The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

OurMine is in headlines once again—this time for defacing WikiLeaks website. The notorious hacking group, OurMine, is known for breaching into high-profile figures and companies' social media accounts, including Facebook CEO Mark Zuckerberg , Twitter CEO Jack Dorsey , Google CEO Sundar Pichai , HBO , Game of Thrones and Sony's PlayStation Network (PSN). According to screenshots circulating on Twitter , the official website of WikiLeaks has reportedly been defaced by the OurMine hacking group, who left a message on the site, as shown above. WikiLeaks is a whistleblowing website that since March, has been revealing top CIA hacking secrets under Vault 7 , including the agency's ability to break into different mobile and desktop platforms , security camera live video streams , air-gap computers and many more. There is no indication of WikiLeaks servers and website been compromised, instead it seems their website has been redirected to a hacker-controlled server ...

Security researchers at ESET have discovered a new malware campaign targeting consulates, ministries and embassies worldwide to spy on governments and diplomats. Active since 2016, the malware campaign is leveraging a new backdoor, dubbed Gazer , and is believed to be carried out by Turla advanced persistent threat (APT) hacking group that's been previously linked to Russian intelligence. Gazer, written in C++, the backdoor delivers via spear phishing emails and hijacks targeted computers in two steps—first, the malware drops Skipper backdoor, which has previously been linked to Turla and then installs Gazer components. In previous cyber espionage campaigns, the Turla hacking group used Carbon and Kazuar backdoors as its second-stage malware, which also has many similarities with Gazer, according to research [ PDF ] published by ESET. Gazer receives encrypted commands from a remote command-and-control server and evades detection by using compromised, legitimate website...

The highest followers account on Instagram owned by Selena Gomez has recently been hacked with unknown hackers posting a bunch of nude photographs of her ex-boyfriend Justin Bieber on her account. The latest hack is not part of the ongoing Fappening events affecting a majority of celebrities by targeting their iCloud accounts, rather in the case of Selena, some hacker managed to breach her Instagram account and posted Bieber's photos. Bieber's three full-frontal shots of naked photos were visible to Selena's 125 million Instagram followers for a short duration of time, after which her account was swiftly taken down Monday night. A post from Selena's official Instagram account went up Monday showing 3 pics of Bieber with a caption that read: "LOOK AT THIS N***A LIL SHRIMPY." Selena's team has since re-secured her Instagram account, which was back online minutes after it was taken down, with the photos of Bieber deleted. The Bieber nude images...

Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today's security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending. At the same time, SOC inefficiencies are draining resources. Studies show that up to half of all alerts are false positives, with some reports citing false positive rates as high as 99 percent . This means highly trained analysts spend a disproportionate amount of time chasing down harmless activity, wasting effort, increasing fatigue, and raising the chance of missing real threats. In this environment, the business imperative is clear: maximize the impact of every analyst and every dollar by making security operations faster, smarter, and more focused. Enter the Agentic AI SOC Analyst The agentic AI SOC Analyst is a force multiplier that enables organizations to do more with the team an...

A massive database of 630 million email addresses used by a spambot to send large amounts of spam to has been published online in what appears to be one of the biggest data dumps of its kind. A French security researcher, who uses online handle Benkow , has spotted the database on an "open and accessible" server containing a vast amount of email addresses, along with millions of SMTP credentials from around the world. The database is hosted on the spambot server in Netherlands and is stored without any access controls, making the data publicly available for anyone to access without requiring any password. According to a blog post published by Benkow, the spambot server, dubbed "Onliner Spambot," has been used to send out spams and spread a banking trojan called Ursnif to users since at least 2016. Ursnif Banking Trojan is capable of stealing banking information from target computers including credit card data, and other personal information like login ...

If you're an engineer and use LabVIEW software to design machines or industrial equipments, you should be very suspicious while opening any VI (virtual instrument) file. LabVIEW, developed by American company National Instruments, is a visual programming language and powerful system-design tool that is being used worldwide in hundreds of fields and provides engineers with a simple environment to build measurement or control systems Security researchers from Cisco's Talos Security Intelligence have discovered a critical vulnerability in LabVIEW software that could allow attackers to execute malicious code on a target computer, giving them full control of the system. Identified as CVE-2017-2779 , the code execution vulnerability could be triggered by opening a specially crafted VI file, a proprietary file format used by LabVIEW. The vulnerability originates because of memory corruption issue in the RSRC segment parsing functionality of LabVIEW. Modulating the values ...