The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Carriers, developers, and phone makers are rolling out new services and features to protect mobile devices from malicious attacks and data breaches. As people increasingly use smartphones for email, banking, and document access, the wireless industry is addressing mobile device security. According to Chris Knotts, vice president of technology and innovation at IT consulting company Force 3, there is a "consumerization of IT," where more employees use personal mobile devices like smartphones, laptops, and tablets for work purposes. IT administrators recognize that mobile devices are here to stay and need to be secured against attacks and data breaches. This effort extends beyond IT administrators. Carriers and phone makers are deploying new features and services to enhance mobile device security, as noted by the Wall Street Journal. Edward G. Amoroso, chief security officer of AT&T, stated, "Everyone is realizing that this is an uncontrolled environment. We don'...

A group of hackers recently attacked and took offline several websites belonging to credit-card sharing groups, security experts, and other hacking communities that had neglected basic security practices. On Christmas morning, the administrators of six websites discovered their sites had been hacked. According to a newsletter published by the hackers on Dec. 25, the second issue of "Owned and Exposed" listed carders.cc, ettercap, exploit-db, backtrack, inj3ct0r, and free-hack as compromised sites. Free-hack was targeted for being "lame script kiddies," while the other sites had criminal ties or were security experts criticized for their poor security practices, as noted in the e-zine. Mati Aharoni, the administrator of exploit-db, a site cataloging known exploits and vulnerabilities, admitted the breach in a blog post but mentioned that the damage was minimal. "Other than our egos, the damage is not severe," Aharoni wrote. The hackers posted a copy of th...

Some 300 internet cafes in Nepal are now under police surveillance following a new government regulation aimed at curbing cyber crimes. According to SSP Rana Bahadur Chand, chief of the Metropolitan Police Crime Division (MPCD), cyber cafe users must now present ID cards and register their names, addresses, and telephone numbers. Chand mentioned, "There are around 1,200 cyber cafes in the Kathmandu Valley, and we will gradually bring all of them under this new law." With the growing internet use in urban areas, cyber crimes have surged significantly, Chand noted. In response, the MPCD has begun implementing measures to monitor cyber cafes operating in the Kathmandu Valley. These cafes are now required to provide information to the police upon request. Every month, approximately 8-10 cyber-related cases are reported to the police. Complaints range from email threats, theft of email IDs and passwords, email hacking, and misuse of images posted on social networking sites lik...

Microsoft has issued a warning about a significant flaw in the Internet Explorer browser that could allow hackers to control unprotected computers. The vulnerability permits hackers to inject malware into any system by tricking users into visiting malicious websites. This affects anyone using Internet Explorer (IE) versions 6 to 8. The exploit code for this bug has already been published. Although Microsoft has stated there is no current evidence of its use by criminals, they are "investigating" and working on a permanent fix, according to a report by the Daily Mail. Dave Forstrom, director of Microsoft's Trustworthy Computing group, said, "We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact." The bug targets how the browser manages a computer's memory when processing Cascading Style Sheets (CSS), which are design instructions that dictate the appearance of most web pages. Hackers can inject their own...

A Michigan man faces prison time for accessing a laptop at his home and reading his wife's email. Leon Walker, 33, was charged with a felony after accessing his wife Clara Walker's email account and discovering she was having an affair, reported the Detroit Free Press. Upon discovering that his wife was communicating with her second husband, who had previously been arrested for beating her in front of her son, Leon Walker turned the emails over to Clara Walker's first husband, the child's father. This led to Leon Walker being charged with hacking—a law typically used for breaking into highly sensitive government or business computers or systems, the newspaper reported. "I have to ask," Walker’s attorney Leon Weiss told the paper, "Don't the prosecutors have more important things to do with their time?" Apparently not. Oakland County prosecutor Jessica Cooper described Walker as a "hacker" who used his skills as a computer technic...

Spam is arguably the most irritating aspect of the internet and email for people globally. However, there is hope in Canada for those who have been targeted by spammers. A new law, Bill C-28, aims to facilitate government efforts in prosecuting and fining individuals and companies guilty of sending spam. This law allows the government to impose fines of up to $1 million on individuals and up to $10 million on companies. Company directors and owners can also be held personally responsible if they are aware their networks are sending spam. Additionally, the law criminalizes the use of aliases or false information in emails, making it easier for victims to prosecute offenders. However, nearly 70 percent of the world's spam is distributed by botnets, meaning the senders are often as much victims as the receivers. Therefore, these laws might not significantly reduce the volume of spam sent and received. The new legislation closes a loophole in Canadian law, as Canada was previously ...

IBM has just released its annual five-year forecast, highlighting significant technological advancements. In the presentation video, the concept of "citizen scientists" is introduced. These individuals use sensors on computers, phones, and applications to gather mass data. Citizen scientists already employ these sensors to collect local data, such as monitoring when mosquitoes first appear in specific neighborhoods. This shared data could also aid in larger-scale events, like helping with earthquake aftermath by transmitting real-time site data to other networks. One of the major predictions is the rise of 3D holograms. The technology is already advancing with interactive systems like the Wii and Xbox Kinect, and the increasing popularity of 3D movies and televisions. IBM envisions using 3D holograms in innovative ways, such as conversing with someone in another location while walking down the street or collaborating with international colleagues through holographic interac...

Hackers are planning to increase data security attacks via applications on social networking websites this Christmas, according to an expert. Earlier this month, IT security firm Sophos traced the history of malware and viruses created over the Christmas period from 1987 until 2009. The blog post revealed that, although some were relatively harmless festive pranks, more cyberattacks over the holidays could have serious repercussions for computer users. Rik Ferguson, senior security analyst at Trend Micro, stated that hackers conduct such attacks annually. "Criminals absolutely do, every year without fail, conduct campaigns designed to take advantage of people's willingness to search for and click on links relating to Christmas activity, whether that's through phishing campaigns or sending social engineering emails masquerading as Christmas cards," he said. Mr. Ferguson added that apps on social networking sites had "come of age as an attack platform" and...

A federal indictment unsealed earlier today alleges that a 35-year-old Texas man hacked into the computer network of an Eden Prairie business, stealing approximately $274,000. The indictment, filed in Minneapolis on October 13, 2010, charges Jeremy Parker of Houston, Texas, with one count of unauthorized access to a protected computer to further fraud and one count of wire fraud. It was unsealed following Parker's initial appearance in United States District Court. The indictment claims that from December 23, 2008, through October 15, 2009, Parker hacked into the computer network to obtain money belonging to Digital River, Inc., through a subsidiary, SWReg, Inc. SWReg pays independent software developers who write code that can run on Digital River's system. Royalties owed to these developers accumulate at SWReg, allowing developers to view their royalty balances online and cash out those accounts. When a developer cashes out, SWReg electronically transfers the money into the ...

The Federal Bureau of Investigation (FBI) recently identified minor security gaps in the Internet security procedures of the Belfast Police Department during a fall audit. Local officials acknowledged the need to address these issues over the next few years. The department was chosen randomly for the review, which concentrated on the use of the National Crime Information Center (NCIC) database. This database is crucial for local departments to access national records on past violations, bail conditions, protection orders, or outstanding warrants from other states. According to Police Chief Jeffrey Trafton, the database has significantly improved law enforcement processes, providing officers with instant access to mug shots and criminal records. "I don't understand the connectivity, but it works," Trafton said. "I can go in here, run a license, and it's immediate. Within a few minutes of seeing a stranger from Minnesota, I can be on the phone with the police dep...

Businesses can leave themselves vulnerable to data theft and other online threats, particularly as security and IT budgets are under pressure while companies try to save money. Although budgets are tight, it is crucial for companies to stay protected online. On average, the total cost of security breaches, including lost business, in the UK last year was $2,565,702. Data theft and other online threats represent significant dangers for businesses in the UK. The economic downturn exacerbates this problem, leading many executives to cancel, defer, or downsize security budgets. To highlight the risks facing companies today, Astaro has compiled the following list of the five most serious internet security threats. 1. Browser Vulnerabilities No browser provider is immune to security holes. A recent example is the CSS bug that affected Internet Explorer versions 6, 7, and 8 (CVE-2010-3962). This bug targets computers in a two-stage attack: first, the user follows an email link to a webpag...

Animosity between neighbors has landed a Minnesota man in serious legal trouble. Vincent Ardolf of Blaine, Minn., is facing decades in prison after pleading guilty to hacking his neighbor's WiFi, distributing child pornography, and threatening the Vice President of the United States. Ardolf halted his trial on December 17 by admitting to these crimes. He confessed to two counts of aggravated identity theft, one count of possession of child pornography, distribution of child pornography, unauthorized access to a protected computer, and making threats against Vice President Joe Biden. Authorities revealed that in February 2009, Ardolf hacked into his neighbor’s WiFi and created multiple Yahoo email accounts under his neighbor’s name. On May 6, 2009, he used one of these accounts to send an email to Biden’s office. The email read: “This is a terrorist threat! Take this seriously. I hate the way you people are spending money you don't have... I'm assigning myself ...