The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

WikiLeaks has just published a new batch of the ongoing Vault 7 leak , and this time the whistleblowing website has unveiled a classified malware for that tracks geo-location of targeted PCs and laptops running the Microsoft Windows operating system. In short, the malware does it by capturing the IDs of nearby public hotspots and then matching them with the global database of public Wi-Fi hotspots' locations. Dubbed ELSA , the alleged CIA's project consists of two main elements: the processing component (Operator Terminal) and the implant (Windows Target) which is typically being deployed on a target Windows host. Here's How the CIA's ELSA Malware Works The Elsa system first installs the malware on a targeted WiFi-enabled machine using separate CIA exploits to gain persistent access on the device. The malware then uses Wi-Fi hardware of the infected computer to scan nearby visible WiFi access points (AP) and records their ESSID – stands for Extended Service Se...

The Shadow Brokers , a notorious hacking group that leaked US cyberweapons — which were also abused by the recent ransomware disasters WannaCry and Petya or NotPetya — has now threatened to unmask the identity of a former hacker who worked for the NSA. Besides this, the Shadow Brokers group has also doubled the price for its monthly subscription model of NSA's built hacking tools and zero-day exploits from 100 ZEC (Zcash) to 200 ZEC, which is around $64,400 USD. Moreover, the hacking group has also announced a VIP service for people, who will be entertained by the group for their queries on the leaked hacking tools and exploits. To subscribe to the VIP service, one has to make a one-time payment of 400 ZEC (around US$128,800). Last month, the Shadow Brokers announced to release more zero-days exploits and hacking tools  developed by the US spy agency every month from June 2017, but only to private members who will subscribe for receiving exclusive access to the futur...

A critical vulnerability has been discovered in Microsoft-owned most popular free web messaging and voice calling service Skype that could allow hackers to remotely execute malicious code and crash systems. Skype is a free online service that allows users to communicate with peers by voice, video, and instant messaging over the Internet. The service was acquired by Microsoft Corporation in May 2011 for US$8.5 Billion due to its worldwide popularity. Security researcher Benjamin Kunz-Mejri from Germany-based security firm Vulnerability Lab discovered the previously unknown stack buffer overflow vulnerability, which is documented in CVE-2017-9948 , in Skype Web's messaging and call service during a team conference call. The vulnerability is considered a high-security risk with a 7.2 CVSS score and affects Skype versions 7.2, 7.35, and 7.36 on Windows XP, Windows 7 and Windows 8, Mejri said in a public security disclosure published on Monday. "The issue can be exploi...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Watch out, readers! It is ransomware, another WannaCry, another wide-spread attack. The WannaCry ransomware is not dead yet and another large scale ransomware attack is making chaos worldwide, shutting down computers at corporates, power supplies, and banks across Russia, Ukraine, Spain, France, UK, India, and Europe and demanding $300 in bitcoins. According to multiple sources, a new variant of Petya ransomware , also known as Petwrap, is spreading rapidly with the help of same Windows SMBv1 vulnerability that the WannaCry ransomware abused to infect 300,000 systems and servers worldwide in just 72 hours last month. Apart from this, many victims have also informed that Petya ransomware has also infected their patch systems. "Petya uses the NSA Eternalblue exploit but also spreads in internal networks with WMIC and PSEXEC. That's why patched systems can get hit." Mikko Hypponen  confirms , Chief Research Officer at F-Secure. Petya is a nasty piece of rans...

Google has just lost its biggest regulatory battle! Google has been hit with a record-breaking $2.7 billion (€2.42 billion) fine by the European antitrust officials for unfairly manipulating search results since 2008. After a lengthy seven-year investigation that was launched in 2010 after several rivals complaint, the European Commission on Tuesday imposed this 'biggest even financial penalty' against the internet tech giant for breaking EU competition law. by using its search dominance to distort search-engine results to promote own shopping comparison service at the top of all search results. "Comparison shopping services rely to a large extent on traffic to be competitive." European Commission says in a press release . "The evidence shows that consumers click far more often on results that are more visible, i.e. the results appearing higher up in Google's search results. More traffic leads to more clicks and generates revenue." The Comm...

Russia has threatened to ban Telegram end-to-end encrypted messaging app, after Pavel Durov, its founder, refused to sign up to the country's new data protection laws. Russian intelligence service, the FSB, said on Monday that the terrorists that killed 15 people in Saint Petersburg in April had used the Telegram encrypted messaging service to plot their attacks. According to the new Russian Data Protection Laws, as of January 1, all foreign tech companies have been required to store the past six months' of the personal data of its citizens and encryption keys within the country; which the company has to share with the authorities on demand. "There is one demand, and it is simple: to fill in a form with information on the company that controls Telegram," Alexander Zharov said, head of communications regulator Roskomnadzor (state communications watchdog). "And to officially send it to Roskomnadzor to include this data in the registry of organizers of d...

A cyber attack has hit the email system of UK Houses of Parliament on Friday morning that breached at least 90 emails accounts protected by weak passwords belonging to MPs, lawmakers, and other parliamentary staff. Meanwhile, as a precaution, the Security service has temporarily shut down the remote access (outside the Westminster) to its network to protect email accounts. Liberal Democrat Chris Rennard has advised on Twitter that urgent messages should be sent by text message. "We have discovered unauthorized attempts to access accounts of parliamentary networks users and are investigating this ongoing incident, working closely with the National Cyber Security Centre," the spokesperson said . "Parliament has robust measures in place to protect all of our accounts and systems, and we are taking the necessary steps to protect and secure our network." The authorities found less than 1% of parliament's 9,000 email addresses had been compromised using the ...

A massive archive of Microsoft's top-secret Windows 10 builds, and the source codes for private software has been reportedly leaked online, which could lead to a nasty wave of Windows 10 exploits, journalist at the Reg claims. The Leaked files – uploaded on BetaArchive website – contains more than 32 terabytes of data, which includes many non-public Windows 10 and Windows Server 2016 builds created by Microsoft engineers for testing purpose. Interestingly, Windows 10 internal builds include private debugging symbols defined by the engineers usually to help other in-house developers understand how some specific codes in the operating system works and what functions it calls, the Register reports . Private debugging symbols reveal some sensitive in-depth knowledge about the operating system that could be used by exploit writers to find vulnerabilities. Moreover, the dump also contains Microsoft's Shared Source Kit , which includes source code for Windows 10 hardware ...

British police have arrested two men in the UK conspiring to hack into the computer networks of US tech giant Microsoft with plans to steal customers' data from the software giant. The suspects — 22-year-old from Sleaford and a 25-year-old from Bracknell — were arrested by the detectives from the Britain's South East Regional Organised Crime Unit (SEROCU) Thursday morning (22 June 2017). The UK authorities arrested them from their home in Lincolnshire and Bracknell and seized a number of devices after searching their home. While it is still unclear what systems were targeted, SEROCU believes the suspects are part of a larger international group that involved breaking into the Microsoft's network between January 2017 and March 2017 to scoop up the customer information. "This group is spread around the world and therefore the investigation is being coordinated with our various partners," Rob Bryant, detective sergeant SEROCU's Cyber Crime Unit said while ...