The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Whistleblower and Former National Security Agency (NSA) contractor Edward Snowden raised his voice and talked about citizen's privacy once again. Yes, Snowden, whose leaks last year triggered debate on the massive surveillance conducted by the Government worldwide. In an interview, speaking via Google Hangout at the South by Southwest Interactive conference, SXSW in Austin, Snowden said he has no regrets over his leaks about mass surveillance programs , despite now being unable to return to the US, where he faces a criminal indictment. He said, " Every society has benefited " from the disclosures. " Would I do this again? The answer is absolutely yes. Regardless of what happens to me, this is something we had a right to know. " Two BAD-Geeks:  Snowden criticized both Alexander and Michael Hayden, who were his predecessor as the NSA director, and the same two officials who mainly " harmed our Internet security and actually our national security ...

Pop Singer Justin Bieber's Twitter account hacked for around 15 minutes before it was corrected! The Twitter account with 50.2 Million Followers was compromised i.e. Twitter account with the second most Twitter followers. Spammers tweeted in Indonesian language from his hacked account with the links to a malicious twitter app named " ShootingStarPro ", and messages reading " Justin Bieber Cemberut? ", means - " Justin Bieber sullen? " It seems that the Justin's twitter account was hijacked by Indonesian hacker with a malicious twitter app, that further tweeted links to the a malicious website rumahfollowers[dot]tk   that hosted " ShootingStarPro " app, aimed to target his millions of followers in one shot. Justin's team quickly responded to the issue, deleted the bogus tweets and told fans " All good now. We handled it. ". He also warned his followers, " That link from earlier. Don't click it. Virus. Going to e...

We have seen a lot of Facebook malware and virus infections spreading through friends list, and this time a new clickjacking scam campaign is going viral on Facebook. Hackers spam Facebook timeline with a friend's picture and " See (Friend)'s naked video," or "(Friend Name's) Private Video. " The Picture appears to be uploaded by a friend and definitely, you might want to see some of your Facebook friends naked, But Beware!  If you get curious and click, you will be redirected to a malicious website reports that your Flash Player is not working properly and needs to be re-installed. But in actuality it will install a malware in your system and once approved, several disguised thing can happen to you. It further installs a malicious  browser extension to spread the scam and steal users' photos. " When the link is clicked, users are sent to a very realistic-looking mockup of a YouTube page, where the hackers will try to imme...

Last week, the Researchers at the German security company G Data Software have reported about the most complex and sophisticated rootkit  malware, Uroburos which is designed to steal data from secure facilities and has ability to take control of an infected machine, execute arbitrary commands and hide system activities. Recently, British cyber specialist BAE  has disclosed the parent Russian malware campaign dubbed as ' SNAKE ' that remained almost undetected for least eight years while penetrating highly secured systems. Uroburos rootkit was one of the components of this campaign. In a separate Investigation, Western intelligence officers have found another piece of spyware , infecting hundreds of government computers across Europe and the United States, known as ' Turla '. Researchers believed that  Turla  campaign is linked to a previously known campaign ' Red October ', a massive global cyber spying operation targeting diplomatic, military and nucle...

Smartphones are always ready to connect to the Internet and contains sensitive information such as Contacts, SMS, Photos, and GPS information and this sensitive information is always in danger of leakage. According to a report, Cyber criminals and state-sponsored hackers are developing 55,000 new malware variants, each and every day; and many of them try to elevate privileges for unfettered control of the user device. North Carolina State University Researchers have developed a new software, called Practical Root Exploit Containment ( PREC ) , with the sole purpose of detecting mobile malware that attempts to run Root exploits in Android devices. Root exploits take control of system administration functions of the operating system that gives the hacker an unrestricted control of user's Smartphone. That means, an application has not permission to read your messages or contacts or the GPS location, but after getting root access it will be able to steal any data from yo...

Tor network offers users browse the Internet anonymously and is mostly used by activists, journalists to conceal their online activities from prying eyes. But it also has the Dark side, as Tor is also a Deep Web friendly tool that allows hackers and cyber criminals to carry out illicit activities by making themselves anonymous. Kaspersky security researcher reported that Tor network is currently being used to hide 900 botnet and other illegal hidden services, through its 5,500 plus nodes i.e. Server relays and 1,000 exit nodes i.e. Servers from which traffic emerges. These days, Cyber criminals are hosting malware's Command-and-control server on an anonymous Tor network to evade detection i.e., difficult to identify or eliminate. Illegal use of the Tor network boosted up after the launch of the most popular underground Drug Market - Silk road  that also offered arms and malware to their users against Bitcoin , one of the popular crypto currency . ChewBacca , a po...

U.S. Prosecutors decided not to pursue crucial criminal charges against journalist and activist Barrett Brown , and dismiss a majority of charges related to sharing a link to a dump of credit card numbers connected to the breach of intelligence firm Stratfor. Supporters say Brown just copied the hyperlink from an the Internet chat room and then reposted the link on his own internet chat room, Project PM , that linked to stolen documents from the US government contractor, Stratfor Global Intelligence , included 860,000 e-mail addresses for Stratfor subscribers and 60,000 credit card details. Just hours after Brown's lawyers filed their comprehensive argument, the DOJ has filed a motion to dismiss all 11 charges, on Thursday.  Apart from computer fraud charges, Brown is also facing prosecution for allegedly threatening an FBI agent and for alleged obstruction of justice. The Electronic Frontier Foundation (EFF) , a non-profit organization defending civil libertie...

' Satoshi Nakamoto ', the mysterious founder and creator of the biggest digital cryptocurrency ' Bitcoin ' has reportedly been unmasked as a 64-year-old father of six living in Temple City, Southern California. Satoshi Nakamoto introduced Bitcoin to the world in 2008, but his identity has remained unknown. Till now, there was speculation that he might be a rebellious young programmer based in Tokyo, who took up the Nakamoto moniker as an alias. B ut t he most astonishing thing about this Japanese-American man is that, his real name is Satoshi Nakamoto , who has been finally identified by Newsweek magazine . Newsweek journalist, Leah McGrath Goodman also had a face-to-face meeting with Satoshi Nakamoto, and during an interview he said, " I am no longer involved in that [Bitcoin] and I cannot discuss it, " he said. " It's been turned over to other people. They are in charge of it now. I no longer have any connection. " and even he kep...

Explosive revelations of massive surveillance programs conducted by government agencies by the former contractor Edward Snowden triggered new debate about the security and privacy of each individual who is connected somehow to the Internet and after the Snowden's disclosures they think that by adopting encrypted communications, i.e. SSL enabled websites, over the Internet, they'll be secure. People do care of their privacy and many have already changed some of their online habits, like by using HTTPS instead of HTTP while they are surfing the Internet. However, HTTPS may be secured to run an online store or the eCommerce Web site, but it fails as a privacy tool. The US researchers have found a traffic analysis of ten widely used HTTPS-secured Web sites " exposing personal details, including medical conditions, financial and legal affairs and sexual orientation. " The UC Berkeley researchers Brad Miller, A. D. Joseph and J. D. Tygar and Intel Labs' researchers, Li...

Android platform is becoming vulnerable day by day and hackers always try to manipulate android by applying novel techniques. In this regard, Symantec researchers have found a new android malware toolkit named " Dendroid ". Previously Symantec found an Android Remote admin tool named AndroRAT is believed to be the first malware APK binder. However, Dendroid runs on HTTP with many malicious features. Dendroid toolkit is able to generate a malicious apk file that offers amazing features like: Can delete call logs Open web pages Dial any number Record calls SMS intercepting Upload images, video Open an application Able to perform DoS attack Can change the command and control server The author of Dendroid also offers 24/7 customer support for this RAT and Android users can buy this toolkit at $300 by paying Bitcoin , Lifecoin. Experts at Symantec said that Dendroid has some connection with the previous AndroRAT toolkit . Dendroid being an HTTP RAT offers PHP ...

The Continuous Growth of spyware, their existence, and the criminals who produce & spread them are increasing tremendously. It's difficult to recognize spyware as it is becoming more complex and sophisticated with time, so is spreading most rapidly as an Internet threat. Recently, The security researchers have unearthed a very complex and sophisticated piece of malware that was designed to steal confidential data and has ability able to capture network traffic. The Researchers at the German security company G Data Software , refer the malware as Uroburos , named after an ancient symbol depicting a serpent or dragon eating its own tail, and in correspondence with a string ( Ur0bUr()sGotyOu# ) lurking deep in the malware's code.  The researchers claimed that the malware may have been active for as long as three years before being discovered and appears to have been created by Russian developers. Uroburos is a rootkit designed to steal data from secure fa...

Cryptocat , an open source encrypted web-based chat client, is now available for iOS Devices from the  Apple's App store , which was initially rejected by the Apple last December. It is not clear why it was rejected previously, but the good news is that, now ' Cryptocat ' is available for all iOS Devices. So far Cryptocat was only available for Linux and Mac OS X, and as an extension for web browsers Mozilla Firefox, Google Chrome 3, Apple Safari and Opera . Cryptocat has become quite popular in the wake of the NSA Controversy, because of its end-to-end encryption that doesn't allow anyone in the middle to read your messages. Cryptocat for iPhone uses the OTR protocol for private conversations, a cryptographic protocol for secure instant messaging, and perfect forward secrecy, a system that constantly generates new user keys. So, snoops cannot decrypt older messages. It doesn't require any username or account rather just one time nickname makes the...

With revelations of NSA spying and some of the most jaw-dropping surveillance leaks, many people feel unencrypted and central-server service is bad in most of the cases, but end-to-end encryption can be used to reduce this problem. Worldwide Government surveillance raises privacy concerns and acquisition of WhatsApp by Facebook also made us think about the security concern with chat applications as well; though it was not so secure previously. People who care about having their SMS and Instant messages protected from prying eyes, now they can use end-to-end encrypted services, like  TextSecure .  It is a free Android-based messaging app, completly open-source , easy to use and designed with privacy in mind. Encrypting the stored data on the servers is as important as transferring data over an encrypted connection, but the most important factor of the encryption is that ' who has the decryption key '. If the company has the keys, then Government could snoop thro...

Since, we are living in the era where nothing could be possible without the help of the Internet. From every unimportant to every major and important data are stored in our computers and servers, and there is a massive growth in the volume of data all around us. But, computer drives can fail, and usually they give no advance warning. One minute they're working fine, and the next minute they're toasted. Data loss can be very costly, and due to the increase in cyber threat these days, all computer data is at risk from threats or damage. Even with the most reliable equipment and the most secure operating environment, there is always the possibility of something going wrong. So, a solution to all problems is to have a backup of entire data stored on your computer, and for that it is important for you to have a right choice. Want to know - How to backup the server/workstation? Well, there are many options, some are reliable and some are not. Now, at this point, you won...

The Mozilla Firefox web browser is used by roughly 30% of all Internet users and the company is seriously concerned about the Security of its users for many years. To Improve the Stability, Security and performance of Firefox web browser , Mozilla announced back in  2013 that it planned to enable ' Click to Play ' feature in upcoming Firefox versions, which will block most vulnerable plugins like Java by default. " Plugins are a significant source of poor performance, crashes and security vulnerabilities ", Mozilla said . The Feature ' Click to play ' blocks the execution of all plugins automatically, though this feature was annoying to the users, so to prevent all plugins from default blocking, Mozilla announced to maintain a whitelist of approved plugins. "By allowing users to decide which sites need to use plugins, Firefox will help protect them and keep their browser running smoothly." ~Benjamin Smedberg, Engineering Manager. Plugin authors ca...

In the last few years, this emerging domain for the  Internet of Things  has been attracting the significant interest, and will continue for the years to come. It would be a $20 Trillion Market over the next several years, but Security and privacy are the key issues for such applications, and still face some enormous challenges. Cisco has announced a global and industry-wide initiative to bring the Security community and Researchers together to contribute in securing the Internet of Things (IoT) and launched a contest called the " Internet of Things Grand Security Challenge ", offering prizes of up to $300,000  for winners. Since Smart devices are growing at an exponential pace with increase in connecting devices embedded in cars, retail systems, refrigerators, televisions and countless other things people use in everyday life and is expected to grow to 50 billion by 2020. So, in an effort to deliver the security solutions necessary to protect the i...

' Russia Today ', Moscow based Russia's biggest news channel website ( RT.com ) has been hacked and defaced by an unknown group of hackers. Hackers have replaced " Russia " or " Russians " with " Nazi " or " Nazis "  word from the headlines, as shown. " RT website has been hacked, we are working to resolve the problem, "  Russia Today tweeted from  the official Twitter account. Modified headline, i.e. i.e.   Russian Senators Vote To Use Stabilizing Nazi Forces on Ukrainian territory. Another modified headline stated: " Up to 143,000 Nazis requested asylum in Russia in two weeks ,"   The changes to the ' Russia Today '  website remained in place for nearly 30 minutes and  at the time of reporting, the hack was restored.  " Hackers deface https://RT.com website, crack admin access, place "Nazi" in every headline. Back to normal now. "  RT acknowledged the issue. Recently the   Anonymous group has also annou...