The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Don't stare at the screen for too long for the buffering to end, Google has a solution ! It seems like Google is buckling up to carve out a niche in the market of wireless smart network devices. Just few days after Google made itself a subsidiary and a separate venture under Alphabet Inc , it announced the news of Android Marshmallow and now ithe company has announced to offer a new way to Wi-Fi and seemingly a newer and different outlook of routers. " OnHub a new way to Wi-Fi" as Google says is a speedy, secure, easy to use and a reliable Wi-Fi with a stylish look is all in a package the company can offer. Key Highlights of OnHub OnHub looks different from other routers in many unique ways, which are as follows: OnHub is cylindrical in shape It has Congestion Sensing Antennas It provides support for connecting up to 128 Devices at a time It Speaks your Language OnHub contains High-Performance Antennas hidden inside the Router Shell It has...

Few days after Apple patched the DYLD_PRINT_TO_FILE privilege-escalation vulnerability in OS X Yosemite, hackers have their hands on another zero-day bug in its operating system that allows hackers to gain root privileges to Mac computers. Italian teenager Luca Todesco ( @qwertyoruiop ) has discovered two unknown zero-day vulnerabilities in Apple's Mac OS X operating system that could potentially be exploited to gain remote access to a Mac computer. The 18-year-old self-described hacker has also posted details of his finding with source code for an exploit on the Github repository , as well as software to mitigate the vulnerability. OS X Zero-Day Exploit in the Wild The hacker's exploit makes use of two system flaws (which he dubbed ' tpwn ') in order to cause a memory corruption in OS X's kernel . Due to memory corruption, it's possible to circumvent the space layout randomization of the kernel address, therefore bypassing the toughe...

Raspberry Pi is gaining new heights by rapidly maturing as; after Microsoft made Windows 10 IoT core supporting the Raspberry Pi 2 , now a new version FreeBSD operating system is also deployable on Raspberry Pi devices, called RaspBSD . FreeBSD (Berkeley Software Distribution) is an open source Unix-like advanced computer operating system used to power modern servers, desktops and embedded systems. Though FreeBSD-CURRENT has supported Raspberry Pi since November 2012 and Raspberry Pi 2 since March 2015, RaspBSD will support the Pi models B and B+. As Raspberry Pi is a full fledged ARM system, FreeBSD/ARM is contributing to the list of the third-party operating system which support Raspberry Pi. This is not an official release as yet, the FreeBSD developers have made an image (Beta version) available for the users to play around with the Operating System and give their feedback and suggestions for the issues they encounter. RaspBSD Available For Download ...

Python supply chain attacks are surging in 2025. Join our webinar to learn how to secure your code, dependencies, and runtime with modern tools and strategies.

It's time to immediately patch your Internet Explorer – Once again! Microsoft has issued an emergency out-of-band patch for all supported versions of Internet Explorer browser, to fix a critical security flaw that hackers are actively exploiting to hijack control of targeted computers. The Zero-Day flaw (assigned CVE-2015-2502 ) is a Remote Code Execution vulnerability that could be exploited when a user visits a booby-trapped website or open a malicious email on an affected machine. The security bug actually resides in the way Internet Explorer handles objects in memory. If successfully exploited, a hacker could gain the same user privileges as the current user. Therefore, users running administrator accounts on their machines as well as systems where IE is frequently used, like workstations or terminal servers, are particularly at the most risk from this vulnerability. Critical Zero-Day Vulnerability "An attacker who successfully exploited th...

Don't panic! You heard it right. A Turkish security researcher named Utku Sen has posted a fully functional Ransomware code on open source code sharing website GitHub . The Ransomware dubbed Hidden Tear , uses AES Encryption to lock down files before displaying a ransom message warning to get users to pay up. The currently undetectable version of ransomware can be modified and implemented accordingly, as it contains every feature a cybercriminal can expect from modern malware. Sen describes his Ransomware as "a ransomware-like file crypter sample which can be modified for specific purposes." This means even script kiddies can now develop their own Ransomware to threaten people. The Hidden Tear — Free Ransomware Kit The " Hidden Tear " Ransomware package consists of four files namely: Hidden-Tear-Decrypter Hidden-Tear .gitignore README.md Hidden Tear Ransomware is capable of : Using AES algorithm to encrypt files Sendi...

Well, Cheaters are about to have a very Bad Night Today! Hackers who claimed to have stolen customers' data from Ashley Madison , the popular online casual sex and cheating website with a tagline " Life is short. Have an affair ," recently leaked nearly 10GB of its users' personal data online. The group of hackers, which called itself The Impact Team , has reportedly leaked personal data of Ashley Madison customers on the so-called dark web, meaning the data is accessible anyone on encrypted browsers. The leaked data includes personal details of nearly 36 Million Ashley Madison customers' accounts , which includes: Username First and Last Names Email addresses Hashed passwords Partial Credit Card data Street Names Phone Numbers Records documenting 9.6 Million Credit Card Transactions No Mercy for You Cheaters! The Impact Team stole the data  from the popular cheating website last month and threatened the company to reveal all a...

World's largest hardware supplier of mainframe computers IBM (International Business Machine) Corp. has launched two mainframe servers that run only on Linux operating system. IBM used RAS as a term to describe the strength of the mainframe computers; RSA stands for R eliability, A vailability, and S erviceability. However, IBM has now added a new feather to its mainframe servers in an effort to increase the open source software combined with mainframe hardware RAS. Dubbed LinuxONE , the new mainframe servers comes with two different flavors: LinuxONE Emperor for large enterprises and runs on the IBM z13 LinuxONE Rockhopper designed for mid-size businesses The IBM LinuxONE Emperor is capable of ultimate flexibility, scalability, performance and trust for business critical Linux applications whereas… The IBM LinuxONE Rockhopper offers all the same great capabilities, value and innovation of LinuxONE system with the flexibility of a small package with g...

If you are one of those 70 Million users who have upgraded their systems to the newest Windows 10 operating system, Microsoft could be scanning your PC for pirated games and unauthorized hardware . Almost three weeks have passed after the worldwide launch of Windows 10, Millions of users have upgraded their systems to the Microsoft's latest operating system.  However, we have seen many privacy concerns around the new OS, including: Turned ON bandwidth sharing to distribute updates to other Windows 10 users Default settings sending users' data to Microsoft servers Wi-Fi password sharing feature i.e. Windows Wi-Fi Sense enabled Forcing Automatic software updates for Windows 10 Also Read: How to Fix 35+ Windows 10 Privacy Issues With Just One Click Unlike at first glance, these changes made by Microsoft in its new Free Windows upgrade do not actually felt free to its users due to a lack of transparency from the company about the reality of the new ...

"Android M will be Muffin?, or Mango shake?, Milkshake?, Malt ball?, Moon Pie?, Macaroon?, or is it Mars?, Marshmallow?"... …this was the guessing game that occupied most of us when Google created a suspense three months ago, at the launch of the Android M Developer Preview at Google I/O in May. Much awaited Android M is named as ' Marshmallow '; it is the thirteenth Google's Android operating system. Google revealed the 'Marshmallow' by following its ritual of keeping the statue of Android robot with a Marshmallow in his hand. Google has maintained its tradition of naming the dominant mobile Android operating system by the names of sugary delights, starting from: Cupcake Donut Eclair Froyo Gingerbread Honeycomb Ice Cream Sandwich Jelly Bean KitKat Lollipop Official Android 6.0 SDK Available for Download After the final Developer Preview, the official Android 6.0 Software Developer Toolkit (SDK) is now available for d...

Two weeks ago, we reported about a critical mediaserver vulnerability that threatened to crash more than 55 percent of Android devices, making them unresponsive and practically unusable to perform most essential tasks. Now, security researchers at Trend Micro have uncovered another flaw in the Android's mediaserver component that could be remotely exploited to install malware onto a target device by sending a specially crafted multimedia message. The vulnerability ( CVE-2015-3842 ) affects almost all the versions of Android devices from Android 2.3 Gingerbread to Android 5.1.1 Lollipop, potentially putting hundreds of Millions of Android devices open to hackers. Since Google has patched this issue, but hopefully the patch issued by Google this time isn't incomplete like its patch for the Stagefright vulnerability that affects 950 Million Android devices worldwide. How the Vulnerability Works? The security flaw involves a mediaserver component called Aud...

A flaw discovered in several widely used BitTorrent applications, including uTorrent, Vuze and Mainline , could be used to carry out a devastating distributed denial of service (DDoS) attack that makes it very easy for a single undetectable hacker to bring down large sites. A new research by Florian Adamsky of the City University London shows that open BitTorrent protocol can be exploited to carry out Distributed Reflective Denial of Service (DRDoS) attacks . The bitTorrent protocol is a file-sharing protocol used by Millions of active online users at any given point in the day to exchange files over the Internet. DRDoS attack is a more sophisticated form of conventional DDoS attack where open and misconfigured DNS (Domain Name System) can be used by anyone to launch high-bandwidth DDoS attacks on target websites. In a paper , titled " P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks ," the resea...

Previously, we posted about a privacy issue in Facebook messenger ; Aran Khanna , a Harvard University student, discovered ' A Marauder's Map ' that could sense and give the geolocations of your friends on the messenger. Khanna had received an opportunity to work as an intern for Facebook… …But destiny had planned something else for him, as after publicly stating the risk associated with the app; Facebook withdrew his candidature as a summer intern. Why Facebook Fired Him? Khanna himself confessed to be an avid user of the Facebook Messenger app , as it is an integral part of his social life. However, one day, while going through his chat history he found that a location is attached to each message he has sent and received from his device. Also, the location is shared with the ' power of default ' even if you choose to turn the location sharing option off. This made him look for the complete inside story, which brought him to a strange thing while writing the...