Search results for cyber attack | Breaking Cybersecurity News | The Hacker News

Shamoon is back… one of the most destructive malware families that caused damage to Saudi Arabia's largest oil producer in 2012 and this time it has targeted energy sector organizations primarily operating in the Middle East. Earlier this week, Italian oil drilling company Saipem was attacked and sensitive files on about 10 percent of its servers were destroyed, mainly in the Middle East, including Saudi Arabia, the United Arab Emirates and Kuwait, but also in India and Scotland. Saipem admitted Wednesday that the computer virus used in the latest cyber attack against its servers is a variant Shamoon—a disk wiping malware that was used in the most damaging cyber attacks in history against Saudi Aramco and RasGas Co Ltd and destroyed data on more than 30,000 systems. The cyber attack against Saudi Aramco, who is the biggest customer of Saipem, was attributed to Iran, but it is unclear who is behind the latest cyber attacks against Saipem. Meanwhile, Chronicle, Google'

The Norwegian police have arrested and charged a 17-year-old for a massive distributed denial-of-service (DDoS) attack earlier this week that disabled the websites of major financial institutions and other businesses in the country. Distributed Denial of Service (DDoS) attack is designed to sabotage, shut down and overload the targeted website with web traffic more than its capacity in order to make it unavailable to users. The attack targeted five major banks, two telecommunication firms, three airlines and one insurance company, as their websites and online payment systems were disrupted. The unnamed teen claimed to be a part of the hacktivist group Anonymous Norway for what was thought to be the country's biggest ever cyber-attack on businesses. Although, the Anonymous Norway, via a Twitter message, has dismissed any connection to him or the cyber attack. The youngster was a resident of Bergen, on Norway's west coast. He was arrested on Thursday morning and que

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Everis , one of the largest IT consulting companies in Spain, suffered a targeted ransomware attack on Monday, forcing the company to shut down all its computer systems until the issue gets resolved completely. Ransomware is a computer virus that encrypts files on an infected system until a ransom is paid. According to several local media, Everis informed its employees about the devastating widespread ransomware attack, saying: "We are suffering a massive virus attack on the Everis network. Please keep the PCs off. The network has been disconnected with clients and between offices. We will keep you updated." "Please, urgently transfer the message directly to your teams and colleagues due to standard communication problems." According to cybersecurity consultant  Arnau Estebanell Castellví , the malware encrypted files on Everis's computers with an extension name resembling the company's name, i.e., " .3v3r1s ," which suggests the at

TalkTalk , one of the biggest UK-based phone and Internet service provider with more than 4 Million customers, has been hacked again, the company announced late Thursday. TalkTalk is informing its 4 million customers that it has fallen victim to a "significant and sustained cyber attack" and it is possible that sensitive data including bank details have been stolen. In February, TalkTalk suffered a major data breach in which its customer details were stolen and misused by scammers to access additional information as well as steal considerable amount of money. What data might have been Exposed? According to the company, potentially all of its 4 Million customers could be affected by the data breach. However, TalkTalk hasn't specified exactly what kind of data was stolen from its servers, but says that the systems accessed by hackers contained information including: Credit card details and/or bank details Full names Postal addresses Dates

Between crossovers - Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a Cyber Extortion / Ransomware attack, we noticed that some victims re-occur. Consequently, the question arises why we observe a re-victimization and whether or not this is an actual second attack, an affiliate crossover (meaning an affiliate has gone to another Cyber Extortion operation with the same victim) or stolen data that has been travelling and re-(mis-)used. Either way, for the victims neither is good news.  But first thing's first, let's explore the current threat landscape, dive into one of our most recent research focuses on the dynamics of this ecosystem; and then explore our dataset on Law Enforcement activities in this space. Might the re-occurrence that we observe be foul play by threat actors and thus show how desperately they are trying to regain the trust of their co-offenders after disruption efforts by Law Enforcement? Or are th

Japan under Heavy Cyber Attack ! In last two days several Cyber attacks breach corporate and National Security of Japan. First, Japanese parliament hit by cyber attack from China according to Report. A server located in China was used for the attack on the Japanese Lower House. This led to an extraordinary meeting of a key subcommittee after it emerged that hackers had access to emails and documents belonging to the chamber's 480 legislators for at least one month. The personal computers and servers of Japanese lower house lawmakers have been hit by a cyber attack, and passwords and user IDs may have been stolen. Next, Information on military aircraft and nuclear power plants may have been stolen in a series of cyberattacks on Japanese defence contractor Mitsubishi Heavy. Mitsubishi Heavy said late last month that 83 computers at 11 of its facilities had been hit by cyberattacks but no leakage of information on products and technologies had been confirmed. Christophe Bianco

TalkTalk, one of the biggest UK-based Telecoms company with 4 million customers, has been issued with a record £400,000 ($510,000) fine for failings to implement the most basic security measures to prevent the hack that made global headlines last year. The penalty has been imposed by the Information Commissioner's Office (ICO) over the high-profile cyber attack occurred in the company last October, which allowed hackers to steal the personal data of its 156,959 customers "with ease." The ICO said on Wednesday that TalkTalk, which offers TV, phone and broadband services, could have prevented the cyber attack if the company had implemented even basic security measures to protect its customers' data. The hacked data of 156,959 customers included full names, postal addresses, dates of birth, telephone numbers, email addresses and TalkTalk accounts information. The hacker also had even access to bank account details and sort codes in almost 16,000 cases. "When i

Colonial Pipeline , which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack,  once again demonstrating  how critical infrastructure is vulnerable to cyber attacks. "On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack," the company  said  in a statement posted on its website. "We have since determined that this incident involves ransomware. In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems." Colonial Pipeline is the largest refined products pipeline in the U.S., a 5,500 mile (8,851 km) system involved in transporting over 100 million gallons from the Texas city of Houston to New York Harbor. Cybersecurity firm FireEye's Mandiant incident response division is said to be assisting with the investigation, according to reports from  B

From past few days, Internet Users in China are dealing with a weird redirection of traffic nationwide while accessing any website that makes use of connect.facebook.net resource. Great Firewall of China , which is infamous for the Internet censorship by Chinese government, believes to be intercepting the JavaScript module used by Facebook Connect Login, which is meant to allow third-party websites to authorize users through Facebook infrastructure. Chinese Internet users are complaining that when they visit any website that contain " Login with Facebook " or " Connect with Facebook " buttons (which is being used by a vast number of sites), they automatically redirect to unrelated websites. The two websites to which the traffic is being redirected: wpkg.org — A website for open source automated software deployment, upgrade, and removal program for Windows. ptraveler.com — A personal travel blog authored by a young couple of Poland. "Th

When the headlines focus on breaches of large enterprises like the Optus breach, it's easy for smaller businesses to think they're not a target for hackers. Surely, they're not worth the time or effort?  Unfortunately, when it comes to cyber security, size doesn't matter.  Assuming you're not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple security steps in place. Few small businesses prioritise cybersecurity, and hackers know it. According to Verizon, the number of smaller businesses being hit has climbed steadily in the last few years – 46% of cyber breaches in 2021 impacted businesses with fewer than 1,000 employees.  Cyber security doesn't need to be difficult Securing any business doesn't need to be complex or come with a hefty price tag. Here are seven simple tips to help the smaller business secure their systems, people and data. 1 — Install anti-virus software everywhere Every organisation has anti-virus on the

The U.S. government and its key allies, including the European Union, the U.K., and NATO, formally attributed the massive cyberattack against Microsoft Exchange email servers to state-sponsored hacking crews working affiliated with the People's Republic of China's Ministry of State Security (MSS). In a  statement  issued by the White House on Monday, the administration said, "with a high degree of confidence that malicious cyber actors affiliated with PRC's MSS conducted cyber-espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021. The U.K. government  accused  Beijing of a "pervasive pattern of hacking" and "systemic cyber sabotage." The  sweeping espionage campaign  exploited four previously undiscovered vulnerabilities in Microsoft Exchange software and is believed to have hit at least 30,000 organizations in the U.S. and hundreds of thousands more worldwide. Microsoft identified

Yesterday we reported about a massive Cyber attack on South Korea that was responsible for shutting down networks of South Korean banks and TV broadcasters. Police are still investigating the cyber attack  but the country's Communications Commission has revealed that the hacking originated from a Chinese IP address. Symantec Security team analyze the code used in the cyber attacks against South Korea and they discovered an additional component used in this attack that is capable of wiping Linux machines.  The malware, which it called Jokra, contains a module for wiping remote Linux machines. ' The included module checks Windows 7 and Windows XP computers for an application called mRemote, an open source, multi-protocol remote connections manager. ' Symantec said. McAfee also published an analysis of the attack code, which wrote over a computer's master boot record, which is the first sector of the computer's hard drive that the computer checks before the opera

The connected devices, better known as the Internet of Things , have been attracting the significant interest of, not only users but also cyber criminals that are turning them into weapons for cyber war. Due to the insecure implementation of Internet-connected embedded devices, they are routinely being hacked and used in cyber attacks. We have seen Smart TVs and Refrigerator sending out millions of malicious spam emails ; we have also seen printers and set-top-boxes mining Bitcoins . And Now… Cyber crooks have targeted innocent looking CCTV cameras – common Internet-of-Things (IoT) device – to launch Distributed Denial-of-Service (DDoS) attacks . Also Read: 100,000 Refrigerators and other home appliances hacked to perform cyber attack. Yes, Surveillance cameras in shopping malls are being targeted to form a large botnet that can blow large websites off the Internet by launching crippling Distributed Denial-of-service (DDoS) attacks. THE CAUSE The cro

Distributed Denial of Service (DDoS) attacks have risen enormously in past few months and, mostly, they are coming from hacked and insecure internet-connected devices, most commonly known as Internet of Things (IoT). Recent DDoS attack against DNS provider Dyn that brought down a large chunk of the Internet came from hacked and vulnerable IoT devices such as DVRs, security cameras, and smart home appliances. This DDoS was the biggest cyber attack the world has ever seen. Now, in the latest incident, at least five Russian banks have been subject to a swathe of DDoS attacks for two days, said the Russian banking regulator. The state-owned Sberbank was one of the five targets of the attacks that began on last Tuesday afternoon and lasted over the next two days. According to Kaspersky Lab, the longest attack last for 12 hours and peaked at 660,000 requests per second came from a botnet of at least 24,000 hacked devices located in 30 countries. Although the culprit appears