Search results for cyber security | Breaking Cybersecurity News | The Hacker News

Do you use OneLogin password manager ? If yes, then immediately change all your account passwords right now. OneLogin, the cloud-based password management and identity management software company, has admitted that the company has suffered a data breach. The company announced on Thursday that it had "detected unauthorised access" in its United States data region. Although the company did not provide many details about the nature of the cyber attack, the statement released by the firm suggest that the data breach is extensive. What Happened? OneLogin, which aims at offering a service that "secures connections across all users, all devices, and every application," has not yet revealed potential weaknesses in its service that may have exposed its users' data in the first place. "Today We detected unauthorised access to OneLogin data in our US data region," OneLogin chief information security officer Alvaro Hoyos said in a brief blog post-Wednes

Mr. Robot was the biggest 'Hacking Drama' television show of 2015 and its second season will return to American TV screens on Wednesday 13th of July 2016. However, the new promotional website for season two of Mr. Robot has recently patched a security flaw that could have easily allowed a hacker to target millions of fans of the show. A White Hat hacker going by the alias Zemnmez discovered a Cross-Site Scripting (XSS) vulnerability in Mr. Robot website on Tuesday, the same day Mr. Robot launched a promo for its second series. The second season of the television show had already received praise from both critics and viewers for its relatively accurate portrayal of cyber security and hacking, something other cyber crime movies and shows have failed at badly. The new series also features a surprising yet welcome guest: President Barack Obama , who is giving a speech about a cyber threat faced by the nation. The flaw Zemnmez discovered on the show's website coul

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

A group of hackers, claiming to be from Kashmir, on Thursday night hacked a website dedicated to the Bollywood superstar, Amitabh Bacchan. The group calling itself 'Cyber Stone Pelters Force or Cyber Sangbaaz Force' hacked www. amitabhbachchanonline.com last night and posted pro-independence, anti-India, anti-Israel and anti-United States content on the home page. The hackers have also uploaded a song of Roushan Illahi, popularly known as MC Kash, a Kashmir youth who created ripples on social networking sites Facebook and Twitter with his track "I protest ", which deals with the death of over 113 people, mainly teenagers in government forces' action during pro-freedom demonstrations last summer. "Hello Mr admin, you got owned by Cyber Sangbaaz Force, Cyber Stone pelters Force from Indian Occupied Kashmir," reads the introductory message on the website. Slogans like "Down with America," "Down with Israel," "Down with India," "Free Palestine," "Free Kashmir," "Go India Go

A serious security vulnerability has been discovered in the default web browser of the Android OS lower than 4.4 running on a large number of Android devices that allows an attacker to bypass the Same Origin Policy (SOP). The Android Same Origin Policy (SOP) vulnerability ( CVE-2014-6041 ) was first disclosed right at the beginning of September 2014 by an independent security researcher Rafay Baloch. He found that the AOSP (Android Open Source Platform) browser installed on Android 4.2.1 is vulnerable to Same Origin Policy (SOP) bypass bug that allows one website to steal data from another. Security researchers at Trend micro in collaboration with Facebook have discovered many cases of Facebook users being targeted by cyber attacks that actively attempt to exploit this particular flaw in the web browser because the Metasploit exploit code is publicly available, which made the exploitation of the vulnerability much easier. The Same Origin Policy is one of the guidin

Audit finds 280 websites among Navy, J&K Govt and Nat'l archives face risk ! About 280 government websites face the risk of hacking finds a new security audit conducted on the aftermath of recent cyber attack on the  CBI website from Pakistan . The Times of India reported that the audit has found that government websites face the risk of cyber encroachment as several central and state agencies — ministries, departments, PSUs and autonomous bodies — get their websites designed and manned by private agencies, leaving many gaping loopholes. The agencies don't get security audit done at regular intervals, heightening the threat. Quoting sources the report said that the report found that security audit of CBI's website had not been conducted since 2007. With the threat perception of several " crucial " government agencies' websites looming large, the ministry of IT and telecommunications has instructed National Informatics Centre (NIC) to allow user agencies to anchor their web

Despite increased online and mobile banking security, banks are more often being targeted by hackers. A hacker group has infiltrated a number of banks and financial institutions in several countries, stealing hundreds of Millions of dollars in possibly the biggest bank heist the world has ever seen. According to a report published by the New York Times on Saturday, hackers have stolen as much as $1 Billion from more than 100 banks and other financial companies in almost 30 nations, making it " the most sophisticated attack the world has seen to date. " In late 2013 , banks in Russia, Japan, Europe, the United States and other countries fell victim to a massive, sophisticated malware hack that allowed the hackers to spy on bank officials in order to mimic their behavior, according to an upcoming report by Kaspersky Labs received by the NY Times. CARBANAK BANKING MALWARE IN THE WILD In order to infect bank staffs, the hacker group sent malicious emails to hun

The Russian government has introduced a draft bill that proposes prison sentences as punishment for hackers and cyber criminals creating malicious software used in targeting critical Russian infrastructure, even if they have no part in actual cyber attacks. The bill, published on the Russian government's website on Wednesday, proposes amendments to the Russian Criminal Code and Criminal Procedure Code with a new article titled, "Illegal influence upon the critical informational infrastructure of the Russian Federation." The article introduces punishment for many malicious acts, including the "creation and distribution of programs or information, which can be used for the destruction, blocking or copying data from the Russian systems." When suspects found as part of any hacking operation, they will face a fine between 500,000 and 1 Million rubles (about $7,700 to $15,400) and up to five years in prison, even if the hacking causes little or no harm. Also R

Microsoft is making every effort to make its Windows operating system more secure and advanced than ever before by beefing up its security practices and hardening it against hackers and cyber attacks in its next release. With the launch of its Windows 10 Creator Update (also known as RedStone 3), which is expected to release sometime between September and October 2017, Microsoft is planning to release lots of security features in an effort to prevent major global malware crisis. Just a few days ago, we reported about Microsoft's plan to build its EMET or Enhanced Mitigation Experience Toolkit into the kernel of the upcoming Windows 10 to boost the security of your computer against complex threats such as zero-day vulnerabilities. Also, the tech giant has planned to remove the SMBv1 (Server Message Block version 1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — from the upcoming Windows 10 (1709) Redstone 3

Yesterday, on the 3rd anniversary of the infamous global WannaCry ransomware outbreak for which North Korea was blamed, the U.S. government released information about three new malware strains used by state-sponsored North Korean hackers. Called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH, the malware variants are capable of remote reconnaissance and exfiltration of sensitive information from target systems, according to a joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD). The three new malware strains are the latest addition to a long list of over 20 malware samples , including BISTROMATH, SLICKSHOES, HOPLIGHT, and ELECTRICFISH , among others, that have been identified by the security agencies as originating as part of a series of malicious cyber activity by the North Korean government it calls Hidden Cobra , or widely known by the moniker Lazarus Group. Full

Virtual Private Network (VPN) provider ExpressVPN on Thursday announced that it's removing Indian-based VPN servers in response to a new cybersecurity directive issued by the Indian Computer Emergency Response Team (CERT-In). "Rest assured, our users will still be able to connect to VPN servers that will give them Indian IP addresses and allow them to access the internet as if they were located in India," the company  said . "These 'virtual' India servers will instead be physically located in Singapore and the U.K." The development comes as the CERT-In has enforced new  controversial   data retention requirements  that are set to come into effect on June 27, 2022, and mandate VPN service providers to store subscribers' real names, contact details, and IP addresses assigned to them for at least five years. The logged user data, CERT-In emphasized, will only be requested for the purposes of "cyber incident response, protective and preventive

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday  published  a repository of free tools and services to enable organizations to mitigate, detect, and respond effectively to malicious attacks and further improve their security posture. The " Free Cybersecurity Services and Tools " resource hub comprises a mix of 101 services provided by CISA, open-source utilities, and other implements offered by private and public sector organizations across the cybersecurity community. "Many organizations, both public and private, are target rich and resource poor," CISA Director, Jen Easterly, said in a statement. "The resources on this list will help such organizations improve their security posture, which is particularly critical in the current heightened threat environment." The tools catalog is the latest in a string of initiatives launched by CISA to combat cyber threats and help organizations adopt foundational measures to maximize re

Security researchers have discovered a custom-built piece of malware that's wreaking havoc in Asia for past several months and is capable of performing nasty tasks, like password stealing, bitcoin mining, and providing hackers complete remote access to compromised systems. Dubbed Operation PZChao , the attack campaign discovered by the security researchers at Bitdefender have been targeting organizations in the government, technology, education, and telecommunications sectors in Asia and the United States. Researchers believe nature, infrastructure, and payloads, including variants of the Gh0stRAT trojan, used in the PZChao attacks are reminiscent of the notorious Chinese hacker group— Iron Tiger . However, this campaign has evolved its payloads to drop trojan, conduct cyber espionage and mine Bitcoin cryptocurrency. The PZChao campaign is attacking targets across Asia and the U.S. by using similar attack tactics as of Iron Tiger, which, according to the researchers, si

Ask an expert on cyber espionage and he for sure he will speak of China, the most active and advanced country in this sector, this time a clamorous campaign apparently originated from Korea has been discovered. Security company FireEye collected evidences of a cyber espionage campaign, named " Sanny ", attributable to Korea. FireEye hasn't revealed the real origin of the offensive, it's a mystery which Korea is responsible between North or South Korea, but it confirmed that 80% of victims are Russian organizations and companies belonging to space research industry, information, education and telecommunication. According Ali Islam, security researcher at FireEye declared " Though we don't have full concrete evidence, we have identified many indicators leading to Korea as a possible origin of attack."   The following are the indicators we have so far: 1. The SMTP mail server and CnC are in Korea 2. The fonts "Batang" and "KP CheongPong" used in the

John Arquilla, a professor at the U.S. Naval Academy and former military adviser has urged President Barack Obama to pardon the British computer hacker Gary McKinnon and to recruit master hackers to US Cyber Command. Gary McKinnon faced extradition for hacking into Pentagon and Nasa systems, and but they believe that he could encourage other hackers to become government cyber warriors. ' If the notion of trying to attract master hackers to our cause is ever to take hold, this might be just the right case in which President Obama should consider using his power to pardon, ' says Arquilla. China is widely thought to employ hackers, so the Pentagon aims to expand its cyber security personnel from 900 to 4,900 in the next few years and Hackers are frequently employed by security firms after serving sentences and Arquilla suggest Obama to do so. ' Today's masters of cyberspace are not unlike the German rocket scientists who, after World War II, were so ea

On passed Thursday, Microsoft has released an advance advisory alert for upcoming Patch Tuesday which will address Remote Code Execution vulnerabilities in several Microsoft's products. Microsoft came across a limited targeted attacks directed at their Microsoft Word 2010 because of the vulnerability in the older versions of Microsoft Word. This Tuesday Microsoft will release Security Updates to address four major vulnerabilities, out of which two are labeled as critical and remaining two are Important to patch as the flaws are affecting various Microsoft software such as, Microsoft Office suite, Microsoft web apps, Microsoft Windows, Internet Explorer etc. VULNERABILITY THAT YOU  MUST PATCH Google Security Team has reported a critical Remote code execution vulnerability in Microsoft Word 2010 ( CVE-2014-1761 ) which could be exploited by an attacker to execute the malicious code remotely via a specially crafted RTF file , if opened by a user with an affected vers

The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor proxies have conducted malicious cyber operations targeting a range of government and private-sector organizations around the world and across various critical infrastructure sectors," the Treasury  said . The agency also accused Iranian state-sponsored actors of  staging disruptive attacks  aimed at Albanian government computer systems in mid-July 2022, an incident that forced the latter to temporarily suspend its online services. The development comes months nearly nine months after the U.S. Cyber Command characterized the advanced persistent threat (APT) known as MuddyWater as a  subordinate element  within MOIS. It also comes almost two years following the Treasury's sa

India's leading telecom Company  BSNL hacked by Pakistani Hacker A Pakistani hacker "KhantastiC haX0r" today hack into the official website of India's leading telecom Company Bharat Sanchar Nigam Limited (BSNL) . This is not 1st time when BSNL become victim of any cyber attack. Pakistani Hackers hit Indian Corporate and National Government Websites, Servers time by time Just for FUN or so called Cyber War b/w these two countries. This year 2011, Attack/ defacement are less than the records of previous years. Most of the hacking groups from India now become White hat hackers and working for Cyber Security Awareness and Development. We wish same for all Pakistani hackers to start working for Security and Development. Anyway, The Hacker domain is  https://bsnl.co.in/tender1/  .

The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be deceived to provide a false sense of security. "Ivanti ICT is not sufficient to detect compromise and that a cyber threat actor may be able to gain root-level persistence despite issuing factory resets," the agencies  said . To date, Ivanti has disclosed five security vulnerabilities impacting its products since January 10, 2024, out of which four have come under active exploitation by multiple threat actors to deploy malware - CVE-2023-46805  (CVSS score: 8.2) - Authentication bypass vulnerability in web component CVE-2024-21887  (CVSS score: 9.1) - Command injection vulnerability in web component CVE-2024-21888  (CVSS score: 8.8) - Privilege escalation vulnerability in web component CVE-2024-21893  (CVSS score: 8

The Russian government on Thursday warned of cyber attacks aimed at domestic critical infrastructure operators, as the country's full-blown invasion of Ukraine enters the second day. In addition to cautioning of the "threat of an increase in the intensity of computer attacks," Russia's National Computer Incident Response and Coordination Center  said  that the "attacks can be aimed at disrupting the functioning of important information resources and services, causing reputational damage, including for political purposes." "Any failure in the operation of [critical information infrastructure] objects due to a reason that is not reliably established, first of all, should be considered as the result of a computer attack," the agency added. Furthermore, it notified of possible influence operations undertaken to "form a negative image of the Russian Federation in the eyes of the world community," echoing a  similar alert  released by the U