The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The UK's National Crime Agency has given out an urgent national alert that a mass spamming event targeting 10 million UK based email users with a piece of malware called CryptoLocker that encrypts your files and then demands a ransom money to restore access. The agency has said that the people who are majorly receiving targeted spam emails that appear to be from banks and other financial institutions. Each email comes with attachments that look like files such as a voicemail, fax, an invoice or details of a suspicious transaction, but is in fact Cryptolocker Ransomware malware that encrypts the user's computer. The public should be aware not to click on any such attachment. On Infected system, The Cryptolocker Malware screen will then display a countdown timer that demands the payment of 2 Bitcoins in ransom, worth around £536, for the decryption key. The NCCU is trying to trace that who is sending the emails. " We are working in cooperation wit

The FBI is warning that members of the hacktivist group Anonymous hacking collective have secretly accessed US Government computers and stolen sensitive information in a campaign that began almost a year ago. The Hacktivists have exploited a flaw in Adobe applications to compromise the target systems and install software backdoors to maintain the control of the victims computers over the time, the facts dated back to last December, according to a Reuters report. The hacking campaign affected the U.S. Army, Department of Energy , Department of Health and Human Services, and other government agencies,  FBI reveals.  The Federal Bureau of Investigation memo called the hacking campaign " a widespread problem that should be addressed. " and provided useful information for system administrators that how to determine if their networks were compromised. Government investigators are investigating the scope of the hacking, believed that hackers are still operatin

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

Last Tuesday, Popular Mac news website MacRumors's user forums was hacked and forum database has been compromised including the username, email and passwords belonging to all 860,000 registered users. Yesterday,  Inj3ct0r Team of Exploit Database website  1337Day claimed the responsibility for the hack and also claimed that they have also hacked the official website of vBulletin Forum using a   Zero Day exploit . " Macrumors.com was based on vBulletin CMS. We use our 0day exploit vBulletin , got password moderator. 860000 user data hacked too. The network security is a myth " he told me. During the conversation, team leader told me that he has discovered a Zero Day Remote Code Execution vulnerability in vBulletin v4.x.x and 5.х.x, that allows an attacker to execute arbitrary code on the server end remotely. On their exploit marketplace they are also selling this zero day exploit with Shell Upload payload at $7000 USD. " We found a critical v

Apple has released the latest version of its mobile platform i.e. iOS 7.0.4 includes bug fixes, security patches with some new features. The update is available for iPhone , iPad and iPod touch, identified as " build 11B554a ." Most importantly Apple has patched a critical security flaw that allowed to purchase stuff from the online Apple Store without having to tap in a valid password. Vulnerability assigned as  CVE-2013-5193 , " A signed-in user may be able to complete a transaction without providing a password when prompted. This issue was addressed by additional enforcement of purchase authorization. " Apple's security bulletin says. The patch restores the aforementioned authentication check and will allow app store transactions only  if the user will provide a valid password. The update also addressed an issue that would cause FaceTime calls to fail for some users. Apple recommended users to update their devices immediately. iOS users ca

Security Researcher Dan Melamed discovered an Open URL redirection vulnerability in Facebook that allowed him to have a facebook.com link redirect to any website without restrictions. An open URL Redirection flaw is generally used to convince a user to click on a trusted link which is specially crafted to take them to an arbitrary website, the target website could be used to serve a malware or for a phishing attack . An Open URL Redirection url flaw in Facebook platform and third party applications also exposes the user's access token at risk if that link is entered as the final destination in an Oauth dialog . The Facebook Open URL Redirection vulnerability exists at landing.php  page with " url " parameter, i.e. https://facebook.com/campaign/landing.php?url=https://yahoo.com This URL will always redirects user to the Facebook 's homepage, but it is sufficient to manipulate the "url" parameter assigning a random string: https://facebo

Japanese most popular word processing software ' Ichitaro ' and Multiple Products are vulnerable to a zero day Remote Code Execution Flaw Vulnerability, allowing the execution of arbitrary code to compromise a user's system. According to assigned CVE-2013-5990 ,  malicious attacker is able to gain system access and execute arbitrary code with the privileges of a local user. The vulnerability is caused due to an unspecified error when handling certain document files. " We confirm the existence of vulnerabilities in some of our products. " company blog says. In a blog post, Antivirus Firm Symantec confirmed that in September 2013, they have discovered attacks in the wild attempting to exploit this vulnerability during, detected as  Trojan.Mdropper , which is a variant of  Backdoor.Vidgrab . Researchers mentioned that  Backdoor.Vidgrab variant was used as a payload for a watering hole attack exploiting the Microsoft Internet Explorer Memory

Browser-based botnets are the T-1000s of the DDoS world. Just like the iconic villain of the old Judgment Day movie, they too are designed for adaptive infiltration. This is what makes them so dangerous. Where other more primitive bots would try to brute-force your defenses, these bots can simply mimic their way through the front gate. By the time you notice that something`s wrong, your perimeter has already been breached, your servers were brought down, and there is little left to do but to hang up and move on. So how do you flush out a T-1000? How do you tell a browser-based bot from a real person using a real browser? Some common bot filtering methods, which usually rely on sets of Progressive Challenges , are absolutely useless against bots that can retain cookies and execute JavaScripts. The alternative to indiscriminately flashing CAPTCHA's for anyone with a browser is nothing less than a self-inflicted disaster - especially when the attacks can go on for weeks a