Hacking News

A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn. UK-based security consultancy Pen Test Partners said that the issue stems from a zero-day (unpatched) flaw in networking software from Chinese manufacturer XiongMai. Pen Test Partners has been researching DVR security since […]

Today, June 15th 2017, WikiLeaks publishes documents from the CherryBlossom project of the CIA that was developed and implemented with the help of the US nonprofit Stanford Research Institute (SRI International). CherryBlossom provides a means of monitoring the Internet activity of and performing software exploits on Targets of interest. In particular, CherryBlossom is focused on

White knights exist on the internet in every form. This includes white knight hackers (for lack of a better term). In particular: a group known as White-Hat Ltd.  The group’s objective is infiltrating the dark web for leaked information on upcoming cyber-attacks. Due to this, White-Hat Ltd is extremely secretive. The only members even photographed

Nigerian cybercriminals targeting industrial firms have stolen a slew of sensitive technical drawings, network diagrams, cost estimates, and project plans already this year. The data, exfiltrated by a cocktail of different spyware programs, wasn’t stolen from just executives, but also operators, engineers, designers and architects. The thefts stem from a series of Business Email Compromise

A US company refused to comply with a top-secret order that compelled it to facilitate government surveillance, according to newly declassified documents. It’s thought to be only the second instance of an American company refusing to comply with a government surveillance order. The first was Yahoo in 2008. It was threatened with hefty daily fines

The most intriguing mystery that remains about WannaCry is the identity of the attacker. The theory with the best legs is that North Korea’s Lazarus APT is the entity behind the worldwide ransomware outbreak given the discovery of shared code samples in the malware with older Lazarus attacks. That, however, doesn’t definitively dispel other contentions

The UK government has once again raised the issue of online surveillance and internet regulation. But it’s unclear exactly what the Conservatives want to do, while cybersecurity experts accuse the government of naivety in its current approach. “We cannot allow this ideology the safe space it needs to breed — yet that is precisely what

Forrester estimates that  global cloud services revenues totaled $114 billion in 2016, up from $68 billion just two years ago  — or annual growth of 30 percent. With the public cloud services market expected to reach $236 billion by 2020, what does this mean for cloud security? This rapid shift to the cloud raises new

One of the most prestigious universities in the UK has been struck by a ‘major ransomware attack’, which bypassed antivirus software, leaving staff without access to files. University College London (UCL) was attacked yesterday, with IT security staff stating it’s possible malware entered the network via a phishing email, which was opened by several users

The Washington Post said there was “moderate confidence” in the report’s findings, while the spy agency said the worm was meant to boost regime coffers. Security company Symantec also believes a hacking group linked to North Korea was behind the attack. But North Korea’s involvement has been disputed by other security firms. Cashing out Wannacry