#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Russian Hackers Made 'Tainted Leaks' a Thing — Phishing to Propaganda

Russian Hackers Made 'Tainted Leaks' a Thing — Phishing to Propaganda

May 29, 2017
We came across so many revelations of sensitive government and corporate data on the Internet these days, but what's the accuracy of that information leaked by unknown actors? Security researchers have discovered new evidence of one such sophisticated global espionage and disinformation campaign with suspected ties to the Russian government that's been aimed to discredit enemies of the state. Although there is no definitive proof of Russian government's involvement in the campaign, there is "overlap" with previously reported cyber espionage activities tied to a Russia-backed hacking group well known as APT28 . APT28 — also known as Fancy Bear, Sofacy, Sednit, and Pawn Storm — is the same group which was responsible for the Democratic National Committee (DNC) breach. The group has been operating since at least 2007 and has alleged tied to the Russian government. A new report, titled Tainted Leaks , published this week by the Citizen Lab at the Univers
3 Nigerian Scammers Get 235-Years of Total Jail Sentence in U.S.

3 Nigerian Scammers Get 235-Years of Total Jail Sentence in U.S.

May 26, 2017
You may have heard of hilarious Nigerian scams. My all time favourite is this one: A Nigerian astronaut has been trapped in space for the past 25 years and needs $3 million to get back to Earth, Can you help? Moreover, Nigerians are also good at promising true love and happiness. But You know, Love hurts. Those looking for true love and happiness lost tens of millions of dollars over the Nigerian dating and romance scams. These criminals spend their whole day trolling the online dating sites for contact emails and then send off hundreds of thousands of fraudulent emails awaiting the victim's response. A US federal district court in Mississippi has sentenced such three Nigerian scammers to a collective 235 years in prison for their roles in a large-scale international fraud network that duped people out of tens of millions of dollars. The three Nigerian nationals were part of a 21-member gang of cyber criminals, of which six, including Ayelotan, Raheem, and Mewase,
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
All Android Phones Vulnerable to Extremely Dangerous Full Device Takeover Attack

All Android Phones Vulnerable to Extremely Dangerous Full Device Takeover Attack

May 25, 2017
Researchers have discovered a new attack, dubbed 'Cloak and Dagger', that works against all versions of Android, up to version 7.1.2. Cloak and Dagger attack allows hackers to silently take full control of your device and steal private data, including keystrokes, chats, device PIN, online account passwords, OTP passcode, and contacts. What's interesting about Cloak and Dagger attack? The attack doesn't exploit any vulnerability in Android ecosystem; instead, it abuses a pair of legitimate app permissions that is being widely used in popular applications to access certain features on an Android device. Researchers at Georgia Institute of Technology have discovered this attack, who successfully performed it on 20 people and none of them were able to detect any malicious activity. Cloak and Dagger attacks utilise two basic Android permissions: SYSTEM_ALERT_WINDOW ("draw on top") BIND_ACCESSIBILITY_SERVICE ("a11y") The first permissi
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Wanna Cry Again? NSA’s Windows 'EsteemAudit' RDP Exploit Remains Unpatched

Wanna Cry Again? NSA's Windows 'EsteemAudit' RDP Exploit Remains Unpatched

May 25, 2017
Brace yourselves for a possible 'second wave' of massive global cyber attack, as SMB ( Server Message Block) was not the only network protocol whose zero-day exploits created by NSA were exposed in the Shadow Brokers dump last month. Although Microsoft released patches for SMB flaws for supported versions in March and unsupported versions immediately after the outbreak of the WannaCry ransomware, the company ignored to patch other three NSA hacking tools, dubbed " EnglishmanDentist ," " EsteemAudit ," and " ExplodingCan ." It has been almost two weeks since WannaCry ransomware began to spread, which infected nearly 300,000 computers in more than 150 countries within just 72 hours, though now it has been slowed down. For those unaware, WannaCry exploited a Windows zero-day SMB bug that allowed remote hackers to hijack PCs running on unpatched Windows OS and then spread itself to other unpatched systems using its wormable capability.
7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely

7-Year-Old Samba Flaw Lets Hackers Access Thousands of Linux PCs Remotely

May 25, 2017
A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines. Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available today, including Windows, Linux, UNIX, IBM System 390, and OpenVMS. Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to share network shared folders, files, and printers with Windows operating system. The newly discovered remote code execution vulnerability ( CVE-2017-7494 ) affects all versions newer than Samba 3.5.0 that was released on March 1, 2010. "All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it," Samba wrote in an advisory published Wed
Cybersecurity Resources