The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Chinese market is no doubt a pot of gold for big technology giants with over 700 million internet users, but the Chinese government heavily controls the Internet within its borders through its Golden Shield project – the Great Firewall of China . The Great Firewall has blocked some 171 out of the world's leading websites, including Google, Facebook, Instagram, Twitter, Tumblr, Dropbox, and The Pirate Bay in the country. But tech giants like Facebook and Google always try alternative ways to infiltrate the market. Now it seems like Facebook is trying to secretly enter the largest populous market by releasing an all new social networking app in China that does not carry its brand. Dubbed Colorful Balloons , the photo-sharing app appears to mimic the look and feel of Facebook's Moments, an app that allows its users to share photos with their friends and family members. According to The New York Times, Facebook approved the release of Colorful Balloons back in M...

One of the most devastating aspects of the recent WannaCry ransomware attack was its self-propagating capability exploiting a vulnerability in the file access protocol, SMB v1. Most enterprises defences are externally-facing, focused on stopping incoming email and web attacks. But, once attackers gain a foothold inside the network through malware, there are very few security controls that would prevent the spread of the attack between enterprise locations in the Wide Area Network (WAN). This is partly due to the way enterprises deploy security tools, such as IPS appliances, and the effort needed to maintain those tools across multiple locations. It's for those reasons Cato Networks recently introduced a context-aware Intrusion Prevention System (IPS) as part of its secure SD-WAN service . There are several highlights in this announcement that challenge the basic concept of how IT security maintains an IPS device and sustains the effectiveness of its protection. Cato Network...

A growing number of enterprises are showing their interest in blockchains , but the underlying software fails to meet key enterprise requirements like performance, confidentiality, governance, and required processing power. However, Microsoft wants to help solve these issues and make it easier for the enterprises to build their networks using any distributed ledger. Microsoft has unveiled a framework called " Coco " — short for " Confidential Consortium " — a new open-source foundation for enterprise blockchain networks . Coco is an Ethereum-based protocol which has been designed to help commercial companies and large-scale enterprises process information on the Ethereum Blockchain with increased privacy. "Coco presents an alternative approach to Ledger construction, giving enterprises the scalability, distributed governance and enhanced confidentiality they need without sacrificing the inherent security and immutability they expect," Mark Russi...

Hackers who recently hacked into HBO network and stole scripts, shows, and employee information documents, have now provided an email in which the United States cable channel offered them $250,000 . The company offered the payment as a "bounty payment" reward in which companies reward white-hat hackers for discovering cyber security vulnerabilities in their computer networks. Late last month, the HBO hackers claimed to have obtained around 1.5 terabytes of information from HBO and dropped upcoming episodes of "Ballers" and "Room 104," and a script of the fourth episode of "Game of Thrones." A week after that, the hackers released another half-gigabyte sample of its stolen HBO data, including company's emails, employment agreements, and financial balance sheets, along with the script of the upcoming episode of Game of Thrones, demanding a ransom—nearly $6 Million in Bitcoins . Now, according to a screenshot of an email obtained b...

An infamous Russian-linked cyber-espionage group has been found re-using the same leaked NSA hacking tool that was deployed in the WannaCry and NotPetya outbreaks—this time to target Wi-Fi networks to spy on hotel guests in several European countries. Security researchers at FireEye have uncovered an ongoing campaign that remotely steals credentials from high-value guests using Wi-Fi networks at European hotels and attributed it to the Fancy Bear hacking group. Fancy Bear —also known as APT28, Sofacy, Sednit, and Pawn Storm—has been operating since at least 2007 and also been accused of hacking the Democratic National Committee (DNC) and Clinton Campaign in an attempt to influence the U.S. presidential election. The newly-discovered campaign is also exploiting the Windows SMB exploit (CVE-2017-0143), called EternalBlue , which was one of many exploits allegedly used by the NSA for surveillance and leaked by the Shadow Brokers in April. EternalBlue is a security vulnerabi...