#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Cisco to Buy OpenDNS Company for $635 Million

Cisco to Buy OpenDNS Company for $635 Million

Jul 01, 2015
Cisco, a networking giant that offers traditional network edge protection, has announced that the company is buying cloud-based security company OpenDNS for $635 Million . Yes, OpenDNS , whose Domain Name Services (DNS) you might have used to avoid regional restrictions or to improve your Internet connection. However, Cisco is not making the acquisition of OpenDNS for any of the above reasons. Instead, the networking giant says it will boost its own cloud security, adding "broad visibility and threat intelligence from the OpenDNS cloud-delivered platform." The aim is to offer you the protection against cyber attacks on your corporate network from any device, anywhere, anytime, and to predict threats before they strike. Hilton Romanski , who leads business development at Cisco, wrote in his blog post : "The acquisition will extend our ability to provide customers enhanced visibility and threat protection for unmonitored and potentially unsecure entry...
Scientists have Increased Fiber Optic capacity Nearly 20 Times

Scientists have Increased Fiber Optic capacity Nearly 20 Times

Jun 30, 2015
There's a lot of speculations and fears regarding the fiber optic network that delivers the Internet to your home and offices — What will happen when the fiber optic cables max out? Well, there is nothing to fear about it. Your Internet is Safe! Scientists at the University of California, San Diego, have recently managed to break the "capacity limits" of fiber optic networks, opening the door for faster, longer and potentially cheaper future networks. Increased Optic Signal Power by 20 Times The scientists not only broke the supposed limits of fiber optic data transmission, but also completely smashed it, increasing the power of optic signals by almost 20 times the base level. "This advance has the potential to increase the data transmission rates for the fiber optical cables that serve as the backbone of the Internet, wireless, cable, and landline networks," the UC San Diego News Center writes . Managed to Send the information 7,400 Miles ...
OPM Temporarily Shuts Down Background Check App to Fix Security Hole

OPM Temporarily Shuts Down Background Check App to Fix Security Hole

Jun 30, 2015
The web gateway used to render materials for Federal Background Investigations for employees and contractors has been shut down for several weeks after a vulnerability was detected, the Office of Personnel Management announced. The agency announced the shut down citing the discovery of a vulnerability in its Electronic Questionnaires for Investigations Processing (E-QIP) system while conducting an internal review of the agency's security. As a result, OPM has temporarily suspended the E-QIP system for four to six weeks, and OPM Director Katherine Archuleta said the system would remain offline "until stronger security enhancements are implemented." In the Wake of Massive Breach Although the agency stressed that it had not detected any malicious activity or evidence of hackers actually exploiting the flaw. The internal review of the agency's information technology systems was ordered by Archuleta in the wake of massive cyber attacks on the OPM...
cyber security

10 Best Practices for Building a Resilient, Always-On Compliance Program

websiteXM CyberCyber Resilience / Compliance
Download XM Cyber's handbook to learn 10 essential best practices for creating a robust, always-on compliance program.
cyber security

Find and Fix the Gaps in Your Security Tools

websitePrelude SecuritySecurity Control Validation
Connect your security tools for 14-days to find missing and misconfigured controls.
Hackers Exploit Zero-Day Magento Vulnerability to Steal Your Credit Cards

Hackers Exploit Zero-Day Magento Vulnerability to Steal Your Credit Cards

Jun 29, 2015
Hackers are increasingly exploiting an unknown flaw to siphon payment card information from e-commerce websites that use Magento , the most popular e-commerce platform owned by eBay. Security researchers at Sucuri are still investigating the attack vector, but they believe that cyber criminals are injecting malicious code into the Magento core file or some widely used module/extension in order to steal payment card data. Back in April, a critical Remote Code Execution Flaw in Magento allowed hackers to fully compromise any online store powered by Magento and thereby gain access to credit card data and other financial, and personal information related to the customers. Credit Card Stealers? Now, Sucuri senior malware researcher Peter Gramantik have found an attack script that pilfers the content of every POST request and identifies valuable payment card data before storing it in an encrypted form that only the attacker can decrypt. Moreover, to evade detection,...
Google's Project to Offer Free Superfast Wi-Fi Internet to the World has Begun

Google's Project to Offer Free Superfast Wi-Fi Internet to the World has Begun

Jun 28, 2015
Imagine a city with Wi-Fi hotspot. Now imagine that it is free as well. This won't be just an imagination for long as Google has unveiled its new plan to bring Free, Superfast Wi-Fi to cities around the world. Sidewalk Labs, a Google-owned company that focuses on improving city living through technology innovations, has announced that the company will roll out free WiFi to everyone in New York City around September this year. But, How will the company do this? Google-backed Sidewalk Labs will convert over 10,000 New York's old phone booths into ad-supported " Wi-Fi pylons ." These booths will offer free wireless Internet access to anyone within 150 feet of radius. Sidewalk Labs is leading a group of investors acquiring Control Group and Titan , companies working to cover New York City with Free, Superfast Wi-Fi service. Besides offering free Wi-Fi, the booths are also intended to provide free cell-phone charging, free domestic phone calling ...
World’s First 200GB microSD Card Arrives

World's First 200GB microSD Card Arrives

Jun 27, 2015
There isn't any troll in the title. The " World's Largest microSD " card sized at 200GB is now officially available for purchasing from Amazon and number of retailers. So, Is your 16GB, or 32GB, or even 64GB smartphone not enough to store all your data in one place? Order a Sandisk's new high-capacity microSD card from Amazon now. However, the only issue is that it is not exactly very cheap. You will have to pay around $240 to buy one. World's First 200GB MicroSD Card Back in March when Sandisk first announced the world's first 200GB microSD card , it was expected to be priced at around $400. However, $240 has been marked as the price for the highest-capacity microSD card available in the market. Sandisk's 200GB microSD card, or Ultra microSDXC UHS-I card, offers a transfer speed of up to 90MB per second , which is double the speed provided by its 128GB counterpart. Transfer Speed: 1200 Photos Per Minute The company cla...
Europol Arrests Gang Behind Zeus And SpyEye Banking Malware

Europol Arrests Gang Behind Zeus And SpyEye Banking Malware

Jun 27, 2015
The Law enforcement agencies from six different European countries have taken down a major Ukrainian-based cyber criminals gang suspected of developing, distributing and deploying Zeus and SpyEye banking malware . According to the report on the official website of Europol, authorities have arrested five suspects between June 18 and 19. All the five suspects are the members of an alleged gang that has been accused of infecting tens of thousands of computers worldwide with malware and banking Trojans. The alleged cybercriminal group distributed and used Zeus and SpyEye malware to steal money from several major banks in Europe and outside. The gang constantly modified its malware Trojans to defeat the security protocols of banks and used " mule networks " to launder money. "On the underground digital forums, they actively traded stolen credentials, compromised bank account information and malware," Europol said in a statement on Thursday, ...
This Unbreakable Encryption Could Save the Internet

This Unbreakable Encryption Could Save the Internet

Jun 26, 2015
The Awareness to encrypt your private data, chat conversations as well as communication is booming like never before that soon the world will mark some day as the International Encryption Day . This may or may not be possible in future, but Toshiba is all set to create a next level of encryption technology that the firm claims is absolutely unbreakable and " completely secure from tapping ". The best way to ensure the complete security of the communication is to make use of a one-time key to decode encrypted data. However, the problem remains to transfer this key from one place to another safely when even mail carriers may be spying on you. Uncrackable Encryption Technology: The Quantum Cryptography System To get rid of this issue, Toshiba is creating a 'foolproof' Q uantum Cryptography System that uses photons sent over a custom-made fiber optic cable that is not connected to the Internet. Thus, anyone trying to intercept the user's d...
Cloud Source Repositories: Google Quietly Launches GitHub Competitor

Cloud Source Repositories: Google Quietly Launches GitHub Competitor

Jun 26, 2015
After the death of Google code this winter, Google is apparently back in the business through the launch of its private Git repository hosting service on Google Cloud Platform called Cloud Source Repositories . Not yet officially announced, but Google started providing free beta access to its new Cloud Source Repositories earlier this year, VentureBeat reported. Similar to the popular source code repository hosting service GitHub, Cloud Source Repositories provides developers with the ability to host and edit code on the ever-expanding Google Cloud Platform . Though it will not be easy to take hold of all GitHub's customers overnight, Google is taking a successive approach with its new service -- Cloud Source Repositories can serve as a 'remote' Git repositories for users sitting elsewhere on the Internet or locally. Moreover, it is also possible for users to connect a Cloud Source Repository to a hosted repository service like GitHub or Bitbucket that will automatical...
Facebook Can Recognize You Even if You Don't Show Your Face

Facebook Can Recognize You Even if You Don't Show Your Face

Jun 26, 2015
Well, this is incredible and scary both at the same time. Forget about "facial" recognition; Facebook's newest technology is way good at identifying you in photos even without the need to see your face . The New Scientist is reporting about the Facebook's new "experimental" facial recognition algorithm which is so powerful that it can identify you in photos even when your faces are hidden. Instead, the Facebook's extremely accurate facial recognition algorithm uses other unique characteristics — such as your hairstyle, your body shape, your body language, your clothing and how you carry yourself — to identify that it's you. Facebook's New Facial Recognition Technology - 83% Accurate Facebook's artificial intelligence lab is working on this technology and, according to the head of artificial intelligence at Facebook Yann Lecun , the experimental algorithm is currently able to identify individuals with 83% accuracy, even if ...
You Can Now Use Messenger App without a Facebook Account

You Can Now Use Messenger App without a Facebook Account

Jun 26, 2015
Don't have Facebook account but want to use its Messenger service? Then go for it because Mark Zuckerberg wants even the people who hate Facebook to use the social network's separate Messenger service . So, you no longer need an active Facebook account to make use of the Messenger service, all you need is just your name and phone number, the company announced today. Facebook is giving a new " Not On Facebook? " option on the sign-up screen for its messaging app, which allows anyone to create an account for the Messenger app using his or her first name and phone number. Facebook to offer Messenger to people without Facebook account Facebook currently started offering this option for people in the United States, Canada, Peru, and Venezuela; the rest have to wait for the feature. Users with non-Facebook accounts will enjoy the same Messenger features, including voice and video calls, payments, stickers and GIFs. The only and major differenc...
France May Offer Asylum to Edward Snowden and Julian Assange

France May Offer Asylum to Edward Snowden and Julian Assange

Jun 26, 2015
In wake of the latest revelations about the National Security Agency (NSA) global spying on country's leaders, France may decide to offer political asylum to whistleblowers Edward Snowden and Julian Assange , as a " symbolic gesture ." Former NSA contractor Edward Snowden , who is facing criminal espionage charges in the U.S., has remained in Russia for almost two years after exposing the United States government's worldwide surveillance programs and he awaits responses from two dozen countries where he'd like to live. WikiLeaks Founder Julian Assange has remained in the Ecuadorian embassy for three years in London to avoid extradition to Sweden, where Assange is facing sex crime allegations. French Justice Minister Christiane Taubira told French news channel BFMTV on Thursday that if France decides to offer both of them asylum, she would "absolutely not be surprised." Recent WikiLeaks report claimed that the United States had been spying on...
Adobe Releases Emergency Patch for Flash Zero-Day Vulnerability

Adobe Releases Emergency Patch for Flash Zero-Day Vulnerability

Jun 25, 2015
Adobe has rolled out an emergency software patch for its Flash Player to patch a critical zero-day vulnerability that is already exploited by the hackers in the wild. The company said the flaw could potentially allow hackers to take control of the affected system and that it had evidence of " limited, targeted attacks " exploiting the flaw. Therefore, Adobe is urging users and administrators to update their software immediately. About the Zero-day Flaw: The vulnerability, assigned CVE-2015-3113 , is a remote code execution bug that enables hackers to take control of an affected computer system. Cyber crooks are already exploiting this zero-day vulnerability in the wild in an effort to hijack computers, targeting systems running Internet Explorer on Windows 7 and Firefox on Windows XP . The vulnerability was discovered and reported by FireEye researchers, who first noticed the flaw actively exploiting in a phishing campaign to target companies...
Google Chrome Silently Listening to Your Private Conversations

Google Chrome Silently Listening to Your Private Conversations

Jun 25, 2015
Google was under fire of downloading and installing a Chrome extension surreptitiously and subsequently listened to the conversations of Chromium users without consent. After these accusations, a wave of criticism by privacy campaigners and open source developers has led Google to remove the extension from Chromium , the open-source version of the Chrome browser. The extension in question is " Chrome Hotword ," which was found to be responsible for offering the browser's famous " OK, Google " functionality. ' Ok, Google ' is certainly a useful feature that allows users to search for things via their voice when they use Google as their default search engine, but its something that also enables eavesdropping of every single conversation made by a user. Google Silently Listens to your Conversation This issue came to light by Pirate Party founder Rick Falkvinge , who says Google has silently installed black box code into the open-so...
Mind Blowing Radar-based Gesture Recognition Technology for Everything

Mind Blowing Radar-based Gesture Recognition Technology for Everything

Jun 25, 2015
Since it introduced at the annual Google I/O conference, Project Soli has been trending on the Internet. Project Soli is one of Google's latest cutting-edge experiments that could actually transform the way humans interact with technology. Project Soli is not a wearable watch you might think it is. So what is Project Soli? It's you. Yes, you heard it right. Google's secretive Advanced Technology and Projects group (ATAP) who is working on Project Soli, knows that our hands and fingers are the best way we have to interact with smart devices, but the fact here is — everything is not a device. So Project Soli wants to make your hands and fingers the only user interface you will ever need to interact with technology, even without the need to touch anything to control it. Before knowing how Project Soli exactly makes this happen, let's have a look at this GIF, which was pulled from Google's Project Soli demo video by Airows: And Her...
'Undo Send' — How to Unsend Emails in Gmail

'Undo Send' — How to Unsend Emails in Gmail

Jun 24, 2015
Sending an important and confidential email to one of my friends and mistakenly clicked send to someone else. Holy crap! This is something experienced by everyone of us at some point. When we accidentally hit the reply-all button, send an email to the wrong person, or sometimes forget to attach a file, and then left only with an instant pain of regret. It feels like there is no going back. Isn't it? But to make you go back and rectify your mistakes, Google has rolled out a new feature that delays sending your email for 30 seconds after you hit Send, so that you can recall it if you want to make some changes. You Have 30 Seconds to Unsend an Email After the feature remained in public beta for six years, Google has finally brought this life-saving " Undo Send " feature to the main settings on the Web version of Google's Gmail service. Once enabled, the Undo Send feature offers you up to 30-second window to "undo" sending an outgoing ema...
Creator of Blackshades Malware Jailed 4 Years in New York

Creator of Blackshades Malware Jailed 4 Years in New York

Jun 24, 2015
A Swedish man who was the mastermind behind the $40 BlackShades Remote Access Tool (RAT) that infected over half a million systems around the world was sentenced to almost five years in a U.S. prison on Tuesday. Alex Yücel , 25, owned and operated an organization called "BlackShades" that sold a sophisticated and notorious form of software, called RAT, to several thousands of hackers and other people in more than 100 countries for prices ranging from $40 to $50. BlackShades malware was designed to capture keystrokes, steal usernames and passwords for victims' email and Web services, FTP clients, instant messaging applications, and lots more. In the worst case, the malicious software even allowed hackers to take remote control of victim's computer and webcam to pilfer photos or videos without the knowledge of the computer owner. Yucel (a.k.a. " marjinz ") was sentenced to four and three-quarter years in prison by U.S. District Judge Kev...
How to Hack into Computers using Pita Bread and A Radio

How to Hack into Computers using Pita Bread and A Radio

Jun 23, 2015
There's a new and clever way of hacking into computers, and it can be done cheaply – Using just a radio receiver and a piece of pita bread . Yeah, you heard it right. Security researchers at Tel Aviv University have demonstrated how to extract secret decryption keys from computers by capturing radio emissions of laptop computers . Capturing the radio signals to steal data from a computer system is nothing new. But the process required expensive, bulky lab equipment to accomplish. However, the Israeli-based researchers team managed to do it with cheap consumer-grade components as well as small enough to hide inside a piece of pita bread. Using cheap equipment, the team of researchers, including Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer , was able to capture keystrokes, applications running on a computer system, and encryption keys. How the method works? The idea is simple, as different computer operations, such as playing some game o...
How Google Is Tracking Your Movie and Event Activities

How Google Is Tracking Your Movie and Event Activities

Jun 23, 2015
No doubt, You must be aware that Google tracks you, but what you probably did not realize is how precisely and till what extent it tracks you. Well, Google knows which movies I watched where, when, at what time and with how many of my friends , and knows it so well — even my eyebrows raised slightly in surprise! Yes, you heard right. If you are using your Gmail account like I do, receiving all movie booking and tickets, Google can easily track your movie flavors and frequent hangout places without access to GPS. GOOGLE READ MY EMAILS FOR EVENT INFORMATION I was feeling bored last night, so I decided to watch a movie and moved towards Google to search newly released films. As I googled " Movies 2015 "... Holy Crap! What I saw on the monitor was unbelievable. In Google search results, I was able to see the list of all my past movie booking event activities and even my future bookings ( shown below ), and it was so, so accurate. If you have Google acc...
WebAssembly — New Standard for Powerful and Faster Web Apps

WebAssembly — New Standard for Powerful and Faster Web Apps

Jun 23, 2015
Google, Apple, Microsoft , and Mozilla have joined hands to create code for use in the future web browsers that promises up to 20 times faster performance. Dubbed WebAssembly (or wasm for short), a project to create a new portable bytecode for the Web that will be more efficient for both desktop as well as mobile web browsers to parse than the complete source code of a Web page or an application. Bytecode is actually a machine-readable instruction set that is faster for web browsers to load than high-level languages. WebAssembly — A New File Format to Compile Code At the moment, browsers use JavaScript to interpret the code and allow functionality on websites such as dynamic content and forms. By default, JavaScript files are downloaded from the server and then compiled by the JavaScript engine in the web browser. However, improvements have been made to load times via Asm.js — the stripped-down JavaScript dialect described as an "assembly language for ...
Expert Insights Articles Videos
Cybersecurity Resources