The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Cyber Security researchers have discovered a family of information stealing malware targeting Pakistan that originates out of India.  Norman Shark, the global security leader in malware analysis solutions for enterprises, service providers and government, today released a report detailing a large and sophisticated cyber-attack infrastructure that appears to have originated from India. The attacks, conducted by private threat actors over a period of three years and still ongoing, showed no evidence of state sponsorship but the primary purpose of the global command-and-control network appears to be intelligence gathering from a combination of national security targets and private sector companies. Attackers used known vulnerabilities in Microsoft software, chucking malware dubbed HangOver onto target machines, most of which were based in Pakistan, where 511 infections associated with the campaign were detected. HangOver installs keyloggers , takes screenshots and...

A Romanian man serving a five-year jail sentence in Romania for his involvement in an ATM skimming scheme, has developed a device designed to protect ATMs from such attacks. 33-year-old Valentin Boanta who is being detained in a prison from Vaslui, Romania, after he was convicted on charges of bank card fraud in 2009, developed what he calls the SRS (Secure Revolving System) which changes the way ATM machines read bank cards to prevent the operation of skimming devices that criminals hide inside ATMs. " When I got caught I became happy. This liberation opened the way to working for the good side ," Boanta said. " Crime was like a drug for me. After I was caught, I was happy I escaped from this adrenaline addiction ," Boanta said. Boanta began working on SRS during his trial. SRS, Boanta says, can be installed into any ATM. ATM skimmers work by installing a second, concealed card reader over the one that's built into the ATM. When an unsuspecting bank customer...

The US Department of Defense has cleared Apple's iPhone and iPad for use on its military networks, along with the Samsung Galaxy S4 and BlackBerry 10 devices, the agency said in a statement Friday. The entire DOD is much, much larger, of course, and mobile devices are increasing in importance for the military just as much as they are for we civilians. The report notes that out of more than 600,000 mobile devices used by the Defense Department, only about 41,000 of those are Apple products, with most of those not connected directly to the military's networks. But because these platforms have previously not been certified or cleared for use, such devices had not been connected to secure military networks, except for testing. The move was hardly shocking, but Samsung devices running the Knox security suite and BlackBerry 10 already trickling into the hands of Pentagon employees, the decision sets the stage for a three-way bout for military market supremacy. Offic...

22 million Yahoo! Japan's user IDs may have been stolen during an unauthorised attempt to access the administrative system of its Japan portal. “ We don’t know if the file of 22 million user IDs was leaked or not, but we can't deny the possibility given the volume of traffic between our server and external terminals ", Yahoo said. The information did not include passwords and the kind of data necessary to verify a user’s identity or reset passwords, it said, adding that the company had updated its security measures to prevent a repeat of the incident. In 2011, Sony said information such as usernames, passwords and birth dates of more than 100 million people may have been compromised after hackers struck the PlayStation Network and Sony Online Entertainment services. Japan acknowledges that its preventative measures against cyberattacks remain underdeveloped, with the national police agency having announced this month it would launch a team to analyze and combat cyberatt...

Earlier this week, new Mac spyware was discovered on a computer at the Oslo Freedom Forum , which is an annual human rights conference. Dubbed as  OSX/KitM.A , discovered by computer security researcher Jacob Appelbaum . This Mac malware that has been used to spy on activists, targeted via spear phishing attack and had received emails that duped them into installing the malware. The malware is a backdoor application called " macs.app " which launches automatically upon login. There are two command-and-control servers, located at securitytable.org and docsforum.info. Interestingly, the malware is signed with an Apple Developer ID , which is designed to prevent the installation of malware, associated with the name Rajender Kumar  and  the use of the ID appears to be an attempt to bypass Apple's Gatekeeper execution prevention technology. As of right now, F-Secure is looking into the origination of the malware and though it doesn’t appear to be widespread....

New issue of English-language al-Qaeda magazine posted on the terror group's website earlier this week linked to the Boston terrorist attacks has possibly been hacked by Western intelligence agencies and its content beyond its cover page was scrambled. The magazine, produced by al Qaeda's Yemeni affiliate, al Qaeda in the Arabian Peninsula, which regularly includes how-to instructions for followers to carry out terrorist attacks in the West, has received significant scrutiny in recent weeks. Investigators believe that Boston bomber Tamerlan Tsarnaev accessed Inspire magazine, and the material had instructions on bomb-making, a law enforcement official said.  According to analysts , the explosive devices the Boston bombers built had striking similarities to a bomb recipe in the first issue of the magazine, " How to build a bomb in your Mom's kitchen ", that has been downloaded by militants in multiple Islamist terrorist plots. Previous issu...