The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The hacking group that recently hacked HBO has just dropped its second trove of documents, including a month emails of one of the company's executives, and a detailed script of the upcoming fifth episode of "Game of Thrones" Season 7, set to be aired on August 13. The latest release is the second leak from the hackers who claimed to have obtained around 1.5 terabytes of information from HBO, following the release of upcoming episodes of "Ballers" and "Room 104," and a script of the fourth episode of "Game of Thrones." With the release of another half-gigabyte sample of its stolen HBO data, the hacking group has finally demanded a ransom worth millions of dollars from the entertainment giant in order to prevent further leaks. The latest HBO data dump includes company's several internal documents, including emails, employment agreements, financial balance sheets, and marketing-strategy PDFs, along with the script of the yet-to-ai...

" Privacy " is a bit of an Internet buzzword nowadays as the business model of the Internet has now shifted towards data collection. Although Virtual Private Network (VPN) is one of the best solutions to protect your privacy and data on the Internet, you should be more vigilant while choosing a VPN service which actually respects your privacy. If you are using popular free virtual private networking service Hotspot Shield , your data could be at a significant risk. A privacy advocacy group has filed a complaint with the Federal Trade Commission (FTC) against virtual private networking provider Hotspot Shield for reportedly violating its own privacy policy of "complete anonymity" promised to its users. The 14-page-long complaint filed Monday morning by the Centre for Democracy and Technology (CDT), a US non-profit advocacy group for digital rights, accused Hotspot Shield of allegedly tracking, intercepting and collecting its customers' data. Develo...

A Dutch security researcher has uncovered a slew of security vulnerabilities in an essential component of solar panels which could be exploited to cause widespread outages in European power grids. Willem Westerhof, a cybersecurity researcher at Dutch security firm ITsec, discovered 21 security vulnerabilities in the Internet-connected inverters – an essential component of solar panel that turns direct current (DC) into alternating current (AC). According to Westerhof, the vulnerabilities leave thousands of Internet-connected power inverters installed across Europe vulnerable. Westerhof demonstrates that it is possible for hackers to gain control of a large number of inverters and switch them OFF simultaneously, causing an imbalance in the power grid that could result in power outages in different parts of Europe. The vulnerabilities affect solar panel electricity systems, also known as photovoltaics (PV), made by German solar equipment company SMA, which if exploited in mass...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Marcus Hutchins, the malware analyst who helped stop global Wannacry menace , has reportedly pleaded not guilty to charges of creating and distributing the infamous Kronos banking malware and is set to release on $30,000 bail on Monday. Hutchins, the 23-year-old who operates under the alias MalwareTech on Twitter, stormed to fame and hailed as a hero over two months ago when he stopped a global epidemic of the WannaCry ransomware attack by finding a kill switch in the malware code. MalwareTech Arrested After Attending Def Con Event Hutchins was recently arrested at the McCarran International Airport before he could board his flight back to the U.K. after attending Def Con event for his alleged role in creating and distributing the Kronos Banking Trojan between 2014-2015. Kronos is a Banking Trojan designed to steal banking credentials and personal information from victims' computers, which was sold for $7,000 on Russian online forums. MalwareTech to Pay $30,000 for ...

A Russian man accused of infecting tens of thousands of computer servers worldwide to generate millions in fraudulent payments has been imprisoned for 46 months (nearly four years) in a United States' federal prison. 41-year-old Maxim Senakh , of Velikii Novgorod, was arrested by Finnish police in August 2015 for his role in the development and maintenance of the infamous Linux botnet called Ebury that siphoned millions of dollars from victims worldwide. Senakh was extradited to the United States in February 2016 to face charges and pleaded guilty in late March this year after admitting of creating a massive Ebury botnet and personally being profited from the scheme. First spotted in 2011, Ebury is an SSH backdoor Trojan for Linux and Unix-style operating systems, such as FreeBSD or Solaris, which gives attackers full shell control of an infected machine remotely even if the password for affected user account is changed regularly. Senakh and his associates used the malw...