The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The UK's National Crime Agency has given out an urgent national alert that a mass spamming event targeting 10 million UK based email users with a piece of malware called CryptoLocker that encrypts your files and then demands a ransom money to restore access. The agency has said that the people who are majorly receiving targeted spam emails that appear to be from banks and other financial institutions. Each email comes with attachments that look like files such as a voicemail, fax, an invoice or details of a suspicious transaction, but is in fact Cryptolocker Ransomware malware that encrypts the user's computer. The public should be aware not to click on any such attachment. On Infected system, The Cryptolocker Malware screen will then display a countdown timer that demands the payment of 2 Bitcoins in ransom, worth around £536, for the decryption key. The NCCU is trying to trace that who is sending the emails. " We are working in cooperation wit

The FBI is warning that members of the hacktivist group Anonymous hacking collective have secretly accessed US Government computers and stolen sensitive information in a campaign that began almost a year ago. The Hacktivists have exploited a flaw in Adobe applications to compromise the target systems and install software backdoors to maintain the control of the victims computers over the time, the facts dated back to last December, according to a Reuters report. The hacking campaign affected the U.S. Army, Department of Energy , Department of Health and Human Services, and other government agencies,  FBI reveals.  The Federal Bureau of Investigation memo called the hacking campaign " a widespread problem that should be addressed. " and provided useful information for system administrators that how to determine if their networks were compromised. Government investigators are investigating the scope of the hacking, believed that hackers are still operatin

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Last Tuesday, Popular Mac news website MacRumors's user forums was hacked and forum database has been compromised including the username, email and passwords belonging to all 860,000 registered users. Yesterday,  Inj3ct0r Team of Exploit Database website  1337Day claimed the responsibility for the hack and also claimed that they have also hacked the official website of vBulletin Forum using a   Zero Day exploit . " Macrumors.com was based on vBulletin CMS. We use our 0day exploit vBulletin , got password moderator. 860000 user data hacked too. The network security is a myth " he told me. During the conversation, team leader told me that he has discovered a Zero Day Remote Code Execution vulnerability in vBulletin v4.x.x and 5.х.x, that allows an attacker to execute arbitrary code on the server end remotely. On their exploit marketplace they are also selling this zero day exploit with Shell Upload payload at $7000 USD. " We found a critical v

Apple has released the latest version of its mobile platform i.e. iOS 7.0.4 includes bug fixes, security patches with some new features. The update is available for iPhone , iPad and iPod touch, identified as " build 11B554a ." Most importantly Apple has patched a critical security flaw that allowed to purchase stuff from the online Apple Store without having to tap in a valid password. Vulnerability assigned as  CVE-2013-5193 , " A signed-in user may be able to complete a transaction without providing a password when prompted. This issue was addressed by additional enforcement of purchase authorization. " Apple's security bulletin says. The patch restores the aforementioned authentication check and will allow app store transactions only  if the user will provide a valid password. The update also addressed an issue that would cause FaceTime calls to fail for some users. Apple recommended users to update their devices immediately. iOS users ca

Security Researcher Dan Melamed discovered an Open URL redirection vulnerability in Facebook that allowed him to have a facebook.com link redirect to any website without restrictions. An open URL Redirection flaw is generally used to convince a user to click on a trusted link which is specially crafted to take them to an arbitrary website, the target website could be used to serve a malware or for a phishing attack . An Open URL Redirection url flaw in Facebook platform and third party applications also exposes the user's access token at risk if that link is entered as the final destination in an Oauth dialog . The Facebook Open URL Redirection vulnerability exists at landing.php  page with " url " parameter, i.e. https://facebook.com/campaign/landing.php?url=https://yahoo.com This URL will always redirects user to the Facebook 's homepage, but it is sufficient to manipulate the "url" parameter assigning a random string: https://facebo

Japanese most popular word processing software ' Ichitaro ' and Multiple Products are vulnerable to a zero day Remote Code Execution Flaw Vulnerability, allowing the execution of arbitrary code to compromise a user's system. According to assigned CVE-2013-5990 ,  malicious attacker is able to gain system access and execute arbitrary code with the privileges of a local user. The vulnerability is caused due to an unspecified error when handling certain document files. " We confirm the existence of vulnerabilities in some of our products. " company blog says. In a blog post, Antivirus Firm Symantec confirmed that in September 2013, they have discovered attacks in the wild attempting to exploit this vulnerability during, detected as  Trojan.Mdropper , which is a variant of  Backdoor.Vidgrab . Researchers mentioned that  Backdoor.Vidgrab variant was used as a payload for a watering hole attack exploiting the Microsoft Internet Explorer Memory

Browser-based botnets are the T-1000s of the DDoS world. Just like the iconic villain of the old Judgment Day movie, they too are designed for adaptive infiltration. This is what makes them so dangerous. Where other more primitive bots would try to brute-force your defenses, these bots can simply mimic their way through the front gate. By the time you notice that something`s wrong, your perimeter has already been breached, your servers were brought down, and there is little left to do but to hang up and move on. So how do you flush out a T-1000? How do you tell a browser-based bot from a real person using a real browser? Some common bot filtering methods, which usually rely on sets of Progressive Challenges , are absolutely useless against bots that can retain cookies and execute JavaScripts. The alternative to indiscriminately flashing CAPTCHA's for anyone with a browser is nothing less than a self-inflicted disaster - especially when the attacks can go on for weeks a

A Mysterious Hacker who goes by the " Pinkie Pie " handle is rewarded with $50,000 USD for hacking into the Google Chrome browser for Nexus 4 and Samsung Galaxy S4 . At Information Security Conference PacSec 2013 in Tokyo, during the HP's Pwn2Own contest, a zero-day exploit  showcased by " Pinkie Pie ", that took advantage of two vulnerabilities: An integer overflow that affects Chrome. Chrome vulnerability that resulted in a full sandbox escape. For successful exploitation, you have to get your victim to visit a malicious website e.g. clicking a link in an email, or an SMS or on another web page. He demonstrated this zero-day attack with remote code execution vulnerability on the affected devices. It is not known whether other Android phones are also vulnerable to same flaw or not. Vulnerability has been disclosed to Google by the Contest organizers and the company is working to address the issue as soon as possible. Researchers from

At Information Security Conference PacSec 2013 in Tokyo, Apple's Safari browser for the iPhone 5 and the Samsung Galaxy S4 have been exploited by two teams of Japanese and Chinese white hat hackers. In HP's Pwn2Own 2013 contest , Japanese squad Team MBSD, of Mitsui Bussan Secure Directions won won $40,000 reward for zero day exploit for hacking Samsung Galaxy S4. The vulnerabilities allow the attacker to wholly compromise the device in several ways, such as using a drive-by download to install malware on the phone. In order for the exploit to be successful, the group lured a user to a malicious website, gained system-level privileges and installed applications that allowed the team to gather information, including SMS messages, contacts and browsing history. They  Another Hackers Team from Keen Cloud Tech in China showed how to exploit a vulnerability in iOS version 7.0.3 to steal Facebook login credentials and a photo from a device running iOS 6.1.4. They wo

Popular Mac news and information site MacRumors user forums have been breached by hackers on Monday this week. More than 860,000 usernames, emails and hashed passwords were potentially compromised. Users are advised to users that they change their passwords on the forums, as well as any other sites or services where the same password has been used. MD5 with or without salt, to be an inadequate means of protecting stored passwords. Back in 2012, the original author of the MD5 password hash algorithm has publicly declared that MD5 is no longer considered safe to use on commercial websites. u The owner of the site, Arnold Kim, apologized for the intrusion and said that it occurred because the hacker gained access to a moderator account, which then allowed the intruder to escalate their own privileges with the goal of stealing user login credentials. " We are looking into it further to see if there was another exploit, but there hasn't been any evidence of it

Another Bitcoin Exchange hacked!  Bitcash. CZ based out of the Czech Republic has been hacked and Money from 4000 Bitcoin wallets have been Stolen, value of over 2 million Czech Koruna i.e. Approx $100,000. Bitcash.cz  is currently down with a maintenance message that on the evening of November 11, their server was compromised by unknown Hackers and  bitcoins from its clients were stolen. Hackers appear to have sent emails from Bitcash.cz email accounts pretending to be members of staff. The emails claim the company had to use a US recovery company to get back the bitcoins that have been stolen and recipients are then apparently asked to send 2 BTC to a wallet address in order for their bitcoins to be returned. " We are trying to resolve the situation, but we want to warn our users about fraudulent emails and scams [claiming to be from Bitcash] " site said on their Facebook page. Meanwhile, GBL, the Chinese Bitcoin exchange mysteriously disappeared, t

Today computer telecommunications have become one of the most prevalent techniques used by pedophiles to share illegal photographic images of minors and to lure children into illicit sexual relationships. The Internet has dramatically increased the access of the preferential sex offenders to the population they seek to victimize and provides them greater access to a community of people who validate their sexual preferences. The Fourth Amendment is the most implicated and litigated portion of the Constitution. Courts are increasingly confronting the problems associated with adapting Fourth Amendment principles to modern technology. If you think that your peer-to-peer file sharing can be kept under wraps, then please think again. A federal judge ' Christina Reiss ' in Vermont has ruled that there should be no expectation of privacy for data shared across peer-to-peer file-sharing services. In a Child pornography case, three defendants argued that information gained

Adobe released critical security patches for its ColdFusion web application server and  Adobe Flash Player for Mac, Windows and Linux. Adobe AIR and the AIR SDK and Compiler are also being updated. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system, dubbed as CVE-2013-5329, CVE-2013-5330. The following software versions are affected and should be updated as soon as possible: Adobe Flash Player 11.9.900.117 and earlier versions for Mac and Windows Adobe Flash Player 11.2.202.310 and earlier versions for Linux Adobe AIR 3.9.0.1030 and earlier versions for Windows and Macintosh Adobe has also released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and Linux, addresses two vulnerabilities: Cross-site scripting (XSS) vulnerability (CVE-2013-5326) Allow unauthorized remote read access (CVE-2013-5328) Both products have been patched mul

A Singaporean hacker calling himself the " The Messiah " was arrested in Kuala Lumpur last Monday for hacking into a Singaporean government website over two weeks ago - from a Kuala Lumpur apartment. James Raj (35) charged with hacking of  Ang Mo Kio town council  website and posting a symbol associated with international hacker group Anonymous. He was charged under the Computer Misuse and Cybersecurity Act. If found guilty, he could be jailed for up to three years and fined S$10 , 000. Police said Raj was also linked to a series of hacking incidents, including penetrating the website of a charity group related to the ruling People's Action Party. Police declined to give details but suggested that Raj was not responsible for defacing the prime minister's office and presidential palace websites on November 7 and 8. Five other local men are being held for allegedly hacking the websites of Singapore's president and prime minister websites i.e.  Muhammad

For years, the Capture the Flag platform has been a common and very popular part of the hacker convention scene. Teams come from all over the world to show their skill and technique in various competitions. The CTF365 team took that interest, passion and excitement and went to a new level in their platform. That original capture the flag environment is now available to anyone from the safety and comfort of their own home. Not only is the original and fun capture the flag platform available, but the CTF365 team is bringing in red verses blue competitions, as well as an entire exploitable virtual world! While still in alpha, the development team is working tirelessly to bring a brand new approach to an original favorite to the hacker and information security community. What is CTF365? CTF365 is a revolution in the world of capture the flag, simulated attacks and Information security as a whole. Capture the flag is always a fan favorite at hacker conventions, online and

Edward Snowden , a former contractor at America's National Security Agency (NSA) , has rocked the intelligence world by leaking secret documents which reveal the previously unknown extent of global spying. But looks like the NSA isn't the only one using dirty digital tricks to hack its targets. Back in September, it was reported that the UK's equivalent of the NSA, GCHQ had hacked Belgacom , a leading telecommunications provider in Belgium. Some New analysis of the Snowden papers by German magazine Der Spiegel shows that British intelligence agency GCHQ created fake LinkedIn and Slashdot pages to spy on computers of  Belgacom  network engineers. Communications networks are particularly valuable to spies, because they allow instant access to individual users. Belgacom provides internet access to dozens of key EU institutions based in its capital city Brussels and its global roaming exchange is a hub for connections between various international mobile network

Security researchers at FireEye have detected a new series of drive-by attacks based on a new Internet Explorer zero-day vulnerability. The attackers breached a website based in the US to deploy the exploit code to conduct a classic watering hole attack. The discovery was announced just a few days after Microsoft revealed the Microsoft Zero-day CVE-2013-3906 , a Zero-day vulnerability in Microsoft graphics component that is actively exploited in targeted attacks using crafted Word documents sent by email. Microsoft graphics component zero-day vulnerability allows attackers to install a malware via infected Word documents and target Microsoft Office users running on Windows Vista and Windows Server 2008. Recently reported new Internet Explorer zero-day vulnerability detected by FireEye affects the English versions of IE 7 and 8 in Windows XP and IE 8 on Windows 7, but according the experts it can be easily changed to leverage other languages. Experts at FireEye conf