed them that their VPN app had been pulled from the company's Chinese App Store, and it seems all major VPN clients have received the same notice from Apple. China has strict Internet censorship laws through the Great Firewall of China – the country's Golden Shield project that employs a variety of tricks to censor Internet and block access to major foreign websites in the country. The Great Firewall is already blocking some 171 out of the world's 1,000 top websites, including Google, Facebook, Twitter, Dropbox, Tumblr, and The Pirate ...

I think we should stop going crazy over the smart things unless it's secure enough to be called SMART—from a toaster, security cameras, and routers to the computers and cars—everything is hackable. But the worst part comes in when these techs just require some cheap and easily available kinds of stuff to get compromised. Want example? It took just cheap magnets purchased from Amazon online store for a security researcher to unlock a "smart" gun that only its owner can fire. The German manufacturer of the Armatix IP1 "smart" gun which claimed the weapon would 'usher in a new era of gun safety' as the gun would only fire by its owners who are wearing an accompanying smartwatch. However, for the first time, a skilled hacker and security researcher who goes by the pseudonym "Plore" found multiple ways to defeat the security of Armatix GmbH Smart System and its $1,400 smart gun. According to a detailed report by Wired , the smart idea ...

Digital currencies have emerged as a favourite tool for hackers and cyber criminals, as digital currency transactions are nearly anonymous, allowing cyber criminals to use it in underground markets for illegal trading, and to receive thousands of dollars in ransomware attacks— WannaCry , Petya , LeakerLocker , Locky and Cerber to name a few. Also, every other day we hear about some incidents of hacking of crypto currency exchange or digital wallets, in which hackers stole millions of dollars in Bitcoin or Ethereum. The latest back-to-back series of thefts of Ethereum —one of the most popular and increasingly valuable cryptocurrencies—in which around half a billion dollars in total were stolen is the recent example of how much hackers are after crypto currencies. It's obvious that after ripping off hundreds of thousands of cryptocurrencies from exchanges, wallets and ransomware victims, cyber criminals would not hold them in just digital form—the next step is to cash the...

WikiLeaks has just published a new set of classified documents linked to another CIA project, dubbed ' Imperial ,' which reveals details of at least three CIA-developed hacking tools and implants designed to target computers running Apple Mac OS X and different flavours of Linux operating systems. If you are a regular reader of THN, you must be aware that this latest revelation by the whistleblower organisation is the part of an ongoing CIA-Vault 7 leaks, marking it as the 18th batch in the series. If you are unaware of the Vault 7 leaks, you can head on to the second of this article for having a brief look on all the leaks at once. Achilles — Tool to Backdoor Mac OS X Disk Images Dubbed Achilles , the hacking tool allows CIA operators to combine malicious Trojan applications with a legitimate Mac OS app into a disk image installer (.DMG) file. The binding tool, the shell script is written in Bash, gives the CIA operators "one or more desired operator specified e...

Greek  police have arrested a Russian man who is believed to have been the operator of the popular BTC-e Bitcoin exchange on charges of laundering more than $4 billion in bitcoin for culprits involved in hacking attacks, tax fraud and drug trafficking. A United States jury indicted 38-year-old Alexander Vinnik on Wednesday after his arrest in Greece on Tuesday at the request of US law enforcement authorities. The suspect is one of the operators of BTC-e, a service operational since 2011. Headquartered in Russia, the digital currency exchange has been offline since the arrest of Vinnik, and its homepage says, "Site is under maintenance. We apologize for the inconvenience.." According to a press release published by the U.S. Treasury's Financial Crimes Enforcement Network (FinCEN), BTC-e ignored "know your customer" laws in an effort to serve criminals, and even hosted message boards buzzing with illegal activities. The FinCEN also announced a $110 ...

Last month, we reported about a group of hackers exploiting SambaCry —a 7-year-old critical remote code execution vulnerability in Samba networking software—to hack Linux computers and install malware to mine cryptocurrencies. The same group of hackers is now targeting Windows machines with a new backdoor, which is a QT-based re-compiled version of the same malware used to target Linux. Dubbed CowerSnail , detected by security researchers at Kaspersky Labs as Backdoor.Win32.CowerSnail, is a fully-featured windows backdoor that allows its creators to remotely execute any commands on the infected systems. Wondering how these two separate campaigns are connected? Interestingly, the CowerSnail backdoor uses the same command and control (C&C) server as the malware that was used to infect Linux machines to mine cryptocurrency last month by exploiting the then-recently exposed SambaCry vulnerability. Common C&C Server Location — cl.ezreal.space:20480 SambaCry vulnerabi...

Security researchers at Google have discovered a new family of deceptive Android spyware that can steal a whole lot of information on users, including text messages, emails, voice calls, photos, location data, and other files, and spy on them. Dubbed Lipizzan , the Android spyware appears to be developed by Equus Technologies, an Israeli startup that Google referred to as a 'cyber arms' seller in a blog post published Wednesday. With the help of Google Play Protect , the Android security team has found Lipizzan spyware on at least 20 apps in Play Store, which infected fewer than 100 Android smartphones in total. Google has quickly blocked and removed all of those Lipizzan apps and the developers from its Android ecosystem, and Google Play Protect has notified all affected victims. For those unaware, Google Play Protect is part of the Google Play Store app and uses machine learning and app usage analysis to weed out the dangerous and malicious apps. Lipizzan: Soph...

A programmer who was arrested in March this year—not because he hacked someone, but because he created and distributed a remote access software that helped cyber criminals—has finally pleaded guilty. Taylor Huddleston , 26, of Hot Springs, Arkansas, pleaded guilty on Tuesday to federal charges of aiding and abetting computer intrusions for intentionally selling a remote access tool (RAT), called NanoCore, to hackers. NanoCore RAT happens to be popular among hackers and has been linked to instructions in at least 10 countries, among them was a high-profile assault on Middle Eastern energy firms in 2015. NanoCore RAT, a $25 piece of remote access software, allows attackers to steal sensitive information from victim computers, such as passwords, emails, and instant messages. The RAT could even secretly activate the webcam on the victims' computers in order to spy on them. Huddleston began developing NanoCore in late 2012, not with any malicious purpose, but with a motive to o...

Microsoft has finally launched a new dedicated bug bounty program to encourage security researchers and bug hunters for finding and responsibly reporting vulnerabilities in its latest Windows versions of operating systems and software. Being the favourite target of hackers and cyber criminals, every single zero-day vulnerability in Windows OS—from critical remote code execution, mitigation bypass and elevation of privilege to design flaws—could cause a crisis like recent WannaCry and Petya Ransomware attacks. In past five years the tech giant has launched multiple time-limited bug bounty programs focused on various Windows features, and after seeing quite a bit of success, Microsoft has decided to continue. "Security is always changing, and we prioritise different types of vulnerabilities at different points in time. Microsoft strongly believes in the value of the bug bounties, and we trust that it serves to enhance our security capabilities." With its latest bu...

What if I say that your cute, smart robotic vacuum cleaner is collecting data than just dirt? During an interview with Reuters, the CEO of iRobot, the company which manufactured Roomba device, has revealed that the robotic vacuum cleaner also builds a map of your home while cleaning — and is now planning to sell this data to third-party companies. I know it sounds really creepy, but this is what the iRobot company has planned with the home mapping data its Roomba robots collect on its users. What is Roomba? Manufactured by Massachusetts-based firm iRobot, Roomba is a cute little robotic vacuum cleaner — which ranges in price from $375 to $899 — that has been vacuuming up household dirt since 2002. Early versions of Roomba used IR or laser sensors to avoid obstacles in their way, but the company began distributing high-end Wi-Fi-connected Roomba models from 2015, such as the Roomba 980, which includes a camera and Simultaneous Localisation And Mapping (SLAM) technology tha...

Earlier this year, China announced a crackdown on VPNs and proxy services in the country and made it mandatory for all VPN providers and leased cable lines operators to have a license from the government in order to use such services. Now, Russia is also considering to follow a similar path. The Russian Federation Council has just approved a bill that would outlaw the use of virtual private networks (VPNs), the Tor anonymity network, anonymous mobile messaging services and internet proxy services, citing concerns about the spread of extremist materials. VPNs are third-party services that help users access block banned websites by encrypting users' Internet traffic and routeing it through a distant connection, hiding their location data and access sites that are usually restricted or censored by a certain country. The bill to ban VPNs and proxy services has been passed by the lower house of Russian parliament, the State Duma, on Friday, and only needs to be approved by the u...

Chinese authorities have recently initiated a crackdown on the operators of a massive adware campaign that infected around 250 Million computers , including Windows and Mac OS, across the world earlier this year. The adware campaign was uncovered by security researchers at Check Point last month after it already infected over 25 million computers in India, 24 million in Brazil, 16 million in Mexico, 13 million in Indonesia and 5.5 million in the United States. Dubbed Fireball , the infamous adware comes bundled with other free legitimate software that you download off the Internet. Once installed, the malware installs browser plug-ins to manipulate the victim's web browser configurations and replace their default search engines and home pages with fake search engines. Far from legitimate purposes, Fireball has the ability to spy on victim's web traffic, execute malicious code on the infected computers, install plugins, and even perform efficient malware dropping, cr...

Finally, Adobe is Killing FLASH — the software that helped make the Internet a better place with slick graphics, animation, games and applications and bring online video to the masses, but it has been hated for years by people and developers over its buggy nature . But the end of an era for Adobe Flash is near. Adobe announced Tuesday that the company would stop providing updates and stop distributing Flash Player at the end of 2020. The move has been applauded by many, as Adobe Flash has been infamous for frequent zero-day attacks , which is why it has long been one of the favourite tools for hackers and cyber criminals. It's been two decades since Adobe Flash has ruled the Web Space Animation Arena, which was the de facto standard for playing the online videos, but hackers increasingly found ways to exploit security holes in the technology and hack into user's computers. "We will stop updating and distributing the Flash Player at the end of 2020 and encoura...

Security researchers have discovered a new, massive cyber espionage campaign that mainly targets people working in government, defence and academic organisations in various countries. The campaign is being conducted by an Iran-linked threat group, whose activities, attack methods, and targets have been released in a joint, detailed report published by researchers at Trend Micro and Israeli firm ClearSky. Dubbed by researchers CopyKittens (aka Rocket Kittens) , the cyber espionage group has been active since at least 2013 and has targeted organisations and individuals, including diplomats and researchers, in Israel, Saudi Arabia, Turkey, the United States, Jordan and Germany. The targeted organisations include government institutions like Ministry of Foreign Affairs, defence companies, large IT companies, academic institutions, subcontractors of the Ministry of Defense, and municipal authorities, along with employees of the United Nations. The latest report [ PDF ], dubbe...

An unnamed 29-year-old man, named by authorities as "Daniel K.," pleaded guilty in a German court on Friday to charges related to the hijacking of more than one Million Deutsche Telekom routers . According to reports in the German press , the British man, who was using online monikers "Peter Parker" and "Spiderman," linked to domains used to launch cyber attacks powered by the notorious Mirai malware has been pleaded guilty to " attempted computer sabotage ." The suspect was arrested on 22nd February this year at Luton airport in London by Britain's National Crime Agency (NCA) at the request of the Federal Criminal Police Office of Germany, aka the Bundeskriminalamt (BKA). The hacker, also known as 'BestBuy,' admitted to the court on Friday that he was behind the cyber attack that knocked more than 1.25 Million customers of German telecommunications provider Deutsche Telekom offline last November. According to the German aut...

Yes, even Mac could also get viruses that could silently spy on its users. So, if you own a Mac and think you are immune to malware, you are wrong. An unusual piece of malware that can remotely take control of webcams, screen, mouse, keyboards, and install additional malicious software has been infecting hundreds of Mac computers for more than five years—and it was detected just a few months back. Dubbed FruitFly , the Mac malware was initially detected earlier this year by Malwarebytes researcher Thomas Reed, and Apple quickly released security patches to address the dangerous malware. Now months later, Patrick Wardle, an ex-NSA hacker and now chief security researcher at security firm Synack, discovered around 400 Mac computers infected with the newer strain of the FruitFly malware (FruitFly 2) in the wild. Wardle believes the number of infected Macs with FruitFly 2 would likely be much higher, as he only had access to some servers used to control FruitFly. Although it i...

More Ethereum Stolen! An unknown hacker has just stolen nearly $8.4 Million worth of Ethereum – one of the most popular and increasingly valuable cryptocurrencies – in yet another Ethereum hack that hit Veritaseum's Initial Coin Offering (ICO). This incident marks as the fourth Ethereum hack this month and second cyber attack on an ICO, following a theft of $7 Million worth of Ether tokens during the hack of Israeli startup CoinDash's initial coin offering last week. A few days ago, a hacker also stole nearly $32 Million worth of Ethereum from wallet accounts by exploiting a critical vulnerability in Parity's Ethereum Wallet software, which followed a $1 Million worth of Ether and Bitcoins heist in crypto currency exchange Bithumb earlier this month. Now, Veritaseum has confirmed that a hacker stole $8.4 Million in Ether (ETH) from its ICO this Sunday, July 23. "We were hacked, possibly by a group. The hack seemed to be very sophisticated, but there...