The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Another day, another massive data breach—this time affecting a leading web technology company, as well as both of its subsidiaries, from where millions of customers around the world have purchased domain names for their websites. The world's top domain registrars Web.com, Network Solutions, and Register.com disclosed a security breach that may have resulted in the theft of customers' account information. Founded in 1999 and headquartered in Jacksonville, Florida, Web.com is a leading web technology company that owns both Network Solutions and Register.com. The companies offer web services like web hosting, website design, and online marketing to help people build their own websites. What happened? — In late August 2019, a third-party gained unauthorized access to a "limited number" of the company's computer systems and reportedly accessed millions of records for accounts of current and former customers with Web.com, Network Solutions, and Register.com. ...

Two grey hat hackers have pleaded guilty to blackmailing Uber , LinkedIn, and other U.S. corporations for money in exchange for promises to delete data of millions of customers they had stolen in late 2016. In a San Jose courthouse in California on Wednesday, Brandon Charles Glover (26) of Florida and Vasile Mereacre (23) of Toronto admitted they accessed and downloaded confidential corporate databases on Amazon Web Services using stolen credentials. After downloading the data, the duo contacted affected companies to report security vulnerabilities and demanded money in exchange for the deletion of the data, according to a press release published by the US Justice Department. "I was able to access backups upon backups, me and my team would like a huge reward for this," the hackers said to the victim company in an email. "Please keep in mind, we expect a big payment as this was hard work for us, we already helped a big corp which paid close to 7 digits, all ...

Skyrocketing data breaches bring incalculable losses to organizations and can cost cybersecurity executives their jobs. Here we examine the top five places in 2019 where cybercriminals are stealing corporate and government data without ever getting noticed and then learn how to avoid falling victim to unscrupulous attackers. 1. Misconfigured Cloud Storage 48% of all corporate data is stored in the cloud compared to 35% three years ago, according to a 2019 Global Cloud Security Study by cybersecurity company Thales that surveyed over 3,000 professionals across the globe. Contrastingly, only 32% of the organizations believe that protecting data in the cloud is their own responsibility, counting on cloud and IaaS providers to safeguard the data. Worse, 51% of the organizations do not use encryption or tokenization in the cloud. (ISC)² Cloud Security Report 2019 assets that 64% of cybersecurity professionals perceive data loss and leakage as the biggest risk associated with the...

A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant. Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the incident received factually incorrect coverage widely suggesting a piece of malware has compromised "mission-critical systems" at the Kudankulam Nuclear Power Plant . Relax! That's not what happened. The attack merely infected a system that was not connected to any critical controls in the nuclear facility. Here we have shared a timeline of the events with brief information on everything we know so far about the cyberattack at Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu. From where this news came? The story started when Indian security researcher Pukhraj Singh tweeted that he informed Indian authorities a few months ago about an information-stealing malware, dubbed Dtrack, which successfully hit "extre...

Finally, for the very first time, an encrypted messaging service provider is taking legal action against a private entity that has carried out malicious attacks against its users. Facebook filed a lawsuit against Israeli mobile surveillance firm NSO Group on Tuesday, alleging that the company was actively involved in hacking users of its end-to-end encrypted WhatsApp messaging service. Earlier this year, it was discovered that WhatsApp had a critical vulnerability that attackers were found exploiting in the wild to remotely install Pegasus spyware on targeted Android and iOS devices. The flaw (CVE-2019-3568) successfully allowed attackers to silently install the spyware app on targeted phones by merely placing a WhatsApp video call with specially crafted requests, even when the call was not answered. Developed by NSO Group, Pegasus allows access to an incredible amount of data from victims' smartphones remotely, including their text messages, emails, WhatsApp chats, ...

Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices. Dubbed Xhelper , the malware has already infected more than 45,000 Android devices in just the last six months and is continuing to spread by infecting at least 2,400 devices on an average each month, according to the latest report published today by Symantec. Here below, I have collected excerpts from some comments that affected users shared on the online forums while asking for how to remove the Xhelper Android malware: "xhelper regularly reinstalls itself, almost every day!" "the 'install apps from unknown sources' setting turns itself on." "I rebooted my phone and also wiped my phone yet the app xhelper came back." "Xhelper came pre-installed on the phone from China." ...

It seems like the prolonged downtime and technical difficulties faced by The Pirate Bay over the past several weeks were due to a series of distributed denial of service (DDoS) attacks against the widely-popular torrent website by malicious actors. For those unaware, The Pirate Bay was down for more than a week with most visitors displayed a Cloudflare error mentioning that a "bad gateway" is causing problems, while others served with a "database maintenance" message prompting users to check back in 10 minutes. Though the site's moderators did not reveal any details regarding the Pirate Bay downtime, a reputable source with a direct link with the operators told Torrent Freak that the recent Pirate Bay downtime issues "were likely caused by malicious actors who DDoSed the site's search engine with specially crafted search queries." The attacker(s) flooded The Pirate Bay with "searches that break the Sphinx search daemon," effecti...