The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Tech Giant Apple has come into an entangled situation which could be a potential security threat for Apple users in near future: Help the FBI Unlock an iPhone . The US Magistrate Judge Sheri Pym has ordered Apple to provide a reasonable technical assistance in solving a critical case of Syed Farook ; who with his wife Tashfeen Malik planned a coordinated "2015 San Bernardino attack" that killed 14 people injured 22. As part of the investigation, the Federal Bureau of Investigation (FBI) had seized the Farook's iPhone 5C that would be considered as an insufficient evidence until and unless the iPhone gets unlocked by any means. Previously, Apple had made several crystal clear statements about its Encryption Policy , stating that even the company is not able to decrypt any phone data as the private key lies at the user's end. A similar problem encountered three years back with Lavabit, who was forced to shut down its services soon after when F...

A highly critical vulnerability has been uncovered in the GNU C Library (glibc) , a key component of most Linux distributions, that leaves nearly all Linux machines, thousands of apps and electronic devices vulnerable to hackers that can take full control over them. Just clicking on a link or connecting to a server can result in remote code execution (RCE), allowing hackers to steal credentials, spy on users, seize control of computers, and many more. The vulnerability is similar to the last year's  GHOST vulnerability (CVE-2015-0235) that left countless machines vulnerable to remote code execution (RCE) attacks , representing a major Internet threat. GNU C Library (glibc) is a collection of open source code that powers thousands of standalone apps and most Linux distributions, including those distributed to routers and other types of hardware. The recent flaw, which is indexed as CVE-2015-7547 , is a stack-based buffer overflow vulnerability in glibc's D...

Over a past few times, we have seen a steady growth in the online recruitment of Jihadis from social networking sites by many radical groups. ISIS has topped the online recruitment, and it is the only terror group that leverages the enormous power of Twitter and Facebook to radicalize young minds, spread its message and recruit foreign supporters to its fights. Many ISIS militants maintain extremely active accounts on the popular social media platforms and have a strong presence on the most popular encrypted messaging app Telegram with more than 100,000 followers. This issue had impacted the society deeply. Recent examples include last year's Paris attack in which ISIS used some popular messaging apps to plot the attack. As the Dark Siders of social media began to turn this platform into a Terror-Picker, the White Siders of the same social media came under a single roof to declare fight against terrorism, and rage cyber war against these anti-humans. Facebook ...

Air-gapped computers that are believed to be the most secure computers on the planet have become a regular target for researchers in recent years. Air-gap computers are one that are isolated from the Internet or any other computers that are connected to the Internet or external network, so hackers can't remotely access their contents. But you need to think again before calling them ' Safe .' A team of security researchers from Tel Aviv University and Technion have discovered a new method to steal sensitive data from a target air-gapped computer located in another room. The team is the same group of researchers who had experimented a number of different methods to extract data from a computer. Last year, the team demonstrated how to extract secret decryption keys from computers using just a radio receiver and a piece of pita bread. In 2014, the team devised a special digitizer wristband that had the ability to extract the cryptographic key used to secu...

A new machine for Bitcoin Mining called " Approximate Hardware " would make Bitcoin mining easier. Bitcoin had gained tremendous popularity over a few couple of years among the virtual currencies due to its decentralized principle. Mining a single Bitcoin is not an ice cake walk, as it requires an enormous amount of computing power to dig Bitcoins. To overcome this issue and mine Bitcoins faster, security researchers has conducted a study and made a new loophole in the mining process in an effort to mine the Bitcoins easily. How to Mine Bitcoins Faster? A team of Illinois-based researchers led by Indian Scientist, Rakesh Kumar, has designed a new hardware named " Approximate " that could reduce the pain of Bitcoin mining by 30 percent. The proposed system would make use of the faults in the hardware system such as: False Positives where an error is not present but notifies a fake error. False Negatives where an error is present but ...

A new Android malware has been making waves recently that have the capability to gain root access on your smartphone and completely erase your phone's storag e. Dubbed Mazar BOT , the serious malware program is loaded with so many hidden capabilities that security researchers are calling it a dangerous malware that can turn your smartphone into a zombie inside hacker's botnet. Mazar BOT was discovered by Heimdal Security while the researchers at the firm were analyzing an SMS message sent to random mobile numbers and locations. How Mazar BOT Works Despite other Android malware that distributes itself by tricking users into installing an app from third-party app stores, Mazar spreads via a spam SMS or MMS messages that carry a link to a malicious APK (Android app file). Once the user clicks the given link, he/she'll be ending up downloading the APK file on their Android devices, which when run, prompts the user to install a new application. This ...

Don't Try this at Home! An interesting software bug has been discovered in Apple's iOS operating system that could kill your iPhone, iPad or iPod Dead Permanently . Yes, you heard me right. An issue with the date and time system in iOS had emerged recently when Reddit users started warning people that changing your iPhone's or any iOS device's date to January 1, 1970, will brick your iPhone forever . Video Demonstration You can watch the whole process in the video given below. Even regular recovery tricks do not work. So, you are recommended to Not Try This Trick with your iOS device really – unless you book a trip to your local Apple Store. While I don't have any intention or desire to try it out with my iPhone 6s to confirm the authenticity of the bug, it is pretty much clear based on reports that seem legitimate. YouTuber Zach Straley first discovered the issue, which was later confirmed by iClarified, who tested the trick on an i...

Someone wants to kick Microsoft, Google and Apple off from his land, but himself uses Gmail and Mac. The newly appointed Internet Tsar German Klemenko , who is the first internet advisor of Vladimir Putin , wants to kick off American Giants from Russia. In a 90-minute interview conducted by Bloomberg, Klemenko expressed his interest to vanish the presence of tech biggies of foreign countries from Russia. Google & Apple have to Pay 18% more VAT As part of this, Klemenko plans to hike the tax on foreign companies, including Google and Apple, by 18% VAT on their applications & services sold online. It is estimated that Apple, Google and other companies are nearly gaining RUB 300 Billion (£2.7 Billion, US$4 Billion) in revenue every year from Russia. "When you buy an app from Google Play or the App Store anywhere in Europe, VAT is charged at the place of payment, but not here in our banana republic," says Klemenko. The proposed movement wi...

Over the last few years, we have seen several types of Ransomware malware that demand a whopping amount of money from users for the retrieval of their locked, compromised sensitive files. We have also witnessed the birth of decryption solution for some of the Ransomware like Cryptolocker (partial), Coinvault , Rescue Kit . One more solution has recently been released for decryption of newly emerging ransomware, dubbed as Hydracrypt and Umbrecrypt that are propagated through Angler Exploit Kit. Both of the malware belong to CrypBoss ransomware family. The source code of CrypBoss Ransomware was leaked last year on Pastebin, which was later analyzed by Fabian Wosar, a security researcher at Emsisoft. With the help of CrypBoss Source code, Wosar was successfully able to crack the encryption algorithm of the ransomware and quickly made the decryption tool for CrypBoss and its variants ( Hydracrypt and Umbrecrypt ). It is found that both Hydracrypt and Umbrec...

The Nasdaq stock exchange and the Republic of Estonia have announced the use of Blockchain-based technology to allow shareholders of companies to e-vote in shareholder meetings even when they're abroad, according to Nasdaq's press release. Global stock market giant is developing an electronic shareholder voting system implemented on the top of Blockchain technology that underpins Bitcoins . Blockchain – the public and decentralized ledger technology underpins all Bitcoin transactions and logs each transfer of an asset in an encrypted "block" that is added to a permanent, transparent chain showing every deal associated with that asset. Even some of the world's major banks are also considering the adoption of the Blockchain technology. In the mid of last year, 9 of the World's renowned Banks, including JPMorgan, Royal Bank of Scotland, Goldman Sachs and Barclays , collaborated with New York-based financial tech firm R3 to create a new fram...

Hacking of computers, smartphones and networks in the United Kingdom or abroad by the Government Communications Headquarters (GCHQ) is LEGAL , the UK's Investigatory Powers Tribunal ( IPT ) ruled. So, the UK is giving clean chit to its intelligence agency to spy on its people as well as people living abroad. Now, How is that okay? The British spying nerve center GCHQ has won a major court case in defense of the agency's persistent hacking programs.  After revelations by NSA whistleblower Edward Snowden about the extent of spying by the US and the UK, Privacy International and seven Internet Service Providers (ISPs) launched a legal challenge against the GCHQ's hacking operations. The case alleged that the British spying agency was breaking European law and violating fundamental warrant protections by its too intrusive and persistent surveillance actions. GCHQ Admitted its Hacking Practices Though GCHQ "neither confirm nor deny" the e...

The teenage hacker, who calls himself a member of hacktivist group " Cracka with Attitude ," behind the series of hacks on the United States government and its high-level officials, including CIA director, might have finally got arrested. In a joint effort, the Federal Bureau of Investigation (FBI) and British police reportedly have arrested a 16-year-old British teenager who they believe had allegedly: Leaked the personal details of tens of thousands of FBI agents and US Department of Homeland Security (DHS) employees. Hacked into the AOL emails of CIA director John Brennan . Hacked into the personal email and phone accounts of the US spy chief James Clapper . Broke into the AOL emails of the FBI Deputy Director Mark Giuliano . Federal officials haven't yet released the identity of the arrested teenager, but the boy is suspected of being the lead hacker of Cracka With Attitude, who calls himself Cracka, the South East Regional Organised Crime Unit (SER...

The New York Police Department (NYPD) has admitted that it used controversial cell phone spying tool " Stingrays " more than 1,000 times since 2008 without warrants. In the documents obtained by the New York Civil Liberties Union (NYCLU) , the NYPD acknowledged that the department has used Stingrays to intercept personal communications and track the locations of nearby mobile phone users. What are Stingrays? In my previous article , I have explained the scope of Stingrays along with its working, how it cracks encryption and how the police agencies are using these cell phone spying devices equipped in its military surveillance technology DRTBox  in order to: Track people Intercept thousands of cellphone calls Quietly eavesdrop on conversations Eavesdrop on emails and text messages Stingrays are small cell phone surveillance devices that work by imitating cellphone towers, forcing all nearby phones to connect to them and revealing the owners' locat...

Browsing the Web in ' Private Mode ' is not as private as you think. Microsoft has patched the Private Browsing Leakage bug in its newest Edge browser with the latest update . When we talk about Browsers, only one thing which does not strike our mind is Internet Explorer or IE. Even there were some trolls on Internet Explorer (IE) waving over the social medias such as "The best web browser to download other browsers." In fact, it was justified as everyone downloads a new browser with IE in their newly installed Operating System. Due to the continual taunts, Microsoft had scrapped the entire IE and made a new browser called " Edge Browser " (Codenamed "Spartan"). Edge was shipped as the default browser (along with IE) with Windows 10 devices and grabbed the attention of many eye pupils as it included all the features that other mainstream browsers have. Well, History Repeats Itself In January this year, it was...