The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A vulnerability has been discovered in the wildly popular Google's Stock Android Email App , that could be exploited by malicious attackers to remotely crash your smartphone application just by sending a specially crafted email. A Spain security researcher, Hector Marco , successfully exploited the vulnerability on his Samsung Galaxy S4 Mini running version 4.2.2.0200 of Stock Android Email App. He said the flaw appears to affect all older versions of Stock Android Email App, though devices running 4.2.2.0400 and newer versions are not affected. According to the researcher, when the victim receives the malicious email and tries to view it, the email app crashes. Further attempts to open the email again triggers a crash in the application before the victim can do anything. The flaw ( CVE-2015-1574 ) is due to incorrect handling of the Content-Disposition header . Hackers could exploit the vulnerability by sending an email with a malformed Content-Disposition header to th...

Diagnosing network fault is one of the toughest questions for an IT Pro to answer because there is no single or best way. IT infrastructures are multi-layered and integrate many different systems which makes identifying the cause of network fault a difficult task. At a high level, the process of handling a fault breaks down into four steps: Find it Fix it Diagnose the root cause Prevent the fault from happening again A highly recommended solution to make fault identification and prevention simple is using Security Information and Event Management (SIEM) technology. The log and event analysis features of a SIEM can provide a comprehensive strategy for fault diagnosis and prevention. SolarWinds Log & Event Manager is a fully-functional SIEM designed to make diagnosing network fault a quick and easy task. Log & Event Manager automates collecting, analyzing, and diagnosing log data to help you find, fix, diagnose, and prevent network fault. You can downloa...

The U.S. National Security Agency (NSA) may be hiding highly-sophisticated hacking payloads in the firmware of consumer hard drives over the last 15 to 20 years in a campaign, giving the agency the means to eavesdrop on thousands of targets' computers, according to an analysis by Kaspersky labs and subsequent reports. 'EQUATION GROUP' BEHIND THE MALWARE The team of malicious actors is dubbed the the " Equation Group " by researchers from Moscow-based Kaspersky Lab, and describes them as " probably one of the most sophisticated cyber attack groups in the world," and "the most advanced threat actor we have seen. " The security researchers have documented 500 infections by Equation Group and believes that the actual number of victims likely reaches into the tens of thousands because of a self-destruct mechanism built into the malware. TOP MANUFACTURERS' HARD DRIVES ARE INFECTED Russian security experts reportedly uncovered sta...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

If you are a traveler and loves to travel then you must be annoyed of those calls you sometimes get from your bank when buying things far from home, and the most annoyed part is when the company won't approve the transaction as it fears your card was stolen. VISA MOBILE LOCATION CONFIRMATION APP The payment processing and credit card giant Visa has came forward to put an end to this problem by letting cardholders the chance to buy things wherever they are. The company plans to release a new location-based feature that will help cardholders to update their location via smartphone. Starting in April, the banks will include the software application, dubbed Visa Mobile Location Confirmation , in their smartphone apps. The app will use cardholders smartphone's ability to locate itself and verify that they're near where the card is being used. IN WAKE OF INCREASING CREDIT CARD FRAUD The idea behind this new move is to reduce the rising incidents of credit card fraud and fraud...

The most popular Chinese Bitcoin exchange BTER announced that it has been hacked on Valentine's Day and lost more than £1.1 Million-worth ($1.75 Million; one BTC is about $270) of the digital currency. The Bitcoin Exchange hasn't revealed more details about suspects behind the breach or how the cold wallets were compromised, except that 7,170 Bitcoin cryptocurrency was stolen from the company's " cold wallets ," a way of storing the digital currency offline. " All wallets have been shut down and withdrawals of unaffected coins will be arranged later, " the official website of BTER Bitcoin exchange states. Internet sleuths are already on the hunt to trace the missing Bitcoin. Because of the way the digital currency works, it is possible to trace any transaction or funds easily by using public available service, called " blockchain ." According to the announcement, the stolen Bitcoin cryptocurrencies were broadcast through the trans...

President Barack Obama signed an executive order on Friday that encourages and promotes sharing of information on cybersecurity threats within the private sector and between the private sector companies and the government agencies as well. AREAS TO IMPROVE During his speech at the White House Cybersecurity Summit at Stanford University in California, where many tech leaders and other government officials also assembled, the President highlighted events affecting cybersecurity and the development of the Internet. The four areas that Obama believes must be improved are listed below: Development and evolution of the Internet Cybersecurity Rights of individuals in regards to the Internet Cooperation between the Government and private companies EVERYONE IS VULNERABLE - OBAMA " The cyber world is sort of the Wild Wild West and to some degree we are asked to be the sheriff ," Mr. President told a crowd at the Memorial Auditorium. " When something lik...

Despite increased online and mobile banking security, banks are more often being targeted by hackers. A hacker group has infiltrated a number of banks and financial institutions in several countries, stealing hundreds of Millions of dollars in possibly the biggest bank heist the world has ever seen. According to a report published by the New York Times on Saturday, hackers have stolen as much as $1 Billion from more than 100 banks and other financial companies in almost 30 nations, making it " the most sophisticated attack the world has seen to date. " In late 2013 , banks in Russia, Japan, Europe, the United States and other countries fell victim to a massive, sophisticated malware hack that allowed the hackers to spy on bank officials in order to mimic their behavior, according to an upcoming report by Kaspersky Labs received by the NY Times. CARBANAK BANKING MALWARE IN THE WILD In order to infect bank staffs, the hacker group sent malicious emails to hun...

We all have Internet-connected smartphones in our pockets, but it's very hard to find a place on Internet to feel secure and private. No doubt, there is data Encryption on cell phones, but what's the use if it is cracked by hackers or law enforcement? What if the encrypted files don't exist in the first place for law enforcement to decrypt it? That's the motive behind DroidStealth , a new Android encryption tool that not only protects sensitive data with obfuscation, but ​also hides its existence on your phone as if it has nothing to hide. DroidStealth Android app has been developed by security researchers from Delft University of Technology in the Netherlands and would come as a windfall to both the privacy lovers and the cyber criminals. STEALTH LOGIN MECHANISM DroidStealth Android encryption tool creates a hidden folder in your phone in which it stores your all encrypted files. The app itself can be opened by simply dialing a phone number of any length which...

When I Die, I'd like someone to keep updating my Facebook Status, just to Freak people out, because who knew I'd have WiFi signal up there. Jokes apart, Facebook has fulfilled my this wish as well. The social networking giant is giving its users control over what happens to their Facebook accounts when they die. Until now, Facebook allowed people to turn the profiles of their loved one into "memorialized" accounts after Facebook verifies that person has died, meaning the account could be viewed but not be managed or edited. But Facebook is now adding a new option that users can select prior to their death: ' Legacy Contact '. " Until now, when someone passed away, we offered a basic memorialized account which was viewable, but could not be managed by anyone, " the Facebook team wrote in a blog post . " By talking to people who have experienced loss, we realized there is more we can do to support those who are grieving and those who wa...

Among several vulnerabilities, Microsoft on Tuesday patched a critical vulnerability that could be exploited by hackers to bypass security measures on all versions of Windows operating systems from XP to Windows 10, just by modifying a single bit. The local privilege escalation vulnerability ( CVE-2015-0057 ) could give attackers total control of the victims' machines, explains Udi Yavo, the chief technology officer at the security firm enSilo. " A threat actor that gains access to a Windows machine can exploit this vulnerability to bypass all Windows security measures, defeating mitigation measures such as sandboxing, kernel segregation and memory randomization ," said Yavo. INTERESTING PART OF THE FLAW Yavo continued, " Interestingly, the exploit requires modifying only a single bit of the Windows operating system. " The flaw existed in the graphical user interface (GUI) component of the Win32k.sys module within the Windows Kernel which, amon...

Social Networking giant Facebook has just launched a new platform called ThreatExchange , which is designed to mount a coordinated defense against cybercrime. Many security professionals rely largely on manual methods for collecting, analyzing, and consuming information about latest cyber security threats such as malware and botnets . Whereas, Mark Zuckerberg's ThreatExchange is a unique social media platform where multiple organizations can sign up and share information about new threats to cyber security, new types of hacks, phishing attacks and malicious activities they may have experienced. COLLABORATE AND TAKE ACTION Facebook is currently using a threat analysis framework called " ThreatData " to discover and tackle scams and cybercrimes, but with the growth in the magnitude of cyber attacks, Facebook believes that better communication between companies could help stamp them out. " We quickly learned that sharing with one another was key to bea...

Security researchers have warned of a pair of vulnerabilities in the Google Play Store that could allow cyber crooks to install and launch malicious applications remotely on Android devices. Tod Beardsley, technical lead for the Metasploit Framework at Rapid7 warns that an X-Frame-Options (XFO) vulnerability – when combined with a recent Android WebView (Jelly Bean) flaw – creates a way for hackers to quietly install any arbitrary app from the Play store onto victims' device even without the users consent. USERS AFFECTED The vulnerability affects users running Android version 4.3 Jelly Bean and earlier versions of Android that no longer receive official security updates from Android security team for WebView , a core component used to render web pages on an Android device . Also, users who have installed third party browsers are affected. According to the researcher, the web browser in Android 4.3 and prior that are vulnerable to a Universal Cross-Site Scripting (...

A Serious vulnerability in Facebook has recently been reported that could allow anyone to delete your complete Facebook photo album without having authentication. Security Researcher Laxman Muthiyah told The Hacker News that the vulnerability actually resides in Facebook Graph API mechanism, which allows "a hacker to delete any photo album on Facebook . Any photo album owned by an user or a page or a group could be deleted." DELETING FACEBOOK PHOTO ALBUMS According to Facebook developers documentation, its not possible to delete albums using the Graph API, but Indian security researcher has found a way to delete not just his own, but also others Facebook photo albums within few seconds. " I decided to try it with Facebook for mobile access token because we can see delete option for all photo albums in Facebook mobile application isn't it? Yeah and also it uses the same Graph API ," he said. In general, Facebook Graph API requires an access tok...

Nearly 40,000 organisations running MongoDB , a NoSQL high performance and cross-platform document-oriented database, are found to be unprotected and vulnerable to hackers. Three students from University of Saarland in Germany at the Centre for IT Security – Kai Greshake, Eric Petryka and Jens Heyens – discovered that MongoDB databases running at TCP port 27017 as a service on several thousands of commercial web servers are easily accessible on the Internet. MongoDB is an open-source database used by companies of all sizes, across all industries for a wide variety of applications. MongoDB is built for scalability, performance and high availability, scaling from single server deployments to large, complex multi-site architectures. By leveraging in-memory computing, MongoDB provides high performance for both reads and writes. The German researchers said that they were able to get "read and write access" to the unsecured MongoDB databases without using any sp...

The GHOST vulnerability is a buffer overflow condition that can be easily exploited locally and remotely, which makes it extremely dangerous. This vulnerability is named after the GetHOSTbyname function involved in the exploit. Attackers utilize buffer overflow vulnerabilities like this one by sending specific packets of data to a vulnerable system. The attack allows the attacker to execute arbitrary code and take control of the victim's vulnerable machine. Unfortunately, the vulnerability exists in the GNU C Library (glibc) , a code library originally released in 2000, meaning it has been widely distributed. Many derivative programs utilize the glibc to carry out common tasks. Although an update released by Linux in 2013 mitigated this vulnerability, most systems and products have not installed the patch. What Can I Do About GHOST Vulnerability? Like with any vulnerability, the best way to mitigate GHOST vulnerability is to identify vulnerable systems, prioritiz...

Remember RapidShare ? Once one of the world's most popular and first ever one-click online file hosting and cloud storage website on the Internet. The company has announced that it will shut down its business at the end of next month. RapidShare file hosting service announced its shut down Tuesday through a notice on its official website, saying that it will stop active service on March 31, 2015. All user accounts on the website will no longer be available after this date, and all files will be deleted automatically. WHAT RAPIDSHARE USERS MUST DO ? " We strongly recommend all customers to secure their data. After March 31st, 2015 all accounts will no longer be accessible and will be deleted automatically ," the notice on RapidShare official website reads. Just two days back, the most popular Torrent website KickAss Torrents banned by the .so registry (Somalian registry), forcing the site's operators to switch to another domain. Now, suddenly the ol...

Microsoft just issued a critical patch to fix a 15-year-old vulnerability that could be exploited by hackers to remotely hijack users' PCs running all supported versions of Windows operating system . The critical vulnerability — named " JASBUG " by the researcher who reported the flaw — is due to a flaw in the fundamental design of Windows that took Microsoft more than 12 months to release a fix. However, the flaw is still unpatched in Windows Server 2003, leaving the version wide open to the hackers for the remaining five months. HACKERS CAN EASILY HIJACK YOUR WINDOWS MACHINE The vulnerability ( CVE-2015-0008 ) could allow an attacker to easily hijack a domain-configured Windows system if it is connected to a malicious network – wirelessly or wired, giving attacker consent to do various tasks including, to go forth and install programs; delete, alter or peruse users' data; or to create new accounts with full user rights. However, Jasbug vulnerability do not affects h...