The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Difficulty in remembering complicated Passwords? Forget Passwords and Fingerprints now – and get ready to authenticate your online purchases with your SELFIES . MasterCard is experimenting a new app that would let you make online purchases by taking a selfie rather than typing a password, moving a step forward in the mobile payments evolution. This experimental ID Check security system uses the front camera of your mobile phone and "facial recognition" technology to get your payment done with a quick shot of your face. And MasterCard thinks this generation people will love it. " The new generation, which is into selfies...I think they will find it cool, " MasterCard President of Enterprise Safety and Security Ajay Bhalla told CNNMoney. " They'll embrace it ." How this new feature works? MasterCard will provide you a new mobile app to download in order to use the feature. After you make an online payment, the new app will...

Anonymity is something that seems next to impossible in this era of government surveillance. Even Tor and VPNs are no longer seem to be enough to protect user privacy. Once your IP address is discovered, your Game Over! However, a method have been devised that not only allow users to anonymously connect to public Wi-Fi network, but also let them connect from about 2.5 Miles away . Security researcher Benjamin Caudill has developed a device that adds an extra layer of anonymity to whistleblowers, journalists, dissidents and, of course, criminals. Dubbed ProxyHam , it's a " hardware proxy " that allows users to connect to a long-distance public Wi-Fi network over an unidentifiable low-frequency radio channels, making it more difficult for government agencies and spies to unearth the real identity and source of the Internet traffic. How Proxyham is made?  Proxyham is comprised of a WiFi-enabled Raspberry Pi computer , along with a three antennas setu...

During a wide-ranging online question-and-answer session on his Facebook page Tuesday, Facebook co-founder Mark Zuckerberg predicted some wild things for Future. It includes: Telepathy Technology , the ability for humans to talk to each other with their minds. Laser Beams , used to transmit data from the sky to Earth. Growth of Artificial Intelligence and Virtual Reality . Today, Mark Zuckerberg has posted a couple of demonstration pictures from its Connectivity Lab. To help connect people around the world, Facebook's Internet.org initiative is testing a method for delivering the Internet via Lasers. Laser Beam Technology - Future of The Internet  According to Mark, the Connectivity Lab has developed a laser beam technology (as shown) that has the ability to transmit data from the sky into communities. He has plans to equip drones and satellites with lasers to allow those laser-equipped devices to beam down Internet signals anywhere in the w...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Apple has released updates to patch dozens of security vulnerabilities in iOS and OS X Yosemite operating system. The updates include iOS 8.4 version of the mobile operating system, OS X Yosemite 10.10.4 and Security Update 2015-005. iOS 8.4 Update The iOS 8.4  update includes patches for over 20 security vulnerabilities that could lead to remote code execution (RCE) , application termination, the intercepted encrypted traffic, man-in-the-middle attacks and other problem. Certificate trust policy issues, buffer overflow vulnerabilities, apache compatibility issues, memory corruption flaws, and a host of WebKit, kernel, and CoreText vulnerabilities were also patched in the latest iOS update. OS X Yosemite 10.10.4 update The OS X Yosemite 10.10.4 update includes patches for QuickTime, ImageIO, and OpenSSL along with Remote Code Execution (RCE) flaws and other issues that may allow attackers to gain elevated privileges or crash applications. The Safar...

The US State Department and the Federal Bureau of Investigation are willing to pay a total $4.2 Million for information leading to the arrest and/or conviction of top 5 most wanted cyber criminals accused of conducting frauds of hundreds of millions of dollars. Evgeniy Bogachev,30; Nicolae Popescu, 34; Alexsey Belan, 28; Peteris Sahurovs, 26; and Shailesh Kumar Jain, 45; are in the list of FBI's Top 5 most-wanted hackers. 1. Evgeniy Mikhailovich Bogachev | Reward - $3 MILLION Evgeniy Mikhailovich Bogachev , also known under the aliases "lucky12345," "Slavik," and "Pollingsoon," is the mastermind behind the GameOver Zeus botnet , which was allegedly used by criminals to infect more than 1 Million computers, resulting in up to $100 Million in losses since 2009. Besides GameOver Zeus botnet, Bogachev is also accused of developing CryptoLocker Ransomware , which was designed to extort money from computer victims by holding their system...

Cisco, a networking giant that offers traditional network edge protection, has announced that the company is buying cloud-based security company OpenDNS for $635 Million . Yes, OpenDNS , whose Domain Name Services (DNS) you might have used to avoid regional restrictions or to improve your Internet connection. However, Cisco is not making the acquisition of OpenDNS for any of the above reasons. Instead, the networking giant says it will boost its own cloud security, adding "broad visibility and threat intelligence from the OpenDNS cloud-delivered platform." The aim is to offer you the protection against cyber attacks on your corporate network from any device, anywhere, anytime, and to predict threats before they strike. Hilton Romanski , who leads business development at Cisco, wrote in his blog post : "The acquisition will extend our ability to provide customers enhanced visibility and threat protection for unmonitored and potentially unsecure entry...

There's a lot of speculations and fears regarding the fiber optic network that delivers the Internet to your home and offices — What will happen when the fiber optic cables max out? Well, there is nothing to fear about it. Your Internet is Safe! Scientists at the University of California, San Diego, have recently managed to break the "capacity limits" of fiber optic networks, opening the door for faster, longer and potentially cheaper future networks. Increased Optic Signal Power by 20 Times The scientists not only broke the supposed limits of fiber optic data transmission, but also completely smashed it, increasing the power of optic signals by almost 20 times the base level. "This advance has the potential to increase the data transmission rates for the fiber optical cables that serve as the backbone of the Internet, wireless, cable, and landline networks," the UC San Diego News Center writes . Managed to Send the information 7,400 Miles ...

The web gateway used to render materials for Federal Background Investigations for employees and contractors has been shut down for several weeks after a vulnerability was detected, the Office of Personnel Management announced. The agency announced the shut down citing the discovery of a vulnerability in its Electronic Questionnaires for Investigations Processing (E-QIP) system while conducting an internal review of the agency's security. As a result, OPM has temporarily suspended the E-QIP system for four to six weeks, and OPM Director Katherine Archuleta said the system would remain offline "until stronger security enhancements are implemented." In the Wake of Massive Breach Although the agency stressed that it had not detected any malicious activity or evidence of hackers actually exploiting the flaw. The internal review of the agency's information technology systems was ordered by Archuleta in the wake of massive cyber attacks on the OPM...

Hackers are increasingly exploiting an unknown flaw to siphon payment card information from e-commerce websites that use Magento , the most popular e-commerce platform owned by eBay. Security researchers at Sucuri are still investigating the attack vector, but they believe that cyber criminals are injecting malicious code into the Magento core file or some widely used module/extension in order to steal payment card data. Back in April, a critical Remote Code Execution Flaw in Magento allowed hackers to fully compromise any online store powered by Magento and thereby gain access to credit card data and other financial, and personal information related to the customers. Credit Card Stealers? Now, Sucuri senior malware researcher Peter Gramantik have found an attack script that pilfers the content of every POST request and identifies valuable payment card data before storing it in an encrypted form that only the attacker can decrypt. Moreover, to evade detection,...

Imagine a city with Wi-Fi hotspot. Now imagine that it is free as well. This won't be just an imagination for long as Google has unveiled its new plan to bring Free, Superfast Wi-Fi to cities around the world. Sidewalk Labs, a Google-owned company that focuses on improving city living through technology innovations, has announced that the company will roll out free WiFi to everyone in New York City around September this year. But, How will the company do this? Google-backed Sidewalk Labs will convert over 10,000 New York's old phone booths into ad-supported " Wi-Fi pylons ." These booths will offer free wireless Internet access to anyone within 150 feet of radius. Sidewalk Labs is leading a group of investors acquiring Control Group and Titan , companies working to cover New York City with Free, Superfast Wi-Fi service. Besides offering free Wi-Fi, the booths are also intended to provide free cell-phone charging, free domestic phone calling ...

There isn't any troll in the title. The " World's Largest microSD " card sized at 200GB is now officially available for purchasing from Amazon and number of retailers. So, Is your 16GB, or 32GB, or even 64GB smartphone not enough to store all your data in one place? Order a Sandisk's new high-capacity microSD card from Amazon now. However, the only issue is that it is not exactly very cheap. You will have to pay around $240 to buy one. World's First 200GB MicroSD Card Back in March when Sandisk first announced the world's first 200GB microSD card , it was expected to be priced at around $400. However, $240 has been marked as the price for the highest-capacity microSD card available in the market. Sandisk's 200GB microSD card, or Ultra microSDXC UHS-I card, offers a transfer speed of up to 90MB per second , which is double the speed provided by its 128GB counterpart. Transfer Speed: 1200 Photos Per Minute The company cla...

The Law enforcement agencies from six different European countries have taken down a major Ukrainian-based cyber criminals gang suspected of developing, distributing and deploying Zeus and SpyEye banking malware . According to the report on the official website of Europol, authorities have arrested five suspects between June 18 and 19. All the five suspects are the members of an alleged gang that has been accused of infecting tens of thousands of computers worldwide with malware and banking Trojans. The alleged cybercriminal group distributed and used Zeus and SpyEye malware to steal money from several major banks in Europe and outside. The gang constantly modified its malware Trojans to defeat the security protocols of banks and used " mule networks " to launder money. "On the underground digital forums, they actively traded stolen credentials, compromised bank account information and malware," Europol said in a statement on Thursday, ...

The Awareness to encrypt your private data, chat conversations as well as communication is booming like never before that soon the world will mark some day as the International Encryption Day . This may or may not be possible in future, but Toshiba is all set to create a next level of encryption technology that the firm claims is absolutely unbreakable and " completely secure from tapping ". The best way to ensure the complete security of the communication is to make use of a one-time key to decode encrypted data. However, the problem remains to transfer this key from one place to another safely when even mail carriers may be spying on you. Uncrackable Encryption Technology: The Quantum Cryptography System To get rid of this issue, Toshiba is creating a 'foolproof' Q uantum Cryptography System that uses photons sent over a custom-made fiber optic cable that is not connected to the Internet. Thus, anyone trying to intercept the user's d...

After the death of Google code this winter, Google is apparently back in the business through the launch of its private Git repository hosting service on Google Cloud Platform called Cloud Source Repositories . Not yet officially announced, but Google started providing free beta access to its new Cloud Source Repositories earlier this year, VentureBeat reported. Similar to the popular source code repository hosting service GitHub, Cloud Source Repositories provides developers with the ability to host and edit code on the ever-expanding Google Cloud Platform . Though it will not be easy to take hold of all GitHub's customers overnight, Google is taking a successive approach with its new service -- Cloud Source Repositories can serve as a 'remote' Git repositories for users sitting elsewhere on the Internet or locally. Moreover, it is also possible for users to connect a Cloud Source Repository to a hosted repository service like GitHub or Bitbucket that will automatical...

Well, this is incredible and scary both at the same time. Forget about "facial" recognition; Facebook's newest technology is way good at identifying you in photos even without the need to see your face . The New Scientist is reporting about the Facebook's new "experimental" facial recognition algorithm which is so powerful that it can identify you in photos even when your faces are hidden. Instead, the Facebook's extremely accurate facial recognition algorithm uses other unique characteristics — such as your hairstyle, your body shape, your body language, your clothing and how you carry yourself — to identify that it's you. Facebook's New Facial Recognition Technology - 83% Accurate Facebook's artificial intelligence lab is working on this technology and, according to the head of artificial intelligence at Facebook Yann Lecun , the experimental algorithm is currently able to identify individuals with 83% accuracy, even if ...

Don't have Facebook account but want to use its Messenger service? Then go for it because Mark Zuckerberg wants even the people who hate Facebook to use the social network's separate Messenger service . So, you no longer need an active Facebook account to make use of the Messenger service, all you need is just your name and phone number, the company announced today. Facebook is giving a new " Not On Facebook? " option on the sign-up screen for its messaging app, which allows anyone to create an account for the Messenger app using his or her first name and phone number. Facebook to offer Messenger to people without Facebook account Facebook currently started offering this option for people in the United States, Canada, Peru, and Venezuela; the rest have to wait for the feature. Users with non-Facebook accounts will enjoy the same Messenger features, including voice and video calls, payments, stickers and GIFs. The only and major differenc...

In wake of the latest revelations about the National Security Agency (NSA) global spying on country's leaders, France may decide to offer political asylum to whistleblowers Edward Snowden and Julian Assange , as a " symbolic gesture ." Former NSA contractor Edward Snowden , who is facing criminal espionage charges in the U.S., has remained in Russia for almost two years after exposing the United States government's worldwide surveillance programs and he awaits responses from two dozen countries where he'd like to live. WikiLeaks Founder Julian Assange has remained in the Ecuadorian embassy for three years in London to avoid extradition to Sweden, where Assange is facing sex crime allegations. French Justice Minister Christiane Taubira told French news channel BFMTV on Thursday that if France decides to offer both of them asylum, she would "absolutely not be surprised." Recent WikiLeaks report claimed that the United States had been spying on...

Adobe has rolled out an emergency software patch for its Flash Player to patch a critical zero-day vulnerability that is already exploited by the hackers in the wild. The company said the flaw could potentially allow hackers to take control of the affected system and that it had evidence of " limited, targeted attacks " exploiting the flaw. Therefore, Adobe is urging users and administrators to update their software immediately. About the Zero-day Flaw: The vulnerability, assigned CVE-2015-3113 , is a remote code execution bug that enables hackers to take control of an affected computer system. Cyber crooks are already exploiting this zero-day vulnerability in the wild in an effort to hijack computers, targeting systems running Internet Explorer on Windows 7 and Firefox on Windows XP . The vulnerability was discovered and reported by FireEye researchers, who first noticed the flaw actively exploiting in a phishing campaign to target companies...

Google was under fire of downloading and installing a Chrome extension surreptitiously and subsequently listened to the conversations of Chromium users without consent. After these accusations, a wave of criticism by privacy campaigners and open source developers has led Google to remove the extension from Chromium , the open-source version of the Chrome browser. The extension in question is " Chrome Hotword ," which was found to be responsible for offering the browser's famous " OK, Google " functionality. ' Ok, Google ' is certainly a useful feature that allows users to search for things via their voice when they use Google as their default search engine, but its something that also enables eavesdropping of every single conversation made by a user. Google Silently Listens to your Conversation This issue came to light by Pirate Party founder Rick Falkvinge , who says Google has silently installed black box code into the open-so...

Since it introduced at the annual Google I/O conference, Project Soli has been trending on the Internet. Project Soli is one of Google's latest cutting-edge experiments that could actually transform the way humans interact with technology. Project Soli is not a wearable watch you might think it is. So what is Project Soli? It's you. Yes, you heard it right. Google's secretive Advanced Technology and Projects group (ATAP) who is working on Project Soli, knows that our hands and fingers are the best way we have to interact with smart devices, but the fact here is — everything is not a device. So Project Soli wants to make your hands and fingers the only user interface you will ever need to interact with technology, even without the need to touch anything to control it. Before knowing how Project Soli exactly makes this happen, let's have a look at this GIF, which was pulled from Google's Project Soli demo video by Airows: And Her...