The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Hackers who recently hacked into HBO network and stole scripts, shows, and employee information documents, have now provided an email in which the United States cable channel offered them $250,000 . The company offered the payment as a "bounty payment" reward in which companies reward white-hat hackers for discovering cyber security vulnerabilities in their computer networks. Late last month, the HBO hackers claimed to have obtained around 1.5 terabytes of information from HBO and dropped upcoming episodes of "Ballers" and "Room 104," and a script of the fourth episode of "Game of Thrones." A week after that, the hackers released another half-gigabyte sample of its stolen HBO data, including company's emails, employment agreements, and financial balance sheets, along with the script of the upcoming episode of Game of Thrones, demanding a ransom—nearly $6 Million in Bitcoins . Now, according to a screenshot of an email obtained b...

An infamous Russian-linked cyber-espionage group has been found re-using the same leaked NSA hacking tool that was deployed in the WannaCry and NotPetya outbreaks—this time to target Wi-Fi networks to spy on hotel guests in several European countries. Security researchers at FireEye have uncovered an ongoing campaign that remotely steals credentials from high-value guests using Wi-Fi networks at European hotels and attributed it to the Fancy Bear hacking group. Fancy Bear —also known as APT28, Sofacy, Sednit, and Pawn Storm—has been operating since at least 2007 and also been accused of hacking the Democratic National Committee (DNC) and Clinton Campaign in an attempt to influence the U.S. presidential election. The newly-discovered campaign is also exploiting the Windows SMB exploit (CVE-2017-0143), called EternalBlue , which was one of many exploits allegedly used by the NSA for surveillance and leaked by the Shadow Brokers in April. EternalBlue is a security vulnerabi...

If you think you are downloading apps from Google Play Store and you are secure, then watch out! Someone has managed to flood third-party app stores and Google Play Store with more than a thousand malicious apps, which can monitor almost anything a user does on their mobile device from silently recording calls to make outbound calls without the user's interaction. Dubbed SonicSpy , the spyware has been spreading aggressively across Android app stores since at least February and is being distributed by pretending itself to be a messaging app—and it actually offers a messaging service. SonicSpy Can Perform a Whole Lots of Malicious Tasks At the same time, the SonicSpy spyware apps perform various malicious tasks, including silently recording calls and audio from the microphone, hijacking the device's camera and snap photos, making outbound calls without the user's permission, and sending text messages to numbers chosen by the attacker. Besides this, the SonicSpy sp...

Ukrainian authorities have arrested a 51-year-old man accused of distributing the infamous Petya ransomware (Petya.A, also known as NotPetya) — the same computer virus that massively hit numerous businesses, organisations and banks in Ukraine as well as different parts of Europe around 45 days ago. However, the story is not as simple as it seems, which portrayed this man as a criminal. I recommend you to read complete article to understand the case better and then have an opinion accordingly. Sergey Neverov (Сергей Неверов), father of two sons and the resident of the southern city of Nikopol, is a video blogger and computer enthusiast who was arrested by the Ukrainian police on Monday, August 7 from his home. What Neverov Did? According to a press release published on Thursday by the Ukrainian cyber police department, Neverov uploaded a video, showing how to infect a computer with Petya.A ransomware—and also shared a download link for NotPetya malware to his soc...

After disclosing CIA's strategies to hijack and manipulate webcams and microphones to corrupt or delete recordings, WikiLeaks has now published another Vault 7 leak , revealing CIA's ability to spy on video streams remotely in real-time. Dubbed ' CouchPotato ,' document leaked from the CIA details how the CIA agents use a remote tool to stealthy collect RTSP/H.264 video streams. Real Time Streaming Protocol, or RTSP, is a network control protocol designed for use in entertainment and communication systems for controlling streaming media servers. CouchPotato gives CIA hackers ability to "collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that are of significant change from a previously captured frame," a leaked CIA manual reads. The tool utilises FFmpeg for video and image encoding and decoding and Real Time Streaming Protocol connectivity. The CouchPotato tool works stealthily without leaving...