Search results for cyber | Breaking Cybersecurity News | The Hacker News

In a US SEC (Securities and Exchange Commission)  8-K filing , Omnicell, the healthcare technology provider, revealed that some of its products, services, and internal systems were affected by ransomware.  Upon detecting the incident, the medication management systems provider took immediate action to contain the attack and ensure continued operation. In its  10-Q form  filing, Omnicell disclosed that cyber-attacks or data breaches disrupted its business.  Will you be the next victim? If you overlook the importance of data protection, attackers can get you in no time.  Explore the  impact of the data breach  on the healthcare sector and what preventive measures can be taken against such attacks. Omnicell Announced Data Breach  Founded in 1992, Omnicell is a leading provider of medication management solutions for hospitals, long-term care facilities, and retail pharmacies.  On May 4, 2022 , Omnicell's IT systems and third-party cloud services were affected by ransomware attac

The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. "The attacks are not aimed at the general public but targets in specified sectors, including academia, defense, government organizations, NGOs, think tanks, as well as politicians, journalists, and activists," the NCSC  said . The agency attributed the intrusions to  SEABORGIUM  (aka Callisto, COLDRIVER, and TA446) and  APT42  (aka ITG18, TA453, and Yellow Garuda). The similarities in the modus operandi aside, there is no evidence the two groups are collaborating with each other. The activity is typical of spear-phishing campaigns, where the threat actors send messages tailored to the targets, while also taking enough time to research their interests and identify their social and professional circles. The initial contact is designed to appear innocuous in an attempt to gain their trust and

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Top100 Arena Gaming Sites Network hacked By ACA [Albanian Cyber Army] Albania hackers have exploited one of the biggest Game Arena site   " Top100 " database using SQL injection attack. They leak the database on mediafire . Hackers belongs from group  ACA [Albanian Cyber Army] .

The Law enforcement agencies from six different European countries have taken down a major Ukrainian-based cyber criminals gang suspected of developing, distributing and deploying Zeus and SpyEye banking malware . According to the report on the official website of Europol, authorities have arrested five suspects between June 18 and 19. All the five suspects are the members of an alleged gang that has been accused of infecting tens of thousands of computers worldwide with malware and banking Trojans. The alleged cybercriminal group distributed and used Zeus and SpyEye malware to steal money from several major banks in Europe and outside. The gang constantly modified its malware Trojans to defeat the security protocols of banks and used " mule networks " to launder money. "On the underground digital forums, they actively traded stolen credentials, compromised bank account information and malware," Europol said in a statement on Thursday, "

The Iranian hacking group, which calls itself the " Ajax Security Team ", was quite famous from last few years for websites defacement attacks , and then suddenly they went into dark since past few months. But that doesn't mean that the group was inactive, rather defacing the websites, the group was planning something bigger. The Group of hackers at Ajax Security Team last defaced a website in December 2013 and after that it transitioned to sophisticated malware-based espionage campaigns in order to target U.S. defense organizations and Iranian dissidents, according to the report released by FireEye researchers. " The transition from patriotic hacking to cyber espionage is not an uncommon phenomenon. It typically follows an increasing politicization within the hacking community, particularly around geopolitical events ," researchers Nart Villeneuve, Ned Moran, Thoufique Haq and Mike Scott wrote in the report. " This is followed by increasing links between the hacking

Lulzsec Leaks Source Code of Sony Computer Entertainment Developer Network ! Just Now ! BOOM ... By Lulzsec . They again hit SONY by releasing the complete source code of Sony Computer Entertainment Developer Network " scedev.net " Via there Twitter account. They provide a Mediafire file sharing link for download a 55.28 MB file :  https://www.mediafire.com/?ev1zo010c020764 ____________________________________________________________________________ Bonus :  Total Exposure - The Hacker News [THN] Magazine - June 2011 | Issue 03 The Hacker News  ,June Month Magazine is Released Now ! GET YOUR COPY TODAY. Its our Issue 03 with theme " Total Exposure " . We hope this monthly magazine will keep you update in Cyber World. Content : - Total Exposure - Wikileaks : Exposure in true way - Guide about selecting your Computer Security Consultant - In the Realm of Cyber Breach - Exploit Writers : Challenging Cyber Security - Interview with Team Inj3ct0r - IT Sec

The growing threat of cyber-attacks and network hacking has reached the satellite-space sector, posing a growing challenge to the satellite operators. Because the satellite system are the critical components for the Nation to a modern military, they have become an attractive target of cyber attacks . A security firm uncovered a number of critical vulnerabilities, including hardcoded credentials, undocumented and insecure protocols, and backdoors in the widely used satellite communications (SATCOM) terminals, which are often used by the military , government and industrial sectors. By exploiting these vulnerabilities an attacker could intercept, manipulate, block communications, and in some circumstances, could remotely take control of the physical devices used in the mission-critical satellite communication (SATCOM). Once the attacker gained the access of the physical devices used to communicate with satellites orbiting in space, he can completely disrupt military ope

South Korea issued an alert against cyber attacks after websites run by government agencies, including the presidential office and the national intelligence agency came under assault. About 40 websites were targeted today at 10 a.m. local time in an attack known as "distributed denial of service," or DDoS, and more incidents are likely around 6:30 p.m., according to Ahnlab Inc. (053800), South Korea's largest maker of antivirus software. The government issued its third-highest alert against cyber assaults and boosted monitoring of major websites, the Korea Communications Commission said in a statement. Today's attacks are similar to attempts made in July 2009 to cripple dozens of websites in South Korea and the U.S. North Korea's postal ministry was responsible for the attacks, Won Sei Hoon, head of South Korea's National Intelligence Service, told lawmakers in October 2009. Under the DDoS tactic, malicious codes infect computers to trigger mass attacks against targeted websites, A

Since all the versions of the popular game ' Grand Theft ' gone blatant and during the first week of the release of the Grand Theft Auto 4 in 2008, it topped half of millions of dollars, sold 3.6 million copies and generated $310 million in sales i.e., earning about 5 times as much as the blockbuster movie - Iron Man. But the latest version -- Grand Theft Auto V is only available for the Xbox 360 and PS3 and there are rumors of a PC version of it on GameStop's PowerUp Rewards website. So, it's very common that if I offer you Grand Theft Auto V for PC, you eagerly want it.  Mind this, " There is no Grand Theft Auto V for PC ," accept the reality and don't let cyber criminals take leverage of this fact. If you receive any email that alerts that you have been invited to the PC beta test for the game, considering it unreal, don't click on embedded links in the email because it can lead you to several bad websites that will infect you with all kinds of malwa

India - US sign Cyber Shield deal India and the US on Tuesday inked a pact on cybersecurity to intensify information exchange on threats to computers and networks and initiate joint work on technologies against cyber-attacks. A joint statement on the India-US strategic dialogue has announced the cybersecurity agreement among new initiative by the two countries. These initiatives also include a plan to develop a software platform to make available non-sensitive government data to the public and to award $3 million each year to entrepreneurial projects that commercialise technologies to improve health. A memorandum of understanding between the Indian and the American Computer Emergency Response Teams (CERT) is expected to lead to routine exchange of information on vulnerabilities and co-operation on cybersecurity technologies, Indian CERT officials said. "This comes at a time when cybersecurity-related incidents are increasing in number and becoming more and more sophistic

BSNL System Hacked by Pakistan Cyber Army - Users info at risk Pakistan Cyber Army claims to hack the BSNL (Bharat Sanchar Nigam Ltd.- India's No. 1 Telecommunications Company)10,000 User information like name, email, phone number and location & BSNL's internal working of VPN ,detail of circuits and as well as more technical details. More Screenshots: Source: Email from PCA

Flame Malware - 21st Century Massive cyber attack on Iran A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyber-espionage operation. The Flame computer virus not only stole large quantities of information from various Iranian government agencies, but apparently even disrupted its oil exports by shutting down oil terminals, information security firm Symantec Israel said yesterday. The Flame virus recently found in Iran could be used to infect other countries, according to the International Telecommunications Union. As the United Nations agency charged with helping members protect their data networks, the ITU plans to issue a warning about the danger of Flame. Iran's National Computer Emergency Response Team (Maher) said in a statement that the detection and clean-up tool was finished in early May and is now ready for distribution to organisations a

Microsoft on Wednesday announced that it's expanding cloud logging capabilities to help organizations investigate cybersecurity incidents and gain more visibility after facing criticism in the wake of a recent  espionage attack campaign  aimed at its email infrastructure. The tech giant said it's making the change in direct response to increasing frequency and evolution of nation-state cyber threats. It's expected to roll out starting in September 2023 to all government and commercial customers. "Over the coming months, we will include access to wider cloud security logs for our worldwide customers at no additional cost," Vasu Jakkal, corporate vice president of security, compliance, identity, and management at Microsoft,  said . "As these changes take effect, customers can use Microsoft Purview Audit to centrally visualize more types of cloud log data generated across their enterprise." As part of this change, users are expected to receive access to

Underground sites more commonly offer access to networks of compromised machines or stolen credit card information. Webroot has uncovered a criminal underground store dedicated to selling access to more than tens of thousands of hacked legitimate websites. Their customers can buy an administrator account or shell access in a hacked website, at cheap price i.e. $0.5 to $10 and then allows to perpetrate criminal activities from it, distribute malware, install a botnet  command & control infrastructure, upload illegal content, send spam, and so on. In Screenshots Researchers shows an underground market proposition, whose inventory is currently listing over 6000 compromised/hacked shells internationally. Sites are listed based on the price, page rank, age of the domain, Alexa ranking, language, and number of pages indexed by Google. The site promised access to any number of the compromised websites and the store seems to be quite profitable. The website found to be

A new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing (a.k.a. infostealer or stealer) malware. Incidents have more than doubled in Q1 2023, indicating an alarming trend that threatens global organizations. According to the new Uptycs' whitepaper,  Stealers are Organization Killers , a variety of new info stealers have emerged this year, preying on Windows, Linux, and macOS systems. Telegram has notably been used extensively by these malware authors for command, control, and data exfiltration. What is a Stealer? A stealer is a type of malware that targets its victim by stealing sensitive information that can include passwords, login credentials, and other personal data. After collecting such data, the stealer sends it to the threat actor's command and control (C2) system. RedLine and Vidar, two well-known stealers, took advantage of log-providing services to infiltrate private systems. RedLine primarily targets credenti

The greatest threat facing most nations is no longer a standing army. It's a hacker with a computer who can launch a crippling cyber attack from thousands of miles away—potentially taking down everything from server farms to entire power grids with a few lines of code. So it should come as no surprise that virtually every major company in both the public and private sector—as well as national security teams and government agencies—are looking for talented and trained professionals who can help them evade these cyber threats. Although it may seem a bit counterintuitive, the only person who can fight back against a hacker is another hacker. Known as ethical or "white hat" hackers, these intrepid cyber warriors are the first and most important line of defense against these nefarious hackers, and they're being paid handsomely for their services. The Complete White Hat Hacker Certification Bundle will teach you everything you need to know in order to join their r

Security researchers have uncovered an active cyber attack campaign that has successfully stolen more than $1 Million from a variety of targeted enterprise organizations using spear phishing emails, malware and social engineering tricks. The campaign, dubbed " The Dyre Wolf " by researchers from IBM's Security Intelligence division, targets businesses and organizations that use wire transfers to transfer large sums of money, even if the transaction is protected by 2-factor authentication. A MIXTURE OF MALWARE, SOCIAL ENGINEERING & DDoS Nowadays, cybercriminals not only rely on banking Trojans to harvest financial credentials, but also using sophisticated social engineering tactics to attack big corporations that frequently conduct wire transfers to move large sums. " An experienced and resource-backed [cyber criminal] gang operates Dyre ," John Kuhn, Senior Threat Researcher at IBM Managed Security Service, wrote in a blog post published Th

A scientist working at the Atomic Energy Organisation of Iran said computer systems have been hit by a cyber-attack which forced them to play AC/DC's Thunderstruck at full volume in the middle of the night. The attack came to light after a researcher at security firm F-Secure received a string of emails from a Iran's atomic energy organisation." I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom. " " It does sound really weird ," he said. "If there was an attack, why would the attacker announce themselves by playing ' Thunderstruck? " If true, this attack is the third hacking attempt aimed at Tehran's controversial nuclear program. It sounds like the AEOI may have been hit with an infrastructure-targeting malware attack, similar to those that have plagued the Middle East since 201

NIIT Technologies GIS subsidiary 's server hacked by Tigers of Indian Cyber (TIC) A server belonging to NIIT GIS Limited, an NIIT Technologies subsidiary, was compromised last week using a SQL injection attack by a hacking group calling itself the 'Tigers of Indian Cyber' (TIC). TIC posted the disclosure in an open security forum giving proof of concept, and a complete list of account credentials. It has since come to light that NIIT GIS' server was compromised — not the servers at NIIT Technologies. The breach was independently verified by Omair, a security consultant with Network Intelligence India (NII). Omair said that the hack was genuine, and was verified with the link posted by TIC as proof of concept. "The executed query enumerates expected information from the database tables," says Omair. Initial communication with NIIT Technologies revealed that the company was ignorant of the situation. After being informed by SearchSecurity.in of the particulars, the breach was detec