The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A New York-based online ad network company AppNexus, that provides a platform specializing in real-time online advertising, has again been spotted as the origin of a recent "malvertising" campaign that makes use of the Angler Exploit Kit to redirect visitors to malicious websites hosting the Asprox malware. AppNexus servers process 16 billion ad buys per day, making it the biggest reach on the open web after Google. Back in May, AppNexus was serving malicious ads targeting Microsoft's Silverlight platform. The world's largest Internet Video Subscription service Netflix runs on Silverlight, and because of its popularity, hackers have been loading exploit kits with Silverlight. As part of this campaign, users of several high-profile websites including Java.com, Deviantart.com, TMZ.com, Photobucket.com, IBTimes.com, eBay.ie, Kapaza.be and TVgids.nl , last week were redirected to websites serving malicious advertisements that infected visitors by installing botnet ma

Microsoft today reissued a security update for Windows to the faulty update that previously caused PCs to suffer Blue Screens of Death (BSoD) . The new security update comes almost two weeks after reports emerged that the dodgy update crippled users' computers with the infamous "Blue Screens of Death." The company later advised people to uninstall the update, but now it has fixed the issue. " This month we had our first roll out with additional non-security updates. A small number of customers experienced problems with a few of the updates ," Tracey Pretorius, director of Microsoft Trustworthy Computing, wrote in a blog post .   " As soon as we became aware of some problems, we began a review and then immediately pulled the problematic updates, making these available to download. We then began working on a plan to re-release the affected updates." The offending Microsoft patch identified as MS14-045 , fixes Windows kernel vulnerabilities in 47 of Micro

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Hackforums - one of the popular hacking forum in the world - has been hacked and defaced by the famous Egyptian hacker with the online handle Eg-R1z . HackForums is popular among both whitehats and blackhats. On one end of the spectrum, HackForums helps over 110,000 hacking community members to remove dangerous malware off of their computers, as well as promotes research and learning of various malwares. But on the other end, it servers as a great platform for hackers and cyber thieves as well, who posts infected material in order to victimize others. The website is hosted in Europe on a server and expected to be earning an estimated $7,316 USD on a daily basis. Last night, hackforums.net went dark with a defacement message that reads: "[403 Forbidden Error] - You might be blocked by your IP, Country, or ISP." That's really nasty msg guys , don't u think so?! Just sending greets from Egypt i-Hmx , H3ll C0D3 , Egyptian.H4x0rZ ./Eg-R1z Cr3w It i

Routers manufactured and sold by Chinese security vendor have a hard-coded password that leaves users with a wide-open backdoor that could easily be exploited by attackers to monitor the Internet traffic. The routers are sold under the brand name Netcore in China, and Netis in other parts of the world , including South Korea, Taiwan, Israel and United States. According to Trend Micro , the backdoor — a semi-secret way to access the device — allows cybercriminals the possibility to bypass device security and to easily run malicious code on routers and change settings. Netis routers are known for providing the best wireless transfer speed up to 300Mbps, offering a better performance on online gaming, video streaming, and VoIP phone calling. The Netcore and Netis routers have an open UDP port listening at port 53413 , which can be accessed from the Internet side of the router . The password needed to open up this backdoor is hardcoded into the router's firmware.

Along with the release of Chrome 37 for Windows, Mac, and Linux , Google today also released a long-awaited 64-bit stable version of its Chrome browser for Windows systems. The company has been working on the 64-bit support for Windows 7 and Windows 8 since June. Back in June, Google first released Chrome 64-bit only in the browser's Dev and Canary channels. Then in July, the beta channel received the same update, and now, finally Chrome 64-bit is available in the stable channel. The new 64-bit version of Chrome offers three main advantages: Speed Security Stability Therefore, for those of you on a compatible 64-bit system, this new version will offer faster performance as well as security and stability enhancements in comparison to 32-bit version. But, Chrome 64-bit is still an opt-in process. So, if you want to take advantage of it, you can hit the new "Windows 64-bit" download link over at google.com/chrome . SPEED ENHANCEMENT Google claims that certain

More than half of South Korea's 50 million population aged between 15 and 65 have been affected in a massive data breach, compromising their personal information. The data breach came to light when 16 individual were arrested following the theft of about 220 million stolen records from a number of online game, ringtone storefronts and movie ticket sites that contains personally identifiable information related to 27 million victims. The stolen records included actual name, account name, password and resident registration number of the victims, According to the English version of a Seoul-based daily newspaper, the Korea Joongang Daily . Among 16 perpetrators, the South Jeolla Provincial Police Agency arrested a 24-year-old man named 'Kim' , for allegedly obtaining and selling all 220 million personal information including names, registration numbers, account names, and passwords , from a Chinese hacker he met through an online game in 2011. Police estimated the