The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The critical Firefox vulnerability being actively exploited in the wild to unmask Tor users has been patched with the release of new browser updates. Both Mozilla and Tor Project has patched the vulnerability that allows attackers to remotely execute malicious code on Windows operating system via memory corruption vulnerability in Firefox web browser. Tor Browser Bundle is a repackaged version of the open-source Mozilla Firefox browser that runs connections through the Tor anonymizing network configured to hide its user's public IP address. However, the exploit code released by an unnamed online user was currently being exploited against Tor Browser users to leak the potentially identifying information of Tor users. "The security flaw responsible for this urgent release is already actively exploited on Windows systems," an official of the anonymity network wrote in an advisory published on Wednesday.  "Even though there is currently...no similar explo

Recent corporate breaches have taught us something important — the average enterprise user is spectacularly bad at choosing good passwords. As modern enterprise is becoming a hybrid organization with infrastructure spread across on-premises data centers as well as in the cloud, security of information, applications, and assets has become a paramount concern. Cyber security is no longer an optional strategy for businesses, where limited visibility into the password practices of employees and ineffective monitoring of privileged credentials could end up an organization with a serious security breach and identity theft. The first line of defense for any organization or company is passwords, but most organizations grossly underestimate the need to comply with corporate password policies and meet IT regulatory requirements. Large enterprises have a policy in place that requires end users to choose strong passwords that can withstand dictionary and brute-force attacks, but it come

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

If you own an Android smartphone, Beware! A new Android malware that has already breached more than 1 Million Google accounts is infecting around 13,000 devices every day. Dubbed Gooligan , the malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them. With this information in hands, the attackers are able to hijack your Google account and access your sensitive information from Google apps including Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite. Researchers found traces of Gooligan code in dozens of legitimate-looking Android apps on 3rd-party app stores, which if downloaded and installed by an Android user, malware starts sending your device's information and stolen data to its Command and Control (C&C) server. "Gooligan then downloads a rootkit from the C&C server that takes advantage of multiple Android 4 and 5 exploits including the well-known VROOT (CVE-2013-6282) and Towelroot (CV

Barrett Brown , a journalist, formerly served as an unofficial spokesman for the hacktivist collective Anonymous, finally walked free from prison on Tuesday morning after serving more than four years behind bars. The Dallas-born investigative journalist was arrested in 2012 from his home while he was in the middle of an online chat after posting tweets and YouTube video threatening revenge against an FBI agent. Brown, 35, initially attracted the law enforcement attention in 2011 when he shared a hyperlink to an IRC (Internet Relay Chat) channel where Anonymous members were distributing stolen information from the hack at security think tank Strategic Forecasting or Stratfor. The hack allegedly exposed 200 gigabytes of data, which included email addresses and credit card information from Stratfor clients, including the US Army, US Air Force, and Miami Police Department. Originally facing sentence to more than 100 years in prison, Brown was convicted in January 2015 under

If your computer's security relies on Windows BitLocker Hard Drive Encryption software, then Beware! Because anyone with physical access to your PC can still access your files within few seconds. All an attacker need to do is hold SHIFT+F10 during Windows 10 update procedure. Security researcher Sami Laiho discovered this simple method of bypassing BitLocker, wherein an attacker can open a command-line interface with System privileges just by holding SHIFT+F10 while a Windows 10 PC is installing a new OS build. The command-line interface (CLI) then grants the attacker full access to the computer's hard drive, even when the victim has enabled BitLocker disk encryption feature. Laiho explains that during the installation of a new build (Windows 10 upgrade), the operating system disables BitLocker while the Windows PE installs a new image of the main Windows 10 OS. "The installation [Windows 10 upgrade] of a new build is done by reimaging the machine and the im

Hackers are actively exploiting a zero-day vulnerability in Firefox to unmask Tor Browser users, similar to what the FBI exploited during an investigation of a child pornography site. Tor (The Onion Router) is an anonymity software that not only provides a safe heaven to human rights activists, journalists, government officials, but also is a place where drugs, assassins for hire, child pornography, and other illegal activities has allegedly been traded. A Javascript zero-day exploit currently being actively exploited in the wild is designed to remotely execute malicious code on the Windows operating system via memory corruption flaw in Firefox web browser. The exploit code was publicly published by an admin of the SIGAINT privacy-oriented public email service on the Tor-Talk mailing list. The mailing list message reveals that the zero-day exploit affecting Firefox is currently being exploited against Tor Browser users by unknown attackers to leak the potentially identifyi

Mirai Botnet is getting stronger and more notorious each day that passes by. The reason: Insecure Internet-of-things Devices. Last month, the Mirai botnet knocked the entire Internet offline for a few hours, crippling some of the world's biggest and most popular websites. Now, more than 900,000 broadband routers belonging to Deutsche Telekom users in Germany knocked offline over the weekend following a supposed cyber-attack, affecting the telephony, television, and internet service in the country. The German Internet Service Provider, Deutsche Telekom, which offers various services to around 20 Million customers, confirmed on Facebook that as many as 900,000 customers suffered internet outages on Sunday and Monday. Millions of routers are said to have vulnerable to a critical Remote code Execution flaw in routers made by Zyxel and Speedport, wherein Internet port 7547 open to receive commands based on the TR-069 and related TR-064 protocols, which are meant to use by

Nothing is immune to being hacked when hackers are motivated. The same proved by hackers on Friday, when more than 2,000 computer systems at San Francisco's public transit agency were apparently got hacked. San Francisco's Municipal Transportation Agency, also known as MUNI, offered free rides on November 26th after MUNI station payment systems and schedule monitors got hacked by ransomware and station screens across the city started displaying a message that reads: " You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681 ,Enter. " According to the San Francisco Examiner, MUNI confirmed a Ransomware attack against the station fare systems, which caused them to shut down ticket kiosks and make rides free this weekend. As you can see, the above message delivered by the malware followed by an email address and ID number, which can then be used to arrange ransom payments. MUNI Spokesman Paul Rose said his agency was investigating the m

Remember Steubenville High School Rape Case ? In 2012, Steubenville (Ohio) high school's football team players gang-raped an unconscious teenage girl from West Virginia and took photographs of the sexual assault. In December 2012, a member of the hacker collective Anonymous hacked into the Steubenville High School football fan website Roll Red Roll and leaked some evidence of the rape , including a video taken and shared by the crime's perpetrators in which they joked about the sexual assault. The hack exposed information about the gang rape by two football team players — Trent Mays and Ma'lik Richmond, both 16 at the time of the crime — who were eventually convicted and sentenced in 2013 to 2 and one years behind bars, respectively, but have since been released. In 2013, the FBI raided the home of Deric Lostutter — Anonymous member, also known online as " KYAnonymous " — and seized two laptops, flash drives, CD's, an external hard-drive, cell phones a

New technology is always a little scary, so are Smart Cars. From GPS system and satellite radio to wireless locks, steering, brakes, and accelerator, today vehicles are more connected to networks than ever, and so they are more hackable than ever. It's not new for security researchers to hack connected cars. Previously they had demonstrated how to hijack a car remotely , and how to disable car's crucial functions like airbags by exploiting security bugs affecting significant automobiles. Now this time, researchers at Norway-based security firm Promon have demonstrated how easy it is for hackers to steal Tesla cars through the company's official Android application that many car owners use to interact with their vehicle. Two months ago, Chinese security researchers from Keen Lab managed to hack a Tesla Model S , which allowed them to control a car in both Parking and Driving Mode from 12 miles away. However, Promon researchers have taken an entirely different app

If you receive an image file sent by someone, even your friend, on your Facebook Messenger, LinkedIn or any other social media platform, just DO NOT CLICK ON IT. Even JPG image file could eventually infect your computer with the infamous Locky Ransomware . Earlier this week, we reported a new attack campaign that used Facebook Messenger to spread Locky Ransomware via .SVG image files, although Facebook denied this was the case. Now, researchers have discovered that the ongoing spam campaign is also using boobytrapped .JPG image files in order to download and infect users with the Locky Ransomware via Facebook, LinkedIn, and other social networking platforms. Security researchers from Israeli security firm Check Point have reportedly discovered how cyber criminals are hiding malware in image files, and how they are executing the malware code within these images to infect social media users with Locky variants. According to researchers, malware authors have discovered secu

Cyber security is a major challenge in today's world, as cyber attacks have become more automated and difficult to detect, where traditional cyber security practices and systems are no longer sufficient to protect businesses, governments, and other organizations. In past few years, Artificial Intelligence and Machine Learning had made a name for itself in the field of cyber security, helping IT and security professionals more efficiently and quickly identify risks and anticipate problems before they occur. The good news is that if you are a Windows 10 user, Microsoft will now offer you a machine learning based threat intelligence feature via its inbuilt Windows security service, which will improve the security capabilities available on Windows 10 devices. But, the bad news is that it is not free. The company is offering this "differentiated intelligence" feature on its newly added service to Windows 10, dubbed Windows Defender Advanced Threat Protection (WDAT