The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Again a top secret revelation from the Snowden's Desk! A new document retrieved by the whistleblower Edward Snowden shows that the Canadian spy agency is tracking airline travelers even days after they left the terminal, just by capturing their device identification from the free Wi-Fi service at a major Canadian airport. CBC News reported that the US Intelligence agency worked with its counterpart Communications Security Establishment Canada (CSEC) in Canada, and slurped information from the free Internet hotspots to track anyone who passed through the airport terminal, and could be tracked throughout the country by cross-referencing it with the intercepted information from Wifi at cafes, libraries and other public places, although it is not clear that they were tracking only the users who logged-in to the WiFi services or not. But It is also possible that one can capture the MAC addresses of all the available devices within the range of a Wi-Fi device (using some special tools...

After the massive data breaches at U.S retailers Target and Neiman Marcus in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, shows that the Point of Sale (POS) system has become a new target for the cyber criminals. Despite the BlackPOS malware of Point of Sale (POS) system that comes out as the major cause of these data breaches, malware writers are upgrading and developing more Trojans to target POS system. In December, the security researchers at anti-virus firm Kaspersky Lab discovered a Tor-based banking trojan , dubbed " ChewBacca ", that was initially categorized as a Financial trojan, but recently security researchers at RSA have uncovered that 'ChewBacca' is also capable of stealing credit card details from point of sale systems. ' ChewBacca ', a relatively new and private Trojan, used in the 11 countries as a POS malware is behind the electronic theft. ChewBacca communicat...

Downfall in the monopoly of propriety software like Microsoft and Apple accelerated after the Snowden revelations of NSA spying, where technology giants like Microsoft, Google, Apple are sharing a bed with the NSA. The UK government is again planning to ditch Microsoft for Open Source and Free alternatives. Cabinet Office minister Francis Maude announced yesterday that they are move away from Microsoft Office, towards open source softwares like  OpenOffice & LibreOffice suites, in an effort to drive down costs and foster greater innovation. UK has spent about £200 million in the last three years for Microsoft's ubiquitous software suite, but now this migration will save large revenue of the kingdom, according to The Guardian . The cabinet Office minister said, " We know the best technology and digital ideas often come from small businesses, but too often in the past they were excluded from government work. In the civil service there was a sense that if you hir...

Python supply chain attacks are surging in 2025. Join our webinar to learn how to secure your code, dependencies, and runtime with modern tools and strategies.

A really bad year for the world's second-largest email service provider, Yahoo Mail ! The company announced today, ' we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts ', user names and passwords of its email customers have been stolen and are used to access multiple accounts. Yahoo did not say how many accounts have been affected, and neither they are sure about the source of the leaked users' credentials. It appears to have come from a third party database being compromised, and not an infiltration of Yahoo's own servers. " We have no evidence that they were obtained directly from Yahoo's systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts' most recent sent emails. " For now, Yahoo is taking proactive actions t...

The Encyclopedia giant WIKIPEDIA has been found vulnerable to remote code execution because of a critical flaw in the MediaWiki software . Wikipedia is a name which has become a major source of information for all of us. It has webpages on almost every topic you need to search. This giant is powered by an open source wiki software called MediaWiki. MediaWiki not only empowers Wikipedia, but also a number of other wiki websites. This software is a product of the Wikimedia Foundation and is coded in PHP with a database as backend. Cyber Point Software Technologies found a remote code execution vulnerability in MediaWiki, " This vulnerability affects all versions of MediaWiki from 1.8 onwards. " The vulnerability assigned with ID CVE-2014-1610 allows an attacker to execute shell code remotely via an incorrectly sanitized parameter on the MediaWiki application server. "Shell meta characters can be passed in the page parameter to the thumb.php." Bug 60339...

After Financial and Banking Malwares, Ransomware has become the first choice of money motivated cybercriminals. A new Ransomware Trojan known as ICEPOL has been one of those widespread malware which has been successfully installed approximately 267,786 times worldwide and 42,400 in the USA alone over a five month period, analyzed by the security firm BitDefender . The ICEPOL Trojan categorized as Ransomware that locks your PC and demand for a ransom amount to unlock it. The Malware was using a previously known vulnerability in Java software i.e. CVE-2013-0422 to infect the systems. The malware threatened the user with accusations of illegal piracy or ' porn-related activity ' and requires money for exemption from punishment that pretends to be from the 'police'. " The ICEPOL Trojan extorted victims who downloaded it by sending them a message in any one of 25 languages purporting to be from police accusing them of downloading copyrighted material ...

Over the past several months, it has become clear that the Internet and our Privacy have been fundamentally compromised. A Private search engine DuckDuckGo claims that when you click on one of their search results, they do not send personally identifiable information along with your request to the third party. Like Google dorks (advance search patterns), there are thousands of similar, but technically more useful search hacks are also available in DuckDuckGo called DuckDuckGoodies . Today I am going to share about Handy " Cryptography " using DuckDuckGo search engine . Whether you are a Hacker, Cracker or a Researcher, you need to face a number of hash strings in your day to day life. Hashing is a one way encryption of a plain text or a file, generally used to secure passwords or to check the integrity of the file. There is a certain set of hashing algorithms, e.g.md5, sha1, sha-512 etc. A hash function generates the exact output if executed n numbe...

Now there is really great news for all the supporters of Former National Security Agency ( NSA ) contractor Edward Snowden , as he is nominated for the 2014 Nobel Peace Prize by two Norwegian lawmakers. Snorre Valen and Baard Vegar Solhjell , parliamentarians from Norway's Socialist Left Party said, " He has contributed to revealing the extreme level of surveillance by nations against other nations and of citizens ," Edward Snowden revealed various widely extended NSA spying projects and responsible for handing over the material from one of the world's most secretive organizations the NSA. He faces charges of theft and espionage and is in Russia on temporary asylum. " Snowden contributed to people knowing about what has happened and spurring public debate " on trust in government, which he said was " a fundamental requirement for peace ". Snorre Valen also added that, " There's no doubt that the actions of Edward Snowden may have damaged the security interes...

These days botnets are all over the news. In simple terms, a botnet is a group of computers networked together, running a piece of malicious software that allows them to be controlled by a remote attacker. A major target for most of the malware is still Windows, but the growing market of Mac OS X, Linux and Smartphones, is also giving a solid reason to cyber criminals to focus. Recently, Kaspersky Lab has detected another cross-platform Java-Bot , capable of infecting computers running Windows, Mac OS X, and Linux that has Java Runtime Environment installed. Last year, Zoltan Balazs - CTO at MRG Effitas submitted the samples of malicious Java application for analysis to Kaspersky Lab and they identified it as HEUR : Backdoor.Java.Agent.a . According to researchers, to compromise computers, Java-Bot is exploiting a previously known critical Java vulnerability CVE-2013-2465 that was patched in last June. The vulnerability persists in Java 7 u21 and earlier vers...

A Russian man has pleaded guilty to conspiracy charges in a federal court in Atlanta on Tuesday for developing and distributing a malicious banking malware ' SpyEye ' that infected more than 1.4 million computers worldwide since 2009. Aleksandr Andreevich Panin , a 24 year old programmer, also known as Gribodemon and Harderman , was the main author of ' SpyEye ', a sophisticated malware designed to steal people's identities and financial information, including online banking credentials, credit card information, user names, passwords and PINs from their bank accounts without their knowledge. The SpyEye secretly infects the victim's computer and gives the remote control to the cybercriminals who remotely access the infected computer through command and control servers and steal victims' personal and financial information through a variety of techniques, including web injects, keystroke loggers, and credit card grabbers without authorization. Between 2009 and...

In the last quarter of 2013, sale of a Smartphone with ANDROID operating system has increased and every second person you see is a DROID user. A Russian security firm ' Doctor Web' identified the first mass distributed Android bootkit malware called ' Android.Oldboot ', a piece of malware that's designed to re-infect devices after reboot, even if you delete all working components of it. The bootkit Android.Oldboot has infected more than 350,000 android users in China, Spain, Italy, Germany, Russia, Brazil, the USA and some Southeast Asian countries. China seems to a mass victim of this kind of malware having a 92 % share. A Bootkit is a rootkit malware variant which infects the device at start-up and may encrypt disk or steal data, remove the application, open connection for Command and controller. A very unique technique is being used to inject this Trojan into an Android system where an attacker places a component of it into the boot...

Malware code can be very small, and the impact can be very severe! The Antivirus firm AVAST spotted a malicious version of the open source FTP (File Transfer Protocol) software ' FileZilla ' out in the wild. The software is open source, but has been modified by the hackers that steal users' credentials, offered on various hacked sites for download with banner or text ads. Once installed, the software's appearance and functionalities are equal to the original version, so a user cannot distinguish between the fake or real one, and the malware version of the " .exe " file is just slightly smaller than the real one. " The installed malware FTP client looks like the official version and it is fully functional! You can't find any suspicious behavior, entries in the system registry, communication or changes in application GUI ." The only difference is that the malware version use 2.46.3-Unicode and the official installer use v2.45-Unicode , as ...