The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The Pirate Bay co-founder Gottfrid Svartholm Warg a.k.a  'Anakata' is suspected of being involved in one of Denmark's biggest hack attacks. Gottfrid was arrested in Cambodia in September 2012 and has been extradited from Cambodia to Sweden last year, charged with hacking the IBM mainframe of Logica, a Swedish IT firm that provided tax services to the Swedish government, and the IBM mainframe of the Swedish Nordea bank. Now he is suspected in another hacking case, where he and a 20-year-old Danish hacker are suspected to have obtained access to, among other things Danish social security numbers as well as business numbers. Danish suspect was arrested on Wednesday. In January, police in Sweden told colleagues in Denmark about a Danish IP address they had found during an investigation into hacker attacks against a company handling sensitive information for the Swedish tax authority. Grave cases of hacking are punishable by up to six years in prison under

The National Security Agency , part of the U.S. military reportedly has a direct line into the systems of some of the world's biggest Web and tech companies, i.e Microsoft, Google, Facebook, Skype. The NSA access is part of a previously undisclosed program called PRISM , 6-year-old program which allows officials to collect real-time information and as well as stored material including search history, the content of emails, file transfers and live chats, according to reports in the Washington Post . Project PRISM may be the first of its kind and also  GCHQ , Britain's equivalent of the NSA, also has been secretly gathering intelligence from the same internet companies through an operation set up by the NSA. Later confirmed by the White House and members of Congress as saying that the government routinely seeks information in its fight to thwart domestic and international terrorism. Other services that are reportedly part of PRISM include PalTalk, Skype, and AOL.

A new piece of sophisticated Android malware has been discovered by security researchers at Kaspersky Labs . Dubbed as Backdoor . AndroidOS . Obad . a , it is the most sophisticated piece of Android malware ever seen. It exploits multiple vulnerabilities , blocks uninstall attempts, attempts to gain root access, and can execute a host of remote commands. It include complex obfuscation techniques that complicated analysis of the code, and the use of a previously unknown vulnerability in Android that allowed it to take control of and maintain a foothold on infected Android devices . There are two previously unknown Android vulnerabilities exploited by Obad . It can gain administrator privileges, making it virtually impossible for a user to delete it off a device. Another flaw in the Android OS relates to the processing of the AndroidManifest.xml file. This file exists in every Android application and is used to describe the application's structure, define its laun

Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user's base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of that are custom permissions required by an individual user.  For example, look at a sales rep who is involved in a tiger team investigating churn while also training two new employees. The sales rep's role would grant her one set of permissions to access prospect data, while the tiger team project would grant access to existing customer data. Meanwhile, special permissions are set up, providing the sales rep with visibility into the accounts of the two new employees. While these permissions are precise, however, they are also very complex. Application admins don't have a single screen within these applications th

Microsoft and the FBI have taken down a botnet that controlled millions of infected PCs, which was responsible for massive bank fraud.  Botnets are networks of computers infected with viruses that let them be controlled by hackers. The outfit runs the Citadel Botnets and is believed to have stolen more than $500 million from bank accounts over the past 18 months. Citadel is one of the biggest botnets in operation today. Citadel is a banking Trojan that has been in existence since 2011. As with most banking Trojans, Citadel is a full crimeware kit, providing the attackers with payload builders, a command and control (C&C) server infrastructure, and configuration scripts to target various banks. Citadel infected as many as 5 million PCs around the world including here in Australia and according to Microsoft, was used to steal from dozens of financial institutions, including American Express, Bank of America, Citigroup, Credit Suisse, eBay's PayPal, HSBC, JPM

The National Security Agency is collecting telephone records for millions of Americans without informing the individuals involved. The shocking news has been revealed by ' Guardian ' whose journalists had access to a " Top Secret " court order, signed by Judge Roger Vinson, issued in April against Verizon . A copy of a secret order to obtain phone records for all Verizon customers was obtained, showing that the NSA was monitoring all incoming and outgoing calls made on that network.  The order obliges the Verizon Company to deliver the daily list of calls, " both within the Member States and between the United States and other countries ." The order was issued by the U.S. The Foreign Intelligence Surveillance Court directs Verizon's Business Network Services Inc and Verizon Business Services units to hand over electronic data including all calling records on an " ongoing, daily basis " until the order expires on July 19, 2013.

The infamous Zeus malware has once again resurfaced as per Symantec and is capable of draining your bank accounts. Zeus propagates through phishing messages that originate from an account that has been phished. Such a phished account will then start automatically sending messages to friends with links to ads telling them to check out a video or product.  Of course, you should not click as doing so will get your account phished as well. The program is sophisticated enough that it can replace a bank's Web site with a mimicked page of its very own. The fake page can then ask for social security number information and other data that is then sold on the black market.  According to Trend Micro the pages are being hosted by the Russian criminal gang known as the Russian Business Network. Zeus was first detected in 2007 and it is spreading online. If you click on the Zeus virus, it is designed to steal your password and drain your bank account. Facebook is aware of the rising issue, but

Since 2010, foreign state sponsored organizations have repeatedly compromised an unencrypted database maintained by the Veterans Affairs Department that contains personally identifiable information on roughly 26 million veterans. Including at least eight foreign-sponsored organizations, mostly connected to the Chinese military had successfully compromised VA networks and data.  Other than this, possibly Russia were identified as likely culprits in the attempts to steal VA data. Details regarding exactly what information has been compromised are sparse, but unencrypted data included names, dates of birth and Social Security numbers of veterans that could be used to commit credit and identity fraud. Lack of basic security controls, such as encryption of data, make VA an easy target. The 2006 breach was caused by the theft of a VA employee's laptop, which contained personal information on about 26 million veterans and military personnel. From another report, The Marc

Judge Susan Illston of the U.S. District Court for the Northern District of California on Friday has ordered the Google to hand over customer details to FBI without a warrant. FBI counter terrorism agents began issuing the secret letters, which don't require a judge's approval, after Congress passed the Patriot Act in the wake of the September 11 attacks. The letters are used to collect unlimited kinds of sensitive, private information, such as financial and phone records and have prompted complaints of government privacy violations in the name of national security. Google had previously refused to give the agency access to personal data such as the search history of its users, claiming such demands were illegal without a warrant. Electronic Frontier Foundation has challenged the letters in court, said: " We are disappointed that the same judge who declared these letters unconstitutional is now requiring compliance with them ." The decision came

A Russian hacker who goes by the handle " Barabus " on the GameDev.ru forums illegally crack Xbox Live Arcade game The Dishwasher: Vampire Smile , developed by Ska Studios and port it on PC. He claimed that he was justified in illegal cracking: " This is not piracy, this is restoration of justice. The authors are not very nice to publish the game exclusively for the Xbox 360, making it impossible for PC gamers to play in such a great game ."  The port is currently in beta and has no permissions from Ska Studios to even exist. But this isn't a problem, according to the developer, as they say they're not stealing anything from Ska Studios. In the same forum post, the game's creator Ska Studios founder James Silva said: " I guess you could say my reaction is mixed. I'm flattered that there's this much interest in Vampire Smile on PC. I'm not mad about the crack itself, in fact, I'm actually pretty impressed. But I'm bewildered by the cracker's attempt to jus

Recently Twitter has rolled out Vine app for Android, A new way to share video on twitter. The free app, which enables people to record and share clips of up to six seconds with other Vine users as well as on Twitter and Facebook. But on the very next day, Twitter's video-sharing application Vine was hacked by 16-year-old Will Smidlein , who uploaded the three-and-a-half minute video of Rick Astley's song " Never Gonna Give You Up ." This video violated Vine's usual code that only six second videos are posted. " I think I broke Vine ," Will Smidlein tweeted Monday night , where he described himself as a Web developer. What he did exactly? Smidlein decompile the app's code into a readable format, then modify few parts of the program that actually validate user to upload only 6 sec video. " Sorry, Twitter/Vine engineers, " he wrote. " I tried to keep it quiet, but the internet never forgets." ,  it could potentially embarrass a few of

Syrian Electronic army appears to be taking part in ongoing operation against Turkey government website. Hackers collectively called Anonymous and SEA breached into Turkish Ministry of Interior website and the private information of staffers in PM Tayyip Erdogan's office. Hackers claimed that they gained access to staff email addresses, passwords and phone numbers. As exposed on internet, database include emails and plain text passwords of 90 users. In addition , Hackers also managed to take down the Turkey's Prime Minister (basbakanlik.gov.tr) website. Many other sites belongs to Turkish govt was defaced last night by various hackers around the world including the country's ruling party as operation #OpTurkey. The team also defaced the  dosya.icisleri.gov.tr/Dosyalar/  and placed their logo on site. " Rise against the injustice of Erdogan's Tyranny. Rise against the policies of hypocrisy perpetrated by the Erdogan Regime ." The defacement message reads

Two Factor Authentication is becoming a standard in the enterprise security space in an attempt to dually secure end users against malicious attacks.  Following Dropbox, Google and virtually everyone else, LinkedIn added two-factor authentication to its login process today. LinkedIn will provide temporary codes for two-factor authentication  through SMS messages. The extra step is designed to lessen the chances of computer hackers breaking into user accounts. To turn on two-step verification on LinkedIn, hit the icon in the top-right corner of the site, click on "Privacy & Settings," and then on "Manage security settings" at the bottom. The site has provided instructions to its 225 million users on how to turn on the optional service. On other side, today @The_Pr0ph3t, whitehat Hacker from Spain reported a Cross Site Scripting Vulnerability in LinkedIn Developer site (developer.linkedin.com).  Flaw still exists on website at the time of writing, and hacker

A global cyber espionage campaign affecting over 350 high profile victims in 40 countries, appears to be the work of Chinese hackers using a Surveillance malware called " NetTraveler ". Kaspersky Lab's team of experts published a new research report about NetTraveler, which is a family of malicious programs used by APT cyber crooks. The main targets of the campaign, which has been running since 2004, are Tibetan/Uyghur activists, government institutions, contractors and embassies, as well as the oil and gas industry. Spear phishing emails were used to trick targets into opening malicious documents . The attackers are using two vulnerabilities in Microsoft Office including Exploit.MSWord.CVE-2010-333, Exploit.Win32.CVE-2012-0158, which have been patched but remain highly-popular on the hacking scene, and have run NetTraveler alongside other malware. C&C servers are used to install additional malware on infected machines and exfiltrate stolen data and more

The Best WiFi hacking suite  AirCrack-NG updated to 1.2 Beta 1 after three years from the last release. Aircrack-ng is a set of tools for auditing wireless networks. New version added a few new tools and scripts (including distributed cracking tool). Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. Release Notes: Compilation fixes on all supported OSes. Makefile improvement and fixes. A lot of fixes and improvements on all tools and documentation. Fixed licensing issues. Fixed endianness and QoS issues. Download AirCrack-NG for Linux and For Windows

You might want to be a little more careful the next time you pick up a cheap knock-off accessory for your device to save a few bucks because new hardware hacks could be the next big thing among cyber criminals . Researchers say they've built a custom iPhone wall charger that can Install malware in any iOS device using a custom made malicious chargers called Mactans , which are in turn controlled by a Raspberry-Pi like computer called a BeagleBoard. Mactans, which is named after the black widow spider's Latin taxonomy, will be demonstrated by Billy Lau, Yeongjin Jang, and Chengyu Song at the Black Hat 2013 conference in July and they said all users were vulnerable to attacks over the charger. They add that they can also demonstrate that the malware infection resulting from their malicious charger is persistent and tough to spot. In order for the malicious software to remain installed and unseen, the trio will show how an attacker can hide their software in the

Internet Activists and Collective Hacker group Anonymous carried out a series of cyber attacks on Turkish government websites in retaliation for violent police response to anti-government protests, launched #OpTurkey operation. There are several videos to be seen on YouTube about the protest of yesterday, one of the videos show one of the protesters wearing an Anonymous mask . " You have censored social media and other communications of your people in order to suppress the knowledge of your crimes against them. Now Anonymous will shut you down and your own people will remove you from power, " the group tells the Turkish administration. The Anonymous attack came after a series of brutal clashes between police and protesters that arose on Friday after Turkish police conducted a crackdown on a peaceful environmental demonstration in Istanbul's Taksim Square. With #opTurkey , the hacktivist collective plans to "attack every Internet and communications asset of the Turkish g

As concerns are growing regarding Chinese hacking attacks, the country will undergo its first digital war games. Only two days after the U.S. has attributed cyber espionage attacks against U.S. government and business entities to the Chinese Government and Military, it was announced that the Chinese will soon be conducting digital war games for the first time in the country's history. " It will be the first time a People's Liberation Army exercise has focused on combat forces including digitized units, special operations forces, army aviation and electronic counter forces, " the report said. The timing of the digital war games is also interesting, since it will coincide with a meeting between President Barack Obama and Chinese President Xi Jinping next week as Washington's level of concern rises regarding Chinese hacking of US military networks. The army's general staff department said eight military academies and forces from the Beijing Military Area Comman

A recently discovered piece of malware called KRBanker (Korea + Banker = KRBanker) , targeting mostly online end-users at Korean financial institutions. According to nProtect , now an invasive banking Trojan, the new and improved  KRBanker  can block anti-virus software, security websites and even other malware in its quest to steal user information and share it with hackers. Then the malware pings back to the command and control (C&C) server with infection status and then the malware proceeds to download encrypted files on the victim's PC. In the latest variant of the KRBanker malware, scans the PC for lists of DLLs that are related to Korean financial institutions, security software and patches any opcode instructions.  Malware instructed to insert the malicious code that will search and collect any information related to password, account details, and transaction history. Once logged, the compiled information is then sent to a remote server.  KRBanker

DDoS attackers attempted to bring down an Banking services earlier this week using one of the largest Distributed denial of service attack using DNS reflection technique. Prolexic, the global leader in Distributed Denial of Service (DDoS) protection services, announced  that it has successfully mitigated the largest DNS reflection attack ever recorded, which peaked at 167 Gigabits per second (Gbps). The company did not name the target of the digital assault. DNS-reflection was the attack method used in Operation Stophaus , an attack waged in March by The Spamhaus Project, a Geneva-based not-for-profit organization dedicated to fighting Internet spam . When Spamhaus was assaulted by a vast 300Gbps peak DNS reflection attack, it engaged the help of a content delivery network (CDN) called CloudFlare to help defend itself. The DNS Reflection Denial of Service (DrDoS) technique exploits security weaknesses in the Domain Name System (DNS) Internet protocol. Using Internet protocol spoof

A Drupal data breach was announced by the official Drupal Association, that Passwords for almost one million accounts on the Drupal.org website are being reset after hackers gained unauthorized access to sensitive user data. The security of the open source content management system has been compromised via third-party software installed on the Drupal.org server infrastructure, and was not the result of a vulnerability within Drupal itself. As countermeasure it is resetting the passwords for nearly one million accounts in the wake of a data breach . Information exposed includes usernames, email addresses, and country information, as well as hashed passwords . The Drupal.org hasn't revealed the name of the third-party application exploited during the attack. Evidence of the Drupal data breach was found during a routine security audit: " Upon discovering the files during a security audit, we shut down the association.drupal.org website to mitigate any possible ongoing security i