The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The US State Department and the Federal Bureau of Investigation announced Tuesday a $3 Million reward for the information leading to the direct arrest or conviction of Evgeniy Mikhailovich Bogachev , one of the most wanted hacking suspects accused of stealing hundreds of millions of dollars with his malware. This is the highest bounty U.S. authorities have ever offered in any cyber case in its history. The 30-year-old Russian man who, according to bureau, is an alleged leader of a cyber criminal group who developed the GameOver Zeus botnet . STOLE MORE THAN $100 MILLION Evgeniy Mikhailovich Bogachev, also known under the aliases " lucky12345 ," " Slavik ," and " Pollingsoon, " was the mastermind behind the GameOver Zeus botnet , which was allegedly used by cybercriminals to infect more than 1 Million computers and resulted in more than $100 Million in losses since 2011. GameOver Zeus makes fraudulent transactions from online bank account

A critical vulnerability has been discovered in one of the most popular plugins of the the WordPress content management platform that puts more than one Million websites at risks of being completely hijacked by the attackers. The vulnerability actually resides in most versions of a WordPress plugin called Wettable Powder Slimstat (WP-Slimstat) . While there are more than 70 million websites on the Internet currently running WordPress, more than 1.3 Million of them use the 'WP-Slimstat' Plugin , making it one of the popular plugins of WordPress for powerful real-time web analytic. All the WP-Slimstat versions prior to the latest release of Slimstat 3.9.6 contain an easily guessable 'secret' key which is used to sign data sent to and from the visiting end-user computers, explained in a blog post published Tuesday by Web security firm Sucuri. Once the weak 'secret' key is break, an attacker could perform an SQL injection attack against the target website

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Since its return over a month ago, The Pirate Bay — the infamous peer-to-peer file sharing website that has provided only the finest in illegal torrents for more than a decade — has suffered a lot to keep the ship afloat. But, now TPB is experiencing yet more downtime. The Pirate Bay (TPB) torrent search website was down this morning, and users visiting the websites were redirected to the "mobile-friendly" version of its notorious website called The Mobile Bay , but the website wasn't working either. Both the websites displayed identical ' 403 Forbidden ' error messages. The outage was first spotted by TorrentFreak, which noted that The Pirate Bay has been struggling to keep the website online since it returned late January after going dark from the Internet following a raid in Sweden late last year in which several servers and other equipment were seized by the police in Stockholm. The actual cause of the latest downtime wasn't clear that

Apple's operating system is considered to be the most secure operating system whether it's Mac OS X for desktop computers or iOS for iPhones. But believe it or not, they are the most vulnerable operating system of year 2014. MOST VULNERABLE OPERATING SYSTEM  Windows, which is often referred to as the most vulnerable operating system in the world and also an easy pie for hackers, is not even listed on the top three vulnerable OS. According to an analysis by the network and security solutions provider GFI, the top three most vulnerable operating system are: Apple's Mac OS X Apple iOS Linux kernel GFI analysis is based on the data from the US National Vulnerability Database (NVD ), which shows that in 2014, the top three most vulnerable operating systems took owner by the following number of vulnerabilities reported in their software: Mac OS X - Total 147 vulnerabilities were reported, 64 of which were rated as high-severity Apple's iOS - Total 127 vulnerabilities were reported,

A critical vulnerability has been fixed in Samba — Open Source standard Windows interoperability suite of programs for Linux and Unix, that could have allowed hackers to remotely execute an arbitrary code in the Samba daemon ( smbd ). Samba is an open source implementation of the SMB/CIFS network file sharing protocol that works on the majority of operating systems available today, which allows a non-Windows server to communicate with the same networking protocol as the Windows products. Samba is supported by many operating systems including Windows 95/98/NT, OS/2, and Linux. smbd is the server daemon of Samba which provides file sharing and printing services to clients using the SMB/CIFS protocol. Samba is also sometimes installed as a component of *BSD and OS X systems. The vulnerability, designated as CVE-2015-0240 , actually resides in this smbd file server daemon. The bug can be exploited by hackers to potentially execute code remotely with root privileges, the