The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The Russian man who was accused of operating the infamous Kelihos botnet has finally pleaded guilty in a U.S. federal court. Peter Yuryevich Levashov , 38, of St. Petersburg, Russia, pleaded guilty on Wednesday in U.S. federal court in Connecticut to computer crime, wire fraud, conspiracy and identity theft charges. Levashov, also known by many online aliases including Peter Severa, Petr Levashov, Petr Severa and Sergey Astakhov, has admitted of operating several botnets, including the Storm, Waledac and Kelihos botnets, since the late 1990s until he was arrested in April 2017 . Kelihos botnet, dated back to 2010, was a global network of tens of thousands of infected computers that were used to steal login credentials, send bulk spam emails, and infect computers with ransomware and other malware. Russian Hacker Infects 50,000 Computers With Kelihos Botnet Storm and Waledac botnets also shared Kelihos code, but kelihos was the most notorious botnet of all that alone infect

Did you ever wonder if your Twitter account has been hacked and who had managed to gain access and when it happened? Twitter now lets you know this. After Google and Facebook, Twitter now lets you see all the devices—laptop, phone, tablet, and otherwise—logged into your Twitter account. Twitter has recently rolled out a new security feature for its users, dubbed Apps and Sessions, allowing you to know which apps and devices are accessing your Twitter account, along with the location of those devices. In order to find out current and all past logged in devices and locations where your Twitter account was accessed for the last couple months, follow these steps: Check Twitter Login Sessions On Smartphone: Open the Twitter app, and head on to your profile Tap on 'Settings and privacy' section Inside the section, select 'Account' Once inside the option, tap on 'Apps and sessions' Check Twitter Login Sessions On Desktop Or Laptop: The p

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack , which is around since 2008 and lets attackers steal information that briefly remains in the memory (RAM) after the computer is shut down. However, to make the cold boot attacks less effective, most modern computers come bundled with a safeguard, created by the Trusted Computing Group (TCG), that overwrites the contents of the RAM when the power on the device is restored, preventing the data from being read. Now, researchers from Finnish cyber-security firm F-Secure figured out a new way to disable this overwrite security measure by physically manipulating the computer's firmware, potentially allowing attackers to recover sensitive data stored on the computer after a cold reboot in a matter of few minutes. "Cold boot

Despite having proper security measures in place to protect the driving systems of its cars against cyber attacks, a team of security researchers discovered a way to remotely hack a Tesla Model S luxury sedans in less than two seconds. Yes, you heard that right. A team of researchers from the Computer Security and Industrial Cryptography (COSIC) group of the Department of Electrical Engineering at the KU Leuven University in Belgium has demonstrated how it break the encryption used in Tesla's Model S wireless key fob. With $600 in radio and computing equipment that wirelessly read signals from a nearby Tesla owner's fob, the team was able to clone the key fob of Tesla's Model S, open the doors and drive away the electric sports car without a trace, according to Wired . "Today it's very easy for us to clone these key fobs in a matter of seconds," Lennert Wouters, one of the KU Leuven researchers, told Wired. "We can completely impersonate the key fob

A security researcher has discovered a serious vulnerability that could allow attackers to spoof website addresses in the Microsoft Edge web browser for Windows and Apple Safari for iOS. While Microsoft fixed the address bar URL spoofing vulnerability last month as part of its monthly security updates , Safari is still unpatched, potentially leaving Apple users vulnerable to phishing attacks. The phishing attacks today are sophisticated and increasingly more difficult to spot, and this newly discovered vulnerability takes it to another level that can bypass basic indicators like URL and SSL, which are the first things a user checks to determine if a website is fake. Discovered by Pakistan-based security researcher Rafay Baloch, the vulnerability (CVE-2018-8383) is due to a race condition type issue caused by the web browser allowing JavaScript to update the page address in the URL bar while the page is loading. Here's How the URL Spoofing Vulnerability Works Successfu

Times to gear up your systems and software. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, 17 of which are rated as critical, 43 are rated Important, and one Moderate in severity. This month's security updates patch vulnerabilities in Microsoft Windows, Edge, Internet Explorer, MS Office, ChakraCore, .NET Framework, Microsoft.Data.OData, ASP.NET, and more. Four of the security vulnerabilities patched by the tech giant this month have been listed as "publicly known" and more likely exploited in the wild at the time of release. CVE-2018-8475: Windows Critical RCE Vulnerability One of the four publicly disclosed vulnerabilities is a critical remote code execution flaw ( CVE-2018-8475 ) in Microsoft Windows and affects all versions Windows operating system, including Windows 10. The Windows RCE vulnerability resides in the way Windows handles specially cra

Adobe has released September 2018 security patch updates for a total of 10 vulnerabilities in Flash Player and ColdFusion, six of which are rated as critical that affected ColdFusion and could allow attackers to remotely execute arbitrary code on a vulnerable server. What's the good news this month for Adobe users? This month Adobe Acrobat and Reader applications did not receive any patch update, while Adobe Flash Player has received an update for just a single privilege escalation vulnerability (CVE-2018-15967) rated as important. Secondly, Adobe said none of the security vulnerabilities patched this month were either publicly disclosed or found being actively exploited in the wild. Total 9 Security Patches for Adobe ColdFusion Adobe has addressed a total of nine security vulnerabilities in its ColdFusion web application development platform, six of which are critical, two important and one moderate. According to the advisory released by Adobe, ColdFusion contain

Apple has removed almost all popular security apps offered by well-known cyber-security vendor Trend Micro from its official Mac App Store after they were caught stealing users' sensitive data without their consent. The controversial apps in question include Dr Cleaner, Dr Cleaner Pro, Dr Antivirus, Dr Unarchiver, App Uninstall, Dr. Battery, and Duplicate Finder for Mac computers. The apps were removed just two days after Apple kicked out another popular "Adware Doctor" application for collecting and sending browser history data from users' Safari, Chrome, and Firefox to a server in China. "This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product & service)," Trend Micro argued. The suspicious behavior of Trend Micro apps was initially reported by a user on the Malwarebytes forum in December 2017, which was last weekend re-con