Hacking News

Malware hunting biz and nautical jargon Avast has released its machine-code decompiler RetDec as open source, in the hope of arming like-minded haters of bad bytes and other technically inclined sorts with better analytical tools. As discussed as the recent Botconf 2017 in France earlier this month, RetDec provides a way to turn machine code […]

Intelligence agencies are good at finding and keeping secrets, and at working patiently in the shadows. Startups are good at promoting themselves, moving fast, and breaking things–in an effort to build the next big technology. It’s hard to think of two mindsets that are further apart. Read more

Three men have pleaded guilty to federal cyber-crime charges for launching a cyberattack last year that knocked large parts of the internet offline. Paras Jha, Josiah White, and Dalton Norman were indicted by an Alaska court in early December, according to documents unsealed Wednesday. The Justice Dept. released a statement later in the day confirming

The maker of a sneaky adware that hijacks a user’s browser to serve ads is back with a new, more advanced version — one that can gain root privileges and spy on the user’s activities. News of the updated adware dropped Tuesday in a lengthy write-up by Amit Serper, principal security researcher at Cybereason. The

The word ‘hacker’ sets off an alarm for many organizations but not for Singapore’s Mindef (headquarters of Singapore’s Armed forces). The organization has invited over 300 hackers from around the world for a single task. That being, to penetrate into their systems and look for weaknesses. These 300 hackers will be using their hacking skills

Intel’s Coffee Lake and Cannon Lake x86 processors can be fortified by computer manufacturers to prevent in hardware attempts to downgrade, exploit and potentially neuter Chipzilla’s built-in creepy Management Engine. In June, Positive Technologies security researchers Mark Ermolov and Maxim Goryachy privately reported to Intel a brace of exploitable bugs – CVE-2017-5705, 5706, and 5707

Researchers working on a technology to detect unannounced data breaches have found, to their dismay, that one per cent of the sites they monitored were hacked over the previous 18 months. University of California San Diego researcher Joe DeBlasio, who conducted the study under professor Alex Snoeren said the number was shocking, because while one

A 19-year-old vulnerability in the TLS network security protocol has been found in the software of at least eight IT vendors and open-source projects – and the bug could allow an attacker to decrypt encrypted communications. Identified by security researchers Hanno Böck, Juraj Somorovsky of Ruhr-Universität Bochum/Hackmanit, and Craig Young of Tripwire VERT, the flaw

Microsoft has kicked out its December batch of software security fixes, the final Patch Tuesday of 2017. Redmond has addressed 32 CVE-listed vulnerabilities in Edge, Windows, and Office, as well as a hole in Internet Explorer last seen in the early-oughts. Get patching as soon as possible. Leading this month’s Patch Tuesday charge is CVE-2017-11927,

Bitfinex (the world’s biggest cryptocurrency exchange by volume) was forced to shut down its continuous operations after experiencing a distributed denial of service (DDoS) attacks on Tuesday, December 12th. DDoS attack is an attempt to make an online service unavailable by flooding it with traffic from various origins. Read more