The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Two suspected hackers have reportedly been arrested in London on suspicion of hacking 70 percent of the CCTV cameras in Washington with ransomware ahead of President Donald Trump's inauguration last month. The arrest took place on 20th January by the officers from the National Crime Agency (NCA) of UK after it received a request from United States authorities, but it has not been disclosed until now. The NCA raided a house in the south of London last month and detained a British man and a Swedish woman, both 50-years-old, reported The Sun. Some 123 of the 187 police CCTV cameras used to monitor public areas in Washington DC stopped working on 12 January, just 8 days before the inauguration of Donald Trump, after a cyber attack hit the storage devices. The cyber attack lasted for about three days, eventually leaving the CCTV cameras out of recording anything between 12 and 15 January. It was reported that the surveillance cameras were left useless after a ransomware made

The insider threat is the worst nightmare for a company, as the employees can access company's most sensitive data without having to circumvent security measures designed to keep out external threats. The rogue employee can collect, leak, or sell all your secrets, including professional, confidential, and upcoming project details, to your rival companies and much more that could result in significant loss to your company. And this is exactly what is happening on Dark Web Marketplace -- a place where one can sell and purchase everything from illicit drugs to exploits, malware, and stolen data. According to a new report from the US-based risk security firm RedOwl and Israeli threat intelligence firm IntSights, staff at corporations are selling company's internal secrets for cash to hackers on one of the most famous dark web markets Kick Ass Marketplace ( Onion URL ). Besides selling their company's secret information, researchers also found evidence of rogue staff

The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain cybersecurity expertise specialized for their industry and strengthen their cybersecurity posture. MSPs and MSSPs looking to meet this growing vCISO demand are often faced with the same challenge. The demand for cybersecurity talent far exceeds the supply. This has led to a competitive market where the costs of hiring and retaining skilled professionals can be prohibitive for MSSPs/MSPs as well. The need to maintain expertise of both security and compliance further exacerbates this challenge. Cynomi, the first AI-driven vCISO platform , can help. Cynomi enables you - MSPs, MSSPs and consulting firms

Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerability that let remote unauthorized hackers modify the content of any post or page within a WordPress site. The nasty bug resides in Wordpress REST API that would lead to the creation of two new vulnerabilities: Remote privilege escalation and Content injection bugs. Wordpress is the world's most popular content management system (CMS) used on millions of websites. The CMS recently added and enabled REST API by default on WordPress 4.7.0. Flaw lets Unauthorised Hacker Redirect Visitors to Malicious Exploits The vulnerability is easy to exploit and affects versions 4.7 and 4.7.1 of the Wordpress content management system (CMS), allowing an unauthenticated attacker to modify all pages on unpatched sites and redirect visitors to malicious exploits and a large number of attacks. The vulnerability was discovered and reported by Marc-Alexandr

Are you the victim of sending awkward WhatsApp messages to your friends, families, and colleagues while you're drunk? No need to panic now, as you'll soon be able to recall your drunk or mistakenly sent text messages on WhatsApp – a much-demanded feature. Recall Unread Messages Sent Mistakenly The most popular instant messaging service is reportedly testing the ability to edit or completely recall messages that have already been sent, allowing you to edit or delete a message from your friend's phone if it is yet to be read. This new feature, first spotted by Twitter account @WABetaInfo , may be included in a new beta version of WhatsApp's next update before making it into a full consumer release. If so, the update will add " Revoke " and " Edit " options for messages with gray tick marks that have not yet been viewed by the recipient. Blue ticks on WhatsApp represents that the recipient has seen your sent messages. If the sender click

Do you own an account on one of the two hugely popular PlayStation and Xbox gaming forums? Your details may have been exposed, as it has been revealed that the two popular video gaming forums, "XBOX360 ISO" and "PSP ISO," has been hacked, exposing email addresses, account passwords and IP addresses of 2.5 Million gamers globally. The attackers hacked and breached both "XBOX360 ISO" and "PSP ISO" forums in September 2015, but the details of this massive hack just emerge, reports The Sun . Mostly gamers who look for free versions of popular games are members of these two gaming forums, which provide download links for gaming ISO files – digital copies of online video games lifted from physical game disks – to the owners of Microsoft's Xbox 360 and Sony's Playstation Portable. Visiting such forum websites and downloading games through the provided links often involve an illegal breach of copyright. So, if you are one of those ga

Remember the Hacker who hacked Hacking Team ? In 2015, a hacker named Phineas Fisher hacked Hacking Team – the Italy-based spyware company that sells spying software to law enforcement agencies worldwide – and exposed some 500 gigabytes of internal data for anyone to download. Now, the Spanish authorities believe that they have arrested Phineas Fisher, who was not just behind the embarrassing hack of Hacking Team, but also hacked the UK-based Gamma International, another highly secretive company which sells the popular spyware called " FinFisher ." During an investigation of a cyber attack against Sindicat De Mossos d'Esquadra (SME), Spain's Catalan police union, police in Spain have arrested three people, one of which detained in the city of Salamanca is suspected of being Fisher, according to local newspaper ARA . The cyber attack was carried out in May last year when Fisher announced via his own Twitter account that he had hacked the SME and also publ