#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Entangled Photons on Silicon Chip: Secure Communications & Ultrafast Computers

Entangled Photons on Silicon Chip: Secure Communications & Ultrafast Computers
Jan 27, 2015
With the rise in technology, the need of ultrafast quantum computer has also increased that can work on huge numbers and calculations at the same time. Quantum technology has long been a scientific dream, but now it is a step closer to becoming a reality after a team of scientists has figured out a way for a standard silicon chip to tackle quantum entanglement. Entanglement — a phenomenon in which multiple particles are connected to each other and act in uniform no matter their distance apart — is the key ingredient that promises to make ultrafast quantum computers and secure communications ( encryption ) far more powerful than conventional computing devices. The new research, detailed in The Optical Society's (OSA's) new high-impact journal Optica, describes how a multinational collaboration of boffins, for the first time, have created a new Micro-Ring Resonator that can generate a continuous supply of entangled photons; photons are essentially the particles that mak

Android Wi-Fi Direct Vulnerability Lets Hackers to Kick your Devices OFF

Android Wi-Fi Direct Vulnerability Lets Hackers to Kick your Devices OFF
Jan 27, 2015
Security researchers from Core Security has reportedly found a Denial of Service ( DoS ) attack vulnerability in Android WiFi-Direct. Android's WiFi-Direct is a wireless technology that allows two devices to establish a direct, peer-to-peer Wi-Fi connection without requiring a wireless router. Smartphones have been able to support Wi-Fi Direct for a while now. According to the advisory , the remotely exploitable denial-of-service vulnerability is affecting a wide number of Android mobile devices when it scans for WiFi Direct devices. If exploited, the vulnerability would let an attacker force a reboot of a device. " An attacker could send a specially crafted 802.11 Probe Response frame causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class ," advisory states. The Android WiFi-Direct vulnerability (CVE-2014-0997) affects: Nexus 5 - Android 4.4.4 Nexus 4 - Android 4.4.4 LG D806 - Android 4.2.2 Samsung SM-T310 - Android

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

MalDrone — First Ever Backdoor Malware for Drones

MalDrone — First Ever Backdoor Malware for Drones
Jan 27, 2015
The use of small Unmanned Aerial Vehicles (UAVs) called Drones is rapidly transforming the way we go to war. Drones were once used for land surveillance, Delivering Pizza's, then equipped with bombs that changed the way nations conduct war and last year, these hovering drones were also used to hack Smartphones. Recently, a security researcher has found a backdoor in the Parrot AR Drones manufactured by a French-based company, that could allow a malicious hacker to remotely hijacked the radio controlled flying quadcopter helicopter. The Parrot AR Drone, revealed at the International CES 2010 in Las Vegas, is a quadricopter helicopter which you can control with your smartphone or tablet. It features two built-in cameras, is easy to fly, and can be controlled without too much danger of it flipping over or smashing into things. FIRST EVER MALWARE FOR DRONES Security researcher, Rahul Sasi claimed to have developed the first ever backdoor malware for AR drone ARM L

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

The Pirate Bay Updated With Phoenix Image and Set to return on 1 February

The Pirate Bay Updated With Phoenix Image and Set to return on 1 February
Jan 26, 2015
The Pirate Bay — an infamous Torrent website predominantly used to share copyrighted material free of charge — could be relaunched on 1st February, the date the website has long been expected to return. The website went dark from the Internet following a raid in Sweden last month. After a complaint was filed by a group called the Rights Alliance, Swedish Police officers raided The Pirate Bay's server room in Stockholm and seized several servers and other equipment. Last month's raid comes almost a month after the arrest of Fredrik Neij, the third and final founder of The Pirate Bay, at the border between Laos and Thailand on November 3. He was convicted by Swedish courts for sharing copyrighted material more than five years ago. The Pirate Bay homepage is displaying a logo of Phoenix once again with a timer counting down to 1 February. The search box and categories are back under the flag, but are not active yet. At the bottom of the page, a pirate ship sails tow

20 Million Credentials Stolen From Russian Dating Site 'Topface'

20 Million Credentials Stolen From Russian Dating Site 'Topface'
Jan 26, 2015
A database containing details of more than 20 Million users of a Russian-based online dating website has been allegedly stolen by a hacker and made publicly available for sale through an online forum. A hacker using the online alias " Mastermind " on an online forum used by cybercriminals claims the responsibility of the hack into an unnamed online dating website, according to recent reports. The leaked credentials are claimed to be 100% valid in a posting to a paste site, and Daniel Ingevaldson, chief technology officer of Easy Solution, said that the list included email addresses from Hotmail, Yahoo and Gmail. " The list appears to be international in nature with hundreds of domains listed from all over the world ," Ingevaldson said in a blog post on Sunday. " Hackers and fraudsters are likely to leverage stolen credentials to commit fraud not on the original hacked site, but to use them to exploit password re-use to automatically scan and c

Hackers can Spoof AT&T Phone Messages to steal your Information

Hackers can Spoof AT&T Phone Messages to steal your Information
Jan 26, 2015
Bad news for AT&T customers! You all are vulnerable to phishing scams – thanks to AT&T's text protocols. The actual problem lies in the way AT&T handles its customer alerts via text messages, as it's very easy for cybercriminals to mimic. In "Phishing" attacks , scammers attempt to trick victims into revealing their personal and financial information by sending email or text messages that appear to be from legitimate companies. Instead of emails, here hackers have targeted AT&T users with the text messages. According to Dani Grant , the computer programmer who discovered the flaw and reported to the company, AT&T is making use of plethora for short codes, due to which its customers unable to distinguish between the legitimate and phishing messages . The second issue is that some of AT&T's real links directs its users to att.com while others take you to dl.mymobilelocate.com. " Another problem is that AT&T directs cu

Adobe patches 2nd Flash Player Zero-day Vulnerability

Adobe patches 2nd Flash Player Zero-day Vulnerability
Jan 25, 2015
Ready to patch your Adobe Flash software now. Adobe has patched one after one two zero-day vulnerabilities in its Adobe Flash that are being actively exploited by the cyber criminals. PATCH FOR FIRST ZERO-DAY On Thursday, the company released an emergency update for one of the critical vulnerabilities in Flash Player. However, the flaw was not the one that security researcher Kafeine reported. Adobe focused on another zero-day, identified as CVE-2015-0310 , that was also exploited by Angler malicious toolkit. PATCH FOR SECOND ZERO-DAY Today, Adobe released an updated version of its Flash player software that patches a zero-day vulnerability , tracked as CVE-2015-0311, spotted by French security researcher Kafeine at the beginning of the week. The vulnerability is " being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below, " Adobe said in a security advisory . The com

Police Using High-Tech Device to See Through Walls Warrantlessly

Police Using High-Tech Device to See Through Walls Warrantlessly
Jan 24, 2015
We are all aware of the mass surveillance conducted by the government agencies on us. From our phone calls, emails to web activities, chats and social network activities, everything has been interrupted by the law enforcements. And now they have crossed every limits by using a new way to spy on you. Guess What? Dozens of US law enforcement agencies are quietly taking advantage of the technology that allows them to effectively "see" through walls of buildings to monitor people's activity . This has once again raised privacy questions. Privacy has become just a word as there's nothing private left, not even our homes. According to a recent report from USA Today , over 50 law enforcement agencies, including Federal Bureau of Investigation (FBI) and U.S. Marshals, have secretly been using the new radars for the past two years, but it came to light just last month during a court hearing in Denver . The device, dubbed Range-R , sends out radio waves that can d
Cybersecurity Resources