You are here

THN

Subscribe to THN feed THN
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Updated: 1 hour 50 min ago

Ex-NSA Developer Gets 5.5 Years in Prison for Taking Top Secret Documents Home

Wed, 26/09/2018 - 05:47
A former NSA employee has been sentenced to five and a half years in prison for illegally taking a copy of highly classified documents and hacking tools to his home computer between 2010 and 2015, which were later stolen by Russian hackers. Nghia Hoang Pho, 68, of Ellicott City, Maryland—who worked as a developer with Tailored Access Operations (TAO) hacking group at the NSA since April 2006—

SHEIN-Fashion Shopping Site Suffers Data Breach Affecting 6.5 Million Users

Tue, 25/09/2018 - 12:09
U.S. online fashion retailer SHEIN has admitted that the company has suffered a significant data breach after unknown hackers stole personally identifiable information (PII) of almost 6.5 million customers. Based in North Brunswick and founded in 2008, SHEIN has become one of the largest online fashion retailers that ships to more than 80 countries worldwide. The site has been initially

ZDResearch Advanced Web Hacking Training 2018 – Learn Online

Tue, 25/09/2018 - 10:16
Are you looking to master web hacking? Interested in a bug-hunting career? Do you want to land a job in cybersecurity? Are you already working as a security engineer, but want to further advance or refine your skills? If yes, read on. ZDResearch Advanced Web Hacking (AWH) course, including optional certification upon completion—is the answer. Last week, we sat with the ZDResearch training

Bitcoin Core Software Patches a Critical DDoS Attack Vulnerability

Tue, 25/09/2018 - 08:32
The Bitcoin Core development team has released an important update to patch a major DDoS vulnerability in its underlying software that could have been fatal to the Bitcoin Network, which is usually known as the most hack-proof and secure blockchain. The DDoS vulnerability, identified as CVE-2018-17144, has been found in the Bitcoin Core wallet software, which could potentially be exploited by

Operator of VirusTotal Like Malware-Scanning Service Jailed for 14 Years

Sat, 22/09/2018 - 09:05
A Latvian hacker behind the development and operation of counter antivirus service "Scan4You" has finally been sentenced to 14 years in prison. 37-year-old Ruslans Bondars, described as a Latvian "non-citizen" or "citizen of the former USSR who had been residing in Riga, Latvia," was found guilty on May 16 in federal court in Alexandria, during which a co-conspirator revealed he had worked

Twitter API Flaw Exposed Users Messages to Wrong Developers For Over a Year

Sat, 22/09/2018 - 07:46
The security and privacy issues with APIs and third-party app developers are something that's not just Facebook is dealing with. A bug in Twitter's API inadvertently exposed some users' direct messages (DMs) and protected tweets to unauthorized third-party app developers who weren't supposed to get them, Twitter disclosed in its Developer Blog on Friday. What Happened? Twitter found a bug

Researcher Discloses New Zero-Day Affecting All Versions of Windows

Fri, 21/09/2018 - 14:36
A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline. Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database

Flaw in 4GEE WiFi Modem Could Leave Your Computer Vulnerable

Fri, 21/09/2018 - 05:45
A high-severity vulnerability has been discovered in 4G-based wireless 4GEE Mini modem sold by mobile operator EE that could allow an attacker to run a malicious program on a targeted computer with the highest level of privileges in the system. The vulnerability—discovered by 20-year-old Osanda Malith, a Sri Lankan security researcher at ZeroDayLab—can be exploited by a low privileged user

UK Regulator Fines Equifax £500,000 Over 2017 Data Breach

Thu, 20/09/2018 - 10:54
Atlanta-based consumer credit reporting agency Equifax has been issued a £500,000 fine by the UK's privacy watchdog for its last year's massive data breach that exposed personal and financial data of hundreds of millions of its customers. Yes, £500,000—that's the maximum fine allowed by the UK's Data Protection Act 1998, though the penalty is apparently a small figure for a $16 billion

Hackers Steal Customers' Credit Cards From Newegg Electronics Retailer

Wed, 19/09/2018 - 16:45
The notorious hacking group behind the Ticketmaster and British Airways data breaches has now victimized popular computer hardware and consumer electronics retailer Newegg. Magecart hacking group managed to infiltrate the Newegg website and steal the credit card details of all customers who entered their payment card information between August 14 and September 18, 2018, according to a joint

New Malware Combines Ransomware, Coin Mining and Botnet Features in One

Wed, 19/09/2018 - 12:32
Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. Dubbed XBash, the new malware, believed to be tied to the Iron Group, a.k.a. Rocke—the Chinese speaking APT threat

Mirai Botnet Creators Helping FBI Fight Cybercrime to Stay Out of Jail

Wed, 19/09/2018 - 11:07
Three young hackers who were sentenced late last year for creating and spreading the notorious Mirai botnet are now helping the FBI to investigate other "complex" cybercrime cases in return to avoid their lengthy prison terms. Paras Jha, 21 from New Jersey, Josiah White, 20 from Washington, and Dalton Norman, 21 from Louisiana, plead guilty in December 2017 to multiple charges for their role

Western Digital's My Cloud NAS Devices Turn Out to Be Easily Hacked

Wed, 19/09/2018 - 06:23
Security researchers have discovered an authentication bypass vulnerability in Western Digital's My Cloud NAS devices that potentially allows an unauthenticated attacker to gain admin-level control to the affected devices. Western Digital's My Cloud (WD My Cloud) is one of the most popular network-attached storage (NAS) devices which is being used by businesses and individuals to host their

Powerful Android and iOS Spyware Found Deployed in 45 Countries

Tue, 18/09/2018 - 12:05
One of the world's most dangerous Android and iPhone spyware program has been found deployed against targets across 45 countries around the world over the last two years, a new report from Citizen Lab revealed. The infamous spyware, dubbed Pegasus, is developed by NSO Group—an Israeli company which is mostly known for selling high-tech surveillance tools capable of remotely cracking into

Linus Torvalds Apologizes For His Rude Behavior—Takes Time Off

Tue, 18/09/2018 - 06:39
What just happened would definitely gonna surprise you. Linus Torvalds—father of the Linux open-source operating system—finally admitted his behavior towards other developers in the Linux community was hurting people and Linux. In a surprising move this weekend, Torvalds apologized for insulting and abusing other developers for almost three decades and took a break from the open-source

Learn Ethical Hacking Online – A to Z Online Training Pack

Mon, 17/09/2018 - 10:01
Good news for you is that this week's THN Deals brings Ethical Hacking A to Z Bundle that let you get started regardless of your experience level. The Ethical Hacking A to Z Bundle will walk you through the very basic skills you need to start your journey towards becoming a professional ethical hacker. The 45 hours of course that includes total 384 in-depth lectures, usually cost $1,273, but

Ransomware Attack Takes Down Bristol Airport's Flight Display Screens

Mon, 17/09/2018 - 10:01
Bristol Airport has blamed a ransomware attack for causing a blackout of flight information screens for two days over the weekend. The airport said that the attack started Friday morning, taking out several computers over the airport network, including its in-house display screens which provide details about the arrival and departure information of flights. <!-- adsense --> The attack forced

Greece U-Turns — Now Approves Mr. Bitcoin's Extradition To Russia

Mon, 17/09/2018 - 07:38
Greece just took another U-turn. Mr. Bitcoin a.k.a. Alexander Vinnik is not going to France nor to the United States; instead, he is now possibly going to his homeland Russia. The Supreme Civil and Criminal Court of Greece on Friday has overruled previous decisions and approved to extradite the alleged owner of the now-defunct Bitcoin cryptocurrency exchange BTC-e Vinnik to Russia. Several

Watch Out! This New Web Exploit Can Crash and Restart Your iPhone

Mon, 17/09/2018 - 06:36
It's 2018, and just a few lines of code can crash and restart any iPhone or iPad and can cause a Mac computer to freeze. Sabri Haddouche, a security researcher at encrypted instant messaging app Wire, revealed a proof-of-concept (PoC) web page containing an exploit that uses only a few lines of specially crafted CSS & HTML code. Beyond just a simple crash, the web page, if visited, causes a

Russian Hacker Pleads Guilty to Operating Kelihos Botnet

Thu, 13/09/2018 - 10:47
The Russian man who was accused of operating the infamous Kelihos botnet has finally pleaded guilty in a U.S. federal court. Peter Yuryevich Levashov, 38, of St. Petersburg, Russia, pleaded guilty on Wednesday in U.S. federal court in Connecticut to computer crime, wire fraud, conspiracy and identity theft charges. Levashov, also known by many online aliases including Peter Severa, Petr

Pages