The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

This week Microsoft has released several advisories to help their users update from weak crypto. Microsoft is beginning the process of discontinuing support for digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop Protocol . Microsoft's optional updates : Microsoft Security Advisory 2661254: The private keys used in these certificates can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks . Microsoft Security Advisory 2862973: Microsoft is announcing the availability of an update for supported editions of Windows Vista, Windows Server 2008, Windows 7 , Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT that restricts the use of certificates with MD5 hashes. This restriction is limited to certificates issued under roots in the Microsoft root certificate

What would you do if a European Cybercrime Agency locked your PC until you paid a fine? A new Police Ransomware  family dubbed Trojan : HTML/Browlock by F-secure Antivirus firm, known as Browlock , which spreads by tricking unsuspecting web surfers into believing the police are after them. Ransomware is malware that, when installed on a device, can be locked down from remote locations by cyber criminals . Usually, ransomware appears to be an official warning telling the user that the computer has to be locked because it showed illegal activities and payment is necessary to access files. Ransomware is a global phenomenon, but the criminals have learned to localize and customize their software to make the threat seem scarier so that victims act quickly before they have time to think. Researchers said they are tracking this Malware from a while ago and now crooks behind the malware ate targeting users from some new countries including the United States, Canada and th

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

A cyber attack campaign  is ongoing and targeting thousands of Israeli websites by Pakistani hackers, in support of  Palestine people. They had already infiltrated reportedly 650 Israel  websites listen on Pastebin and upload their page with custom messages on servers. The hacker claimed and told 'The Hacker News' that they will release more hacked websites list soon. The hacker behind the massive attack mentioned his online name as " H4x0r HuSsY " and the message says, " LONG LIVE PALESTINE - PAKISTAN ZINDABAD HAPPY INDEPENDENCE DAY TO & FROM TEAM MADLEETS ". Hacked websites belong to Semi-Government, Personal and Israeli Corporates. At the time of writing, most of the websites still having deface page uploaded to their server. A few months back World wide Hackers and especially Anonymous group declared massive 'cyber war' on Israel after IDF threatens to cut off internet in Gaza.

Yeah, it's Patch Tuesday once again. Almost 10 years ago in October, 2003 - Microsoft  invented the process of regularly scheduled security updates on every second Tuesday of the Month, as  Patch Tuesday. Today, the Microsoft Security team will i ssue eight security updates in total, out of that -- three of which are designated as " critical ," and rest five as " Important " updates, that patches vulnerabilities in Microsoft Windows, Microsoft Server Software, and Internet Explorer. The eight bulletins that Microsoft is releasing fixes a total of 23 different vulnerabilities in Microsoft products. Microsoft will be rolling out a total of three Critical patches dealing with Remote Code Execution. Windows 8 is expected to get four of the updates, one of them is critical and dealing with Remote Code Execution with Internet Explorer 10, while the other three updates are Important and deal with Elevation of Privilege and Denial of Service . Windows RT i

Just four days before the Independence day, The Pakistani hacker known as 'MindCracker' from Pakistan Cyber Army team hacked into the Indian Eastern Railways website and deface some internal pages, as shown in the screenshot taken by us few hours before. At the time of reporting, website ( https://www.er.indianrailways.gov.in/ ) was restored by the administrator. Other members of Team of the hackers behind the scene mentioned their digital name on deface page as, " We Are : Shadow008 | KhantastiC | Darksnipper | H4x0rL1f3 | Invectus ". They seem to have gained access to some part of the website, because homepage was not altered in any way.  Zone-H mirror record of the defacement is also available. A few days ago an Indian hacker 'Godzilla' hacked into the Pakistan Army website and few related Facebook pages. This hack appears as revenge hack against action of Indian hackers.

A critical vulnerability in the Android implementation of the Java SecureRandom random number generator was discovered , that leaves Bitcoin digital wallets on the mobile platform vulnerable to theft. Before the announcement was made, users on the forums had noticed over 55 BTC were stolen a few hours after the client improperly signed a transaction using the compromised random number generator. Bitcoin is a virtual currency that makes use of cryptography to create and transfer bitcoins. Users make use of digital wallets to store bitcoin addresses from which bitcoins are received or sent. Bitcoin uses public-key cryptography so that each address is associated with a pair of mathematically linked public and private keys that are held in the wallet. Because the problem is rooted in the operating system, every Bitcoin digital wallet generated by an Android app is affected by the weakness, including Bitcoin Wallet , blockchain.info wallet , Bitcoin Spinner , and Myc

There are so many ways to move money anonymously on the Internet and US Justice Department has declared war on currencies widely used by cyber criminals . Just after the Law Enforcement in 17 countries shuts down ' Liberty Reserve ', a $6 billion digital money laundering operation, now the criminals is switching to another online currency called " Perfect Money ".  Perfect Money, another private digital currency that has emerged to meet the demand of Criminals and hackers, those buying and selling kit anonymously and being used by people selling stolen credit cards in Internet hacker forums recently. Fraudsters are rapidly migrating to Perfect Money and  it allows users to transfer money anonymously by purchasing and exchanging the proprietary currency for dollars, euros and gold. These virtual currencies are often linked to bitcoin because it has also been used by criminals. It was thought Bitcoin would be a handy replacement for Liberty Reser

No matter how much effort an ISP puts in or the government does, censorship always gets a backdoor . One of the biggest Controversial File Sharing site ' The Pirate Bay ' is censored in various capacities in some countries around the world, but Pirate Bay is celebrating its 10th birthday in Stockholm sponsored by an energy drinks maker. On their 10th anniversary the site is releasing its " Pirate Browser ," a custom Firefox browser that skirts Internet censorship and lets you access the Pirate Bay from anywhere.  However, Its founders recently served jail time for their activities, with one of the founders going back to prison in an unrelated Swedish hacking case. PirateBrowser is meant to focus more on unrestricted access to the Internet than it is about being able to download new episode of Breaking Bad without paying for them, but one tends to be a function of the other. According to the Pirate Browser website, It's a customized Firefox 23 and inclu

As time goes on, though, the Malware Risk on Mobile Platforms appears to be increasing. A flood of scammy apps that are difficult for Google to detect, and therefore stays available for download for several days before being removed. The Russia-based firm Dr Web today said it has discovered several malicious  Android apps found on Google Play  which send SMS to premium numbers and  about 25,000 devices are infected by these malwares . A number of malicious programs have been discovered by Dr Web's analysts belong to the Vietnamese developer AppStoreJsc . These programs are published in the form of audio players and a video player that generally display adult content. Dr Web explains, " While running these carrier applications, dubbed Android . MulDrop, Android.MulDrop.1, and Android.MulDrop.2 by Dr . Web, can prompt the user to download the content they need, but their consent initiates the installation of another application rather than the downloadin

A second member of hacking group LulzSec - Raynaldo Rivera, 21, of Tempe, Arizona, has been sentenced to 1 year in prison, 13 months of house arrest, and 1,000 hours of community service for hacking into the computers of Sony Pictures Entertainment . Raynaldo who went by Internet names " neuron " was member of LulzSec Hacking Team in an attack on Sony Pictures which saw personal data belonging to 138,000 customers leaked. He's also been ordered to pay $605,663 in restitution.  The attackers distributed the stolen data on the Internet, information that included names, addresses, phone numbers and e-mail addresses for tens of thousands of Sony customers. Raynaldo also pleaded guilty to obtaining confidential information from various companies and posting it publicly. Another member of LulzSec ' Cody Andrew Kretsinger ' was given a one-year jail sentence back in April. Rivera and Kretsinger both studied at the University of Advancing Technology in Tempe

Texas-based Encrypted Email Service ' Lavabit ' abruptly shut down for reasons linked to National Security Agency whistleblower Edward Snowden .  The Feds want to Lavabit demanding access to Ed Snowden's email. Lavabit refused! Snowden was using the Lavabit service while holed-up in the Moscow airport. Lavabit was a dedicated email service that offered subscribers " the freedom of running your own email server without the hassle or expense ." Lavabit was launched in 2004 and most recently handled service for upwards of 60,000 individuals at a rate of around 200,000 emails a day. The owner of Lavabit announced  " I have been forced to make a difficult decision: to become complicit in crimes against the American people, or walk away from nearly 10 years of hard work by shutting down Lavabit, " letter posted on the Lavabit website . " This experience has taught me one very important lesson: without congressional action or a str

Pakistan Army site (pakistanarmy.gov.pk) and Three Facebook pages hacked by an Indian hacker 'Godzilla '. Hacker told ' The Hacker News ' that, using a CMS vulnerability they got access into the Pakistan army website using credentials i.e. Username: mag_admin password: #$%modern! .  Then they left a malicious PDF magazine document in their content management system of magazine portal for the Pakistan army, which was later clicked by the Administrator and that installed a piece of malware on the administrator's computer. " For security they have taken down the login page of content management but failed to remove my backdoor " hacker told The Hacker News. Using an infected system of the Administrator, he has also gained unauthorized access to three Pakistan Army Facebook pages. Pakistan Army Official Facebook Page ( www.facebook.com/OfficialPakArmy ) Pakistan Army Officers Club Facebook Page ( www.facebook.com/fb.paoc ) Pakistan Army Fan Facebook Page

Password theft has been a growing problem within the security community. Researchers at Arbor Networks have uncovered a botnet called Fort Disco that was used to compromise more than 6000 websites based on popular CMSs such as WordPress , Joomla and Datalife Engine. The Fort Disco botnet is currently made up of nearly 25,000 Windows machines and receives a list of sites to attack from a central command and control server. The bots receive also a list of common username-password combinations, typically composed of default combinations with password options including admin or 123456. Arbor Networks security researcher Matthew Bing said the attack has several advanced features that make it next to impossible to fully track and they obtained precious info on the botnet exploiting a misconfiguration on the attackers' side that made possible the analysis of logs on several of the six command and control servers discovered. " We stumbled upon these detailed logs the attacker left open o

OpenX, a leading provider of digital and mobile advertising technology has accordingly served backdoors that are injected into the Code and allows hackers to control over your Web server. German tech site the Heise notified Germany's computer emergency response team (CERT) this week about the OpenX Ad Server (2.8.10) backdoor, allowing an attacker to execute any PHP code via the "eval" function  and could have provided attackers full access to their web sites. The OpenX team has confirmed the breach  and OpenX senior application security engineer Nick Soracco said that two files in the binary distribution of 2.8.10 had been replaced with modified files that contained a remote code execution vulnerability . The attack code is written in PHP but is hidden in a JavaScript file that is part of a video player plugin ( vastServeVideoPlayer ) in the OpenX distribution. This vulnerability only applies to the free downloadable open source product, OpenX Source.

Microsoft has warned that a vulnerability in Windows Phone operating systems could allow hackers to access your login credentials. The vulnerability resides in a Wi-Fi authentication scheme known as PEAP-MS-CHAPv2, which Windows Phones use to access wireless networks protected by version 2 of the Wi-Fi Protected Access protocol. Cryptographic weaknesses in the technology can allow attackers to gain access to users encrypted domain credentials. These credentials could potentially give the attackers access to sensitive corporate networks. The bulletin, advisory 2876146 , says: To exploit this issue, an attacker controlled system could pose as a known Wi-Fi access point, causing the targeted device to automatically attempt to authenticate with the access point, and in turn allowing the attacker to intercept the victim's encrypted domain credentials. An attacker could then exploit cryptographic weaknesses in the PEAP-MS-CHAPv2 protocol to obtain the victim's d

Do you own an HP printer? If so, it may be vulnerable to Hackers. Multiple HP LaserJet Pro Printers are printer vulnerable to hackers according to a new advisory posted by the vendor, dubbed as  CVE-2013-4807  (SSRT101181). Researcher ' Micha Sajdak ' of Securitum.pl have found a security hole HP LaserJet printers that allows a remote hacker to extract the admin password in plain text, among other information like WiFi settings including the WPS PIN . The main issue is with some of the networked HP LaserJet printers, having hidden URLs hardcoded in the firmware, which can be accessed without authentication. The vulnerability could be exploited remotely to gain unauthorized access to data. For example : https://IP_ADDRESS/dev/save_restore.xml Where the password seems to be encrypted, but the value contains a hex representation of the admin password in plain text, i.e. 0x746573746f7765 = testowe. Also, If a printer is WiFi enabled, then the WiFi info c

A notorious Chinese hacker collective known as APT1 or Comment Crew, possibly linked to the Chinese Army, have been caught red handed breaking into a fake United States water control system i.e. known as a Honeypot . Kyle Wilhoit, a researcher with security company Trend Micro has just revealed the details at BlackHat Conference on Wednesday.  Hackers hacked a water control system for a US municipality back in December last year, but it was merely a decoy set up by Kyle Wilhoit using a Word document hiding malicious software to gain full access.  The honeypots directly mimicked the ICS/Scada devices used in many critical infrastructure power and water plants. Cloud software was used to create realistic Web-based login and configuration screens for local water plants seemingly based in Ireland, Russia, Singapore, China, Japan, Australia, Brazil, and the U.S. Researchers have been tracked back to the APT1 Group, which security company Mandiant has claimed operate

It seems that German Video Game company 'Crytek' has been the latest victim of hacking attacks on its website and few forums, and caused Crytek's family of websites to go offline. According to the company, " Our Crytek.com, Mycryengine.com, Crydev.net and MyCrysis.com sites were all subject to a security breach that may have resulted in some users' login data being compromised ,". Strangely, Crysis.com has not been taken down and is still running as normal. " We recently became aware of suspicious activity relating to some of Crytek's websites and acted quickly to take those websites offline for security reasons. We thank you for your patience, and expect to have these sites fully operational soon ." " Although it is uncertain whether the incident led to the copying and decryption of email addresses and passwords ", it continued, " it is possible that users with accounts on these websites have had personal data copi

TOR is the dark side of the Internet, the so-called dark web, which provides a safe haven to privacy advocates but is also where drugs, assassins for hire and other weird and illegal activities can allegedly be traded. A claimed zero-day vulnerability in Firefox 17 was used by the FBI to identify some users of the privacy-protecting Tor anonymity network. The FBI did not compromise the TOR network itself and The complex multi-layers of encryption still stand. Instead the FBI compromised the TOR browser only using a zero-day JavaScript exploit and used this to implant a cookie which fingerprinted users through a specific external server. Eric Eoin Marques , 28 year-old man in Ireland believed to be behind Freedom Hosting , the biggest service provider for sites on the encrypted Tor network , is awaiting extradition on p*rno charges. It is understood the FBI had spent a year trying to locate Mr Marques. Marques was arrested on a Maryland warrant that includes charges

Yammer , is the Enterprise Social Network service that was launched in 2008 and sold to Microsoft in 2012. Yammer is a secure, private social network for your company. Yammer is used for private communication within organizations or between organizational members and pre-designated groups, making it an example of enterprise social software. Ateeq Khan,  Pakistani researcher from The Vulnerability Laboratory Research  team has discovered multiple critical Vulnerabilities in the Microsoft Yammer Social Network. An  OAuth bypass session token web vulnerability is detected in the official Microsoft Yammer Social Network online-service application. OAuth is an emerging authorization standard that is being adopted by a growing number of sites such as Twitter, Facebook, Google, Yahoo!, Netflix, Flickr, and several other Resource Providers and social networking sites. According to the advisory , The vulnerability allows remote attackers to bypass the token protecti