The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The Pirate Bay has fought many legal battles since its launch in 2003 to keep the website operational for the last 13 years. However, this time The Pirate Bay is suffering a major blow after the Swedish Court ruled Thursday that it will take away the domain names 'ThePirateBay.se' and 'PirateBay.se' of the world's most popular torrent website and will hand over them to the state. As its name suggests, The Pirate Bay is one of the most popular file-sharing torrent site predominantly used for downloading pirated or copyrighted media and programs free of charge. Despite the criminal convictions, the torrent site remains functioning although it has moved to different Web domains several times. However, this time, The Pirate Bay loses its main .SE domain, the world's 225th most popular website according to the Alexa ranking, according to Swedish newspaper DN . "In common with the District Court ruling the Court of Appeal finds that there is a b

SWIFT, the global Society for Worldwide Interbank Financial Telecommunications, warned on Thursday of a second malware attack similar to the Bangladesh central bank hack one that led to $81 million cyber heist. In February,  $81 Million cyberheist at the Bangladesh central bank was carried out by hacking into SWIFT, the global financial messaging system that thousands of banks and companies around the world use to transfer billions of dollars every day. However, the hackers behind the cyber heist appear to be part of a comprehensive online attack on global banking and financial infrastructure. The second attack involving SWIFT targeted a commercial bank, which the company declined to identify. SWIFT also did not immediately clear how much money, if any, was stolen in the attack. However, SWIFT spokeswoman Natasha de Teran said that the second attack and the Bangladesh bank heist contained numerous similarities and were very likely part of a "wider and highly adaptive

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

Mozilla has filed a brief with a U.S. District Court asking the FBI to disclose the potential vulnerabilities in its Firefox browser that the agency exploited to unmask TOR users in a criminal investigation. Last year, the FBI used a zero-day flaw to hack TOR browser and de-anonymize users visiting child sex websites. Now, Mozilla is requesting the government to ask the FBI about the details of the hack so that it can ensure the security of its Firefox browser. TOR is an anonymity software that provides a safe haven to human rights activists, government, journalists but also is a place where drugs, child pornography, assassins for hire and other illegal activities has allegedly been traded. TOR Browser Bundle is basically an Internet browser based on Mozilla Firefox configured to protect the user's anonymity via Tor and Vidalia. In 2015, the FBI seized computer servers running the world's largest dark web child pornography site 'Playpen' from a web host in Lenoir, No

How to Hack an Android device? It is possibly one of the most frequently asked questions on the Internet. Although it's not pretty simple to hack Android devices and gadgets, sometimes you just get lucky to find a backdoor access. Thanks to Allwinner, a Chinese ARM system-on-a-chip maker, which has recently been caught shipping a version of Linux Kernel with an incredibly simple and easy-to-use built-in backdoor. Chinese fabless semiconductor company Allwinner is a leading supplier of application processors that are used in many low-cost Android tablets, ARM-based PCs, set-top boxes, and other electronic devices worldwide. Simple Backdoor Exploit to Hack Android Devices All you need to do to gain root access of an affected Android device is… Send the text " rootmydevice " to any undocumented debugging process. The local privileges escalation  backdoor code for debugging ARM-powered Android devices managed to make its way in shipped firmware after fir

Mr. Robot was the biggest 'Hacking Drama' television show of 2015 and its second season will return to American TV screens on Wednesday 13th of July 2016. However, the new promotional website for season two of Mr. Robot has recently patched a security flaw that could have easily allowed a hacker to target millions of fans of the show. A White Hat hacker going by the alias Zemnmez discovered a Cross-Site Scripting (XSS) vulnerability in Mr. Robot website on Tuesday, the same day Mr. Robot launched a promo for its second series. The second season of the television show had already received praise from both critics and viewers for its relatively accurate portrayal of cyber security and hacking, something other cyber crime movies and shows have failed at badly. The new series also features a surprising yet welcome guest: President Barack Obama , who is giving a speech about a cyber threat faced by the nation. The flaw Zemnmez discovered on the show's website coul