cyber attacks | Breaking Cybersecurity News | The Hacker News

U.S. cybersecurity and intelligence agencies have published a joint advisory warning of attacks perpetrated by a cybercrime gang known as the  Daixin Team  primarily targeting the healthcare sector in the country. "The Daixin Team is a ransomware and data extortion group that has targeted the HPH Sector with ransomware and data extortion operations since at least June 2022," the agencies  said . The alert was published Friday by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS). Over the past four months, the group has been linked to multiple ransomware incidents in the Healthcare and Public Health (HPH) sector, encrypting servers related to electronic health records, diagnostics, imaging, and intranet services. It's also said to have exfiltrated personal identifiable information (PII) and patient health information (PHI) as part of a double extortion scheme to se

Three young hackers who were sentenced late last year for creating and spreading the notorious Mirai botnet are now helping the FBI to investigate other "complex" cybercrime cases in return to avoid their lengthy prison terms. Paras Jha, 21 from New Jersey, Josiah White, 20 from Washington, and Dalton Norman, 21 from Louisiana, plead guilty in December 2017 to multiple charges for their role in creating and hijacking hundreds of thousands IoT devices to make them part of a notorious botnet network dubbed Mirai . Mirai malware scanned for insecure routers, cameras, DVRs, and other Internet of Things (IoT) devices which were using their default passwords and then made them part of a botnet network . The trio developed the Mirai botnet to attack rival Minecraft video gaming hosts, but after realizing that their invention was powerful enough to launch record-breaking DDoS attacks against targets like OVH hosting website, they released the source code of Mirai . The

For years, securing a company's systems was synonymous with securing its "perimeter." There was what was safe "inside" and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem installations and controlled networks. Data and applications now reside in distributed cloud environments and data centers, accessed by users and devices connecting from anywhere on the planet. The walls have crumbled, and the perimeter has dissolved, opening the door to a new battlefield: identity . Identity is at the center of what the industry has praised as the new gold standard of enterprise security: "zero trust." In this paradigm, explicit trust becomes mandatory for any interactions between systems, and no implicit trust shall subsist. Every access request, regardless of its origin,

British citizen and hacker Lauri Love, who was accused of hacking into United States government websites, will not be extradited to stand trial in the U.S., the High Court of England and Wales ruled today. Love, 33, is facing a 99-year prison sentence in the United States for allegedly carrying out series of cyber attacks against the FBI, US Army, US Missile Defence Agency, National Aeronautics and Space Administration (NASA), and New York's Federal Reserve Bank between 2012 and 2013. The High Court ruled Monday that Love should be tried in U.K. after Lord Chief Justice Lord Burnett of Maldon and Justice Ouseley heard he suffered severe mental illness like Asperger syndrome, eczema, asthma, and depression, and may kill himself if extradited. At Westminster Magistrates' Court in London in late 2016, District Judge Nina Tempia ordered Love to be extradited to the U.S. to stand trial, although his lawyers appealed the decision, arguing that he should be tried for his al

Rapidly growing, insecure internet-connected devices are becoming albatross around the necks of individuals and organizations with malware authors routinely hacking them to form botnets that can be further used as weapons in DDoS and other cyber attacks. But now finding malicious servers, hosted by attackers, that control botnet of infected machines gets a bit easier. Thanks to Shodan and Recorded Future. Shodan and Recorded Future have teamed up and launched Malware Hunter – a crawler that scans the Internet regularly to identify botnet command and control (C&C) servers for various malware and botnets. Command-and-control servers ( C&C servers ) are centralized machines that control the bots ( computers, smart appliances or smartphones ), typically infected with Remote Access Trojans or data-stealing malware, by sending commands and receiving data. Malware Hunter results have been integrated into Shodan – a search engine designed to gather and list information abo

In Brief What if we could Predict when a cyber attack is going to occur before it actually happens and prevent it? Isn't it revolutionary idea for Internet Security? Security researchers at MIT have developed a new Artificial Intelligence-based cyber security platform, called ' AI2 ,' which has the ability to predict, detect, and stop 85% of Cyber Attacks with high accuracy. Cyber security is a major challenge in today's world, as government agencies, corporations and individuals have increasingly become victims of cyber attacks that are so rapidly finding new ways to threaten the Internet that it's hard for good guys to keep up with them. A group of researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) are working with machine-learning startup PatternEx to develop a line of defense against such cyber threats. The team has already  developed an Artificial Intelligence system that can detect 85 percent of attacks by

The Syrian Electronic Army (SEA) , a pro-regime hacker group that emerged during Syrian anti-government protests in 2011, and involved in cyber attacks against western media organizations are now in the FBI's wanted list. The Federal Bureau of Investigation has issued an alert warning of cyber attacks by the Syrian Electronic Army and finally put them on its radar. " The SEA'S primary capabilities include spear-phishing, web defacements, and hijacking social media accounts to spread propaganda. " they said. The FBI also has increased its surveillance of Syrians living in the US. According to some anti-Assad activists, the group was founded by former intelligence agents and hardcore Assad supporters. SEA had compromised social media profiles for Western news organizations by sending fake email messages to news staff in an attempt to gain access to login credentials. Most recently, the group grabbed international attention after commandeering the webs

Security Information & Event Management (SIEM) has evolved over the years to become one of the most trusted and reliable solutions for log management, security, and compliance. The demand for SIEM tools is constantly increasing within network and IT security teams. This is due particularly to the colossal surge of security breaches and cyber-attacks that impact corporations and cause financial loss and damaged reputations. When conducting research for an SIEM solution, it's important to be able to identify features that will enable effective detection, prevention, and response to security threats. Below, we'll discuss a number of critical topics to consider when selecting an SIEM solution. Log Correlation – The Heart of SIEM SIEM software works with the principle of log collection and correlation, therefore, it's important to ensure that log correlation happens effectively, in real time, and provides centralized visibility into potentially insecure and non-co

The New York Times says Chinese hackers probably working for the military or Chinese government have carried out sustained attacks on its computer systems, breaking in and stealing the passwords of high-profile reporters and other staff members. For the last four months, Chinese hackers have persistently attacked The New York Times . On Thursday, The Wall Street Journal announced that it too had been hacked by Chinese hackers who were trying to monitor the company's coverage of China. It said hackers had broken into its network through computers in its Beijing bureau. " The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them " " Evidence shows that infiltration efforts target the monitoring of the Journal's coverage of China, and are not an attempt to gain commercial advantage or to misappropriate customer information, " the statement rea

Japan ministry become the recent victim of a cyber attack through a malware that suspected to have compromised and sent overseas more than 3,000 confidential documents from the ministry, including many on global trade negotiations. After investigation, experts found that Hackers use "HTran" the Advanced Persistant Threat (APT) exploit kit for attack. Computers at country's Ministry of Agriculture, Forestry and Fishery suspected to be infected from this. HTran is a rudimentary connection bouncer, designed to redirect TCP traffic destined for one host to an alternate host. The source code copyright notice indicates that HTran was authored by "lion", a well-known Chinese hacker and member of "HUC", the Honker Union of China. A lot of the documents were about the negotiations over the US-led Trans-Pacific Partnership multilateral trade pact. According to a report from SecureWorks, Dell's security division, in 2011 that the malware is believed to have b

The Israeli military has set plans to boost its cyber warfare capabilities with a better Cyber Army by expand its Unit 8200. " It has become clear that the demand for soldiers in this field is growing, which is why we're searching for solutions not only in Israel but abroad as well ," a top officer in the Manpower Directorate. Unit 8200, Israel's equivalent to the NSA, is undergoing a massive expansion. The U.S. Army ad slogan may be: " The Army needs a few good men ." But IDF Unit 8200′s slogan is: " The IDF needs a few good hackers ." Actually not a few, more like hundreds if not thousands. The disclosure comes amid recent reports that the Israeli army is working to enhance its cyber-warfare abilities. Military intelligence chief Maj.-Gen. Aviv Kochavi is slated to invest 2 billion shekels (525 million U.S. dollars) to that end in the coming years. " The military officials are tasked to track "young computer geniuses" and persuade them to immigrate to Israel for

An obscure group identifying itself as the Izz ad-din al-Qassam Cyber Fighters claimed responsibility for the first wave of attacks as retaliation for the amateurish Innocence of Muslims film that mocked the Islamic prophet Mohammed and sparked protests throughout the Middle East.  Who's really responsible for a recent series of cyberattacks on American banks? A few days back US Defense Secretary Leon Panetta said Iran is responsible for cyberattacks launched against Saudi Aramco and RasGas and US banks. While Panetta did not directly link Iran to the Persian Gulf attacks, he later noted that Iran has " undertaken a concerted effort to use cyberspace to its advantage. " Today, Iran's defense minister said, The United States is the source of cyber terrorism. " and intends to pave the way for increasing its activities in relation to cyber terrorism through diverting attention and leveling accusation, " Defense Minister Ahmad Vahidi. The Iranian defense minister also sai

One of Anonymous hacker groups " FawkesSecurity " who claim responsibility for a DDOS cyber attack on HSBC Bank says that they also manage to get 20,000 debit card details. When HSBC said , " This denial-of-service attack did not affect any customer data , but did prevent customers using HSBC online services, including Internet banking.", Anonymous tweeted on Friday. " We also managed to log 20,000 debit card details ." On asking, is there any proof of this claim , they replied ,"  We're debating whether to release them or not, HSBC knows debit details were intercepted, They probz won't admit it tho, ". On the other hand, A group that calls itself Izz ad-Din Al Qassam  , which has claimed responsibility for recent cyberattacks on at least nine other banks, also took responsibility for the assault on HSBC. Who ever the real hitman behind this, but according to hacker's warnings - RBS, Lloyds TSB and Barclays Banks are next targets.

The U.S. have admitted they believe a series of cyber attacks on domestic banks and some foreign oil companies carried out over the last year are the handy work of a group of hackers linked to the Iranian government. Defence Secretary Leon Panetta said the cyberthreat from Iran has grown, and declared that the Pentagon is prepared to take action if America is threatened by a computer-based assault. The hackers are apparently part of a group of less than 100 computer security specialists from Iranian universities and network security firms, according to an unnamed US government official. American officials have said they are able to discover the source of the recent cyberattacks. We do welcome this and announce our readiness for any international cooperation to find the source of the attacks. The Iranian official said Tehran has already offered help to boost the companies cybersecurity, as Iran has itself recently been the victim of cyberattacks on its offshore oil platforms. The c

India has mandated that all government ministries and departments secure their websites with proper certification. This directive follows the hacking of the Central Bureau of Investigation (CBI) website by a group calling themselves the "Pakistani Cyber Army." The National Informatics Centre has been instructed to host websites only after these ministries and departments provide security certification and comply with government guidelines, according to India's Press Information Bureau (PIB). The CBI website was defaced by hackers over a week ago. The attackers claimed their actions were in retaliation for similar hacks on Pakistani websites. A CBI spokeswoman stated that the site would undergo a thorough security audit and fix all vulnerabilities before being restored. Importantly, the agency's internal IT systems remained uncompromised. As of Wednesday morning, the CBI site had not yet been restored. India's Minister of State for Communications and IT, Sachin

"Operation Payback" is evolving, as attackers have initiated a fax-based campaign against companies that severed ties with WikiLeaks. Hacktivists from the group "Anonymous" are urging members to send faxes to Amazon, MasterCard, PayPal, Visa, Tableau Software, and Moneybookers. This action aims to create a fax-based version of denial-of-service attacks, according to Netcraft. Over the past few days, the group has launched distributed-denial-of-service (DDoS) attacks against websites of several companies and organizations, including MasterCard and Visa. Paul Mutton from Netcraft blogged, "This latest campaign by the Anonymous group is analogous to the distributed denial of service attacks it has been carrying out against websites over the past week. In essence, this has turned into a DDoS attack against fax machines. The group started the fax-attacks on Dec. 13 at 13:00 GMT and published a list of target fax numbers in their call to arms." "The Anon

Over the past three days, the European Union, the U.S., and NATO have approved new plans to combat cybercrime. On Monday, the European Commission announced its proposals to develop three systems aimed at enhancing cybersecurity for citizens and businesses. First, the E.U. plans to establish a cybercrime center by 2013 to coordinate cooperation between member states, E.U. institutions, and international partners. Second, a European information sharing and alert system, also set for 2013, will facilitate communication between rapid-response teams and law enforcement authorities. Third, the Commission aims to create a network of Computer Emergency Response Teams (CERTs) by 2012, with a CERT in every E.U. country. Home Affairs Commissioner Cecilia Malmström assured that these systems would not lead to the creation of another citizens' information database. She emphasized that the goal is to manage the flow of information to prevent cyber-attacks, not to store data. Meanwhile, follo

Hacktivists are militant hackers attacking sites in Egypt, Morocco, Spain, and Israel. Their screen messages resemble banners used in protests, supporting various political, social, or religious ideologies. Active in Morocco, they often hack sensitive security systems. Behind their computer screens, these hackers meticulously encode and decode IT security systems, seeking the slightest vulnerability to launch attacks. Known as hackers in Morocco, they relentlessly penetrate local and foreign sites. Egypt, Kuwait, and Israel have all fallen victim to their actions. Rise of Hacktivism These hackers are not casual credit card thieves but belong to a new category of activists known as "hacktivists." The Internet fuels this underground movement, but their ideological beliefs keep it alive. "It is the oldest form of hacking. Many developing countries resort to this mode of protest," says Ali El Azzouzi, a Moroccan IT security expert. Recently, Morocco, like many other