The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Security experts are confident that the Chinese hackers group known as Comment Crew is still operating under cover. " The Comment Crew is back again " this is the rumor within Intelligence community, researchers suspect the involvement of the group of hackers in the recent cyber dispute between U.S. and China. Let's make a step back, last February Mandiant Intelligence firm released an interesting report that revealed an enterprise-scale computer espionage campaign dubbed APT1. Mandiant linked the APT1 attacks, that compromised 141 organizations in seven years, to Chinese military unit called " 61398 ". The is very interesting is that the security firm identified a common pattern for the attacks conducted by Chinese hackers group, it was also able to define a series of key indicators for identifying ongoing APT attacks. Mandiant security firm had monitored the group during last years and report details its operations, it wasn't the only one FireEye is anoth...

Once again NSA whistleblower Edward Snowden revealed the truth, that the NSA hacks into China's mobile operators to steal millions of text messages.  Every month Washington come up with new reports  and accuse other nations, particularly China, for cyber hacking , but the biggest culprit of such crime is in fact the United States. All of this appeared to go relatively well for Washington until revelations emerged of the U.S. National Security Agency's PRISM surveillance program . According to Snowden, U.S. spies had hacked 3 major mobile phone companies in China and a core network to steal text messages of millions of Chinese citizens. Fang Binxing, a President at Beijing University who is considered the chief pioneer of China's Great Firewall Internet filtering system, has warned in the past that telecom equipment from international companies like Cisco is a threat to China's national security. As such, it could have allowed NSA operatives to ...

Serious security vulnerability was recently discovered on the Samsung flagship Galaxy S4 device, claiming that attackers can use it to silently send text messages. Qihoo 360 Technology, an antivirus company based in China, said that this particular vulnerability is related to the " cloud backup " feature of Galaxy S4, which is not properly protected and can be abused. This vulnerability was first discovered on June 17 and already reported the issue to Samsung and the company is already in the process of developing an official update to fix the vulnerability. A rogue mobile application could contain code exploiting the vulnerability to send fraudulent scam text messages ordering premium-rate services, the firm said. By exploiting the vulnerable cloud backup feature, malware could pretend to be the identity of any contact, friend, relative, or organization when faking phishing SMS messages. When these phishing SMS messages are received, users may be tricked i...

Russian President Vladimir Putin bluntly rejected U.S. pleas to extradite National Security Agency Whistleblower Edward Snowden on Tuesday, says since Snowden has not committed a crime in that country, the government will not extradite him back. Putin said, "Mr. Snowden is a free man," Snowden did not cross the Russian border, implying that he is still in the Moscow airport's transit zone, a sort of diplomatic neutral space. " He arrived as a transit passenger – he didn't need a visa, or other documents, " Putin said. After arriving Sunday on a flight from Hong Kong, Snowden booked a seat on a Havana-bound flight from Moscow on Monday en route to Venezuela and then possible asylum in Ecuador, but he didn't board the plane. " The sooner he selects his final destination point, the better both for us and for himself ," Putin said. White House Press Secretary Jay Carney on Monday urged Russia to ultimately turn him over. " We do ex...

If you don't know yet, Microsoft is offerings up to $100,000 in exchange for finding vulnerabilities and exploits in the upcoming Windows 8.1 Preview which is expected to launch on June 26, the same time as the Microsoft Build Developer Conference. Qualifying submissions with accompanying defensive ideas will also be eligible for a BlueHat Bonus worth up to $50,000. " These are super challenging to discover and they require a new technique ," says Mike Reavey, director of Microsoft's Security Response Center. Windows 8.1 is a major update to Microsoft's brand new operating system Windows 8, and given the serious bounty on offer, Microsoft clearly wants to leave nothing to chance as far as securing the operating system is concerned. " Learning about new exploitation techniques earlier helps Microsoft improve security by leaps, instead of capturing one vulnerability at a time as a traditional bug bounty alone would ," he said. Microsoft's senior s...

The Britain's spy agency GCHQ is running an online eavesdropping operation that has gained secret access to more than 200 optical fiber cables carrying global Internet traffic and telephone calls. The existence of the program has been disclosed in documents shown to the Guardian by the NSA whistleblower Edward Snowden as part of his attempt to expose what he has called the largest program of suspicion less surveillance in human history. Dubbed as , Operation Tempora has been running for around 18 months and allows GCHQ to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days. GCHQ is also sharing this sensitive personal information with its American partner, the National Security Agency (NSA). The paper said GCHQ is tapping 200 internet links in total, each with a data rate of 10Gbps, with the agency having the technical capacity to concurrently analyze 46 of these 200 streams of data at a time. That access could ...

Over the past few years, Cyber Criminals have choose the official Google Chrome Web Store to push malware. In a recent announcement by Google, like Google Play Android apps store, all new apps uploaded to the Chrome Web Store will now also be automatically scanned for malware. Also, Google warned developers that it may take a little longer than before for their app to go live in the store, and  scanning may take from just a few minutes up to an hour.  " Starting today in the Chrome Web Store, you might notice that your item is not broadly available immediately after you publish it. " It is always against the Chrome Web Store Content Policies to distribute malware, if developer still wants to upload something malicious, they should cancel the process and withdraw their program. " This new functionality does not require any action on the part of developers. When you publish an item in the store, the developer dashboard will indicate that your item is i...

The Bitcoin Foundation has received a cease-and-desist letter from the California Department of Financial Institutions, which oversees banks, credit unions, and other financial organizations operating in the state. Jon Matonis, who is a board member at the Foundation, revealed the letter on Forbes. The agency charges Bitcoin Foundation with allegedly " engaging in the business of money transmission without a license or proper authorization ." If they found to be in violation of the California Financial Code, the foundation could be fined up to $2,500 a day per violation, in addition to criminal prosecution. Convictions under the federal statute are punishable by up to 5 years in prison and a $250,000 fine. Bitcoin doesn't have any kind of central regulatory authority, and trading takes place through Mt. Gox or other exchange floors. So, California's decision to send a money transmitter warning to the Bitcoin Foundation is a Washington, D.C., nonprofit, makes no sense...

Facebook is alerting its users about a security breach due to a technical glitch, that may have inadvertently exposed the email addresses and telephone numbers of roughly 6 million users. " We recently received a report to our White Hat program regarding a bug that may have allowed some of a person's contact information (email or phone number) to be accessed by people who either had some contact information about that person or some connection to them, " Facebook said in its announcement. The problem stemmed from a tool that allows users to upload their contact lists or address books to Facebook so that the social network can serve up friend recommendations or invite people to join Facebook. " Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people's contact information as part of their account on Facebook, " As a result, ...

Edward Snowden , The Whistleblower who revealed the existence of a secret US online surveillance program left Hong Kong and has landed at Moscow's Sheremetyevo airport with help of Wikileaks . WikiLeaks said in a statement that its legal adviser Sarah Harrison was on the plane with Mr Snowden and they would help 'secure is safety' at his 'final destination'. Snowden will go down in history as one of the most prolific whistleblowers . Snowden left Hong Kong after The White House asked the autonomous Chinese territory to extradite him. A senior administration official warned that if Hong Kong did not act quickly it would complicate relations. He had earlier been charged in the US with espionage. Snowden, who has been in hiding in Hong Kong for several weeks since he revealed information on the highly classified spy programs, has talked of seeking asylum in Iceland. He got an on SU 213 Aeroflot flight from Chep Lap Kok airport at 11.04am today (Hong K...