The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Imagine someone getting access to your computer, encrypting all your family photos and other priceless files, and then demanding a ransom for their safe return. That is what ransomware is all about. Symantec's latest research report suggests police-themed ransomware could be a replacement to the once-lucrative fake antivirus scareware trade. According to  report , Ransomware distributors are raking in around $5 million dollars a year and the spoils are being spread among just 16 crime groups. Symantec's estimates suggest a significant but not yet thriving crime business, which delivers each operation, on average, $300,000 a year. Reticently identified Oracle Java SE Remote Java Run time Environment vulnerability (  CVE-2012-5076 ) leads to  Geo located   Ransomware Malware . Java vulnerability actually can allows attacker to unauthorized disclosure of information, unauthorized modification and disruption of service. This Ransomware shows a bogus notification, that preten

Guadeloupe is a Caribbean island located in the Leeward Islands, in the Lesser Antilles. Today a hacker going by name "UR0B0R0X" claimed to hack into the " Network Information Center Guadeloupe " (nic.gp), which is Guadeloupe National Domain registrar having control over domains of big companies like Google.gp, Paypal.gp, twitter.gp, Yahoo.gp,  and many more. Hacker claimed to hack server of  nic.gp and leak credentials (encrypted) of 1271 Guadeloupe domains and user accounts including usernames, email addresses and phone numbers from server as shown via a  paste-bin note . and complete database uploaded on a  file sharing  site.

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

It's be Just hours Windows Phone 8 has been released - and hackers have already dished out a malware prototype for the platform. Windows Phone 8 is the second generation of the Windows Phone mobile operating system. Windows Phone 8 Microsoft's latest in mobile OS technology - comes in as a direct competition to rivals Apple and Google. The research firm Gartner indicates that by 2016 the increase in Windows Phone users will slightly fall below Apple`s iOS users. To be showcased at the International Malware Conference, MalCon - on 24th November in India, the prototype has been created by Shantanu Gawde, who has previously created a malware that utilized the famed Xbox Kinect. Windows Phone 8 replaces its previously Windows CE-based architecture with one based on the Windows NT kernel with many components shared with Windows 8, allowing applications to be easily ported between the two platforms. While no further details of the malware are available at this point of time, it will

A 15-year-old  UG Nazi hacker  going by the name of Cosmo or Cosmo the God  was sentenced in juvenile court on Wednesday with terms for six years without any computers or Internet, until his 21st birthday. During these 6 years, he'll need approval from his parole officer to access the internet. Wired report that hacker resides in Long Beach, California, and began as a politicized group that opposed SOPA, took down a bevy of websites this year, including those for NASDAQ, CIA.gov, and UFC.com. It redirected 4Chan's DNS to point to its own Twitter feed. Hacker pled guilty to more than a few felonies, with charges ranging from credit card fraud to online impersonation. The probation that Cosmo agreed to as part of his plea limits his use of the internet to solely educational purposes, and all use will be supervised. As part of the hacker group UGNazi, he was able to gain access to accounts on sites including Amazon, PayPal, Microsoft, Netflix, and many more. He is prohibited from

Anonymous hacker deface Kuwaiti Ministry of Awqaf and Islamic Affairs ( https://islam.gov.kw/)  Deface page have Anonymous Mask as shown in screenshot with an Arabic language message . Translated message " Letter to the Kuwaiti people full and without any exception ! Jordan and Palestine red line and pocket Asarthm Bandas ! God bless you, O Saddam and what God has failed them !! Gary trampling upon you and one-and-one, O and Ladd dog !! Strong Protection, is Our Target " At the time of writing, site is defaced, This Anonymous groups seems to to be note related to whole anonymous groups and Operations. Will will update you soon with more updates.

ZCompany Hacking Crew members hack and deface  English Defence League official website (https://englishdefenceleague.org),a far-right British organization . Deface page include text " Fuck Zionist Jews! – Boycot israel! – Fuck the American Government! - Fuck fascist Organizations like EDL" and a screenshot of a email. " EDL admins have been harassing innocent people and stealing money from them to fund their racist adventures " Hacker continue. Hacker trend the hacking operation as # OPEDL and #OpRacism  on twitter. Further message include, " Such a shame! EDL admins! as we ZHC said we will always be one step ahead of you. We will chase you, expose your racism and even remove you from the web. We demonstrated it successfully by deleting your facebook page three times. And we have demonstrated it successfully by defacing and exposing your frauds yet again.But the best is yet to come. Yes right, details of supporters and donors of EDL will be made public soo

The Windows 8 and Windows RT security updates will be the first shipped since those operating systems' launch on Oct. 26. The latest vulnerabilities include three critical security vulnerabilities for Windows 8, and one critical security vulnerability for the Surface-based Windows RT operating system. These flaws are considered "critical" and could allow remote code execution on vulnerable systems. Among the various flaws, versions from Windows XP (Service Pack 3) all the way through to Windows 8 are affected, including versions of the Office suite, and versions of Windows Server. Released only in September, Windows Server 2012 requires patching to maintain maximum security. If you've enabled automatic updates, the patches will automatically install on Tuesday. As usual, the specific details about what is being fixed in these updates won't be revealed until the patches themselves are available for download in order to not give hacker groups an advance

Paul F Renda give an overview that, What and how new long distance and short distance Dead drop techniques are used by National Security Agency for secure communications. What is a dead drop? It is methods that spies use or have used to communicate with associates who have information for them. The dead drop allows them to exchange information without having actual physical contact with each other. The person leaving the information can leave it under a rock or a can or bush. A special type of empty spikes that can be dropped into holes has also been used drop information. The person leaving the information also leaves some kind of signal the drop was made. The signal could be a chalk marks on a tree or pavement. Someone views the signal and retrieves information. Some more unusual dead drops have used dead animals like rabbits, rats and large birds to hide the information. These have been used by both the CIA and KGB. The one problem with this type of dead drop is that other

Indian Hacker  Godzilla aka G.O.D hacked into Bangladesh Army servers, belongs to domain  www.army.mil.bd and leak Internal Network Information via a note . Hacker also publicly posted their Cisco Router passwords and Mac-Address of all machines within the network. We talked with the hacker to know reason of hacking , and he reply, " Its Parade time for you, Bangladesh Army ! ! ! Even a municipal school website has better security than your website. You have time till December, secure it if u can.. Stop supporting terrorist organizations.. Put your best men at work now, we will come back in December. see you soon.. ./Peace is just what we want.. ./live and let others live. ." In his statement hacker threat to hack Bangladesh sites again by December, if they will not stop supporting terrorism. At the time of reporting this news, the official website of Bangladesh military is down because of cyber attack by Godzilla and Hacker advice that officials need to restart their se

Tse Man- lai,  28-year-old businessman, owner of an information technology company, launched denial-of-service (DoS) attacks on Hong Kong stock exchange last year on August 12 and 13 , was sentenced to nine months in jail on Friday. According to SCMP , Tse Man- lai, who had pleaded not guilty to two counts of obtaining access to a computer with criminal or dishonest intent, was convicted of both counts in the District Court on October 24.  The attacked website is one of the most important economic platform of Hong Kong. Trading in the shares of seven companies was suspended. The seven companies, which included HSBC, Cathay Pacific Airways and HKEx itself, had a combined market value of HK$1.5 trillion. Trading was also halted on a debt security and 419 warrants and derivatives linked to the suspended stocks. Trading in the stocks were suspended, as the companies had tried to make price-sensitive announcements during the lunchtime trading break, which investors might not have seen be

Stuxnet , a sophisticated computer virus created by the United States and Israel, to spy on and attack Iran's nuclear enrichment facilities in Natanz also infected Chevron 's network in 2010, immediately after it spread into the wild. This Government created virus Now Infecting Corporations also. Chevron oil giant found the virus in its systems after the malware' s existence was first reported in a blog post in July 2010, according to Mark Koelmel, general manager of the earth-sciences department at the big U.S. oil company. The U.S. government has never officially acknowledged the Stuxnet program. Stuxnet  which was designed to attack computer systems designed by German industrial giant Siemens for managing water supplies, oil rigs, power plants and other critical infrastructure has turned up in other countries. According to the Wall Street Journal, Chevron's experience with Stuxnet appears to be the result of the malware's unintentional release into cybers

Phishing is most commonly perpetrated through the mass distribution of e-mail messages directing users to a fraud web site or services. These professional criminals daily find new ways to commit old crimes, treating cyber crime like a business and forming global criminal communities. Another latest scam has been notified by GFI that, where cyber criminals are offering the art of hacking Twitter accounts with a web-based exploit. Phishers are sending scam emails and offering fake twitter account hacking service, which in actual will hack their own twitter accounts. Email from phishers have text, " Do you want to learn how to hack twitter? Are you looking for a way to hack your friends twitter account without them finding out? Interested in finding out ways to hack someone's profile? Maybe you want to take a quick peek at their direct message inbox, steal their username or find a glitch to use a hacking script, ". Hackers try to convince readers by showing a exploit code, and ex