The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Ukrainian authorities have arrested a 51-year-old man accused of distributing the infamous Petya ransomware (Petya.A, also known as NotPetya) — the same computer virus that massively hit numerous businesses, organisations and banks in Ukraine as well as different parts of Europe around 45 days ago. However, the story is not as simple as it seems, which portrayed this man as a criminal. I recommend you to read complete article to understand the case better and then have an opinion accordingly. Sergey Neverov (Сергей Неверов), father of two sons and the resident of the southern city of Nikopol, is a video blogger and computer enthusiast who was arrested by the Ukrainian police on Monday, August 7 from his home. What Neverov Did? According to a press release published on Thursday by the Ukrainian cyber police department, Neverov uploaded a video, showing how to infect a computer with Petya.A ransomware—and also shared a download link for NotPetya malware to his social media

After disclosing CIA's strategies to hijack and manipulate webcams and microphones to corrupt or delete recordings, WikiLeaks has now published another Vault 7 leak , revealing CIA's ability to spy on video streams remotely in real-time. Dubbed ' CouchPotato ,' document leaked from the CIA details how the CIA agents use a remote tool to stealthy collect RTSP/H.264 video streams. Real Time Streaming Protocol, or RTSP, is a network control protocol designed for use in entertainment and communication systems for controlling streaming media servers. CouchPotato gives CIA hackers ability to "collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that are of significant change from a previously captured frame," a leaked CIA manual reads. The tool utilises FFmpeg for video and image encoding and decoding and Real Time Streaming Protocol connectivity. The CouchPotato tool works stealthily without leaving

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

In what appears to be the world's first quantum satellite transmission, China has successfully sent an "unbreakable" code over a long distance from an orbiting satellite to the Earth, achieving a milestone in the next generation encryption based on "quantum cryptography." In August last year, China launched the world's first quantum communication satellite into the Earth's orbit aboard a Long March-2D rocket to test the fundamental laws of quantum mechanics at space. Dubbed Quantum Science Satellite , nicknamed Micius or Mozi (Chinese: 墨子), the satellite was designed to establish a 'Hack-Proof' communications system in this age of global surveillance by transmitting unbreakable encryption keys from space to the ground. Now, it has been reported that using this satellite, the Chinese scientists at the Quantum Experiments at Space Scale (QUESS) project were able to send secret "quantum key distribution" (QKD) data by beaming photons

Do you know — 1 Gram of DNA Can Store 1,000,000,000 Terabyte of Data for 1000+ Years? Even in March this year, a team of researchers successfully stored digital data — an entire operating system, a movie, an Amazon gift card, a study and a computer virus — in the strands of DNA. But what if someone stores a malicious program into the DNA, just like an infected USB storage, to hijack the computer that reads it. A team of researchers from the University of Washington in Seattle have demonstrated the first successful DNA-based exploit of a computer system that executes the malicious code written into the synthesised DNA strands while reading it. To carry out the hack, the researchers created biological malware and encoded it in a short stretch of DNA, which allowed them to gain "full control" of a computer that tried to process the genetic data when read by a DNA sequencing machine. The DNA-based hack becomes possible due to lack of security in multiple DNA proces

An anti-malware detection service provider and premium security firm has been accused of leaking terabytes of confidential data from several Fortune 1000 companies, including customer credentials, financial records, network intelligence and other sensitive data. However, in response to the accusations, the security firm confirmed that they are not pulling sensitive files from its customers; instead, it's up to companies—who are accidentally (but explicitly) sharing their sensitive data to leverage an optional cloud-based anti-malware service. On Wednesday, Information security firm DirectDefense published a blog post, claiming that they found a major issue with endpoint detection and response (EDR) solution offered by US-based company Carbon Black, alleging that the company is leaking hundreds of thousands of sensitive files from its customers. Carbon Black is a leading incident response and threat hunting company that offers security products to nearly thirty of the larg