The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Ukrainian authorities have arrested a 51-year-old man accused of distributing the infamous Petya ransomware (Petya.A, also known as NotPetya) — the same computer virus that massively hit numerous businesses, organisations and banks in Ukraine as well as different parts of Europe around 45 days ago. However, the story is not as simple as it seems, which portrayed this man as a criminal. I recommend you to read complete article to understand the case better and then have an opinion accordingly. Sergey Neverov (Сергей Неверов), father of two sons and the resident of the southern city of Nikopol, is a video blogger and computer enthusiast who was arrested by the Ukrainian police on Monday, August 7 from his home. What Neverov Did? According to a press release published on Thursday by the Ukrainian cyber police department, Neverov uploaded a video, showing how to infect a computer with Petya.A ransomware—and also shared a download link for NotPetya malware to his soc...

After disclosing CIA's strategies to hijack and manipulate webcams and microphones to corrupt or delete recordings, WikiLeaks has now published another Vault 7 leak , revealing CIA's ability to spy on video streams remotely in real-time. Dubbed ' CouchPotato ,' document leaked from the CIA details how the CIA agents use a remote tool to stealthy collect RTSP/H.264 video streams. Real Time Streaming Protocol, or RTSP, is a network control protocol designed for use in entertainment and communication systems for controlling streaming media servers. CouchPotato gives CIA hackers ability to "collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that are of significant change from a previously captured frame," a leaked CIA manual reads. The tool utilises FFmpeg for video and image encoding and decoding and Real Time Streaming Protocol connectivity. The CouchPotato tool works stealthily without leaving...

In what appears to be the world's first quantum satellite transmission, China has successfully sent an "unbreakable" code over a long distance from an orbiting satellite to the Earth, achieving a milestone in the next generation encryption based on "quantum cryptography." In August last year, China launched the world's first quantum communication satellite into the Earth's orbit aboard a Long March-2D rocket to test the fundamental laws of quantum mechanics at space. Dubbed Quantum Science Satellite , nicknamed Micius or Mozi (Chinese: 墨子), the satellite was designed to establish a 'Hack-Proof' communications system in this age of global surveillance by transmitting unbreakable encryption keys from space to the ground. Now, it has been reported that using this satellite, the Chinese scientists at the Quantum Experiments at Space Scale (QUESS) project were able to send secret "quantum key distribution" (QKD) data by beaming photons ...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Do you know — 1 Gram of DNA Can Store 1,000,000,000 Terabyte of Data for 1000+ Years? Even in March this year, a team of researchers successfully stored digital data — an entire operating system, a movie, an Amazon gift card, a study and a computer virus — in the strands of DNA. But what if someone stores a malicious program into the DNA, just like an infected USB storage, to hijack the computer that reads it. A team of researchers from the University of Washington in Seattle have demonstrated the first successful DNA-based exploit of a computer system that executes the malicious code written into the synthesised DNA strands while reading it. To carry out the hack, the researchers created biological malware and encoded it in a short stretch of DNA, which allowed them to gain "full control" of a computer that tried to process the genetic data when read by a DNA sequencing machine. The DNA-based hack becomes possible due to lack of security in multiple DNA proces...

An anti-malware detection service provider and premium security firm has been accused of leaking terabytes of confidential data from several Fortune 1000 companies, including customer credentials, financial records, network intelligence and other sensitive data. However, in response to the accusations, the security firm confirmed that they are not pulling sensitive files from its customers; instead, it's up to companies—who are accidentally (but explicitly) sharing their sensitive data to leverage an optional cloud-based anti-malware service. On Wednesday, Information security firm DirectDefense published a blog post, claiming that they found a major issue with endpoint detection and response (EDR) solution offered by US-based company Carbon Black, alleging that the company is leaking hundreds of thousands of sensitive files from its customers. Carbon Black is a leading incident response and threat hunting company that offers security products to nearly thirty of the larg...