The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Tor has become a tool of free expression in parts of the world where citizens can not speak freely against their government. On Tuesday, a number of users have noticed that Facebook is blocking connections from the Tor network. Tor is a free tool that keeps Web browsing sessions private and anonymous . For activists and political dissidents who use the Internet to communicate with the outside world in countries where doing so is a crime , being unable to login to Facebook using TOR posed a huge problem. Later, Facebook resolves the Tor issues and said that A high volume of malicious activity across Tor exit nodes triggered Facebook's automated malware detection system, which temporarily blocked visitors who use the Tor anonymity service to access the social network . The role that Tor and Facebook played in facilitating the dissemination of information under restrictive regimes cannot be underestimated. Security researchers are also frequent users of Tor, f...

The ability to turn your iPhone into a Wi-Fi hotspot is a fantastically useful little tool in and of itself. When setting up a personal hotspot on their iPad or iPhone, users have the option of allowing iOS to automatically generate a password. According to a new study by Researchers at the University of Erlangen in Germany, iOS-generated passwords use a very specific formula one which the experienced hacker can crack in less than a minute. Using an iOS app written in Apple's own Xcode programming environment, the team set to work analyzing the words that Apple uses to generate its security keys . Apple's hotspot uses a standard WPA2 -type process, which includes the creation and passing of pre-shared keys (PSK). They found that the default passwords are made up of a combination of a short dictionary words followed by a series of random numbers and this method actually leaves them vulnerable to  brute force attack . The word list Apple uses contains approximately 52,500...

The Pirate Bay co-founder Gottfrid Svartholm Warg was sentenced to two years in jail by Nacka district court, Sweden on Thursday for hacking into computers at a company that manages data for Swedish authorities and making illegal online money transfers. In Sweden, He is also involved in another case, to have hacked the mainframe of the CSC computer company protecting Rigspolitiet's (the Danish national police) IT system, as well as other sensitive government databases. In Denmark, Svartholm Warg and another unnamed Danish co-defendant were accused of illegally accessing 4 million files, including the email passwords of 10,000 policemen, personal identification numbers (CPRs) from a driver's license database and information about wanted persons in the Schengen region. He had denied the charges, further he can be extradited to Denmark to face charges for one of the country's largest hacking attacks. Last year Gottfrid Svartholm Warg was extradited to Sweden from Camb...

The LinkedIn became inaccessible for an hour last night. Few Hours before App.net co-founder Bryan Berg posted that LinkedIn DNS was hijacked but later LinkedIn confirmed that they suffered outage due to DNS issue, not Hack. DNS Hijacking is an unauthorized modification of a DNS server or change of DNS address that directs users attempting to access a web page to a different web page that looks the same, but contains extra content such as advertisements, is a competitor page, a malware page, or third-party search page. Bryan said," all of your traffic has been sent to a network hosted by this company [confluence-networks.com]. And they don't require SSL, so if you tried to visit, your browser sent your long-lived session cookies in plaintext ." LinkedIn tweeted " Our site is now recovering for some members. We determined it was a DNS issue, we're continuing to work on it. Thanks for your patience, " but provided no further details. LinkedIn DNS hacked ...

Edward Snowden , an American former contractor for the National Security Agency (NSA), came forward as the whistle-blower in one of the biggest internal leaks in U.S. intelligence history now seeking asylum According to the United Nations High Commissioner for Refugees, Snowden would not be given preferential treatment if he were to apply for asylum in Hong Kong .  He seems to have complete and total trust in the Hong Kong political and judiciary system:  "Hong Kong has a strong tradition of free speech. People think China, Great Firewall … but the people of Hong Kong have a long tradition of protesting on the streets, making their views known … and I believe the Hong Kong government is actually independent in relation to a lot of other leading Western governments. " Snowden is currently hiding out in Hong Kong as the U.S. government pursues a criminal investigation into his actions. Because Hong Kong 's currently flawed system had no asylum s...

Viber was blocked last week for non-compliance by The government of Saudi Arabia and Now they may move to block Skype and WhatsApp in the coming weeks, if the U.S. based messaging provider fails to comply with requirements set by the country's telecom regulator. CITC confirmed that they could take the nasty step even before the holy month of Ramadan that commences on 9 July. " We have been communicating with WhatsApp and other similar communication platforms to get them to cooperate and comply with the Saudi telecom providers, however, nothing has come of this communication yet ." The main issue seems to be that such channels bypass Saudi's communications monitoring capabilities and consequently do not conform to local regulations.  Saudi Arabia's three main operators Saudi Telecom, Etihad Etisalat (Mobily) and Zain Saudi had been asked to tell CITC if they were able to monitor or block such applications. " We gave them a week to comply and have been c...

WikiLeaks founder Julian Assange says he will not leave the Ecuadorian Embassy after Ecuador's foreign minister has said its embassy in London will continue to provide political asylum to Julian Assange. He was staying in embassy  for the past year to avoid extradition to Sweden. The Australian will be arrested if he steps outside the building, so the jet-set lifestyle has been replaced by a single room and his laptop.  Assange said he fears Sweden would allow him to be extradited to the United States to face potential charges relating to WikiLeaks releases of sensitive diplomatic and defense communications. So as of tomorrow, he decided to spent one year inside the embassy, even if sex charges against him are dropped. " The strong view of my US lawyer is that there is already a sealed indictment which means I would be arrested, unless the British Government gave information or guarantees that would grant me safe passage ," he said. Assange ...

A former NSA software developer is saying he has identified how major camera systems used by industrial plants, prisons, banks and the military could be hacked to freeze a frame and would allow hackers to spy on facilities or gain access to sensitive computer networks. Craig Heffner, that there were zero day vulnerabilities in digital video surveillance equipment from firms, including Cisco Systems, D-Link and TRENDnet. He has discovered hundreds of thousands of surveillance cameras that can be accessed via the public Internet. " Somebody could potentially access a camera and view it. Or they could also use it as a pivot point, an initial foothold, to get into the network and start attacking internal systems. " Heffner said. Wrost thing, probably NSA is also aware of these vulnerabilities . They could use it as a pivot point, an initial foothold, to get into the network and start attacking internal systems. He said he doesn't plan on revealing the v...

No longer limited to Hollywood movies about cybercrime, webcam hacking has stealthily and aggressively broken into average households  " I've heard a hacker could access my webcam and watch me in front of my computer. Could this really happen? " YES, other than using a Remote administration tools, it is also technically possible using new Flash based flaw in Google Chrome. According to a recent report by security researchers, there's a big problem in Google Chrome's integrated Flash player. The proof-of-concept posted by Egor Homakov. When the play button is pressed, the user is actually allowing for his/her webcam to grab video and audio from a compromised computer without getting the user's permission. " This works precisely like regular clickjacking - you click on a transparent flash object, it allows access to Camera/Audio channel. Voila, attacker sees and hears you, " Homakov warned.  These kinds of virtual hacks have been taking place for years....

BlackBerry Z10 users should be aware that there is a privilege escalation vulnerability. The vulnerability potentially allows a hacker to modify or edit data on a stolen BlackBerry Z10 smartphone with BlackBerry Protect enabled, identified as BSRT-2013-006 (CVE-2013-3692) According to the advisory , an escalation of privilege vulnerability exists in the software 'BlackBerry® Protect™' of  Z10 phones, supposed to help users delete sensitive files on a lost or stolen smartphone , or recover it again if it is lost. " Taking advantage of the weak permissions could allow the malicious app to gain the device password if a remote password reset command had been issued through the BlackBerry Protect website, intercept and prevent the smartphone from acting on BlackBerry Protect commands, such as a remote smartphone wipe. " The company says that version 10.0.9.2743 is not affected and that they have found no evidence of attackers exploiting this vulnerability in...

Apple revealed on monday that it received between 4,000 and 5,000 data requests in six months from  U.S. law enforcement for user information and affected accounts. Apple said the most common forms of requests involved investigating robberies and other crimes.  Period between December 1, 2012 and May 31, 2013, federal, state and local law enforcement had requested customer information up to 5,000 times, related to between 9,000 and 10,000 accounts or devices. But the iPhone maker said it works vigorously to protect the privacy of its users and only provides information by court order.  " We will continue to work hard to strike the right balance between fulfilling our legal responsibilities and protecting our customers' privacy as they expect and deserve, " statement from Apple. Apple doesn't provide some types of information either because the company doesn't retain it or because it is encrypted , the company said.  Apple also specified certain ...

If you have followed the startling revelations about the scope of the US government's surveillance efforts, you may have thought you were reading about the end of privacy, and about the Enemies of the Internet. " My computer was arrested before I was ." a perceptive comment by an internet activist who had been arrested by means of online surveillance.  Online surveillance is a growing danger for journalists, bloggers, citizen-journalists and human rights defenders. Over the last few years, law enforcement agencies have been pushing for unprecedented powers of surveillance and access to your private online communications. This week the PRISM surveillance scandal has consumed the Internet as the implications of massive scale U.S. Government spying begin to sink in. The US National Security Organization (NSA) is almost certainly one of (if not the) most technologically sophisticated, well-funded and secretive organizations in the world. The Prism initiative was launched ...