Hacking World Emo

Kaspersky Lab — We have nothing to hide! Russia-based Antivirus firm hits back with what it calls a " comprehensive transparency initiative ," to allow independent  third-party review  of its source code and internal processes to win back the trust of customers and infosec community. Kaspersky launches this initiative days after it was accused of helping, knowingly or unknowingly, Russian government hackers to steal classified material from a computer belonging to an NSA contractor. Earlier this month another story published by the New York Times claimed that  Israeli government hackers hacked into Kaspersky ’s network in 2015 and caught Russian hackers red-handed hacking US government with the help of Kaspersky.

Get Latest Articles to Your Inbox  Subscribe Now! Hacking Tech Deals (New) Become A Professional Hacker — 9 Online Training Courses   Monday, July 17, 2017     Exclusive Deals Tweet Share 19 Share Share How to become a Professional Hacker? This is one of the most frequently asked queries we came across on a daily basis. Do you also want to learn real-world hacking techniques but don’t know where to start? This week's THN deal is for you. Today THN Deal Store has announced a new  Super-Sized Ethical Hacking Bundle  that let you get started your career in hacking and penetration testing regardless of your experience level. The goal of this online training course is to help you master an ethical hacking and penetration testing methodology. This 76 hours of the  Super-Sized Ethical Hacking Bundle  usually cost $1,080, but you can exclusively get this 9-in-1 onlin...

A new widespread ransomware attack is spreading like wildfire around Europe and has already affected over 200 major organisations, primarily in Russia, Ukraine, Turkey and Germany, in the past few hours. Dubbed " Bad Rabbit ," is reportedly a new Petya-like targeted ransomware attack against corporate networks, demanding 0.05 bitcoin (~ $285) as ransom from victims to unlock their systems. According to an initial analysis provided by the Kaspersky, the ransomware was distributed via drive-by download attacks, using fake Adobe Flash players installer to lure victims' in to install malware unwittingly.

DUHK — Don't Use Hard-coded Keys — is a new 'non-trivial' cryptographic implementation vulnerability that could allow attackers to recover encryption keys that secure VPN connections and web browsing sessions. DUHK is the third crypto-related vulnerability reported this month after  KRACK Wi-Fi attack  and  ROCA factorization attack . The vulnerability affects products from dozens of vendors, including  Fortinet , Cisco, TechGuard, whose devices rely on ANSI X9.31 RNG — an outdated pseudorandom number generation algorithm — 'in conjunction with a hard-coded seed key.'

When yesterday I was reporting about the sudden outbreak of another global ransomware attack ' Bad Rabbit ,' I thought what could be worse than this? Then late last night I got my answer with a notification that Coinhive has been hacked — a popular browser-based service that offers website owners to embed a JavaScript to utilise their site visitors' CPUs power to mine the Monero cryptocurrency for monetisation. Reportedly an unknown hacker managed to hijack Coinhive's CloudFlare account that allowed him/her to modify its DNS servers and replace Coinhive's official JavaScript code embedded into thousands of websites with a malicious version. https://coin-hive[.]com/lib/coinhive.min.js

The official blog of jQuery—most popular JavaScript library used by millions of websites—has been hacked by some unknown hackers, using the pseudonym "str0ng" and "n3tr1x." jQuery's blog website ( blog.jquery.com ) runs on WordPress—the world's most popular content management system (CMS) used by millions of websites.

If your smart devices are smart enough to make your life easier, then their smart behaviour could also be exploited by hackers to invade your privacy or spy on you, if not secured properly. Recent research conducted by security researchers at threat prevention firm Check Point highlights privacy concern surrounding smart home devices manufactured by LG. Check Point researchers  discovered  a security vulnerability in LG SmartThinQ smart home devices that allowed them to hijack internet-connected devices like refrigerators, ovens, dishwashers, air conditioners, dryers, and washing machines manufactured by LG. ...and what's worse? Hackers could even remotely take control of LG's Hom-Bot, a camera-equipped robotic vacuum cleaner, and access the live video feed to spy on anything in the device's vicinity. This hack doesn't even require hacker and targeted device to be on the same network.

Imagine a pocket-sized hard drive capable of storing the entire list of 35 Million Songs? This isn't yet practical, but IBM has just taken a big step towards improving computing technology: IBM researchers [...]

Google has just lost its biggest regulatory battle! Google has been hit with a record-breaking $2.7 billion (€2.42 billion) fine by the European antitrust officials for unfairly manipulating search [...]

Gd mrng frnd Watz up???? A new widespread ransomware worm, known as " Bad Rabbit ," that hit over 200 major organisations, primarily in Russia and Ukraine this week leverages a stolen NSA exploit released by the Shadow Brokers this April to spread across victims' networks. Earlier it was reported that this week's crypto-ransomware outbreak did not use any National Security Agency-developed exploits, neither EternalRomance   nor   EternalBlue , but a recent report from Cisco's Talos Security Intelligence revealed that the Bad Rabbit ransomware did use EternalRomance exploit. NotPetya ransomware   (also known as ExPetr and Nyetya) that infected tens of thousands of systems back in June also leveraged the   EternalRomance exploit , along with another NSA's leaked Windows hacking exploit EternalBlue, which was used in the WannaCry ransomware   outbreak.

South Korean web hosting provider has agreed to pay $1 million in bitcoins to hackers after a Linux ransomware infected its 153 servers, encrypting 3,400 business websites and their data, hosted on them. According to a blog post published by NAYANA, the web hosting company, this unfortunate event happened on 10th June when ransomware malware hit its hosting servers and attacker demanded 550 bitcoins (over $1.6 million) to unlock the encrypted files. However, the company later negotiated with the cyber criminals and agreed to pay 397.6 bitcoins (around $1.01 million) in three installments to get their files decrypted. The hosting company has already paid two installments at the time of writing and would pay the last installment of ransom after recovering data from two-third of its infected servers. According to the security firm  Trend Micro , the ransomware used in the attack was  Erebus  that was first spotted in September last year and was seen in February this year...