The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A Cross platform back door ' Frutas ' remote access tool (RAT) is available for download on many forums from January 2013. This Trojan builder is completely written in Java. Recently, Symantec experts analyse that Frutas RAT allows attackers to create a connect-back client JAR file to run on a compromised computer. The back door builder provides some minor obfuscation, which allows the attacker to use a custom encryption key for some of the embedded back door functionality. Once a backdoor connection is established, the RAT server alerts the attacker and allows them to perform various back door functions on the compromised computer i.e Browse file systems, Download and execute arbitrary files, Perform denial of service attacks, Open a specified website in a browser. According to Symantec only 2 out of the 46 vendors from Virus Total are detecting it as a threat.

FireEye researchers recently came across a zero-day security flaw in Adobe Reader that's being actively exploited in the wild. The zero-day vulnerability is in Adobe PDF Reader 9.5.3, 10.1.5, 11.0.1 and earlier versions. According to researchers, once malware takes advantage of the flaw, its payload drops two dynamic-link libraries, or DLLs, which are application extensions used by executable files to perform a task. In this case, they allow the infected computer to communicate with a hacker-owned server. No additional details about the zero-day vulnerabilities have been publicly released, and but researchers with antivirus provider Kaspersky Lab have confirmed the exploit can successfully escape the Adobe sandbox. " We have already submitted the sample to the Adobe security team. Before we get confirmation from Adobe and a mitigation plan is available, we suggest that you not open any unknown PDF files ," said FireEye team. But until the vulnerability gets patched,...

Television viewers in Montana, perhaps looking to stay inside from the scary cold outside, got an even scarier surprise when warnings of a zombie apocalypse took over their TV screens. There TV Stations Montana's KRTVMichigan's, WNMU-TV and WBUP-TV were victims of this zombie prank. The channels later said that somebody had hacked into its system. The message warned zombies were attacking the living and warned people not to approach or apprehend these bodies as they are extremely dangerous. Channel said on its website , “ Someone apparently hacked into the Emergency Alert System and announced on KRTV and the CW that was an emergency in several Montana counties. The message did not originate from KRTV, and there is no emergency. Our engineers are investigating to determine what happened and if it affected other media outlets. ” Officials with the stations in Michigan said law enforcement authorities determined the attack originated outside the U.S. The message was quickly...

The hacktivist group Anonymous says it’s planning to block all live streams of President Obama’s State of the Union address Tuesday night, in an operation entitled " Operation SOTU ". “ We reject the State of the Union. We reject the authority of the President to sign arbitrary orders and bring irresponsible and damaging controls to the Internet, ” the statement reads. " The President of the United States of America, and the Joint Session of Congress will face an Army tonight. " Anonymous group is upset with a pending Internet security bill. According to Anonymous and other Internet freedom activists, if the CISPA (Cyber Intelligence Sharing and Information Act) is passed it will infringe on online privacy and freedom. A Twitter account associated with Anonymous also hinted by tweeting ," ADVANCED WARNING: This year's State of the Union Address WILL be cancelled if internet regulation is passed by executive order #opLastResort " ...

What if you could easily host malicious websites, send phishing emails, and manage compromised hosts across diverse internet addresses? This week's Cobalt Strike adds the ability to manage multiple attack servers at once. Here's how it works: When you connect to two or more servers, Cobalt Strike will show a switch bar with buttons for each server at the bottom of your window. Click a button to make that server active. It's a lot like using tabs to switch between pages in a web browser. To make use of multiple servers, designate a role for each one. Assign names to each server's button to easily remember its role. Dumbly connecting to multiple servers isn't very exciting. The fun comes when you seamlessly use Cobalt Strike features between servers. For example: Designate one server for phishing and another for reconnaissance. Go to the reconnaissance server, setup the system profiler website. Use the phishing tool to deliver the reconnaissa...