The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Sudoku is one such game that I believe will benefit your brain, but now not for your system. Peter Szabo from SophosLabs have identified a piece of malware that resides behind a Microsoft Excel-based Sudoku generator. The Malware developed in Visual Basic requires macros, a scripting language that allows users to create equations based on values in different columns and rows. Microsoft disable macros by default , because in past macros were the weapon of choice for cyber criminals . But in order for the generator to work, the user must activate macros. Unfortunately, while the user is enjoying the Sudoku, the macro is installing malware in the targeted machine. Keyboard and mouse macros allow sequences of keystrokes and mouse actions to be transformed into shorter commands and also it can easily gathers system information by using the ipconfig, systeminfo like commands. Once the bug has collected a machine's IP address, running processes, installed applications

One of the ' The Hacker News ' reader inform us today about porn content on some Indian Government websites. After analyzing such websites, we came across more than 30 sub domains belongs to ' entegramam.gov.in ' . Where ' entegramam' means "My village" and all sub domains of this website are names of the different cities of Kerala state. The websites are in Malayalam language and most of the sites are powered by Joomla and Drupal (older vulnerable versions) with discussion forums on them. On our further analyze we found that time stamp of the Porn articles posted on forum dated back to " 2012/08/30 16:00 ".  That means, Government websites hosting Child Porn content from last four months and authorities or  the moderators of the website are not aware about the issue. On a simple Google search, one can found all such pages : site:gov.in "nude"  for further reports and analyzing. Google also giving notification " This site ma

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Accunetix a web application security company reported vulnerabilities found in the Wordpress Pingback feature. According to report, Pingback vulnerability exists in the WordPress blogging platform that could leak information and lead to distributed denial of service (DDoS) attacks. " WordPress has an XMLRPC API that can be accessed through the xmlrpc.php file. When WordPress is processing pingbacks, it's trying to resolve the source URL, and if successful, will make a request to that URL and inspect the response for a link to a certain WordPress blog post. If it finds such a link, it will post a comment on this blog post announcing that somebody mentioned this blog post in their blog. " Bogdan Calin explained . Pingback is one of three types of linkbacks, methods for Web authors to request notification when somebody links to one of their documents. This enables authors to keep track of who is linking to, or referring to their articles. Some weblog software, such as Mo

Iranian CERT is sounding the alarm over another bit of data-deleting malware it's discovered on PCs in the country. Dubbed Batchwiper , the malware systematically wipes any drive partitions starting with the letters D through I Drive, along with any files stored on the Windows desktop of the user who is logged in when it's executed Why naming Batchwiper ?  The name was chosen because the malware is packed in a batch file. The malware initiates its data wiping routine on certain dates, the next one being Jan. 21 2013. However, the dates of Oct. 12, Nov. 12 and Dec. 12, 2012, were also found in the malware's configuration, suggesting that it may have been in distribution for at least two months. GrooveMonitor.exe is the original dropper, which is a self-extracting RAR file, once executed it extracts the following files: -- \WINDOWS\system32\SLEEP.EXE, md5: ea7ed6b50a9f7b31caeea372a327bd37 -- \WINDOWS\system32\jucheck.exe, md5: c4cd216112cbc5b8c046934843c579f6 -- \WIND

Stuxnet case is considered by security expert the first concrete act of cyber warfare, a malware specifically designed to hit SCADA systems inside nuclear plants in Iran. The event has alerted the international security community on the risks related to the effects of a cyber attack against supervisory control and data acquisition in industrial environment.  SCADA systems are adopted practically in every industrial control system (ICS) used for the control and monitor of industrial processes that are potential targets of a cyber attack such as a critical infrastructures or a utility facilities. Manufacturing, production, power generation, water treatment facilities, electrical power transmission and distribution and large communication systems are all considered critical asset for every countries and represent privileged targets for cyber attacks. Obtain access to SCADA systems is fundamental step for a attackers that desires to compromise the controlled processes and contrary to