The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

When the world was dealing with the threat of the self-spreading WannaCry ransomware , WikiLeaks released a new batch of CIA Vault 7 leaks , detailing two apparent CIA malware frameworks for the Microsoft Windows platform. Dubbed " AfterMidnight " and " Assassin ," both malware programs are designed to monitor and report back actions on the infected remote host computer running the Windows operating system and execute malicious actions specified by the CIA. Since March, WikiLeaks has published hundreds of thousands of documents and secret hacking tools that the group claims came from the US Central Intelligence Agency (CIA). This latest batch is the 8th release in the whistleblowing organization's 'Vault 7' series. 'AfterMidnight' Malware Framework According to a statement from WikiLeaks, 'AfterMidnight' allows its operators to dynamically load and execute malicious payload on a target system. The main controller of the ma...

Update —  After reading this article, if you want to know, what has happened so far in past 4 days and how to protect your computers from WannaCry, read our latest article " WannaCry Ransomware: Everything You Need To Know Immediately . "  If you are following the news, by now you might be aware that a security researcher has activated a "Kill Switch" which apparently stopped the WannaCry ransomware from spreading further. But it's not true, neither the threat is over yet. However, the kill switch has just slowed down the infection rate. Updated:  Multiple security researchers have claimed that there are more samples of WannaCry out there, with different 'kill-switch' domains and without any kill-switch function, continuing to infect unpatched computers worldwide (find more details below). So far, over 237,000 computers across 99 countries around the world have been infected, and the infection is still rising even hours after the kill swit...

Update —  After reading this article, if you want to know, what has happened so far in past 4 days and how to protect your computers from WannaCry, read our latest article " WannaCry Ransomware: Everything You Need To Know Immediately . "  In the wake of the largest ransomware attack in the history that had already infected over 114,000 Windows systems worldwide since last 24 hours, Microsoft just took an unusual step to protect its customers with out-of-date computers. Also Read —   Google Researcher Finds Link Between WannaCry Attacks and North Korea . Microsoft has just released an emergency security patch update for all its unsupported version of Windows, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions. So, if your organization, for some reason, is still running on Windows XP or Vista, you are strongly advised to download and APPLY PATCH NOW ! WannaCrypt , or also known as WannaCry, is a new ransomware that wreaked havoc across th...

Update —  After reading this article, if you want to know, what has happened so far in past 4 days and how to protect your computers from WannaCry, read our latest article " WannaCry Ransomware: Everything You Need To Know Immediately . "  Earlier today, a massive ransomware campaign hit computer systems of hundreds of private companies and public organizations across the globe – which is believed to be the most massive ransomware delivery campaign to date. The Ransomware in question has been identified as a variant of ransomware known as WannaCry (also known as 'Wana Decrypt0r,' 'WannaCryptor' or 'WCRY'). Like other nasty ransomware variants, WannaCry also blocks access to a computer or its files and demands money to unlock it. Once infected with the WannaCry ransomware, victims are asked to pay up to $300 in order to remove the infection from their PCs; otherwise, their PCs render unusable, and their files remain locked. In separate ne...

A massive malicious email campaign that stems from the Necurs botnet is spreading a new ransomware at the rate of 5 million emails per hour and hitting computers across the globe. Dubbed "Jaff," the new file-encrypting ransomware is very similar to the infamous Locky ransomware in many ways, but it is demanding 1.79 Bitcoins (approx $3,150), which much higher than Locky, to unlock the encrypted files on an infected computer. According to security researchers at Forcepoint Security Lab, Jaff ransomware, written in C programming language, is being distributed with the help of Necurs botnet that currently controls over 6 million infected computers worldwide. Necurs botnet is sending emails to millions of users with an attached PDF document, which if clicked, opens up an embedded Word document with a malicious macro script to downloads and execute the Jaff ransomware, Malwarebytes says . Jaff is Spreading at the Rate of 5 Million per Hour The malicious email camp...