#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
SaaS Security

Search results for peer-to-peer | Breaking Cybersecurity News | The Hacker News

Uroburos Rootkit: Most sophisticated 3-year-old Russian Cyber Espionage Campaign

Uroburos Rootkit: Most sophisticated 3-year-old Russian Cyber Espionage Campaign

Mar 05, 2014
The Continuous Growth of spyware, their existence, and the criminals who produce & spread them are increasing tremendously. It's difficult to recognize spyware as it is becoming more complex and sophisticated with time, so is spreading most rapidly as an Internet threat. Recently, The security researchers have unearthed a very complex and sophisticated piece of malware that was designed to steal confidential data and has ability able to capture network traffic. The Researchers at the German security company G Data Software , refer the malware as Uroburos , named after an ancient symbol depicting a serpent or dragon eating its own tail, and in correspondence with a string ( Ur0bUr()sGotyOu# ) lurking deep in the malware's code.  The researchers claimed that the malware may have been active for as long as three years before being discovered and appears to have been created by Russian developers. Uroburos is a rootkit designed to steal data from secure facilit
US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs

US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs

Sep 22, 2021
The U.S. Treasury Department on Tuesday imposed sanctions on Russian cryptocurrency exchange Suex for helping facilitate and launder transactions from at least eight ransomware variants as part of the government's efforts to crack down on a surge in ransomware incidents and make it difficult for bad actors to profit from such attacks using digital currencies. "Virtual currency exchanges such as SUEX are critical to the profitability of ransomware attacks, which help fund additional cybercriminal activity," the department  said  in a press release. "Analysis of known SUEX transactions shows that over 40% of SUEX's known transaction history is associated with illicit actors. SUEX is being designated pursuant to  Executive Order 13694 , as amended, for providing material support to the threat posed by criminal ransomware actors." According to blockchain analytics firm  Chainalysis , SUEX is legally registered in the Czech Republic and operates out of office
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Variant of Zeusbot/Spyeye Botnet uses p2p network model

Variant of Zeusbot/Spyeye Botnet uses p2p network model

Feb 23, 2012
Variant of Zeusbot/Spyeye Botnet uses p2p network model Cybercriminals are using a modified version of the Zeusbot/Spyeye, which is using a peer-to-peer (P2P) network architecture, rather than a simple bot to command-and-control (C&C) server system, making the botnet much harder to take down, Symantec warned. ZeuS is very popular in the cybercriminal world because it's capable of stealing a wide variety of information, documents and login credentials from infected systems. For many years it was the weapon of choice for most fraudsters targeting online banking systems.The Trojan's source code was published on Internet underground forums last year, paving the way for many third-party modifications and improvements. Previously, P2P was used to communicate between bots any change in the C&C server's URL. Other techniques have also been used, such as programmatically determining the URLs to be used on particular dates in the event that a bot loses contact completely
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication

Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication

May 30, 2017
What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge? Sounds really scary! Isn't it? But this scenario is not only possible but is hell easy to accomplish. A UX design flaw in the Google's Chrome browser could allow malicious websites to record audio or video without alerting the user or giving any visual indication that the user is being spied on. AOL developer Ran Bar-Zik reported the vulnerability to Google on April 10, 2017, but the tech giant declined to consider this vulnerability a valid security issue, which means that there is no official patch on the way. How Browsers Works With Camera & Microphone Before jumping onto vulnerability details, you first need to know that web browser based audio-video communication relies on WebRTC (Web Real-Time Communications) protocol – a collection of communications protocols th
FBI issues alert over two new malware linked to Hidden Cobra hackers

FBI issues alert over two new malware linked to Hidden Cobra hackers

May 30, 2018
The US-CERT has released a joint technical alert from the DHS and the FBI, warning about two newly identified malware being used by the prolific North Korean APT hacking group known as Hidden Cobra. Hidden Cobra, often known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and known to launch attacks against media organizations, aerospace, financial and critical infrastructure sectors across the world. The group was even associated with the WannaCry ransomware menace that last year shut down hospitals and businesses worldwide. It is reportedly also linked to the 2014 Sony Pictures hack , as well as the SWIFT Banking attack in 2016. Now, the Department of Homeland Security (DHS) and the FBI have uncovered two new pieces of malware that Hidden Cobra has been using since at least 2009 to target companies working in the media, aerospace, financial, and critical infrastructure sectors across the world. The malware Hidden Cobra is
Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection

Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection

Nov 01, 2023 Cyber Threat / Malware
The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed moniker  Pensive Ursa . "As the code of the upgraded revision of Kazuar reveals, the authors put special emphasis on Kazuar's ability to operate in stealth, evade detection and thwart analysis efforts," security researchers Daniel Frank and Tom Fakterman  said  in a technical report. "They do so using a variety of advanced anti-analysis techniques and by protecting the malware code with effective encryption and obfuscation practices." Pensive Ursa, active since at least 2004, is attributed to the Russian Federal Security Service (FSB). Earlier this July, the Computer Emergency Response Team of Ukraine (CERT-UA)  implicated  the threat group to attacks targeting the defense sector in Ukraine and East
U.S. Government Neutralizes Russia's Most Sophisticated Snake Cyber Espionage Tool

U.S. Government Neutralizes Russia's Most Sophisticated Snake Cyber Espionage Tool

May 10, 2023 Cyber Espionage / Cyber Attack
The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known as  Snake  wielded by Russia's Federal Security Service (FSB). Snake, dubbed the "most sophisticated cyber espionage tool," is the handiwork of a Russian state-sponsored group called  Turla  (aka Iron Hunter, Secret Blizzard, SUMMIT, Uroburos, Venomous Bear, and Waterbug), which the U.S. government attributes to a unit within Center 16 of the FSB. The threat actor has a  track record  of heavily focusing on entities in Europe, the Commonwealth of Independent States (CIS), and countries affiliated with NATO, with recent activity expanding its footprint to incorporate Middle Eastern nations deemed a threat to countries supported by Russia in the region. "For nearly 20 years, this unit [...] has used versions of the Snake malware to steal sensitive documents from hundreds of computer systems in at least 50 countries, which have
27C3: GSM cell phones even easier to tap !

27C3: GSM cell phones even easier to tap !

Dec 31, 2011
At the 27th Chaos Communication Congress ( 27C3 ) hacker conference, security researchers demonstrated how open source software on a number of revamped, entry-level cell phones can decrypt and record mobile phone calls in the GSM network. Using a normal laptop and a homemade monitoring device, team leader Karsten Nohl of Berlin's  Security Research Labs  explained that GSM mobile communications can be decrypted in "around 20 seconds." He said his team was able to record and playback entire conversations in plain text. Last year, Nohl and his team showed how they managed to crack the A5/1 encryption algorithm used in GSM, in three months using 40 distributed computers. Since then, he says his team has considerably improved the rainbow tables needed for the attack; the tables are once again available from the BitTorrent peer-to-peer network. Nohl says he has also made a lot of progress with the other hardware and software needed for the attack. Furthermore, the scenario fo
Vigilante Hackers Aim to Hijack 200,000 Routers to Make Them More Secure

Vigilante Hackers Aim to Hijack 200,000 Routers to Make Them More Secure

Feb 10, 2016
The same "Vigilante-style Hacker," who previously hacked more than 10,000 routers to make them more secure, has once again made headlines by compromising more than 70,000 home routers and apparently forcing their owners to make them secure against flaws and weak passwords. Just like the infamous hacking group Lizard Squad , the group of white hat hackers, dubbed the White Team , is building up a sizeable botnet consisting of hundreds of thousands of home routers, but for a good purpose. Lizard Squad , the same group responsible for Sony PlayStation Network and Microsoft Xbox Live outages , uses their botnets to launch DDoS ( Distributed Denial of Service ) attacks against target websites to flood them with traffic and knock them offline. Hacking Routers to Make them More Secure Challenged by Lizard Squad's maliocus work, the White Team of vigilante hackers built their own peer-to-peer botnet that infects routers to close off vulnerabilities , such
Hola — A widely popular Free VPN service used as a Giant Botnet

Hola — A widely popular Free VPN service used as a Giant Botnet

May 29, 2015
The bandwidth of Millions of users of a popular free VPN service is being sold without their knowledge in an attempt to cover the cost of its free service, which could result in a vast botnet-for-sale network. " Hola ," a free virtual private network, is designed to help people abroad watch region restricted shows like American Netflix, and other streaming United States media. Hola is selling users' bandwidth: Hola is easy-to-use browser plugin available in the Google Chrome Store with currently more than 6 Million downloads . But, unfortunately, Hola could be used by hackers to maliciously attack websites, potentially putting its users at risk of being involved in illegal or abusive activities. Hola uses a peer-to-peer system to route users' traffic. So, if you are in Denmark and wants to watch a show from America, you might be routed through America-based user's Internet connections. However, Hola is not leaving a chance to make money o
Cyber criminals targeting another cryptocurrency 'Primecoin' with malicious miners

Cyber criminals targeting another cryptocurrency 'Primecoin' with malicious miners

Jan 16, 2014
Like Bitcoin, There are numerous other cryptocurrency similar in nature, including  MasterCoin , ProtoShares, Litecoin, Peercoin, BitBar and many more. One of them is  Primecoin  (sign: Ψ; code: XPM),  a peer-to-peer open source cryptocurrency that implements a scientific computing proof-of-work system. Unlike Bitcoin or other virtual currencies, only Primecoin provides a proof of work that has intrinsic value. It generates a special form of prime number chains, known as ' Cunningham chains & bi-twin chains ' and has a real world importance in mathematical research. Worldwide famous RSA Encryption basically uses two prime numbers for generating a RSA key pair. If you are able to factorize the public key and find these prime numbers, you will then be able to find the private key. Thus, the whole Security of RSA encryption is based on the length of prime numbers. So, Primecoin plays a great role for crypto researchers to get large... and a very large number of Primes. Like
40th anniversary of the computer virus !

40th anniversary of the computer virus !

Mar 14, 2011
This year marks the 40th anniversary of Creeper, the world's first computer virus. From Creeper to Stuxnet, the last four decades saw the number of malware instances boom from 1,300 in 1990, to 50,000 in 2000, to over 200 million in 2010. Besides sheer quantity, viruses, which were originally used as academic proof of concepts, quickly turned into geek pranks, then evolved into cybercriminal tools. By 2005, the virus scene had been monetized, and virtually all viruses were developed with the sole purpose of making money via more or less complex business models. In the following story, FortiGuard Labs looks at the most significant computer viruses over the last 40 years and explains their historical significance. 1971: Creeper: catch me if you can While theories on self-replicating automatas were developed by genius mathematician Von Neumann in the early 50s, the first real computer virus was released "in lab" in 1971 by an employee of a company working on building ARPANET, the
'Dark Mail Alliance', Future of surveillance proof email technology

'Dark Mail Alliance', Future of surveillance proof email technology

Oct 31, 2013
Yesterday I learned about  ' Dark Mail Alliance ', where  Lavabit , reportedly an email provider for NSA leaker Edward Snowden and Silent Circle comes together to create a surveillance-proof email technology. Ladar Levison at Lavabit and Silent Circle CEO Mike Janke, Founders of two e-mail services that recently shut down amid government efforts to nab encryption keys, as well as the larger revelations regarding the NSA's surveillance efforts. The newly developed technology has been designed to look just like ordinary email, with an interface that includes all the usual folders i.e. inbox, sent mail, and drafts. But where it differs is that it applies peer-to-peer encryption not only to the body of the digital missive, but also to its metadata (To:, From: and Subject fields) that third parties are most likely to collect. The encryption, based on a Silent Circle instant messaging protocol called SCIMP and the secret keys generated to encrypt the communic
Cybersecurity Resources