The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

ATM hackers who long relied on tactics of stealing payment card numbers and online banking credentials to steal millions are now targeting the bank itself to steal cash directly from the machines. Earlier this year, a gang of cyber criminals infected several ATMs with malware in Taiwan and Thailand that caused the machines to spit out millions in cash, and the gang members then stood in front of the infected ATMs at the appointed hour and collected the money. Now, the FBI has warned U.S. banks of the potential for similar ATM jackpotting attacks, saying that the agency is "monitoring emerging reports indicating that well-resourced and organized malicious cyber actors have intentions to target the U.S. financial sector." ATM jackpotting is a technique used to force automated teller machines to spit out cash. According to Russian cyber security firm Group-IB, cyber crooks have remotely infected ATMs with malware in more than dozen countries across Europe this year,

Yes, Oracle just bought the DNS provider company that brought down the Internet last month. Business software vendor Oracle announced on Monday that it is buying cloud-based Internet performance and Domain Name System (DNS) provider Dyn. Dyn is the same company that was hit by a massive distributed denial of service (DDoS) attack by the Mirai botnet last month which knocked the entire Internet offline for a few hours, crippling some of the world's biggest and most popular websites. Since the company provides cloud-based DNS service to customers such as Spotify, Netflix, Twitter and Pfizer, the acquisition will help Oracle's cloud customers to optimize their infrastructure costs and performance. According to the press release , the Dyn acquisition "extends the Oracle cloud computing platform and provides enterprise customers with a one-stop shop for Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS)." "Oracle Cloud customers will

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

If you came across any Facebook Message with an image file (exactly .SVG file format) send by any of your Facebook friends, just avoid clicking it. An ongoing Facebook spam campaign is spreading malware downloader among Facebook users by taking advantage of innocent-looking SVG image file to infect computers. If clicked, the file would eventually infect your PC with the nasty Locky Ransomware , a family of malware that has quickly become one of the favorite tools among criminals due to its infecting capabilities. Discovered by malware researcher Bart Blaze , the attack campaign uses Facebook Messenger to spread a malware downloader called Nemucod that takes the form of .SVG image files. Why SVG file? Hackers considered SVG (or Scalable Vector Graphics) files for spreading the malware downloader, because SVG has the ability to contain embedded content such as JavaScript, and can be opened in a modern web browser. Crooks added their malicious JavaScript code right inside th

Here's some bad news for Android users again. Nearly 3 Million Android devices worldwide are vulnerable to man-in-the-middle (MITM) attacks that could allow attackers to remotely execute arbitrary code with root privileges, turning over full control of the devices to hackers. According to a new report from security rating firm BitSight, the issue is due to a vulnerability in the insecure implementation of the OTA (Over-the-Air) update mechanism used by certain low-cost Android devices, including BLU Studio G from US-based Best Buy. Backdoor/Rootkit Comes Pre-installed The vulnerable OTA mechanism, which is associated with Chinese mobile firm Ragentek Group, contains a hidden binary — resides as /system/bin/debugs — that runs with root privileges and communicates over unencrypted channels with three hosts. According to the researchers, this privileged binary not only exposes user-specific information to MITM attackers but also acts as a rootkit, potentially allowing

Big tech companies, including Facebook, Google, and Microsoft, are in the race of bringing Internet connectivity to unconnected parts of the world through wireless devices , flying drones , high-altitude balloons, and laser beams . But, SpaceX founder Elon Musk has big plans for bringing low-cost Internet service worldwide, and it all starts in space. Private rocket launch service SpaceX has asked the U.S. government for permission to launch 4,425 satellites in orbit to beam high-speed Internet down to the world, according to a newly filed application with the Federal Communications Commission (FCC). That's a hell of a lot of satellites; in fact, the figure surpasses the total number of satellites in the Earth's orbit. Here's what the company's 102-page technical document reads: "The system is designed to provide a wide range of broadband and communications services for residential, commercial, institutional, governmental and professional users world

Three, one of UK's biggest mobile operators, has become the latest victim of a massive data breach that reportedly left the personal information and contact details of 6 Million of its customers exposed. The company admitted the data breach late Thursday, saying that computer hackers gained access to a Three Mobile customer phone upgrade database containing the account details of nearly 6 Million customers. According to multiple British  media reports citing both Three and the National Crime Agency ( NCA ), the computer hackers used an employee login to gain entry into its database. The stolen data includes customer names, addresses, phone numbers and dates of birth, which is then used to carry out mobile phone fraud. The company has not yet confirmed the total number of users' affected by the breach, though it assured its customers that no payment data, including bank account numbers and card numbers, has been accessed. According to Three, the hackers had stolen