#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for cyber attack | Breaking Cybersecurity News | The Hacker News

Biggest American Bank 'JPMorgan Chase' hacked; 465,000 card users' data stolen

Biggest American Bank 'JPMorgan Chase' hacked; 465,000 card users' data stolen

Dec 05, 2013
JPMorgan Chase , one of the world's biggest Banks has recently announced that it was the victim of a cyber attack and warned round 465,000 of its holders of prepaid cash cards on the possible exposure of their personal information. In the Security Breach that took place on the bank's website www.ucard.chase.com  in July, around 465,000 accounts are compromised i.e. 2% of the overall 25 million UCard users. JPMorgan confirmed that there is no risk for holders of debit cards, credit cards or prepaid Liquid cards. They informed the law enforcement in September, and till now no information on how attackers have conducted the attack has been disclosed. The JPMorgan spokesman Michael Fusco declared that the investigation allowed the identification of victim accounts and the data stolen, the bank already notifying the cardholders of the incident. JPMorgan representative also remarked that hackers haven't stolen money from any user's account, due this reason the company is not i
Latest Hacking Tools Leak Indicates NSA Was Targeting SWIFT Banking Network

Latest Hacking Tools Leak Indicates NSA Was Targeting SWIFT Banking Network

Apr 14, 2017
Update: Most of the exploits made publicly available (mentioned in this article) by the Shadow Brokers group are already patched by Microsoft in the last month's Patch Tuesday update. So, it is always recommended that you keep your systems up-to-date in order to prevent you from being hacked. The Shadow Brokers – a hackers group that claimed to have stolen a bunch of hacking tools from the NSA – released today more alleged hacking tools and exploits that target earlier versions of Windows operating system, along with evidence that the Intelligence agency also targeted the SWIFT banking system of several banks around the world. Last week, the hacking group released the password for an encrypted cache of Unix exploits , including a remote root zero-day exploit for Solaris OS, and the TOAST framework the group put on auction last summer. The hacking tools belonged to " Equation Group " – an elite cyber attack unit linked to the National Security Agency (NSA).
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

Feb 28, 2023 Password Security / Data Breach
LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. The company said one of its DevOps engineers had their personal home computer hacked and infected with a keylogger as part of a sustained cyber attack that exfiltrated sensitive data from its Amazon AWS cloud storage servers. "The threat actor leveraged information stolen during the first incident, information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated second attack," the password management service  said . This intrusion targeted the company's infrastructure, resources, and the aforementioned employee from August 12, 2022, to October 26, 2022. The original incident, on the other hand, ended on August 12, 2022. The  August breach  saw the intruders accessing source cod
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
New SystemBC Malware Variant Targets Southern African Power Company

New SystemBC Malware Variant Targets Southern African Power Company

Aug 11, 2023 Malware / Cyber Threat
An unknown threat actor has been linked to a cyber attack on a power generation company in southern Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack. "The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a south African nation's critical infrastructure," Kurt Baumgartner, principal security researcher at Kaspersky's Global Research and Analysis Team (GReAT),  said . The Russian cybersecurity company said the attack, which took place in late March 2023, was in its early stages and involved the use of DroxiDat to profile the system and proxy network traffic using the  SOCKS5 protocol  to and from command-and-control (C2) infrastructure. SystemBC  is a C/C++-based commodity malware and remote administrative tool that was  first seen in 2019 . Its main feature is to set up  SOCKS5 proxies  on victim computers that can then be used by threat actors to tunnel malicious traffic associ
Hacking Team Flash Zero-Day Linked to Cyber Attacks on South Korea and Japan

Hacking Team Flash Zero-Day Linked to Cyber Attacks on South Korea and Japan

Jul 09, 2015
The corporate data leaked in the recent cyber attack on the infamous surveillance software firm Hacking Team has revealed that the Adobe Flash zero-day (CVE-2015-5119) exploit has already been added to several exploit kits. Security researchers at Trend Micro have discovered evidences of the Adobe Flash zero-day (CVE-2015-5119) exploit being used in a number of exploit kits before the vulnerability was publicly revealed in this week's data breach on the spyware company. The successful exploitation of the zero-day Flash vulnerability could cause a system crash, potentially allowing an attacker to take full control of the affected system. Adobe Flash Zero-Day Targeted Japan and Korea According to the researchers, the zero-day exploit, about which the rest of the world got access on Monday, was apparently used in limited cyber attacks on South Korea and Japan . "In late June, [Trend Micro] learned that a user in Korea was the attempted target of various
Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template

Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template

May 14, 2021
Security incidents occur. It's not a matter of 'if' but of 'when.' There are security products and procedures that were implemented to optimize the IR process, so from the 'security-professional' angle, things are taken care of. However, many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process with their management a much more challenging task. It's a little surprise — managements are typically not security savvy and don't really care about the bits and bytes in which the security pro masters. Cynet addresses this gap with the IR Reporting for Management PPT template , providing CISOs and CIOs with a clear and intuitive tool to report both the ongoing IR process and its conclusion. The IR for Management template enables CISOs and CIOs to communicate with the two key points that management cares about—assurance that the incident is under control and a clear understanding of imp
Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

Apr 19, 2023 Cyber Threat / Malware
The cyber espionage actor tracked as  Blind Eagle  has been linked to a new multi-stage attack chain that leads to the deployment of the NjRAT remote access trojan on compromised systems. "The group is known for using a variety of sophisticated attack techniques, including custom malware, social engineering tactics, and spear-phishing attacks," ThreatMon  said  in a Tuesday report. Blind Eagle, also referred to as APT-C-36, is a suspected Spanish-speaking group that chiefly strikes private and public sector entities in Colombia. Attacks orchestrated by the group have also targeted Ecuador, Chile, and Spain. Infection chains documented by  Check Point  and  BlackBerry  this year have revealed the use of spear-phishing lures to deliver commodity malware families like BitRAT and AsyncRAT, as well as in-memory Python loaders capable of launching a Meterpreter payload. The latest discovery from ThreatMon entails the use of a JavaScript downloader to execute a PowerShell scri
British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers' Data

British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers' Data

May 19, 2020
British low-cost airline EasyJet today admitted that the company has fallen victim to a cyber-attack, which it labeled "highly sophisticated," exposing email addresses and travel details of around 9 million of its customers. In an official statement released today, EasyJet confirmed that of the 9 million affected users, a small subset of customers, i.e., 2,208 customers, have also had their credit card details stolen, though no passport details were accessed. The airline did not disclose precisely how the breach happened, when it happened, when the company discovered it, how the sophisticated attackers unauthorizedly managed to gain access to the private information of its customers, and for how long they had that access to the airline's systems. However, EasyJet assured its users that the company had closed off the unauthorized access following the discovery and that it found "no evidence that any personal information of any nature has been misused" b
Two Arrested for Hacking Washington CCTV Cameras Before Trump Inauguration

Two Arrested for Hacking Washington CCTV Cameras Before Trump Inauguration

Feb 03, 2017
Two suspected hackers have reportedly been arrested in London on suspicion of hacking 70 percent of the CCTV cameras in Washington with ransomware ahead of President Donald Trump's inauguration last month. The arrest took place on 20th January by the officers from the National Crime Agency (NCA) of UK after it received a request from United States authorities, but it has not been disclosed until now. The NCA raided a house in the south of London last month and detained a British man and a Swedish woman, both 50-years-old, reported The Sun. Some 123 of the 187 police CCTV cameras used to monitor public areas in Washington DC stopped working on 12 January, just 8 days before the inauguration of Donald Trump, after a cyber attack hit the storage devices. The cyber attack lasted for about three days, eventually leaving the CCTV cameras out of recording anything between 12 and 15 January. It was reported that the surveillance cameras were left useless after a ransomware made
[Video] Ukrainian Police Seize Servers of Software Firm Linked to NotPetya Cyberattack

[Video] Ukrainian Police Seize Servers of Software Firm Linked to NotPetya Cyberattack

Jul 05, 2017
Ukrainian National Police has released a video showing officers raiding company of M.E.Doc accounting software makers, whose systems have been linked to outbreak of Petya (NotPetya) ransomware that recently infected computers of several major companies worldwide. On 4th July, masked police officers from Ukrainian anti-cybercrime unit — carrying shotguns and assault rifles — raided the software development firm " Intellect Service, " in the capital city Kyiv and seized their servers, which were reportedly compromised by hackers to spread (ExPetr, PetrWrap, Petya, NotPetya) ransomware. Researchers from ESET security firm have found a very stealthy malicious code in the M.E.Doc software update which was injected by an unknown hacker or group of hackers in mid-April by exploiting a vulnerability. The malicious software upgrade, designed to install a backdoor and give unauthorized remote access to attackers, was then delivered as an update to nearly 1 million computers belonging
Anonymous #OpIsrael, cyber crime and assumptions on state-sponsored interference

Anonymous #OpIsrael, cyber crime and assumptions on state-sponsored interference

Apr 18, 2013
Last April 7th the Anonymous collective hit the Israeli networks with a huge as historic offensive, for the first time an independent group of hackers declared war to a Governments to protest against its policy. Many web sites of the country were hit by DDoS attacks, the data on the event reported by Israel government are totally different from the information published by Anonymous that produced a report for #OpIsrael in which total damage are estimated of $3-plus billion. According security experts at TrendMicro the collective adopted various botnet coordinating large scale attacks, analyzing traffic directed to one of the targeted website, the researchers discovered that meanwhile usually more of 90% of the traffic is originated in Israel, during the attack almost the entire traffic was originated outside the country and internal connections have fallen to 9% as shown in the following chart: What is surprising is that TrendMicro discovered that many IP addre
U.S. developing Technology to Identify and Track Hackers Worldwide

U.S. developing Technology to Identify and Track Hackers Worldwide

May 05, 2016
Without adequate analysis and algorithms, mass surveillance is not the answer to fighting terrorism and tracking suspects. That's what President Obama had learned last year when he signed the USA Freedom Act , which ends the bulk collection of domestic phone data by US Intelligence Agencies. There is no doubt that US Government is collecting a vast quantity of data from your smartphone to every connected device i.e. Internet of the things , but… Do they have enough capabilities to predict and identify terrorists or cyber criminals or state-sponsored hackers before they act? Well, if they had, I would not be getting chance to write about so many brutal cyber attacks , data breaches, and terrorist attacks that not only threatened Americans but also impacted people worldwide. The Ex-NSA technical director William E. Binney, who served the US National Security Agency for over 30-years, said last year in the front of Parliamentary Joint Committee that forcing analysts t
Hacker Steals $8.4 Million in Ethereum (4th Heist In A Month)

Hacker Steals $8.4 Million in Ethereum (4th Heist In A Month)

Jul 25, 2017
More Ethereum Stolen! An unknown hacker has just stolen nearly $8.4 Million worth of Ethereum – one of the most popular and increasingly valuable cryptocurrencies – in yet another Ethereum hack that hit Veritaseum's Initial Coin Offering (ICO). This incident marks as the fourth Ethereum hack this month and second cyber attack on an ICO, following a theft of $7 Million worth of Ether tokens during the hack of Israeli startup CoinDash's initial coin offering last week. A few days ago, a hacker also stole nearly $32 Million worth of Ethereum from wallet accounts by exploiting a critical vulnerability in Parity's Ethereum Wallet software, which followed a $1 Million worth of Ether and Bitcoins heist in crypto currency exchange Bithumb earlier this month. Now, Veritaseum has confirmed that a hacker stole $8.4 Million in Ether (ETH) from its ICO this Sunday, July 23. "We were hacked, possibly by a group. The hack seemed to be very sophisticated, but there'
Cyber attack hits Istanbul Airport passport control system

Cyber attack hits Istanbul Airport passport control system

Jul 26, 2013
The passport control system at Istanbul Ataturk Airport International departure terminal was under cyber attack on Friday, while another airport in the Turkish largest city was also affected. Passengers stood in lines for hours and plane departures were delayed, because cyberattack shutdown passport control systems at two facilities. Later Authorities has restored the systems. Few local media said that the passport control system at the Sabiha Gokcen International Airport in Istanbul also broke down due to the malfunction of the Istanbul provincial security directorate's Polnet data system. They believe that systems were infected using some malwares, But Authorities also investigating if the malware yielded user details from the infected machines or not. No claim of responsibility or blame was attributed to the alleged cyberattack. However, this is another malware attacks been reported, targeting vital infrastructure so far. Cybersecurity has emerged as an emergin
US military's offensive operations in cyberspace to shoot Hackers

US military's offensive operations in cyberspace to shoot Hackers

Nov 17, 2011
US military's offensive operations in cyberspace to shoot Hackers The US military is now legally in the clear to launch offensive operations in cyberspace, the commander of the US Strategic Command has said. The Pentagon has just sent a report to Congress where it says that it has the right to retaliate with military force against a cyber attack. Air Force General Robert Kehler said in the latest sign of quickening U.S. military preparations for possible cyber warfare that "I do not believe that we need new explicit authorities to conduct offensive operations of any kind". US Strategic Command is in charge of a number of areas for the US military, including space operations (like military satellites), cyberspace concerns, 'strategic deterrence' and combating WMDs. " When warranted, we will respond to hostile acts in cyberspace as we would to any other threat to our country ," the DoD said in the report. " All states possess an inherent right to
EtherParty Breach: Another Ethereum ICO Gets Hacked

EtherParty Breach: Another Ethereum ICO Gets Hacked

Oct 03, 2017
Etherparty announced Sunday that its ICO (Initial Coin Offering) website selling tokens for a blockchain-based smart contract tool was hacked and the address for sending funds to buy tokens was replaced by a fraudulent address controlled by the hackers. Vancouver-based Etherparty is a smart contract creation tool that allows its users to create smart contracts on the blockchain. Companies like this launch ICO to let them raise funding from multiple sources. Etherparty said the company launched its Fuel token sale on Sunday, October 1 at 9 A.M. PDT, but just 45 minutes, some unknown attackers hacked into its ICO website and replaced the legitimate address by their own, redirecting cryptocurrencies sent by investors into their digital wallet. According to the details released by the Etherparty team, the company detected the hack after just 15 minutes and immediately took its website down for nearly one and half hour to fix the issue, preventing more people from sending funds to
Fine Gael website Hacked by Anonymous hackers !

Fine Gael website Hacked by Anonymous hackers !

Jan 11, 2011
Ireland's main opposition party confirms that the personal details of up to 2,000 people have been compromised by the attack Ireland's main opposition party's website has been hacked into by a group which has recently come to prominence for attacks on companies related to the WikiLeaks controversy. Up to 2,000 people's personal details were compromised in the attack by the hackers, known as Anonymous, Fine Gael said. The American internet firm ElectionMall, which reported the cyber attack to US authorities, has informed the party that the FBI is now involved in the investigation. A statement from Fine Gael confirmed that its site, Finegael.com had been compromised by the Anonymous group, which has backed WikiLeaks and its founder Julian Assange against attempts by the United States government to stop the leaking of sensitive American diplomatic cables. Anonymous has launched attacks on the websites of companies such as Visa, Mastercard and Amazon over allegations
CIO said - London Olympics Will Be 'ready' For Cyber-attacks !!

CIO said - London Olympics Will Be 'ready' For Cyber-attacks !!

Jan 21, 2011
London Olympics will be well prepared for attempted cyber attack, according to CIO Gerry Pennell London 2012. Speaking in London to start in 2012, and Atos Origin IT testing organization, Technology Lab, Pennell said the attacks at the Olympics - is also trying to overthrow the Games, to influence the results data and DDoS attacks on the pages of the event - were predictable. The former interior minister David Blunkett has also felt the impact of cyber attacks at the Olympics in 2009. Pennell said: "We have cyber attacks, certainly the previous games have always been attacked, then we will be attacked .. "We work with partners and government to ensure that we have the right of defense." With access to the laboratory of Technology, Atos and London of 2012 was 200 000 to start testing the entire Olympic Games IT infrastructure that is flexible, adaptable to change and secure. For example, scenarios such as computer room fire, or a virus, will be tested in real t
A New Wiper Malware Was Behind Recent Cyberattack On Iranian Train System

A New Wiper Malware Was Behind Recent Cyberattack On Iranian Train System

Jul 30, 2021
A cyber attack that derailed websites of Iran's transport ministry and its national railway system earlier this month, causing widespread disruptions in train services, was the result of a never-before-seen reusable wiper malware called "Meteor." The campaign — dubbed " MeteorExpress " — has not been linked to any previously identified threat group or to additional attacks, making it the first incident involving the deployment of this malware, according to researchers from Iranian antivirus firm  Amn Pardaz  and SentinelOne. Meteor is believed to have been in the works over the past three years. "Despite a lack of specific indicators of compromise, we were able to recover most of the attack components," SentinelOne's Principal Threat Researcher, Juan Andres Guerrero-Saade, noted. "Behind this outlandish tale of stopped trains and glib trolls, we found the fingerprints of an unfamiliar attacker," adding the offensive is "designed t
BitTorrent Invites Sony to Release 'The Interview' Movie On Its Paid Service

BitTorrent Invites Sony to Release 'The Interview' Movie On Its Paid Service

Dec 23, 2014
Sony was forced to pull the cinema release of " The Interview ," scheduled for Christmas day, after hacker group Guardians of Peace (GOP) threatened to attack any theater that decided to show the film. But the studio will release the controversial North Korean-baiting film via different alternatives. HACKERS WARNED OF TERROR ATTACK The massive hacking attack against Sony Pictures Entertainment is getting worst day by day. The hack has yet exposed about 200 gigabytes of confidential data belonging to the company from upcoming movie scripts to sensitive employees data, celebrities phone numbers and their travel aliases, and also the high-quality versions of 5 newest films leak , marking it as the most severe hack in the History. Week back, the hacker group GOP, who has claimed responsibility for the damaging Sony cyber-attack, demanded Sony to cancel the release of " The Interview " — the Seth Rogen and James Franco-starring comedy centered around a T
Cybersecurity Resources