The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

This week Microsoft has released several advisories to help their users update from weak crypto. Microsoft is beginning the process of discontinuing support for digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop Protocol . Microsoft's optional updates : Microsoft Security Advisory 2661254: The private keys used in these certificates can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks . Microsoft Security Advisory 2862973: Microsoft is announcing the availability of an update for supported editions of Windows Vista, Windows Server 2008, Windows 7 , Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT that restricts the use of certificates with MD5 hashes. This restriction is limited to certificates issued under roots in the Microsoft root certificate

What would you do if a European Cybercrime Agency locked your PC until you paid a fine? A new Police Ransomware  family dubbed Trojan : HTML/Browlock by F-secure Antivirus firm, known as Browlock , which spreads by tricking unsuspecting web surfers into believing the police are after them. Ransomware is malware that, when installed on a device, can be locked down from remote locations by cyber criminals . Usually, ransomware appears to be an official warning telling the user that the computer has to be locked because it showed illegal activities and payment is necessary to access files. Ransomware is a global phenomenon, but the criminals have learned to localize and customize their software to make the threat seem scarier so that victims act quickly before they have time to think. Researchers said they are tracking this Malware from a while ago and now crooks behind the malware ate targeting users from some new countries including the United States, Canada and th

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

A cyber attack campaign  is ongoing and targeting thousands of Israeli websites by Pakistani hackers, in support of  Palestine people. They had already infiltrated reportedly 650 Israel  websites listen on Pastebin and upload their page with custom messages on servers. The hacker claimed and told 'The Hacker News' that they will release more hacked websites list soon. The hacker behind the massive attack mentioned his online name as " H4x0r HuSsY " and the message says, " LONG LIVE PALESTINE - PAKISTAN ZINDABAD HAPPY INDEPENDENCE DAY TO & FROM TEAM MADLEETS ". Hacked websites belong to Semi-Government, Personal and Israeli Corporates. At the time of writing, most of the websites still having deface page uploaded to their server. A few months back World wide Hackers and especially Anonymous group declared massive 'cyber war' on Israel after IDF threatens to cut off internet in Gaza.

Yeah, it's Patch Tuesday once again. Almost 10 years ago in October, 2003 - Microsoft  invented the process of regularly scheduled security updates on every second Tuesday of the Month, as  Patch Tuesday. Today, the Microsoft Security team will i ssue eight security updates in total, out of that -- three of which are designated as " critical ," and rest five as " Important " updates, that patches vulnerabilities in Microsoft Windows, Microsoft Server Software, and Internet Explorer. The eight bulletins that Microsoft is releasing fixes a total of 23 different vulnerabilities in Microsoft products. Microsoft will be rolling out a total of three Critical patches dealing with Remote Code Execution. Windows 8 is expected to get four of the updates, one of them is critical and dealing with Remote Code Execution with Internet Explorer 10, while the other three updates are Important and deal with Elevation of Privilege and Denial of Service . Windows RT i

Just four days before the Independence day, The Pakistani hacker known as 'MindCracker' from Pakistan Cyber Army team hacked into the Indian Eastern Railways website and deface some internal pages, as shown in the screenshot taken by us few hours before. At the time of reporting, website ( https://www.er.indianrailways.gov.in/ ) was restored by the administrator. Other members of Team of the hackers behind the scene mentioned their digital name on deface page as, " We Are : Shadow008 | KhantastiC | Darksnipper | H4x0rL1f3 | Invectus ". They seem to have gained access to some part of the website, because homepage was not altered in any way.  Zone-H mirror record of the defacement is also available. A few days ago an Indian hacker 'Godzilla' hacked into the Pakistan Army website and few related Facebook pages. This hack appears as revenge hack against action of Indian hackers.