The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The joint operation by authorities of the U.S. Federal Bureau of Investigation (FBI) and European law enforcement seized Silk Road 2.0 , an alternative to the notorious online illegal-drug marketplace last week, and arrested 26-year-old operator Blake Benthall, but that wasn't the end. US and European authorities over the weekend announced the seizure of 27 different websites as part of a much larger operation called Operation Onymous , which led to take-down of more than "410 hidden services" that sell illegal goods and services from drugs to murder-for-hire assassins by masking their identities using the Tor encryption network. " The action aimed to stop the sale, distribution and promotion of illegal and harmful items, including weapons and drugs, which were being sold on online 'dark' marketplaces, " according to the Europol press release . This globally-coordinated take down is the combined efforts of 17 nations which includes the law enforcemen...

Microsoft has this time quite a big pile of security patches in its November 2014 Patch Tuesday , which will address almost 60 non-security updates for its Windows OS along with 16 security updates . The software giant released Advance Notification for 16 security bulletins, the most in more than three years, which will be addressed as of tomorrow, 11 November, 2014. Five of the bulletins have been marked as " critical ", nine are " importan t" in severity, while two were labeled " moderate ." The updates will patch vulnerabilities in Microsoft's various software including Internet Explorer (IE), Windows, Office, Exchange Server, SharePoint Server and the .NET framework as well. Five critical vulnerabilities affect specific versions of Microsoft Windows, including Windows 7, Windows 8, Windows RT, and Windows Server. One of them also affects Internet Explorer versions 7 through 11 as well. Four of the five critical bugs are said to al...

The authorities of the U.S. Federal Bureau of Investigation have announced that they have arrested " Silk Road 2.0 " operator Blake Benthall , used the alias " Defcon " in California on Wednesday and charged him with conspiracy to commit drug trafficking, computer hacking, money laundering and other crimes. Silk Road 2, an alternative to the notorious online illegal-drug marketplace that went dark in October of 2013, has been seized in a joint action involving the FBI, Department of Homeland Security, and European law enforcement. " As alleged, Blake Benthall attempted to resurrect Silk Road, a secret website that law enforcement seized last year, by running Silk Road 2.0, a nearly identical criminal enterprise, " Manhattan US Attorney Preet Bharara said in a statement . " Let's be clear—this Silk Road, in whatever form, is the road to prison. Those looking to follow in the footsteps of alleged cybercriminals should understand that we will r...

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

Google introduced a new security tool to help developers detect bugs and security glitches in the network traffic security that may leave passwords and other sensitive information open to snooping. The open source tool, dubbed as Nogotofail , has been launched by the technology giant in sake of a number of vulnerabilities discovered in the implementation of the transport layer security, from the most critical Heartbleed bug in OpenSSL to the Apple's gotofail bug to the recent POODLE bug in SSL version 3. The company has made the Nogotofail tool available on GitHub, so that so anyone can test their applications, contribute new features to the project, provide support for more platforms, and help improve the security of the internet. Android security engineer Chad Brubaker said that the Nogotofail main purpose is to confirm that internet-connected devices and applications aren't vulnerable to transport layer security (TLS) and Secure Sockets Layer (SSL) encry...

Security researchers at Kaspersky Lab have unearthed new capabilities in the BlackEnergy Crimeware weapon that has now ability to hacking  routers , Linux systems and Windows, targeting industry through Cisco network devices. The antivirus vendor's Global Research & Analysis Team released a report Monday detailing some of the new " relatively unknown " custom plug-in capabilities that the cyber espionage group has developed for BlackEnergy to attack Cisco networking devices and target ARM and MIPS platforms. The malware was upgraded with custom plugins including Ciscoapi.tcl which targets The Borg's kit, and According to researchers, the upgraded version contained various wrappers over Cisco EXEC-commands and " a punchy message for Kaspersky , " which reads, " F*uck U, Kaspersky!!! U never get a fresh B1ack En3rgy. So, thanks C1sco 1td for built-in backd00rs & 0-days. " BlackEnergy malware program was originally created and used by cy...

Security researchers from Newcastle University in the UK have found a way to steal larger amounts of money from people's pockets using just a mobile phone, due to a security glitch Visa's contactless payment cards. Contactless payment cards use a cryptoprocessor and RFID technology to perform secure transactions without a need to insert the card in a reader, even an NFC-equipped mobile device may also be used as a payment card. But there is a specified limits country-wise. Contactless payment cards are meant to have a limit of £20 per purchase in UK, using which shoppers can buy things by simply tapping their card on a scanner, without having to type in a PIN. But exploiting a flaw in its protocol could allow cyber criminals to manipulate the cards to transfer up to $999,999.99 in foreign currency into a scammer's account. Researchers on Wednesday at the 21st ACM Conference on Computer and Communications Security, detailed the attack which rely on a "rogue POS te...