The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Security boffins have discovered a critical vulnerability in a GnuPG cryptographic library that allowed the researchers to completely break RSA-1024 and successfully extract the secret RSA key to decrypt data. Gnu Privacy Guard (GnuPG or GPG) is popular open source encryption software used by many operating systems from Linux and FreeBSD to Windows and macOS X. It's the same software used by the former NSA contractor and whistleblower Edward Snowden to keep his communication secure from law enforcement. The vulnerability, labeled CVE-2017-7526 , resides in the Libgcrypt cryptographic library used by GnuPG, which is prone to local FLUSH+RELOAD side-channel attack. A team of researchers — from Technical University of Eindhoven, the University of Illinois, the University of Pennsylvania, the University of Maryland, and the University of Adelaide — found that the "left-to-right sliding window" method used by the libgcrypt library for carrying out the mathematics o...

A teenage student has been charged with running a supplying malware that was used for launching distributed denial of service (DDoS) attacks against websites of some of the world's leading businesses. Jack Chappell , an 18-year-old teenager from Stockport, is accused of helping cyber criminals with his DDoS booter service (DDoS-for-hire service) to flood millions of websites around the world with the massive amount of data and eventually bring them down, making them unavailable to their users. Among the victims that were allegedly attacked by Chappell's malware are the National Crime Agency (NCA), T-Mobile, O2, Virgin Media, the BBC, Amazon, Vodafone, BT, Netflix, and NatWest that had its online banking systems down in a 2015 cyber attack. Chappell is charged following an investigation led by the West Midlands Regional Cyber Crime Unit and assisted by Israeli Police, the Federal Bureau of Investigation (FBI) and Europol's European Cybercrime Centre (EC3). According t...

A SQL Injection vulnerability has been discovered in one of the most popular Wordpress plugins, installed on over 300,000 websites, which could be exploited by hackers to steal databases and possibly hijack the affected sites remotely. The flaw has been discovered in the highly popular WP Statistics plugin, which allows site administrators to get detailed information related to the number of users online on their sites, the number of visits and visitors, and page statistics. Discovered by Sucuri team, WordPress plugin WP Statistics is vulnerable to SQL Injection flaw that allows a remote attacker, with at least a subscriber account, to steal sensitive information from the website's database and possibly gain unauthorized access to websites. SQL Injection is a web application bug that allows hackers to inject malicious Structured Query Language (SQL) code to web inputs in order to determine the structure and location of key databases, which eventually allows stealing of...

WikiLeaks has just published a new batch of the ongoing Vault 7 leak , this time detailing an alleged CIA project that allowed the agency to hack and remotely spy on computers running the Linux operating systems. Dubbed OutlawCountry , the project allows the CIA hackers to redirect all outbound network traffic on the targeted computer to CIA controlled computer systems for exfiltrate and infiltrate data. The OutlawCountry Linux hacking tool consists of a kernel module, which the CIA hackers load via shell access to the targeted system and create a hidden Netfilter table with an obscure name on a target Linux user. "The new table allows certain rules to be created using the "iptables" command. These rules take precedence over existing rules, and are only visible to an administrator if the table name is known. When the Operator removes the kernel module, the new table is also removed," CIA's leaked  user manual reads. Although the installation and persi...

Ransomware Ransomware Everywhere Not a Single Place to Hide! But, Microsoft has a simple solution to this problem to protect millions of its users against most ransomware attacks. Two massive ransomware attacks — WannaCry and Petya (also known as NotPetya ) — in a month have caused chaos and disruption worldwide, forcing hospitals, ATMs, shipping companies, governments, airports and car companies to shut down their operations. Most ransomware in the market, including WannaCry and NotPetya, are specifically designed to target computers running Windows operating system, which is why Microsoft has been blamed for not putting proper defensive measures in place to prevent such threats. But not now! In the wake of recent devastating global ransomware outbreaks, Microsoft has finally realized that its Windows operating system is deadly vulnerable to ransomware and other emerging threats that specifically targets its platform. To tackle this serious issue, the tech giant has ...

The author of original Petya ransomware is back. After 6 months of silence, the author of the now infamous Petya ransomware appeared today on Twitter to help victims unlock their files encrypted by a new version of Petya, also known as NotPetya . "We're back having a look in NotPetya," tweeted Janus, a name Petya creator previously chose for himself from a villain in James Bond. "Maybe it's crackable with our privkey. Please upload the first 1MB of an infected device, that would help." This statement made by the Petya author suggests he may have held onto a master decryption key , which if it works for the new variant of Petya infected files, the victims would be able to decrypt their files locked in the recent cyber outcry. Janus sold Petya as a Ransomware-as-a-Service (RaaS) to other hackers in March 2016, and like any regular ransomware, original Petya was designed to lock victim's computer, then return them when a ransom is paid. This ...

After being threatened with a ban in Russia , end-to-end encrypted Telegram messaging app has finally agreed to register with new Russian Data Protection Laws, but its founder has assured that the company will not comply to share users' confidential data at any cost. Russia's communications watchdog Roskomnadzor had recently threatened to block Telegram if the service did not hand over information required to put the app on an official government list of information distributors. The Russian government requirement came following terrorists' suicide bombings that killed 15 people in Saint Petersburg in April in which terrorists allegedly used the Telegram 's app to communicate and plot attacks. "There is one demand, and it is simple: to fill in a form with information on the company that controls Telegram," said Alexander Zharov, head of Roskomnadzor.  "And to officially send it to Roskomnadzor to include this data in the registry of organizers...