The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

In October, we had reported that the creator of the infamous Blackhole  exploit kit was  arrested in Russia  and now the Russian Ministry of Internal Affairs has also confirmed that ' Paunch ', the mastermind behind infamous  BlackHole  exploit kit, along with Gang of 12 other criminals were arrested on October 4, 2013 in Russia. Russian security firm Group-IB has disclosed that it has assisted the police in the investigation of Paunch, who was residing in the city of Togliatti . 27-years old ' Paunch ' is the author of the notorious BlackHole and Cool exploit kits that are today popular among cybercriminals and costs $500 to $700 a month in for buyers. Cool and Blackhole exploit kits are the ready-made hacking tools for easily serving malware from compromised sites, in result to install malware on users' computers using exploits of zero-day vulnerabilities in latest web browsers. The general damage caused by the criminal gang is estimated around US $2.1

Microsoft today announced that its Digital Crimes Unit ( a center of excellence for advancing the global fight against cybercrime ) has successfully disrupted the ZeroAccess botnet, one of the world's largest and most rampant botnet .The Botnet is " disrupted ," not "fully destroyed" , Microsoft itself admits that " do not expect to fully eliminate the ZeroAccess botnet due to the complexity of the threat. " This is the Microsoft's 8th botnet takedown operation in the past three years. With the help of U.S. Federal Bureau of Investigation  ( FBI ) and Europol's European Cybercrime Centre (EC3), Microsoft led to the seizure of servers that had been distributing malware which has infected nearly 2 million computers all over the world, and with that, ZeroAccess botnet's masters are earning more than $2.7 million every month. ZeroAccess was first identified in 2011 by Symanetc, being used for click fraud, the malware can also be used to illicitly mine the v

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

It is always important to secure our system against outside threats i.e. Hackers, but it also required to protect against insider threats. The potential of damage from an Insider threat can be estimated from the example of Edward Snowden who had worked at the NSA , and had authorized access to thousands of NSA's Secret Documents, networks and systems. ' According to a recent Verizon report, insider threats account for around 14% of data breaches in 2013." Mostly, securing data involves just encryption in the cloud and keeping encryption keys out of the hands of rogue employees, but it is not enough where rogue employees should have access to encryption keys as part of their work. To prevent such risk of rogue employees misusing sensitive data, CloudFlare has released an open source encryption software " Red October ," with " two-man rule " style file encryption and decryption. " Two-man rule ", a control mechanism designed to achieve a hi

JPMorgan Chase , one of the world's biggest Banks has recently announced that it was the victim of a cyber attack and warned round 465,000 of its holders of prepaid cash cards on the possible exposure of their personal information. In the Security Breach that took place on the bank's website www.ucard.chase.com  in July, around 465,000 accounts are compromised i.e. 2% of the overall 25 million UCard users. JPMorgan confirmed that there is no risk for holders of debit cards, credit cards or prepaid Liquid cards. They informed the law enforcement in September, and till now no information on how attackers have conducted the attack has been disclosed. The JPMorgan spokesman Michael Fusco declared that the investigation allowed the identification of victim accounts and the data stolen, the bank already notifying the cardholders of the incident. JPMorgan representative also remarked that hackers haven't stolen money from any user's account, due this reason the company is not i

Just like other Web Browsers, The Google Chrome also offers a password manager feature that can save your logins and basic information for automatic form-filling. The Google Chrome browser stores all your passwords in the plain text format and is available for access by opening the following URL in your Chrome browser – " chrome : //settings/passwords ". Unlike Firefox , till now Google Chrome was not offering any Master Protection. Finally Google has implemented a Master Password protection on Chrome password manager in Windows and Mac. Now you have to enter your Windows account password to reveal the saved passwords. The protection will be lifted for a minute, after entering the password, and after that user need to re-login. Previously, Google was criticized many times for such bad password storage Practice because there is no master password, no security, not even a prompt that " these passwords are visible " and this allows anyone with access to a user's c