The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Flame Malware - 21st Century Massive cyber attack on Iran A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyber-espionage operation. The Flame computer virus not only stole large quantities of information from various Iranian government agencies, but apparently even disrupted its oil exports by shutting down oil terminals, information security firm Symantec Israel said yesterday. The Flame virus recently found in Iran could be used to infect other countries, according to the International Telecommunications Union. As the United Nations agency charged with helping members protect their data networks, the ITU plans to issue a warning about the danger of Flame. Iran's National Computer Emergency Response Team (Maher) said in a statement that the detection and clean-up tool was finished in early May and is now ready for distribution to organisations a...

NASA SSL Digital Certificate hacked by Iranian Hackers Iranian hackers ' Cyber Warriors Team ' announced in an online post that it compromised an SSL certificate belonging to NASA and subsequently accessed information on thousands of NASA researchers. A space agency representative revealed that they’re currently investigating the incident. The group said the certificate was compromised by exploiting an existing vulnerability within the portal’s login system, but they didn’t outline the entire attack. Once they had control over the certificate, they claim to have used it to “obtain User information for thousands of NASA researcher With Emails and Accounts of other users [sic].” “ These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries’ objectives, ” Paul K....

Zeus 2.x variant includes ransomware features Cybercriminals are getting more sophisticated, as reports are coming in that hacker coders have successfully merged a ransom trojan with a Zeus malware successor called Citadel . A notorious malware platform targeting financial information has added a new trick to its portfolio a digital version of hijack and ransom. F-Secure researchers have recently spotted a new Zeus 2.x variant that includes a ransomware feature. Basically a customised version of Zeus, the malware aims to provide better support for its offshoot of the Zeus code base, whilst at the same time allowing clients to vote on feature requests and code their own modules for the crimeware platform. Net-security explains the working of this Zeus 2.x variant,that Once this particular piece of malware is executed, it first opens Internet Explorer and points it towards a specific URL : lex.creativesandboxs.com/locker/lock.php. Simultaneously, the users are blocked from...

Anonymous hacks Bureau of Justice and leaks 1.7GB of data Anonymous has apparently hacked the United States Bureau of Justice Statistics and posted 1.7GB of data belonging to the agency on The Pirate Bay . This is a Monday Mail Mayhem release. Online statements attributed to Anonymous said they were responsible for the security breach and that the files they obtained include emails. " Today we are releasing 1.7GB of data that used to belong to the United States Bureau of Justice, until now, said Anonymous in a statement. The Department of Justice acknowledged that their webservers had indeed been breached, adding that their website as well as justive.gov had remained operational throughout the security breach. Department of Justice has been attacked multiple times since becoming a target for the hacking group after the shutdown of Megaupload. "  Within the booty you may find lots of shiny things such as internal emails, and the entire database dump. We Lulzed...

Call for Articles : THN Magazine June 2012, Malware Edition The Hacker News is calling for our June Magazine on the issue related to MALWARE . We'd like to see an analysis of the history of these most worrying viruses and the contemporary usage in cyber espionage and cyber warfare. It would be interesting to analyze the impact of the malware diffusion in the private sector and in government agencies, emphasizing the effectiveness of the cyber threat. Other topics to study are cyber crime activities that involve malware as method of monetization, with particular references to principal frauds schemes. What is the awareness level on hazards of the malware in common people and how the theat could harm new scenarios like mobiles and Cloud. What are the main countermeasures to mitigate virus diffusion? Thank you for your thoughtful consideration and we are looking forward to your work on this very important topic!  Email us at  admin@thehackernews.com Download all THN Ma...

Bogus Facebook apps spreading Android malware Third-party Android markets have traditionally been the main source of infection since the Android boom, as they are less strict than the genuine Play when it comes to bouncing malware. Today Gmanetwork reports that, Users of mobile devices running Google's Android OS were warned over the weekend against a new fake app of the social networking giant that may lead to potential Android malware. These duplicated applications have the same behavior as their original counterparts (in terms of functionality), but they perform a http 302 redirect to another link, that’s not Facebook-related, when they detect mobile traffic. What’s most concerning is that many of the fake app-based malwares in circulation have purported to be legitimate copies of some of the most popular titles around. No sooner were Android users on red alert for a dodgy Angry Birds Space app, were they informed of a phony Instagram app wreaking havoc through some of the ...

IBM Research domain hacked and defaced Hacker collective group dubbed Kosova Hacker Security or in other word KHS targeted IT giant & multinational technology and consulting corporation IBM. In this attack KHS successfully hacked into the official site of IBM Researcher ( http://researcher.ibm.com ). Hackers claims that, site had a SQL injection & remote code execution vulnerability using which they deface the website. At the time of writing the hacked url not working and Mirror of Hack can be seen here . Hackers said," we hack that why we dont like they computers :/ k ".

GFI WebMonitor - Web monitoring and Security With all the threats that Internet access can present to your users and your data, web security software is one of the most valuable investments you can make in your information security. Any solution should offer the following key protections: 1.       Site blocking 2.       Antivirus 3.       Reporting and logging GFI WebMonitor offers all that and more. GFI WebMonitor Unified Security includes both the web filtering and anti-malware capabilities, and can be installed as a standalone server or as an add-on to ISA or TMG. This web security suite can be installed on its own server or as a plug-in for TMG, and GFI offers a free 30-day-trial so you can evaluate it risk-free. Installation:  The installer for the TMG plug-in is straight-forward only requires a service restart, not a reboot. During the installation, you can choose to enable the option...