#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

Mobile app | Breaking Cybersecurity News | The Hacker News

Popular Navigation App hijacked with Fake Bots to Cause Traffic Jam

Popular Navigation App hijacked with Fake Bots to Cause Traffic Jam

Apr 04, 2014
Beware! Hackers can cause Traffic jams with just a navigation Smartphone application. Two Israeli students were assigned by college to hack Google-owned Waze GPS app , an Israeli-made Smartphone app that provides directions and alerts drivers to traffic and accidents. Shir Yadid and Meital Ben-Sinai , fourth-year students at Technion-Israel Institute of Technology, with the help of two advisers created a virtual program that successfully caused the popular navigation application Waze to report fake traffic jams,  Haaretz  reported. They successfully launched a demo cyber attack against the popular navigation app, with no evil intention to cause any damage to the app, instead it was a simple assignment handed over to these students to demonstrate up to what a malicious hacker could do by creating a fake traffic jam on any popular app, like Waze that provides real-time traffic updates and notifications to users on the road. HOW TO JAM TRAFFIC? To carry out their proje
LinkedIn shutting down its security-plagued INTRO app in Early March

LinkedIn shutting down its security-plagued INTRO app in Early March

Feb 10, 2014
Last October, the social network ' LinkedIn ' launched a controversial Smartphone app called ' Intro ' that intercepts and route all of your emails through LinkedIn servers to inject LinkedIn profiles of the sender directly into the mails. The app was released for Android , as well as iOS devices. Why Controversial? The app puts the security and privacy of your data entirely in the company's hands, and at that time everyone criticized and reacted negatively, but LinkedIn defended Intro, claiming that all information was fully encrypted and deleted from LinkedIn's servers immediately. Just two days back, I got an e-mail from LinkedIn with the subject line " We're retiring LinkedIn Intro. " i.e. LinkedIn is giving up so quickly just four months of the launch! In a blog post today, LinkedIn SVP of products Deep Mishar explained, " We are shutting down LinkedIn Intro as of March 7, 2014. The intro was launched last year to bring the power of LinkedIn to your emai
First widely distributed Android bootkit Malware infects more than 350,000 Devices

First widely distributed Android bootkit Malware infects more than 350,000 Devices

Jan 29, 2014
In the last quarter of 2013, sale of a Smartphone with ANDROID operating system has increased and every second person you see is a DROID user. A Russian security firm ' Doctor Web' identified the first mass distributed Android bootkit malware called ' Android.Oldboot ', a piece of malware that's designed to re-infect devices after reboot, even if you delete all working components of it. The bootkit Android.Oldboot has infected more than 350,000 android users in China, Spain, Italy, Germany, Russia, Brazil, the USA and some Southeast Asian countries. China seems to a mass victim of this kind of malware having a 92 % share. A Bootkit is a rootkit malware variant which infects the device at start-up and may encrypt disk or steal data, remove the application, open connection for Command and controller. A very unique technique is being used to inject this Trojan into an Android system where an attacker places a component of it into the boot
cyber security

Instantly See How Much Time You Can Save by Automating Compliance

websiteVantaAutomate Compliance
Get an instant calculation of how much time you could save by automating compliance with Vanta.
Unpacking 2024's SaaS Threat Predictions

Unpacking 2024's SaaS Threat Predictions

Jun 05, 2024SaaS Security / Artificial Intelligence
Early in 2024, Wing Security released its State of SaaS Security report , offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security Posture Management (SSPM) solutions have prioritized mitigation capabilities to address many of these issues, ensuring security teams have the necessary tools to face these challenges head-on. In this article, we will revisit our predictions from earlier in the year, showcase real-world examples of these threats in action, and offer practical tips and best practices to help you prevent such incidents in the future. It's also worth noting the overall trend of an increasing frequency of breaches in today's dynamic SaaS landscape, leading organizations to demand timely threat alerts as a vital capability. Industry regulations with upcoming compliance deadlines are demanding similar time-sens
Foursquare vulnerability that exposes 45 million users' email addresses

Foursquare vulnerability that exposes 45 million users' email addresses

Jan 28, 2014
A location based Social Networking platform with 45 million users,' Foursquare ' was vulnerable to the primary email address disclosed.  Foursquare is a Smartphone application that gives you details of nearby cafes, bars, shops, parks using GPS location and also tells about your friends nearby. According to a Penetration tester and hacker ' Jamal Eddin e ',  an attacker can extract email addresses of all 45 million users just by using a few lines of scripting tool. Basically the flaw exists in the Invitation system of the Foursquare app. While testing the app, he found that invitation received on the recipient's end actually disclosing the sender's email address, as shown above. Invitation URL:  https://foursquare.com/mehdi?action=acceptFriendship&expires=1378920415&src=wtbfe& uid = 64761059 &sig=mmlx96RwGrQ2fJAg4OWZhAWnDvc%3D Where 'uid' parameter represents the sender's profile ID.  Hacker noticed th
Expert Insights
Cybersecurity Resources