The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Whistleblower Edward Snowden just joined Twitter, and his first tweet seems to be directed at the US National Security Agency (NSA) . Yes, the world's most popular whistleblower and data privacy advocate has finally joined Twitter just two hours ago, and his first tweet came, " Can you hear me now? " Snowden has gained more than 260,000 followers in just less than two hours, but he is currently following only one account: @NSAGov , the official Twitter account for the National Security Agency. Twitter has verified Snowden's Twitter account ( @Snowden ), and his Twitter bio provides a short summary of his prolonged situation. Snowden's Twitter bio reads, "I used to work for the government. Now I work for the public. Director at @FreedomofPress." Snowden is listed as director of Freedom of the Press, a foundation dedicated to ensuring transparency in journalism in adverse situations. The former NSA contractor Edward Snowden sought asylum in ...

After a number of controversial data mining features and privacy invasions within Microsoft's newest operating system, Microsoft finally broke the ice, almost two months since the launch of Windows 10. Microsoft has finally responded to the growing privacy concerns around its new operating system to regain the trust of the users who are concerned about their online privacy related to Windows 10. In a blog post published Monday, Windows chief Terry Myerson describes three ways in which Windows 10 collects and uses its users data – although he did admit that the OS does regularly phone home by default. 1. Data used for Safety and Reliability Data This data includes anonymous device ID, device type and crash logs. It does not contain any content or files from your computer that directly identifies you. What else? Myerson claims that everything Microsoft collects is " encrypted in transit to [its] servers and then stored in secure facilities. " The...

Gottfrid Svartholm Warg , the co-founder of the notorious file-sharing website The Pirate Bay , has been released from a Sweden prison following three years behind bars for hacking and copyright offenses. Yes, Svartholm Warg, also known as Anakata , is a free man again. Svartholm was convicted on both Swedish copyright offences and Danish hacking conspiracy connected to The Pirate Bay. The news comes just a few months after the third and last founder of Pirate Bay Fredrik Neij (also known as  TiAMO ) was released from a Swedish prison after serving his 10-month prison sentence. Svartholm has not yet made any public statements following his release from a Swedish prison on Saturday. His release was reported by Swedish newspaper Dagens Nyheter . However, the release was confirmed by Warg's mother Kristina Svartholm on Twitter . "Yes, #anakata is free now. No more need to call for #freeanakata. Thank you everyone for your important support during thes...

DIGITAL INDIA – A Flagship Programme of the Government of India with a vision to transform India into a digitally empowered society as well as a knowledge economy. Yes, I am a proud Indian, and I support Digital India too, but I am absolutely not supporting Facebook's Internet.org Project. Yesterday, Facebook's CEO Mark Zuckerberg and Indian Prime Minister Narendra Modi met at Facebook's Headquarter. The Historic meeting between PM Modi and Zuckerberg went great. Hours after this event, Facebook launched a tool that allows you to change your Facebook profile picture to a Tricolor shade of Indian Flag, just like few months back 30 Millions Facebook users had changed their Profile picture with Rainbow color to support "Gay Marriages." The Latest Tool with URL https://fb.com/supportdigitalindia is to support the "Digital India" campaign by the PM Modi Government. Ever since Zuckerberg changed his Facebook profile picture to an Indian ...

We are just one step closer to creating a Harry Potter or ' Star Trek '-style Transporter. However, When we talk about Teleportation, we don't typically mean Teleporting any matter from one place to another as in the Science-fiction Movies. Rather, Teleportation involves capturing the essential information about something — its " quantum state ", to recreate it exactly someplace else. A month ago, The Hacker News had reported the battle between Quantum computers and Encryption . Now, with the development of technology, the NIST Scientists have set a new record in the field of " Quantum Teleportation ", as they successfully Teleported a small amount of data ( called 'qubit' ) inside light particles over a distance of 60 miles ( 100 km ) through a network of optical fiber. Teleportation enables transfer of ' Quantum state ' of a Photon to another Photon in the same state residing remotely at a far-off distance. This Record being farthest than t...

To make the last week's top cyber security threats and challenges available to you in one shot, we are once again here with our weekly round up. Last week, we came across lots of cyber security threats like the XCodeGhost malware in Apple's App Store and lockscreen bypass bug in iOS 9 and iOS 9.0.1 that made us sad, but… …we were also thrilled by latest developments such as Microsoft's new Linux-based operating system  Azure Cloud Switch (ACS) , unhackable MicroKernel " SeL4 ", and Facebook ' Dislike or Empathy Button '. I recommend you to read the entire thing (just click ' Read More ' because there's some valuable advice in there as well). Here's the list: 1. Microsoft Developed its Own Linux Operating System One of the trending news of last week. Microsoft built its own Linux-based operating system known as Azure Cloud Switch (ACS) . The company described ACS as a "cross-platform, modular operating system for data center n...

Remember Project: C.H.I.P. ? A $9 Linux-based, super-cheap computer that raised some $2 Million beyond a pledge goal of just $50,000 on Kickstarter will be soon in your pockets. Four months ago, Dave Rauchwerk , CEO of Next Thing Co., utilized the global crowd-funding corporation ' Kickstarter ' for backing his project C.H.I.P., a fully functioning computer that offers more than what you could expect for just $9. C.H.I.P. stands for " Computer Hardware in Products. " At first, the project was looking like a never ending project but here's something exciting — The $9 CHIP computer is shipping. Yes, Rauchwerk says that the first run of devices is beginning to be distributed to early backers within 7-9 days. Rauchwerk said, " If you backed the [CHIP] project at the Kernel Hacker Backer level on Kickstarter, you'll receive two CHIP computers — the second by mid-October. " Specifications and Capabilities: CHIP packages: 1...

Two months ago, THN reported about a similar announcement made by The American Registry for Internet Numbers (ARIN), which said that the agency is no longer able to produce IPv4 addresses in North America . Within a time frame of few months, ARIN, which handles Internet addresses in America, has announced the final exhaustion of their free pool of IPv4 addresses has reached zero... ...i.e. the availability of IPv4 (Internet Protocol version 4) addresses no more exists. Meanwhile, they are going to accept requests for IPv4, which will be approved via two ways: Wait List for Unmet IPv4 Requests - Join the waitlist for unmet requests in the hopes that a block of the desired size will be available in the future. IPv4 Transfer Market - Can be purchased from another organization that has more than it needs. So, in the future, IPv4 address space will be allocated to the approved requests on the Waiting List for Unmet Requests, if ARIN: receives any IPv4 address spac...

iOS 9.0.1 – Apple's first update to its new iOS 9 mobile operating system, came out on Wednesday, addressed several bugs in its software. However, unfortunately, it seems that the latest update iOS 9.0.1 doesn't fix the lock screen bypass vulnerability reported by iPhone user Jose Rodriguez. Yes, the serious flaw in iOS 9 that allows anyone – with physical access of your iPhone or iPad – to bypass your device's lock screen and get into your contacts and personal photographs, also Works on iOS 9.0.1 . Video Demonstration: Rodriguez published a new video detailing a step-by-step explanation on how to bypass the passcode on iOS 9 and iOS 9.0.1 device, using the benevolent nature of Apple's personal assistant Siri. The lock screen bypass vulnerability works on all iOS versions from iOS 5.1.1 to the latest released iOS 9.0.1 . Mitigation So, until Apple rolls out an update to patch this bug, the only way available to iPhone users to mitiga...

Can the Cops can make you unlock your iPhone? ... " NO " According to a recent Federal Court's ruling, it is not okay for police to force suspects to unlock their phones with a passcode. And, doing so would be a violation of your Fifth Amendment Rights in the US Constitution. The ruling came as the conclusion of a case , where Securities and Exchange Commission (SEC) accused Bonan Huang and Nan Huang for conducting illegal Insider Trading. As a result of which, the investigating agencies cannot question the suspects for giving out their smartphone passcodes or any form of encryption passwords or even their existence on the suspect's device. They are said to have used their positions as data analysts at Capital One Bank ( credit card issuing Bank) . The bank gave each of them a mobile phone, allowing them to use a passcode of their choice. Huang's left Capital One and submitted the mobile phones to the bank, the bank then gave the mobil...

Yahoo! has open-sourced Gryffin – a Web Application Security Scanner – in an aim to improve the safety of the Web for everyone. Currently in its beta, Project Gryffin has made available on Github under the BSD-style license that Yahoo! has been using for a number of its open-sourced projects. Gryffin is basically a Go & JavaScript platform that helps system administrators scan URLs for malicious web content and common security vulnerabilities, including SQL Injection and Cross-Site Scripting (XSS) . Yahoo! describes Gryffin as a large-scale Web security scanning platform, which is more than just a scanner, as it is designed to address two specific problems: Coverage Scale Scale is obviously implied for large Web, while Coverage has two dimensions – Crawl and Fuzzing . Crawl's ability is to find as much of the Web application's footprint as possible, whereas Fuzzing involves testing each part of the application's components for an applied se...

A newly discovered critical flaw in the implementation of web cookies by major browsers could open secured (HTTPS) browsing to Man-in-the-middle attacks . The US Computer Emergency Response Team (CERT) has revealed that all the main browser vendors have improperly implemented the RFC 6265 Standard, also referred to as " Browser Cookies ," allowing… …remote attackers to bypass secure HTTPS protocol and reveal confidential private session data. Cookies are small pieces of data sent from web sites to web browsers, which contains various information used to identify users, or store any information related to that particular website. HTTPS Cookie Injection Vulnerability Whenever a website ( you have visited ) wants to set a cookie in your browser, it passes a header named " Set-Cookie " with the parameter name, its value and some options, including cookie expiration time and domain name ( for which it is valid ). It is also important to note that HTTP ...