The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A global cyber espionage campaign affecting over 350 high profile victims in 40 countries, appears to be the work of Chinese hackers using a Surveillance malware called " NetTraveler ". Kaspersky Lab's team of experts published a new research report about NetTraveler, which is a family of malicious programs used by APT cyber crooks. The main targets of the campaign, which has been running since 2004, are Tibetan/Uyghur activists, government institutions, contractors and embassies, as well as the oil and gas industry. Spear phishing emails were used to trick targets into opening malicious documents . The attackers are using two vulnerabilities in Microsoft Office including Exploit.MSWord.CVE-2010-333, Exploit.Win32.CVE-2012-0158, which have been patched but remain highly-popular on the hacking scene, and have run NetTraveler alongside other malware. C&C servers are used to install additional malware on infected machines and exfiltrate stolen data and more

The Best WiFi hacking suite  AirCrack-NG updated to 1.2 Beta 1 after three years from the last release. Aircrack-ng is a set of tools for auditing wireless networks. New version added a few new tools and scripts (including distributed cracking tool). Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. Release Notes: Compilation fixes on all supported OSes. Makefile improvement and fixes. A lot of fixes and improvements on all tools and documentation. Fixed licensing issues. Fixed endianness and QoS issues. Download AirCrack-NG for Linux and For Windows

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

You might want to be a little more careful the next time you pick up a cheap knock-off accessory for your device to save a few bucks because new hardware hacks could be the next big thing among cyber criminals . Researchers say they've built a custom iPhone wall charger that can Install malware in any iOS device using a custom made malicious chargers called Mactans , which are in turn controlled by a Raspberry-Pi like computer called a BeagleBoard. Mactans, which is named after the black widow spider's Latin taxonomy, will be demonstrated by Billy Lau, Yeongjin Jang, and Chengyu Song at the Black Hat 2013 conference in July and they said all users were vulnerable to attacks over the charger. They add that they can also demonstrate that the malware infection resulting from their malicious charger is persistent and tough to spot. In order for the malicious software to remain installed and unseen, the trio will show how an attacker can hide their software in the

Internet Activists and Collective Hacker group Anonymous carried out a series of cyber attacks on Turkish government websites in retaliation for violent police response to anti-government protests, launched #OpTurkey operation. There are several videos to be seen on YouTube about the protest of yesterday, one of the videos show one of the protesters wearing an Anonymous mask . " You have censored social media and other communications of your people in order to suppress the knowledge of your crimes against them. Now Anonymous will shut you down and your own people will remove you from power, " the group tells the Turkish administration. The Anonymous attack came after a series of brutal clashes between police and protesters that arose on Friday after Turkish police conducted a crackdown on a peaceful environmental demonstration in Istanbul's Taksim Square. With #opTurkey , the hacktivist collective plans to "attack every Internet and communications asset of the Turkish g

As concerns are growing regarding Chinese hacking attacks, the country will undergo its first digital war games. Only two days after the U.S. has attributed cyber espionage attacks against U.S. government and business entities to the Chinese Government and Military, it was announced that the Chinese will soon be conducting digital war games for the first time in the country's history. " It will be the first time a People's Liberation Army exercise has focused on combat forces including digitized units, special operations forces, army aviation and electronic counter forces, " the report said. The timing of the digital war games is also interesting, since it will coincide with a meeting between President Barack Obama and Chinese President Xi Jinping next week as Washington's level of concern rises regarding Chinese hacking of US military networks. The army's general staff department said eight military academies and forces from the Beijing Military Area Comman

A recently discovered piece of malware called KRBanker (Korea + Banker = KRBanker) , targeting mostly online end-users at Korean financial institutions. According to nProtect , now an invasive banking Trojan, the new and improved  KRBanker  can block anti-virus software, security websites and even other malware in its quest to steal user information and share it with hackers. Then the malware pings back to the command and control (C&C) server with infection status and then the malware proceeds to download encrypted files on the victim's PC. In the latest variant of the KRBanker malware, scans the PC for lists of DLLs that are related to Korean financial institutions, security software and patches any opcode instructions.  Malware instructed to insert the malicious code that will search and collect any information related to password, account details, and transaction history. Once logged, the compiled information is then sent to a remote server.  KRBanker