The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Google's Nexus Smartphones are vulnerable to SMS-based DOS attack , where an attacker can force it to restart, freeze, or lose network connection by sending a large number of special SMS messages to them. The vulnerability, discovered by Bogdan Alecu , a system administrator at Dutch IT services company Levi9, and affects all Android 4.x firmware versions on Google Galaxy Nexus, Nexus 4 and Nexus 5. The problem is with how the phones handle a special type of text message, known as a flash SMS. By sending around 30 Flash SMS ( Flash SMS is a type of message that normally is not stored by the system and does not trigger any audio alerts ) messages to Nexus phone an attacker can cause the phone to malfunction. He presented the vulnerability on Friday at the DefCamp security conference in Bucharest, Romania. In an email exchange with me, he said ' I was testing different message types and for the class 0 messages I noticed that the popup being displayed al...

A Symantec researcher has discovered a new Linux worm, targeting machine-to-machine devices, and exploits a PHP vulnerability ( CVE-2012-1823 ) to propagate that has been patched as far back as May 2012. Linux worm, which has been dubbed Linux.Darlloz , poses a threat to devices such as home routers and set-top boxes, Security Cameras, and even industrial control systems. It is based on proof-of-concept code released in late October and it helps spread malware by exploiting a vulnerability in php-cgi . " Upon execution, the worm generates IP addresses randomly, accesses a specific path on the machine with well-known ID and passwords, and sends HTTP POST requests, which exploit the vulnerability. If the target is unpatched, it downloads the worm from a malicious server and starts searching for its next target. " the Symantec researchers explained. The malware does not appear to perform any malicious activity other than silently spreading itself and wiping a load of sy...

Just now, The hacktivist group Syrian Electronic Army (SEA) briefly took over the Twitter account of the TIME Magazine. The Hacker group  tweeted from the TIME's official account, " Syrian Electronic Army Was Here via  @Official_SEA16..Next time write a better word about the Syrian president #SEA " with their logo, as shown above. TIME Magazine is currently hosting polls for Who Should Be TIME's Person of the Year?  and on their website  the Syrian President  Bashar al-Assad is described as, " Syria's ruler presided over a bloody year, shrugging off international concerns over the use of chemical weapons as the death toll of his country's civil war eclipsed 100,000. " How they have hacked into TIME's account is not yet clear, but the group is famous for using advanced phishing attacks to conduct high profile hacks. The TIME's tweet was deleted by TIME's staff just after 10 minutes of the hack. In a separate tweet on their ...

Skype has been targeted by cyber criminals again this week. Users are receiving a new Spam Email with subject " You received a new message from the Skype voice mail service. ", that actually leads to Zeus Malware . Zeus is a Trojan horse that attempts to steal confidential information from the compromised computer. It specifically targets system information, online credentials, and banking details, but can be customized through the toolkit to gather any sort of information. The email is sent from the spoofed address " Skype Communications " and seems to be genuine, it has similar body content and the official Skype logo that usually comes with a legitimate Skype voice mail alerts. " This is an automated email, please don't reply. Voice Message Notification. You received a new message from the Skype voice mail service. " the email reads. The fraudsters have also tried to make the emails look genuine by adding real links back to the Skype website. According to MX Lab , ...

Researchers at FireEye have discovered a new privilege escalation vulnerability  in Windows XP and Windows Server 2003. CVE-2013-5065, Local privilege escalation vulnerability is used in-the-wild in conjunction with an Adobe Reader exploit ( CVE-2013-3346 ) that appears to target a patched vulnerability. Microsoft has issued an advisory and warned that discovered bug in Windows XP's  NDPROXY.SYS driver could allow hackers to run code in the system's kernel from a standard user account. The exploit could allow a standard user account to execute code in the kernel, which may allow an attacker to gain privileges that would enable him to do various activities, including deleting or viewing data, installing programs, or creating accounts with administrative privileges. "Our investigation of this vulnerability has verified that it does not affect customers who are using operating systems newer than Windows XP and Windows Server 2003 ," Microsoft advised. Last Apri...

Ruby on Rails contains a flaw in its design that may allow attackers to more easily access applications. Websites that rely on Ruby on Rails's default cookie storage mechanism   CookieStore  are at risk. The vulnerability was actually reported two months ago, but still thousands of website are running a vulnerable version of Ruby on Rails that allows a malicious attacker to gain unauthorized access again and again without password, if someone manages to steal users' cookies via via cross site scripting or session sidejacking or with physical access.  More than 10,000 websites are vulnerable to Ruby on Rails's cookie storage mechanism flaw, but this vulnerability requires your user's session cookies to be compromised in the first place. Security researcher G.S. McNamara provided the details of the vulnerability in a blog post , he analyzed nearly 90,000 sites running specialized scripts and discovered 1,897 sites based on old versions of Ruby on Rails ( versi...

The breaking news is that, another Bitcoin exchange  company gets hacked i.e. BIPS ( bips.me ), one of the largest European Danish Bitcoin payment processors. On Friday evening, a bunch of cyber criminals just broke into BIPs - Bitcoin payment processor servers and wiped out around 1,295 Bitcoin from people's wallets, currently worth $1 Million. More than 22,000 consumer wallets have been compromised and BIPS will be contacting the affected users. Initially on 15th November, Hackers launched Distributed Denial of Service (DDoS) attack on BIPS, originate from Russia and neighboring countries and then hackers attacked again on 17th November. This time somehow they got access to several online Bitcoin wallets, which allowed them to steal the 1,295 BTC. " As a consequence Bips will temporarily close down the wallet initiative to focus on real-time merchant processing business which does not include storing of Bitcoins. " company says. " All existing users will be aske...

Two most important moments in the history of Bitcoin are : Its creation by Satoshi Nakamoto , and the burst of The Silk Road's Founder  Ross William Ulbricht . The silk Road's black market was a Bitcoin economy. According to a report published by two Israeli computer scientists,  Ross William Ulbricht , aka Dread Pirate Roberts , may be financially linked to Satoshi Nakamoto. Even if the Bitcoin buyers and sellers remained anonymous, but the transactions themselves are public, So the scientists were able to trace the interactions. The Scientists, Ron and Shamir were exploring the connection between the operator of Silk Road who was recently arrested by the FBI for running the Internet blackmarket Silk Road and the entity that invented the bitcoin. The bitcoin network was established in 2008 and it has been popularly believed that the first accounts in the early days of the bitcoin were of Satoshi Nakamoto , accumulated some 77,600 BTC as a result of 'mini...

Users in Iran call Internet as " Filternet ", because of the heavily censored Internet access they have. Million Iranians used VPN servers to access the outside world. In October, 2013 Jack Dorsey, the co-founder of Twitter asked Iranian President, ' Are citizens of Iran able to read your tweets? ' In Reply Mr. The President said that he will work to make sure Iranians have access to information globally in what appears to be a reference to reducing online censorship. Just after promising to support Internet Freedom, the Iran Government has banned yet another web application called -  Cryptocat , a tool that allows for secure and encrypted chat. The app is well known for bringing encrypted communications to the masses, popular with human rights activists and journalists around the world. According to ' Blockediniran.com ', Cryptocat website and the associated private chat service were inaccessible to our users in Iran. Currently since Monday.  ' I...

The NSA has the ability to trace " anyone, anywhere, anytime ". In September we reported that how NSA and GCHQ planted malware via LinkedIn and Slashdot traffic to hack largest telecom company Belgacom's Engineers. Yesterday, a  Dutch newspaper has   published a new secret NSA document provided by former intelligence employee  Edward Snowden . According to the newly exposed slide, NSA has infected more than 50,000 computer networks worldwide with software designed to steal sensitive information i.e. Malware . The slide from the NSA's 2012 management presentation, shows a world map with more than 50,000 targeted locations, uses a procedure called ' Computer Network Exploitation ' (CNE) that can secretly install malware in computer systems. The malware can be controlled remotely and be turned on and off at will. From the NSA website we found that, CNE includes enabling actions and intelligence collection via computer networks that exploit data gathere...

The  CryptoLocker Malware continues to spread, infected more than 12,000 U.S computers in one week and threatening millions of computers in the UK. Just last week, The UK National Crime Agency urge people afflicted by CryptoLocker not to pay ransom, not least because there is no guarantee that they will even receive an unlock key. Not even Police departments are immune to CryptoLocker. In November second week, Massachusetts' Swansea Police Department paid a 2 Bitcoin ($750 that time) ransom to decrypt images and Word documents encrypted by CryptoLocker ransomware . " It gave us 100 hours to pay and it was literally a timer, " said Police Department. " A big red screen comes up with a timer that says you have 100 hours to pay or your files will be encrypted forever. " Malware usually distributed through spam emails, encrypting the user's files on the infected machine and also the local network it is attached to. However, Police Depar...