The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A new hacking technique dubbed BREACH can extract login tokens, session ID numbers and other sensitive information from SSL/TLS encrypted web traffic in just 30 seconds. The technique was demonstrated at the Black Hat security conference in Las Vegas ( Presentation PDF  & Paper ) by Gluck along with researchers Neal Harris and Angelo Prado, which allows hackers to decodes encrypted data that online banks and e-commerce sites from an HTTPS channel. Neal, Yoel and Angelo ( From left to right) at BlackHat BREACH ( Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext ) is very targeted and don't decrypt the entire channel. BREACH manipulates data compression to pry out doses of information from HTTPS protected data, including email addresses, security tokens, and other plain text strings. Angelo Prado told The Hacker News , " We are using a compression oracle is leveraging the building blocks from CRIME , on a diff...

Underground sites more commonly offer access to networks of compromised machines or stolen credit card information. Webroot has uncovered a criminal underground store dedicated to selling access to more than tens of thousands of hacked legitimate websites. Their customers can buy an administrator account or shell access in a hacked website, at cheap price i.e. $0.5 to $10 and then allows to perpetrate criminal activities from it, distribute malware, install a botnet  command & control infrastructure, upload illegal content, send spam, and so on. In Screenshots Researchers shows an underground market proposition, whose inventory is currently listing over 6000 compromised/hacked shells internationally. Sites are listed based on the price, page rank, age of the domain, Alexa ranking, language, and number of pages indexed by Google. The site promised access to any number of the compromised websites and the store seems to be quite profitable....

The latest release from Edward Snowden shows that the Vodafone, BT, Verizon and some other total seven Private Telecom Companies have been secretly collaborating with the British spy agency, GCHQ and giving unlimited access to the details of phone calls, emails and Facebook entries. Another leak claimed that The US government has paid at least £100m to the UK spy agency GCH Q over the last three years to secure access to and influence over Britain's intelligence gathering programs. One of the PowerPoint presentations, dating 2009, mentions British Telecom, Verizon, Vodafone, Level 3, Global Crossing, Interoute and Viatel, and Sueddeutsche Zeitung calls them key partners of GCHQ. Snowden left the Moscow airport in a taxi, although his intended destination was not clear. The US said it was extremely disappointed by Russia's decision. According to Snowden, when handing over these documents, " It's not just a US problem " and he stated that, in fact, G...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

Other than Windows, Now other platforms are becoming more popular every day and attracting bad guys who are starting to create malicious code for other systems.  Java applications can run on multiple platforms with ease, thus no surprise that malicious code written in Java that is designed to target more than one operating system are becoming increasingly common. Researchers at McAfee Labs spotted another sample of Java based trojan dubbed as JV/BackDoor-FAZY  that opens a back door for an attacker to execute commands and acts as a bot after infection. According to researcher, The key to decrypt the config file was encrypted with Base 64, Triple-DES algorithm and Hex. Decrypting the file provides information about the backdoor connection, includes IP address, port number, operating system, mutex information, and password for the connection. " On execution, the JAR file opens the backdoor connection to the IP address and the port mentioned in the pla...

A Georgia Tech researcher has found a weakness in Apple's iOS mobile platform that could let hackers to hide malicious code inside apps and can be surreptitiously planted on the Apple App Store. Researchers team created a proof-of-concept attack that was published in the Apple App Store and used to remotely launch attacks on a controlled batch of devices , enabling them to post unauthorized tweets, take photos and even go after other apps. " Our research shows that despite running inside the iOS sandbox, a Jekyll-based app can successfully perform many malicious tasks, such as posting tweets, taking photos, sending email and SMS, and even attacking other apps all without the user's knowledge. " Using a BeagleBoard, team created a USB malicious charger called Mactans  that can install apps without user knowledge within a minute of being plugged in. In one demonstration, the attacker was able to hide the iPhone Facebook application and install a malicious...

Edward Snowden , the former U.S. The intelligence contractor wanted for revealing the National Security Agency 's secret program to collect American phone and internet records, left at Moscow airport after Russian authorities granted him temporary asylum for one year. Mr Snowden's lawyer Anatoly Kucherena said, " Snowden has left the Sheremetyevo airport. He has just been given a certificate that he has been awarded temporary asylum in Russia for one year ," " Edward Snowden was granted temporary asylum in Russia for a year and has now left Moscow airport under the care of Wikileaks' Sarah Harrison ," Wikileaks tweeted. He had gone to a secure location which would remain secret. " His location is not being made public for security reasons since he is the most pursued man on the planet. He himself will decide where he will go ," In a statement released by WikiLeaks , Snowden thanked Russia for giving him asylum and critici...

According to a new report revealed by NSA leaker Edward Snowden , The National Security Agency has a secret program that allows it to see just about everything a person does on the Internet.  An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.  An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen. XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst. The Guardian has published several NSA training slides from the program: The NSA documents show that as of 2008, the X-Keyscore platform was used to nab 300 alleged terrorists around the world...

According to a new report, the world's biggest personal computer maker, Chinese firm Lenovo Group Limited has reportedly been banned from supplying equipment for  networks of the intelligence and defense services of Australia, the United States, Britain, Canada and New Zealand, due to hacking concerns. Sources from intelligence and defense entities in the UK and Australia have confirmed the ban introduced in the mid-2000s after intensive laboratory testing of its equipment. In 2006 it was disclosed that the US State Department had decided not to use 16,000 new Lenovo computers on classified networks because of security concerns. Serious backdoor vulnerabilities in hardware and firmware were apparently discovered during the tests which could allow attackers to remotely access devices without the knowledge of the owner. Lenovo, headquartered in Beijing, acquired IBM's personal computer business in 2005, after which IBM continued to sell server...

Soon in December this year, India's new surveillance program - Centralized Monitoring System (CMS) will be able to analyze all telecommunications and Internet communications in India by the government and its agencies.  This means that everything we say or text over the phone, write, post or browse over the Internet will be centrally monitored by Indian authorities. Law enforcement and government agencies intercept, monitor, and analyze communications in order to uncover leads and build the evidence needed to neutralize terrorism and crime. Few days back, BlackBerry has given the necessary permissions for the Indian government to intercept messages sent from BlackBerry devices . According to latest reports - Verint Systems , Israel's cyber intelligence solutions provider , are soon to get a contract from the Indian government to track encrypted communication services such as Gmail, Yahoo . mail, BlackBerry services, Skype and so on. " Ver...

Last week, we exclusively reported that the popular messenger Viber was hacked by the Syrian Electronic Army, and Support page was defaced with the message, " The Israeli-based - Viber is spying and tracking you. " Today we found that Viber's Apple App Store description has been defaced as well. The new modified description read " We created this app to spy on you, PLEASE DOWNLOAD IT! ", It's not clear at this point if this new hack is also performed by  Syrian Electronic Army or not, but it is possible that the hackers have gained access to the other various developer-facing functions. Viber later responded after a previous attack that one of its employee's fell victim to a phishing attach and attackers could gain access to a customer support panel and support administration system, insisting that no sensitive user data was exposed. Last week, SEA was able to access the Popular messaging app Tango's website and also a World's biggest...