The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A very profitable line for mobile malware developers is Android Banking Trojans, which infect phones and steal passwords and other data when victims log onto their online bank accounts. One recent trend is Android malware that attacks users in specific countries, such as European Countries, Brazil and India.  The Antivirus software maker Malwarebytes noticed that a new threat distributed via file sharing sites and alternative markets in the last few months, targets Korean users. Dubbed as ' Android/Trojan . Bank . Wroba ', malware disguises itself as the Google Play Store app and run as a service in the background to monitor events.  " This enables it to capture incoming SMS, monitor installed apps and communicate with a remote server. " According to the researcher, after installation - malware lookup for existence of targeted Banking applications on the device, remove them and download a malicious version to replace. " The malicious v

If you are today trying to visit the php.net website, an official website of the PHP scripting language, you will likely see the above shown result, instead of the original website. Chrome and Firefox is currently flagging the site as " suspicious " and contains malware that can harm your computer. According to Google's Webmaster Tools, the script at https://static.php.net/www.php.net/userprefs.js  was included as suspicious, and Google's Safe Browsing diagnostics  for php.net do suggest that malware has been present on the site in the last 90 days: " Of the 1513 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. " " Malicious software includes 4 trojan(s). Malicious software is hosted on 4 domain(s), including cobbcountybankruptcylawyer.com/, stephaniemari.com/, northgadui.com/ . 3 domain(s) appear to be functioning as intermediaries for

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

Cybercrime , identity theft, and frauds are on the rise; and in most cases, the data breaches are associated with credit cards and cardholder data. The impact of data breach not only affects your organization, but also your customers. A common observation cites that organizations that are PCI compliant are 50% less likely to suffer a data breach . It is alarming to notice that most organizations have difficulty complying with the requirements necessary for processing cardholder data . PCI makes the process smooth Based on the feedback from the industry, PCI Security Council has introduced some changes in the compliance regulations and has come up with version 3.0 for PCI compliance whose final version is scheduled for release on November 7, 2013. And, it is expected to be effective from January 2014. So, how will the upgraded version of PCI Compliance impact your organization? Awareness :  Most security breaches happen due to lack of awareness in the following areas:

Yet another American Internet privacy service has bitten the dust, prompted by fears about broad government surveillance demands. CryptoSeal, a Virtual private network (VPN) based in California has decided to shutter its privacy-conscious service rather than hand over its encryption keys to the U.S. Government. VPNs are secure tunnels to the Internet that allow users to mask their location, defeat regional restrictions, stay safe over public Wi-Fi connections, and maintain at least a modicum of privacy online. CryptoSeal is the latest company to voluntarily shut down its service after the U.S. Government's legal action against Lavabit, an email service used by former NSA contractor Edward Snowden. " With immediate effect as of this notice, CryptoSeal Privacy, our consumer VPN service, is terminated, " a notice reads on the company's website. " All cryptographic keys used in the operation of the service have been zerofilled...all records created incidental

Hackers and malware are everywhere, waiting for you around every corner of the Internet. The International Atomic Energy Agency (IAEA) , which holds highly sensitive information and plays a key role in global efforts to prevent the spread of nuclear weapons, said on Tuesday that some of its computers were infected by malicious software, during the past several months. Malware can typically be used by cyber-attackers to gain remote access to systems, or to steal data, however spokesman Serge Gas said . " No data from the IAEA network has been affected ." The computers were located in common areas of the agency's Vienna headquarters, known as the Vienna International Centre (VIC). A third-party technician or visitor with the USB-drive infected with crimeware can be used to infect the system. " The (IAEA) secretariat does not believe that the USB devices themselves were infected or that they could spread the malware further " he said. Last November, the IAEA rev

In 2013 we have seen a dramatic increase in the number of hack attacks attempted against banks, credit unions and utility companies using various techniques including  DDoS attack , SQL injection, DNS Hijacking and Zero-Day Flaws. SQL Injection is one of the most common security vulnerabilities on the web and is successful only when the web application is not sufficiently secured. Recently a hacking Group named ' TeamBerserk ' claimed on Twitter that, they have stolen $100,000 by leveraging user names and passwords taken from a California ISP Sebastian (Sebastiancorp.com)to access victims' bank accounts. A video proof was uploaded on the Internet, shows that how hackers used a SQL injection attack against the California ISP Sebastian to access their customers' database includes  e-mail addresses, user names and clear text passwords and then using the same data to steal money from those customers. Let's see what SQL Injection is and how ser

A Security researcher discovered a critical privacy vulnerability on Verizon Wireless's Web-based customer portal that allows anyone to download user's SMS History and Numbers of other users he communicated with. Back in August, researcher ' Cody Collier ' found that a simple URL exploit could allow any subscriber to extract data using ' Download to SpreadSheet' function. To exploit, an attacker only needs to modify the subscriber's phone number in the URL and this would give an attacker access to the SMS history to the targeted account. https://wbillpay.verizonwireless.com/vzw/accountholder/unbilledusage/UnbilledMessaging.action?d-455677-e=2&1548506v4671=1&mtn= 999999999 Where variable ' mtn ' within the URL defines the mobile number and an attacker just need to modify this. " Message details consist of: Date, Time, To, From, and Direction an SMS or MMS took place. With no user interaction, all that was required was a subscriber's phone nu

A phishing attack is a complex combination of technology and psychology. There are numerous ways in which people are being made fools and they can be conned by hitting on unsecured website links. Sophos experts detected this week an intriguing case of phishing against the Italian postal service Poste Italiane , the scheme attracted the researcher's attention due the reuse of an old social engineering trick. The brand Poste Italiane includes postal, Financial and payment services in its product portfolio and was considered top brand victims by recent F-Secure Threat report. The number of attacks against Poste Italiane is remarkable, the purpose is always to induce its customers into unwittingly submitting their credentials to fake login sites. In the recent attack criminals sent the classic email containing an HTML attachment which the recipient is enticed into opening. " To activate the "Security web Postepay " you need to : - Downlo

Last week Craig Heffner, specialized on the embedded device hacking exposed a serious backdoor in number of D-Link routers allows unauthorized backdoor access. Recently he published his another researcher, Titled ' From China, With Love ', exposed that D-Link is not only the vendor who puts backdoors in their products. According to him, China based networking device and equipment manufacturer - Tenda Technology  (www.tenda.cn) also added potential backdoors into their Wireless Routers. He unpacked the software framework update and locate the httpd binary an found that the manufacturer is using GoAhead server, which has been substantially modified. These routers are protected with standard Wi-Fi Protected Setup (WPS) and WPA encryption key, but still by sending a UDP packet with a special string , an attacker could take over the router. Routers contain a flaw in the httpd component, as the MfgThread() function spawns a backdoor service that listens fo

The Syrian Electronic Army (SEA) is at it again. The hacktivist group, who are known to back Syrian President Bashar al-Assad , has hacked many high profile Qatar based websites, including the Google, Facebook, Aljazeera and Government - Military websites. Starting at about 4:25 am (GMT 5:30+), the Syrian Electronic Army shared this message on Twitter: Qatar is #down and  following that, they went about switching off government and private websites using the .qa extension. The domains are managed by Qatar's Ministry of Information and Communication (ictQatar). Apparently, the Syrian Electronic Army gained access to  Qatar Domain Registrar ( portal.registry.qa ) and modifies the DNS entires to redirects the targeted websites to servers controlled by hackers serving defacement page, that include a picture of Assad and the groups logo, as shown. The List of the targeted websites is posted on Twitter by hackers - these include: moi . gov .qa facebook .qa gov .qa vodafone .qa a

It should be the busiest day of the year for your business, but your website has just disappeared off the Internet and orders have dried up. If this happens to you, then you likely just become yet another victim of a distributed denial of service (DDoS) attack . By now, everyone who uses the Internet has come across DDoS attacks . It is one of the oldest attack technologies on the web, and a popular way of paralyzing the huge data centers. Just yesterday we have reported about a massive 100Gbps DDoS attack that hit World's 3rd Largest Chinese Bitcoin exchange for 9 hours. Arbor Networks, a leading provider of DDoS and advanced threat protection solutions, today released data on global distributed denial of service (DDoS) attack trends for the first three quarters of 2013, revealed that this kind of attack still represents a serious menace for IT security communities.  The document provides an interesting overview into Internet traffic patterns and threat evolutio