The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Koreans have once again gain media attention but this time not as an accused of any kind of hack attack, but as a victim of a severe attack on computers systems at a nuclear power plant in South Korea by an unknown hacker or a group. South Korea was hit by a cyber attack on its nuclear power plant, causing the operator to conduct drills in order to test the ability of the nuclear plant to cope with a full-scale cyber-attack. Although the plant's operator says no critical data has been leaked. The cyber attack came into light after a hacker posted blueprints of nuclear reactors online and threatened further "leaks" unless authorities close down the reactors. According to the South Korean Yonhap News Agency, the hacker was able to access blueprints of reactors, floor maps and other internal information on the plant. Last week with the help of a Twitter account named " president of anti-nuclear reactor group ," the hacker posted leaked data revea

First time ever in the History, Apple Inc. has pushed out an automatic security update for Macintosh OS X computers to address a critical security issue that, according to the company, was too risky to wait for users to patch after seeking their prior approval. Despite having the ability for years to silently and automatically update its users computers, Apple typically asks its users' permission to approve them manually or automatically before installing any security update of this kind. But, the company has exercised its ability for the very first time to patch a critical security flaw in a component of its OS X operating system called the Network Time Protocol (NTP) . This newly discovered security vulnerability, assigned CVE-2014-9295, became public late last week and affects all operating systems, including OS X and other Linux and Unix distributions, running versions of NTP4 prior to 4.2.8. NTP is used for synchronizing clocks between computer systems and across the globa

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Tor has been targeted once again, but this time at a much larger scale. A new attack on Tor network reportedly would either completely shut it down worldwide or turn it into evil network. This time Tor – an internet browser which allows people to maintain their anonymity online by protecting their location – is warning its users of a cyber attack that quietly seized some of its network specialized servers called Directory Authorities (DA) , the servers that help Tor clients to find Tor relays in the anonymous network service. Tor network architecture relies on ten Directory Authorities whose information is hardcoded into Tor clients. These directory authorities are located in the Europe and United States, and maintain the signed list of all the verified exit relays of the Tor network, and according to experts, attack on these backbone servers can "incapacitate" the overall architecture of Tor. " The Tor Project has learned that there may be an attempt to incapacit

Sony was forced to pull the cinema release of " The Interview ," scheduled for Christmas day, after hacker group Guardians of Peace (GOP) threatened to attack any theater that decided to show the film. But the studio will release the controversial North Korean-baiting film via different alternatives. HACKERS WARNED OF TERROR ATTACK The massive hacking attack against Sony Pictures Entertainment is getting worst day by day. The hack has yet exposed about 200 gigabytes of confidential data belonging to the company from upcoming movie scripts to sensitive employees data, celebrities phone numbers and their travel aliases, and also the high-quality versions of 5 newest films leak , marking it as the most severe hack in the History. Week back, the hacker group GOP, who has claimed responsibility for the damaging Sony cyber-attack, demanded Sony to cancel the release of " The Interview " — the Seth Rogen and James Franco-starring comedy centered around a T

Security researchers have discovered a massive security flaw that could let hackers and cybercriminals listen to private phone calls and read text messages on a potentially vast scale – no matter if the cellular networks use the latest and most advanced encryption available. The critical flaw lies in the global telecom network known as Signal System 7 that powers multiple phone carriers across the world, including AT&T and Verizon , to route calls, texts and other services to each other. The vulnerability has been discovered by the German researchers who will present their findings at a hacker conference in Hamburg later this month. "Experts say it's increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world's billions of cellular customers," said The Washington Post, which first uncovered flaws in the system earlier this year. NUMBER OF SECURITY FLAWS IN SS7 SS7 or