The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The fight to protect your company's data isn't for the faint of heart. As an embattled IT warrior, with more systems, apps, and users to support than ever before, keeping everything up and running is a battle in itself. When it comes to preventing the worst-case scenario from happening, you need all the help you can get, despite your super-hero status. According to SANS, there are 6 key phases of an incident response plan. Preparation - Preparing users and IT to handle potential incidents in case they happen Identification - Figuring out what we mean by a "security incident" (which events can we ignore vs. which we must act on right now?) Containment - Isolating affected systems to prevent further damage Eradication - Finding and eliminating the root cause (removing affected systems from production) Recovery - Permitting affected systems back into the production environment (and watching them closely) Lessons Learned - Writing everything down and reviewing an...

The non-profit Tor Project has accused the FBI of paying the security researchers of Carnegie Mellon University (CMU) at least $1 Million to disclose the technique they had discovered that could help them… …Unmask Tor users as well as Reveal their IP addresses as part of a criminal investigation. As evidence, the Tor Project points to the cyber attack that it discovered last year in July. The team discovered more than hundred new Tor relays that modified Tor protocol headers to track people who were looking for Hidden Services – web servers hosted on Tor that offers more privacy. The Evidence The unknown attackers used a combination of nodes and exit relays, along with some vulnerabilities in the Tor network protocol that let them uncovered users' real IP addresses. The attack reportedly began in February 2014 and ran until July 2014, when the Tor Project discovered the vulnerability. Within few days, the team updated its software and rolled out new ve...

The US government has charged hackers over the largest ever hacking case in financial history. The US Court of the Southern District of New York has charged three men accused of hacking into many financial institutions, including JPMorgan Chase that, according to the officials, was "the largest theft of user data from a U.S. financial institution in history." JPMorgan Chase is one of the world's biggest banks that controls total assets worth more than $2.59 Trillion . The Hackers targeted at least nine financial institutions between 2012 and mid-2015, including JPMorgan Chase, brokerages and a major business news publication, and stolen information of " over 100 Million customers ," Bloomberg reported Tuesday. The three men, including Gery Shalon , Ziv Orenstein , and Joshua Samuel Aaron were charged with 23 counts, including hacking, identity theft, securities fraud, and money laundering, among others. A separate indictment was also ...

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra's subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them.  All the guest user needs are the permissions to create subscriptions in their home tenant, and an invitation as a guest user into an external tenant. Once inside, the guest user can create subscriptions in their home tenant, transfer them into the external tenant, and retain full ownership rights. This stealthy privilege escalation tactic allows a guest user to gain a privileged foothold in an environment where they should only have limited access. Many organizations treat guest accounts as low-risk based on their temporary, limited access, but this behavior, which works as designed, opens the door to known attack paths and lateral movement within the resource t...

Vulnerabilities are common these days and when we talk about mobile security, this year has been somewhat of a trouble for Android users. Almost every week we come across a new hack affecting Android devices. One of the serious vulnerabilities is the  Stagefright Security Bug , where all it needed to install malicious code on the Android devices was a simple text message. Although Google patched these security holes in its latest Android update, manufacturers can take a long time to release their own updates, and it's even possible that older devices may not get the updates at all. So, even after the release of patches for these critical vulnerabilities, it is difficult to say which Android devices are at risk of what bugs. There is a one-click solution to this problem. One Android app can help educate you and help you know whether your devices is at risk. One-Click Solution to Check Your Device for All Critical Bugs Android Vulnerability Test Suite ( VT...

Since past few years, Ransomware has emerged as one of the catastrophic malware programs that lets hacker encrypts all the contents of a victim's hard drive or/and server and demands ransom (typically to be paid in Bitcoin ) in exchange for a key to decrypt it. Until now cyber criminals were targeting computers, smartphones and tablets, but now it appears they are creating ransomware that makes the same impact but for Web Sites – specifically holding files, pages and images of the target website for Ransom. Dubbed Linux.Encoder.1 by Russian antivirus firm Dr.Web , the new strain of ransomware targets Linux-powered websites and servers by encrypting MySQL, Apache, and home/root folders associated with the target site and asking for 1 Bitcoin ( ~ $300 ) to decrypt the files. The ransomware threat is delivered to the target website through known vulnerabilities in website plugins or third-party software. Must Read: FBI Suggests Ransomware Victims — 'Just Pay th...