The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The US government, particularly the National Security Agency  has been paying a French security firm for backdoors and zero day hacks. According to a contract newly released in response to a Freedom of Information request, last year the NSA purchased a 12-month subscription to a " binary analysis and exploits service " sold by Vupen, a zero-day Exploit Seller based in France. VUPEN is one of a handful of companies that sell software exploits and vulnerability details, who do original vulnerability research and develop exploits for bugs that they find. They Sold those exploits to the Governments and Law enforcement agencies. VUPEN has promised that the company only will sell its services to NATO countries and will not deal with oppressive regimes. It is unclear how much money the NSA spent on the Vupen exploits package because the cost has been redacted in the released contract. Last year, Vupen researchers successfully cracked Google's Chrome browser, but declined to

All supported versions of Internet Explorer are vulnerable to a zero-day Exploit that is currently being exploited in targeted attacks against IE 8 and IE 9, dubbed " CVE-2013-3893 MSHTML Shim Workaround ". Microsoft confirmed that the flaw was unknown before the attacks and that it is already working on an official patch, meantime Microsoft released an emergency software fix for Internet Explorer (IE) Web browser. Advisory noted that Microsoft is investigating public reports of a remote code execution vulnerability in Internet Explorer. This issue could allow remote code execution if an affected system browses to a website containing malicious content directed towards the specific browser type. Victims could be infected despite the adoption of all necessary countermeasures due the nature of the flaw previously unknown. The flaw that has been recently targeted by hackers during attacks is considerable serious and complicated to fix. State-sponsored hackin

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

WebView is an essential component in Android and iOS. It enables applications to display content from online resources and simplifies task of performing a network request, parsing the data and rendering it. Today AVG Security expert reported a critical vulnerability in Android's WebView feature that allows an attacker to install malicious software, send SMSs and performing more tasks. WebView uses a number of APIs which can interact with the web contents inside WebView. So this allows the user to view a web application as a part of an ordinary Android application. Users can be infected when they click on a URL link using a vulnerable application that allows opening a Java enabled browser or web page. The commands in the JavaScript code can enable attackers to install malicious software, send SMSs, steal personal information and more. To exploit the flaw, attacker can trick users to click a malicious link from a vulnerable WebView application and which will

Belgacom , the largest telecommunications company in Belgium today announced that their IT Systems were hacked and infected with an unknown Malware . In order to eliminate that virus effectively, they clean up the entire system. The company also highlights that they have no indication of any impact on their telecommunication services, customer and employee data. According to the complexity of the malware, it appears to be the work of a state-sponsored entity. Belgacom which handles some of the undersea cables that carry voice and data traffic around the world, so the NSA or Britain's GCHQ could be behind the intrusion. That traffic would be a likely target for an attacker. The attack reportedly affected a few dozen machines on Belgacom's network, including some servers and the intrusion had been active for as long as two years by the time the Belgian company discovered it. Hacked data might help intelligence agencies to gather data on communications coming from the li

An Anonymous Hacker and Online hacktivist who was  responsible for hacking into the City of Springfield's website and others Police websites has been sentenced to 3 years in federal prison. John Anthony Borell III, a 22-year-old man from Ohio with the online handle @ItsKahuna started advertising his exploits using the Twitter and encouraged other hackers to crack websites as part of campaigns run by an Anonymous offshoot called CabinCr3w . Borell admitted to compromising the websites belongs to various Law Enforcement Agencies from Los Angeles, Syracuse, The official city site for Springfield, Missouri and many more.  He also exposed the names and private details of almost 500 police officers after using an automated script to carry out SQL injection attacks on websites belonging to the Utah Chiefs of Police and the Salt Lake City Police Department. Hacker denied involvement in the attacks on April 2012, but later he pleaded guilty to computer fraud charges and agreed to pay $22

" The truth is coming, and it cannot be stopped ", Edward Snowden.  The National Security Agency isn't just snooping into phone and online communications. It also appears to be keeping a close eye on credit card transactions. New reports published by Der Spiegel exposed that The National Security Agency (NSA) is widely monitoring SWIFT bank transactions, International Credit Card Payments and banking, attained by watching printer traffic from numerous banks. According to the information acquired by former NSA contractor Edward Snowden , Show that in 2011, the NSA possessed 180 million records and spying is conducted by a branch called " Follow the Money. That data then moved to their own   ' Tracfin ' financial databank to track money flows. NSA targets the transactions of various banks via large credit card companies like VISA by doing surveillance in Europe, Middle East and Africa. Some 84 percent of the data are from credit card transactions

Argentinian police have arrested a 19-year-old " superhacker " who was making $50,000 a month,  working from his bedroom in Buenos Aires, by targeting international money transfer and gambling websites. Police say it took them a year to close in on the teenager, who was part of a six-strong gang which planted viruses on a gaming site which infected the computers of website visitors. Police raiding his Buenos Aires residence and identified six more people who were involved in the criminal network. The criminal  is reportedly the son of an IT engineer and officials found high-capacity computers from his room. The hackers used malware to run a Botnet network of thousands of zombie computers, which were then used to illegally divert money from accounts leaving virtually no trace behind. Police seized electronic equipment, including cables, routers and over 14 hard drives. The police department dubbed it Operation Zombie began in 2012. His activities were brought

A few days before the servers of the largest provider of Ultra Anonymous hosting were found to be serving custom malware designed to identify visitors who were using the Tor service to hide their identity online. The javascript code exploited a security vulnerability in the open-source version of Firefox that the Tor network is based on. In an Irish court, FBI agent admitted publicly that the agency had control of Freedom Hosting , a Tor hidden service operator company, in an effort to arrest a suspect behind the largest child porn facilitator on the planet. Eric Eoin Marques, a 28-year-old Irishman, is now awaiting extradition to the US where he could face 100 years in prison on child pornography charges. Marques is the owner and operator of Freedom Hosting , one of the largest web hosts for the Tor network., Hosting many of the darkest hidden services on the Darknet, including criminal hacking site HackBB, money laundering services, and responsible for hosting chi

It's been nearly three months since Edward Snowden started telling the world about the National Security Agency's mass surveillance of global communications. After the last week report that the National Security Agency has leveraged its cooperative relationships with specific industry partners to insert vulnerabilities into Internet security products. Bitcoin , a virtual currency, a peer-to-peer electronic cash system, which is generated on a logarithmic scale by dedicated miners who run software that generate the complex hash codes which make up a Bitcoin.  The integrity of Bitcoin depends on a hash function called SHA-256 , which was designed by the NSA and published by the National Institute for Standards and Technology (NIST). Is it hard to believe that could the intelligence community have a secret exploit for Bitcoin? While there is no evidence yet to support the speculation. " If you assume that the NSA did something to SHA-256, which no outside resea

A Russian Exploit writer and underground Hacker who goes by the handle " fil9 " put up an Android Firefox Zero-Day Exploit for Sale in an open Exploit Market. Author claims a Zero Day vulnerability in Firefox for Android, which works on Firefox versions 23/24/26 (Nightly). The advertisement was spotted by Joshua, Malware Intelligence Analyst at Malwarebytes. Hacker Selling exploit with a starting price of $460 only. According to the proof of concept video uploaded by the Hacker, the exploit forces the mobile Firefox browser to download and execute a malicious app, on just visiting a malicious link only. What's worrisome is that many major websites are compromised frequently and a large number of visitors of those hacked sites can fall victim to this attack. " The biggest problem in this situation is that Firefox automatically executes certain known files once they're downloaded, and doesn't give users an option to disable this. Without some sort of

Vodafone Germany has been hacked and Personal details of more than two million customers have been compromised, some including banking details. Stole data includes names, addresses, birth dates, and bank account information, but the hacker had no access to credit-card information, passwords, PIN numbers or mobile-phone numbers. According to a blog post on the Vodafone website, The company has already involved law enforcement agencies in the investigation, and it is confirmed that a suspect has been identified and searches conducted in the case, but didn't say whether the suspect was an employee or an outsider. It's unclear when the breach took place, but it appears to have involved a successful compromise of an internal server on Vodafone's network. Vodaphone said it is taking action to prevent this type of incident from occurring again, including reinstalling servers and changing passwords and certificates of all administrators. Vodafone customers outside of Germany aren&#

Russian Security Firm Kaspersky Lab has revealed that it has been following a sustained attack on South Korea by hackers seemingly based in North Korea.,  This new Cyber Espionage campaign dubbed "Kimsuky"  has targeted several South Korean think tanks. R esearchers believe the Kimsuky malware is most likely delivered via spear-phishing e-mails  and used multiple Dropbox email accounts "It's interesting that the drop box mail accounts iop110112@hotmail.com and rsh1213@hotmail.com are registered with the following "kim" names: kimsukyang and "Kim asdfa " The Kaspersky researchers revealed that the operation presents distinctive characteristics in its execution and logistics. The investigation started after the team of experts detected an unsophisticated spy program that communicated with it control server via a public e-mail server, an approach followed by too many amateur malware authors. Victims download a Trojan dropper which is used to download additional malwa