The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Looking for a Secure Smartphone? World's biggest Aerospace company - Boeing is finally close to the launch of its high-security Android Smartphone, called " Boeing Black (H8V-BLK1) ", primarily designed for secure communication between Governmental agencies and their contractors. Encrypted email, Secure Instant Messaging and Other privacy services and tools are booming in the wake of the National Security Agency's recently revealed surveillance programs. Encryption isn't meant to keep hackers out, but when it's designed and implemented correctly, it alters the way messages look. Boeing is the company which is already providing secure communications for US Government officials, including the president. Don't mess with it, It can  Self-Destruct:  Boeing Black Smartphone can Self-Destruct  if it is tampered with, destroying all the data on it. The device is delivered in complete sealed form, any attempt to open the seal of the device will dest...

Your Financial Credentials are on SALE on the Underground Black Market without your Knowledge… sounds like a nightmare, but it's TRUE. Cyber security firm, Hold Security, said it has traced over 360 million stolen account credentials that are available for Sale on Hacker's black market websites over past three weeks. The credentials include usernames, email addresses, and passwords that are in unencrypted in most cases, according to the report released on Tuesday. It is not known till now from where these credentials exactly were stolen, but the security researchers estimated that these credentials are a result of multiple breaches. Since the banking credentials are one of the most ' valuable bounties ' for the cyber criminals, and the ways to steal these credentials can be directly from the companies and from the services in which users entrust data as well. According to Hold Security, in addition to the sale of 360 million credentials, the cyber criminals a...

Today, when we come across various malware, exploit kits and botnets that are in the wild, we think about an effective Antivirus solution or a Security Patch, but the most effective solution is always " The arrest of malware authors and culprits who are involved in the development of Malware. " Tilon has been an active malware family that was spotted first time in 2012, was specially designed to filch money from online bank accounts, that earlier various researchers found to be the new version of Silon , is none other than the SpyEye2 banking Trojan , according to researchers at security firm  Delft Fox-IT . Tilon  a.k.a  SpyEye2 is the sophisticated version of SpyEye Trojan . Majority functional part of the malware is same as of the SpyEye banking Trojan that was developed by a 24-year-old Russian hacker ' Aleksandr Andreevich Panin ' or also known as  Gribodemon , who was arrested in July 2013. ' SpyEye ', infected more than 1.4 million Comp...

Do you know, A Computer viruses could go Airborne over WiFi networks? Security researchers at the University of Liverpool  in Britain have demonstrated a WiFi virus that can spread between computer networks just like the ' common cold ' spreads between Humans. They have created a proof-of-concept which can infect the entire wireless network instead of a single computer at a time,  that replaces the firmware of the vulnerable Access Point (AP) with a virus-loaded version, and then propagates itself to the next victim on the WiFi network . The  WiFi  based virus named as ' Chameleon ', that can self-propagate over WiFi networks from access point to access point,  but  doesn't affect the working of the Wireless Access Point. This Virus is able to identify WiFi access points that are not protected by encryption and passwords, according to the research paper . It can badly hit less-protected open access WiFi networks available in coffee...

Yet another Apple vulnerability has been exposed by security researchers, that can be exploited to track your finger's every action on iOS Devices i.e. iPhone , iPad etc. The exploit reportedly targets a flaw in iOS multitasking capabilities to capture user inputs, according to Security researchers at  FireEye . They found a way to bypass the Apple's app review process effectively and created a proof-of-concept Monitoring app for non-jailbroken iOS 7.0.x devices. The " monitoring " app, that runs in the background of the iPhone is a Keylogger Trojan which could allow hackers to monitor user's activities on the mobile device, including - touches on the screen, home button press, volume button press and TouchID press , and send all collected events to any remote server. According to researchers, their proof-of-concept app works on versions 7.0.4, 7.0.5, 7.0.6, and 6.1.x. " Based on the findings, potential attackers can either use phishing to mislead the vi...

Just two days before Apple has disclosed a critical Security flaw in the SSL implementation on the iOS software that would allow man-in-the-middle attacks to intercept the SSL data by spoofing SSL servers. Dubbed as CVE-2014-1266 , the so-called ' goto  fail; ' vulnerability in which the secure transport failed to validate the authenticity of the connection has left millions of Apple users vulnerable to Hackers and Spy Agencies, especially like the NSA . Last Friday, Apple had also released updated version iOS 7.0.6 to patch the vulnerability, which was first discovered in Apple's iOS Devices, but later company had acknowledged its presence in Mac OSX also, that could allow hackers to intercept email and other communications that are meant to be encrypted in iPhone, iPad and Mac computer. Affected versions include iOS up to version 7.0.5 and OS X before 10.9.2. Security Researchers confirmed , ' Nearly all encrypted traffic, including usernames...

Are you the one of the Digital Currency Holder? PONY is after You.  A Group of cyber criminals has used hundreds of thousands of infected computers of the digital currency holders to filch approximately $220,000 worth of Bitcoins and other virtual currencies. The researchers at the security firm, Trustwave have uncovered the Bitcoin Heist that was accomplished by the computers infected with a new class of malware that has been dubbed as ' Pony ', a very powerful type of Spying Keylogger Malware with very dangerous features that was last time found two months ago. Pony, for those who have not yet heard about it, is a bot controller much like any other, with the capability to capture all kinds of confidential information and access passwords. It contains a control panel, user management, logging features, a database to manage all the data and, of course, the statistics. It can see the passwords and login credentials of infected users when they access applications ...

More than one billion of unique visitor spend about 6 billion hours on YouTube to watch videos, according to monthly YouTube Stats. Security researchers from Bromium Labs recently found that YouTube advertising network has been abused by rogue advertisers to distribute malware. YouTube In-Stream Ads were redirecting users to malicious websites, hosting the ' Styx Exploit Kit ' and was exploiting client side vulnerabilities by drive-by-download attack to infect users' computer with Caphaw Banking Trojan . The Exploitation process relied upon a Java vulnerability ( CVE-2013-2460 ) and after getting dropped into the target computer system, the malware detects the Java version installed on the operating system and based upon it requests the suitable exploit. "We don't yet know the exact bypass which the attackers used to evade Google's internal advertisement security checks. Google has informed us that they're conducting a full investigation of this abuse an...

We use our Smartphone devices to do almost everything, from Internet Banking to Sharing private files and at the same pace, the mobile malware sector is also growing. The number of variants of malicious software aimed at mobile devices has reportedly risen about 185% in less than a year.  Security researchers have observed a growth in the numbers of computer malware families starting to use TOR-based communications, but recently the Security Researchers at anti-virus firm Kaspersky Lab have spotted  the world's first Tor-Based Malware for Android Operating system. The Android Malware dubbed as ' Backdoor. AndroidOS .Torec.a ', using Tor hidden service protocol for stealth communication with Command-and-Control servers. Researchers detected that the Trojan is running from .Onion Tor domain and working on the functionality of an open source Tor client for Android mobile devices, called ' Orbot ', thus eliminating the threat of the botnet bein...

World's largest Bitcoin exchange Mt. G ox  has shut down its website, withdrawal system, deleted its Twitter feed and halted all trading systems after it detected " unusual activity ." The Bitcoin Foundation, a Bitcoin advocacy group, confirmed th at Mark Karpeles , the chief executive of Tokyo-based Mt. Gox  bitcoin exchange has resigned from the board of the Bitcoin Foundation. This comes just days after the exchange gave an update regarding the technical issues. Last week, Mt. Gox said a technical glitch that had forced the exchange to suspend bitcoin withdrawals for a week. They discovered the transaction falsification glitch and same flaw alleged to have been used to steal all of the bitcoins worth about $2.7 million from Silk Road 2.0 . Later, some sources close to the matter have confirmed that more than 700,000 bitcoins are indeed missing from MtGox records, in a ' slow-leak ' hack that went on for years. The repeated technical gl...

Earlier this year encrypted communications firm Silent Circle and Spanish Smartphone maker Geeksphone  announced a  privacy-focused  encrypted  S martphone  called ' Blackphone ' and today the company has revealed it as ' Mobile World Congress ' in Barcelona. The Blackphone titled as, " world's first Smartphone which places privacy and control directly in the hands of its users, " has a fully customized version  customized version of Android called PrivatOS   and pre-installed with lots of  privacy-enabled applications, is now available for pre-order for about $629 . Silent Circle was co-founded by a respected Cryptographer  Phil Zimmermann,  best known as the creator of  Pretty Good Privacy (PGP) , which is a widely used email encryption software. The Blackphone handsets main focus is keeping all of your data secure, and to stop government agencies snooping on your communications. Blackphone will come with a set ...

Spying on the world by injecting sophisticated backdoors in software, systems, and mobile phones, leads to violation of the Privacy and Security of every individual. Yes, we are talking about Surveillance , but this time not about NSA . Instead, Countries including some with poor human-rights records and a much less technically advanced nation are the likely culprits, as they apparently used commercial spyware in making surveillance capabilities that once were the exclusive expertise of the known spy agencies, such as National Security Agency (NSA) and GCHQ. Citizen lab , a nonprofit research lab has  found traces of a remote hacking tool  in 21 countries , developed by  Hacking Team,  including Ethiopia, Sudan, Azerbaijan and Saudi Arabia, which the team had already  denied  back in 2013. Hacking Team, also known as HT S.r.l , is an Italian company, which is known for its powerful surveillance software, Remote Code System (RCS) that it sells to Gov...