The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

UK's Secretive Spy Agency Government Communications Headquarters (GCHQ) has open-sourced one of its tools on code-sharing website GitHub for free... A graph database called ' Gaffer .' Gaffer , written in Java, is a kind of database that makes it "easy to store large-scale graphs in which the nodes and edges have statistics such as counts, histograms and sketches." Github is a popular coding website that allows software developers to build their project on a single platform equipped with all the requirements that are gone in the making of a software. Gaffer and its Functionalities In short, Gaffer is a framework for creating mass-scale databases, to store and represent data, and is said to be useful for tasks including: Allow the creation of graphs with summarised properties within Accumulo with a very less amount of coding. Allow flexibility of stats that describe the entities and edges. Allow easy addition of nodes and edges. Allo...

Billions of dollars are spent in securing business operations, and yet attackers still find ways to breach a network. With the ever increasing growth in security attacks across all threat vectors, you should consider these New Year's resolutions to help solve your security challenges in 2016: Take stock of what you have Segment your Network Setup controls with ACLs Secure protocols, network ports, & services Monitor account activity Monitor servers & databases Make sure that your applications are secured Ensure security policies are in place Measure effectiveness and ensure your security products are doing their job Add threat intelligence into your security operations As you prepare for 2016 and reflect on all the security news stories from this year, these ten resolutions need to be on your " to-do " list: 1. Take stock of what you have Knowing the genetic makeup of your environment is the key to securing your IT systems. It is critical to have an updated invento...

MacKeeper anti-virus company is making headlines today for its lax security that exposed the database of 13 Million Mac users' records including names, email addresses, usernames, password hashes, IP addresses, phone numbers, and system information. MacKeeper is a suite of software that claims to make Apple Macs more secure and stable, but today the anti-virus itself need some extra protection after a data breach exposed the personal and sensitive information for Millions of its customers. The data breach was discovered by Chris Vickery , a white hat hacker who was able to download 13 Million customer records by simply entering a selection of IP addresses, with no username or password required to access the data. 21 GB Trove of MacKeeper Customer Data Leaked 31-year-old Vickery said he uncovered the 21 GB trove of MacKeeper customer data in a moment of boredom while searching for openly accessible databases on Shodan – a specialized search engine that looks fo...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Sony's PlayStation 4 – the hottest-selling gaming console in the United States – has been in the market for a while now, and since its release, hackers have been tinkering with it to find a way to run unauthorized software. Though breaking the protection on PlayStation 4 is a huge deal, a hacker who calls himself CTurt has claimed to develop a fully jailbroken version of the PlayStation 4 with the help of a kernel exploit that he previously created. The current jailbreak allows dumping of the system RAM from other processes and installing custom firmware that can be used to run homebrew applications that aren't approved by Sony. Of course, there is still a few other security issues to get by, but it is a foot in the door for game piracy, which can affect the gaming market as a whole. The Twitter account of CTurt seems to indicate that currently the exploit only works for PlayStation 4 firmware version 1.76, but apparently it can be tweaked to work for mor...

So how do you catch rogue drones that take your sky? With another Giant Drone, of course! This is exactly how the Tokyo Metropolitan Police Department is catching unwanted and potentially dangerous drones flying over the city, according to Japan Today. The department is launching an anti-drone squad in order to prevent people from flying their drones overcrowded residential areas and important buildings in Tokyo, including the Prime Minister's Office. How So? Instead using a dragnet on the ground, the police authorities will use a drone armed with a net to scoop up the suspected drones and carry them away to safety. Watch the Video: The Tokyo Metropolitan Police have also released a video that shows its special Net-Wielding Drone in action. You can look at the video above. It looks like the police are using a DJI Spreading Wings 900 with a 3 x 2 m² of Net tied to its feet. As soon as a rogue drone is spotted in the sky, the squad will first a...

After targeting the Islamic State (ISIS) group in the wake of Deadly terror attacks in Paris, hacktivist group Anonymous has now turned its attention to controversial US presidential candidate Donald Trump . The hacktivist group has declared war against Donald Trump following his recent radical speech stating he wanted to ban Muslims from entering the United States. Anonymous vs. Donald Trump On Wednesday, Anonymous slams Trump by posting a YouTube video in which a man in a Guy Fawkes mask says: "Donald Trump, it has come to our attention that you wish to ban all muslims from entering the United States. Muslims and Islam are not the problem. This policy will have grave impact and will serve only to fuel the emotions that ISIS uses to recruit muslims. Certainly ISIS will use this to their advantage in their social media campaigns. Instead of focusing on the innocent, the focus should be set on ways to protect them from the radicalized individuals they flee. Dona...

Meet an all-new Hacker's Search Engine similar to Shodan – Censys . At the end of last month, security researchers from SEC Consult found that the lazy manufacturers of home routers and Internet of Things (IoT) devices have been re-using the same set of hard-coded cryptographic keys , leaving around 3 millions of IoT devices open to mass hijacking. But how did the researchers get this number? Researchers uncovered these devices with the help of Censys – a new search engine that daily scans the whole Internet for all the vulnerable devices. Censys Maintains Complete Database of Everything on The Internet Censys is similar to hacker's search engine Shodan , which is designed specifically to locate any devices that have been carelessly plugged into the Internet without much attempt at preventing unauthorized access. However, Censys employs a more advanced method to find vulnerabilities in the devices and make the Internet a safer place. Censys is a fre...

Smartphones, Smart TVs, Smart Watches, Cell Phone Towers, Messaging services… but now, What's Next? Smart Toys? Yes, probably. Tech expert is warning that 'Smart Toys' could now be used by the government intelligence agencies to spy on suspects. As part of the Investigatory Powers Bill , children's connected toys could be the next item to be used by the government in an effort to spy on people, claims Antony Walker, deputy CEO of technology trade association techUK. The Snooper's Charter – Government's Spy Eyes While speaking to the UK parliament's Commons Science and Technology Committee, Walker warned MPs of how the Draft Investigatory Powers Bill could be abused to turn any Internet-connected device into a snooping tool. The draft Investigatory Powers Bill (or the Snooper's Charter ) would make it the legal duty of Internet service providers (ISPs) to help and assist the British intelligence agencies in hacking into various connected devices if...

Despite the French Ministry of Interior's demands, France will not ban the TOR anonymity network or Free public Wi-Fi as a way to help the law enforcement fight terrorism. French Prime Minister Manual Valls has gone on record saying that a ban on Free public Wi-Fi is " not a course of action envisaged ," and he is not in favor of banning the TOR anonymity network, either. Following the deadly terror attacks on Paris last month, an internal document obtained by Le Monde indicated that French government wanted to block communications of TOR as well as ban the use of Free Public Wi-Fi during states of emergency in an effort to fight terrorism more efficiently. However, according to France PM, banning Encrypted Communications could affect the country's economy and security. Must Read:  FBI Director Asks Tech Companies to At least Don't Offer End-to-End Encryption TOR and Free Wi-Fi Safe in France, PM Says  " A ban of [free public] W...

FBI declared War against Encryption. Encryption is defeating government intelligence agencies to detect terrorist activities and after the recent ISIS-linked terror attacks in Paris and California, the issue has once again become a political target in Washington. ...and meanwhile, Kazakhstan plans to make it Mandatory for its Citizens to Install Internet Backdoor , allowing the government to intercept users' traffic to any secure website and access everything from web browsing history to usernames and passwords. FBI: For God's Sake, Don't Use End-to-End Encryption At a Senate hearing on Wednesday, FBI's Director James Comey called for tech companies currently providing users with end-to-end encryption to reconsider "their business model" and simply stop doing that, reported The Intercept . Yes, instead of asking companies for a " backdoor " this time, Comey suggested them to adopt encryption techniques that help federal agencie...