The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

After years of waiting, Mozilla last week launched Firefox 54 for Windows, Mac, Linux, and Android, with multi-process support — a "major improvement" to improve your browsing experience — but many users are still struggling to take advantage of this feature. Mozilla's multi-process support in Firefox has been in development for over eight years as part of a project, codenamed Electrolysis or E10S, which aimed at improving responsiveness and speed by streamlining memory use by different processes. Describing the latest release as the largest change to Firefox code ever, Mozilla says it has worked hard to avoid increased memory consumption, and slower performance, as Firefox now uses up to four processes to run web page content across all open tabs. In other words, Firefox is finally making use of "significantly less RAM" of your computer, as heavy web pages in one tab will now have a much lower impact on responsiveness and speed in other tabs. ...

It is no secret that hackers and cybercriminals are becoming dramatically more adept, innovative, and stealthy with each passing day. While new forms of cybercrime are on the rise, traditional activities seem to be shifting towards more clandestine techniques that come with limitless attack vectors with low detection rates. Security researchers have recently discovered a new fileless ransomware, dubbed " Sorebrect, " which injects malicious code into a legitimate system process (svchost.exe) on a targeted system and then self-destruct itself in order to evade detection. Unlike traditional ransomware, Sorebrect has been designed to target enterprise's servers and endpoint. The injected code then initiates the file encryption process on the local machine and connected network shares. This fileless ransomware first compromises administrator credentials by brute forcing or some other means and then uses Microsoft's Sysinternals PsExec command-line utility to encry...

A British computer hacker who allegedly hacked a United States Department of Defense satellite system in 2014 and accessed the personal information of hundreds of military personnel has pleaded guilty on Thursday. Sean Caffrey, a 25-year-old resident of Sutton Coldfield in the West Midlands, has admitted to breaking into a US military communications system in June 2014 and stealing usernames and email addresses of over 800 employees and data from 30,000 satellite phones, the UK's National Crime Agency announced on Thursday. The UK authorities arrested Caffrey in March 2015 after they traced back the hack to his home IP address, which indicates the hacker did not use any anonymity service, such as VPN, proxy or Tor, to hide its track. The NCA officials also discovered that an online messaging account linked to the Pentagon satellite system attack was opened and operated from Caffrey's computer. After a forensic examination of his seized computers, the investigators d...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

WikiLeaks has published a new batch of the ongoing Vault 7 leak , this time detailing a framework – which is being used by the CIA for monitoring the Internet activity of the targeted systems by exploiting vulnerabilities in Wi-Fi devices. Dubbed " Cherry Blossom ," the framework was allegedly designed by the Central Intelligence Agency (CIA) with the help of Stanford Research Institute (SRI International), an American nonprofit research institute, as part of its 'Cherry Bomb' project. Cherry Blossom is basically a remotely controllable firmware-based implant for wireless networking devices, including routers and wireless access points (APs), which exploits router vulnerabilities to gain unauthorized access and then replace firmware with custom Cherry Blossom firmware. "An implanted device [ called Flytrap ] can then be used to monitor the internet activity of and deliver software exploits to targets of interest." a leaked CIA manual  reads . "The wi...

Soon you will be able to auto backup and sync your whole computer on Google Drive. Yes, you heard that right. By the end of this month, Google will launch Backup and Sync — a new, simple tool that has been designed to help you backup not only your documents and photos in the cloud but your entire computer as well. Data loss is always the worst thing that can happen to anyone, so having backups of all your data is always a good idea. Also, having regular backups can save you and your company in the events of data breaches and ransomware attacks. "On June 28th, 2017, we will launch Backup and Sync from Google, a tool intended to help everyday users back up files and photos from their computers, so they're safe and accessible from anywhere," reads Google's post on the G Suite Blog. The Backup and Sync tool will replace the current Google Drive uploader client for Mac/PC, and will also be integrated into the desktop Google Photos uploader. So, instead of creati...

Hit by Jaff Ransomware? Don't pay the Ransom. You can unlock your files for Free! Kaspersky Labs has released an updated version 1.21.2.1 of its free ransomware decryption tool, RakhniDecryptor, which can now also decrypt files locked by the Jaff ransomware . Security researchers at Kaspersky Labs have discovered a weakness in the Jaff ransomware code that makes it possible for victims to unlock their Jaff-infected files for free. First identified last month, Jaff is relatively new ransomware that's being distributed with the help of ' Necurs botnet ' that currently controls over 6 million infected computers worldwide. Necurs botnet is the same botnet – army of compromised internet connected devices – that was used to distribute Dridex Banking Trojan and Locky ransomware , which also infects users' machines, encrypt files and then demand a ransom before unlocking them. Jaff ransomware (Trojan-Ransom.Win32.Jaff) attack is primarily carried out by sending ...