The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The U.S. Department of Justice (DoJ) Thursday said it disrupted and took down the infrastructure of an underground marketplace known as " Slilpp " that specialized in trading stolen login credentials as part of an international law enforcement operation. Over a dozen individuals have been charged or arrested in connection with the illegal marketplace. The cyber crackdown, which involved the joint efforts of the U.S., Germany, the Netherlands, and Romania, also commandeered a set of servers hosting its infrastructure as well as the multiple domains the group operated. Operational since 2012, Slilpp was a marketplace for allegedly stolen online account login credentials belonging to 1,400 companies worldwide, offering for sale more than 80 million plundered usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts, which were abused to conduct unauthorized transactions, such as wire transfers, fro...

An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational by riding on the coattails of a notorious ransomware syndicate. First observed in February 2021, " Prometheus " is an offshoot of another well-known ransomware variant called  Thanos , which was previously deployed against state-run organizations in the Middle East and North Africa last year. The affected entities are believed to be government, financial services, manufacturing, logistics, consulting, agriculture, healthcare services, insurance agencies, energy and law firms in the U.S., U.K., and a dozen more countries in Asia, Europe, the Middle East, and South America, according to new research published by Palo Alto Networks' Unit 42 threat intelligence team. Like other ransomware gangs, Prometheus takes advantage of double-extortion tactics and hosts a dark web leak site, where it names and shames new victims and makes stol...

Bolstering password policies in your organization is an important part of a robust cybersecurity strategy. Cybercriminals are using compromised accounts as one of their favorite tactics to infiltrate business-critical environments; as we've seen in recent news, these attacks can be dangerous and financially impactful. Unfortunately, account compromise is a very successful attack method and requires much less effort than other attack vectors. One of the essential types of password protection recommended by noted cybersecurity standards is  breached password detection . Hackers often use known breached password lists in credential stuffing or password spraying attacks. Here are some critical criteria to consider when your sysadmins are evaluating breached password protection solutions.  Breached password recommendations In the last few years, password security recommendations have evolved past the traditional recommendations regarding password security.  Businesses h...

Meat processing company JBS on Wednesday confirmed it paid extortionists $11 million in bitcoins to regain access to its systems following a destructive ransomware attack late last month. "In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated," JBS USA  said  in a statement, with CEO Andre Nogueira adding the firm made the "very difficult decision" to prevent any potential risk for its customers. Stating that third-party forensic investigations into the incident are still ongoing, the company noted that no company, customer, or employee data was compromised as a consequence of the breach. The FBI officially discourages victims from paying ransoms because doing so can establish a profitable criminal marketplace. JBS, the world's largest meat company by sales, on May 30  disclosed  it fell prey to an "org...

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered security issues, including a zero-day flaw that it says is being actively exploited in the wild. Tracked as  CVE-2021-30551 , the vulnerability stems from a type confusion issue in its V8 open-source and JavaScript engine. Sergei Glazunov of Google Project Zero has been credited with discovering and reporting the flaw. Although the search giant's Chrome team issued a terse statement acknowledging "an exploit for CVE-2021-30551 exists in the wild," Shane Huntley, Director of Google's Threat Analysis Group,  hinted  that the vulnerability was leveraged by the same actor that abused  CVE-2021-33742 , an actively exploited remote code execution flaw in Windows MSHTML platform ...