The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

If you are one of our readers who follow The Hacker News every update, you probably know that Public WiFi network is a security risk. But many people aren't aware, including our great politicians. Internet security provider F-Secure carried out an experimental hack against three prominent UK politicians and hacked into their accounts with the help of public Wi-Fi network. To be very clear, all the three politicians – Rt. Hon. David Davis MP, Mary Honeyball MEP and Lord Strasburger – gave their consent to the recent exercise that focused on hacking into their devices using public, freely available Wi-Fi networks across London. F-Secure teamed up with the penetration testing firm Mandalorian Security Services and the Cyber Security Research Institute to carry out the tests . Despite holding major positions within the different parliaments, all three politicians admitted that they had " received no formal training or information about the relative ease " wi...

If you rely on messaging apps to remain in contact with your family members and friends, then you may have to switch back to old-fashioned text messaging service in matter of weeks due to a new law currently going through Parliament. WhatsApp and Facebook Messenger to Ban in UK The popular messaging applications, including WhatsApp, Snapchat, iMessage and Facebook Messenger, could all potentially be banned in the UK under the controversial ' Snoopers Charter '. The Investigatory Powers Bill -- the so-called Snoopers Charter -- mentioned in the 2015 Queen's Speech , would allow UK government to eradicate instant messaging apps that refuse to switch off end-to-end encryption from their services. Earlier this year in light of the Charlie Hebdo shootings in Paris, Prime Minister David Cameron hinted at the crackdown when he claimed that he would ban encrypted messaging apps like Snapchat, WhatsApp and Messenger unless they didn't comply with new surve...

Brains are more powerful than computers. So why not build a computer from Brain?  In fact, Multiple Brains as per sayings, " Two heads are better than one. " Scientists at Duke University have done exactly that. They have successfully developed the first instance of a Brain-machine interface that employs multiple brains at once to operate a single machine. "Organic Computers" – Made from Brains of Rats and Monkeys Scientists were able to interconnect the brains of four rats to create a " Brainet " that is capable of accomplishing computational tasks better than the tasks performed by any one of the rats. In the recent paper published in the journal Scientific Reports, the neurobiologist leading the research, Miguel Nicolelis says: " Recently, we proposed that 'Brainets,' i.e. networks formed by multiple animal brains, cooperating and exchanging information in real time through direct brain-to-brain interfaces, could ...

The mysterious security vulnerability in the widely used OpenSSL code library is neither HeartBleed nor FREAK, but it's critical enough to be patched by sysadmins without any delay. OpenSSL Foundation released the promised patch against a high severity vulnerability in OpenSSL versions 1.0.1n and 1.0.2b, resolving a certificate forgery issue in the implementations of the crypto protocol. The critical vulnerability could allow man-in-the-middle attackers to impersonate cryptographically protected websites, virtual private networks, or e-mail servers, and snoop on encrypted Internet traffic. The vulnerability, ( CVE-2015-1793 ), is due to a problem lies in the certificate verification process. An error in its implementation skipped some security checks on new, untrusted certificates. By exploiting this vulnerability, an attacker could circumvent certificate warnings that enable them to force applications into treating an invalid certificate as a legitimate Certificat...

The corporate data leaked in the recent cyber attack on the infamous surveillance software firm Hacking Team has revealed that the Adobe Flash zero-day (CVE-2015-5119) exploit has already been added to several exploit kits. Security researchers at Trend Micro have discovered evidences of the Adobe Flash zero-day (CVE-2015-5119) exploit being used in a number of exploit kits before the vulnerability was publicly revealed in this week's data breach on the spyware company. The successful exploitation of the zero-day Flash vulnerability could cause a system crash, potentially allowing an attacker to take full control of the affected system. Adobe Flash Zero-Day Targeted Japan and Korea According to the researchers, the zero-day exploit, about which the rest of the world got access on Monday, was apparently used in limited cyber attacks on South Korea and Japan . "In late June, [Trend Micro] learned that a user in Korea was the attempted target of various ...

The BBC has unveiled the final design of the Micro:bit — a pocket-sized computer board designed to lure U.K. school children to embedded electronics. The Micro:bit is essentially a codeable computer that lets kids get creative with technology. It measures 5cm by 4cm and will be available in different colors. The idea behind the Micro:bit is to encourage young children to learn how computers work, and to get kids into programming and engineering at the young age. What does this tiny little computer contain? The Micro:bit, made in collaboration with ARM, Barclays, element14, Freescale, Lancaster University, Microsoft, Nordic Semiconductor, Samsung and the Wellcome Trust, contains: A 32-bit ARM Cortex M0 CPU Programmable Array of 25 red LEDs Micro USB port through which it can be powered Three input-output (I/O) Ring Connectors to hook it up to other kits and sensors Bluetooth for connectivity A 3V output connector to power external devices A 20-pin edge...

An alleged member of Lizard Squad, who claimed responsibility for knocking Sony's PlayStation Network and Microsoft's Xbox Live offline late last year has been convicted of 50,700 counts of cyber crime. The infamous computer hacker gang Lizard Squad launched massive Distributed Denial-of-Service (DDoS) attacks against the largest online gaming networks -- PlayStation Network and Xbox Live -- on Dec. 25, 2014. Then offered to sell its own Lizard-branded DDoS-for-hire tool called Lizard Stresser. Julius "zeekill" Kivimaki , a 17-year-old was given a two-year suspended prison sentence and was "ordered to fight against cybercrime," according to Finnish newspaper Kaleva . Facing more than 50,000 Counts of Computer Crime Finnish authorities arrested Kivimaki in late 2014. Under the alias " Ryan ," the teen participated in an interview with U.K. television station Sky News, openly claiming that he is a member of Lizard Squad a...

The Recent Cyber Attack that exposed 400GB of corporate data belonging to surveillance software firm Hacking Team has revealed that the spyware company have already discovered an exploit for an unpatched zero-day vulnerability in Flash Player. Security researchers at Trend Micro claim that the leaked data stolen from Hacking Team , an Italian company that sells surveillance software to government agencies, contains a number of unpatched and unreported Adobe flaws. Hacking Team has Unpatched Flash Bug  While analyzing the leaked data dump, researchers discovered at least three software exploits – two for Adobe Flash Player and one for Microsoft's Windows kernel. Out of two, one of the Flash Player vulnerabilities, known as Use-after-free vulnerability with CVE-2015-0349 , has already been patched. However, the Hacking Team described the other Flash Player exploit, which is a zero-day exploit with no CVE number yet, as "the most beautiful Flash bug for ...

Attention Please! System Administrator and anyone relying on OpenSSL should be prepared to switch to a new version of the open-source crypto library that will be released this Thursday 9th July. OpenSSL is a widely used open-source software library that provides encrypted Internet connections using SSL/TLS for majority of websites, as well as other secure services. The new versions of OpenSSL crypto library, versions 1.0.2d and 1.0.1p , address a single security vulnerability classified as "high severity," the OpenSSL Project Team announced on Monday. There isn't more details about the mystery security vulnerability available yet, except for the fact that the security vulnerability doesn't affect the 1.0.0 or 0.9.8 series. "The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.0.2d and 1.0.1p," developer Mark J Cox announced in a mailing list note published yesterday. "These releases will be ...

Yes, sometimes even the Hackers get Hacked. Hacking Team , one of the most controversial spyware and malware providers to governments and law enforcement agencies all around the world, allegedly been hacked, with some 500 gigabytes of internal data leaked over the Internet . The leaked data indicates that despite its denials, the spyware company did sell powerful spyware tools to oppressive regimes in Sudan, Bahrain, Ethiopia and Saudi Arabia . Massive Data Breach at Hacking Team The unknown hackers not only managed to make 500 GB of client files , financial documents, contracts and internal emails, publicly available for download, but also defaced Hacking Team's own Twitter account, replacing the company's logo to "Hacked Team." Hacking Team , also known as HT S.r.l, is an Italian company known for providing powerful surveillance software Remote Code System (RCS) to Governments and law enforcement agencies. The company previously claimed to o...

Wireless charging isn't a new concept at all, but to charge your devices you are still required to place your phone on the top of charging pad. Quite annoying sometimes when slightly misaligned of a device caused your phone not to charge. Now, imagine you never have to plug in your smartphones again, or technology that charges multiple devices at one time. This is what Energous Corporation is all set to offer you. WattUp — Wirelessly Charging Technology The technology company Energous Corporation is about to launch WattUp — a wireless charger that will change the way people charge their electronic devices at homes, in the offices, in the car and beyond. "With WattUp, you no longer need to worry about looking for a charge: once you are in a WattUp wire-free charging zone, the battery life of all your devices will simply be managed, seamlessly and intelligently, so you can devote your time and energy to what really matters," the Energous  website  reads. ...

Nothing is scarier than your iPhone alerting you that your battery had hit 5%, especially when you just took it off the charger with a 100 percent full battery about an hour ago.  To be very honest, it literally sucks. However, you no need to worry about this problem now, as there's a solution. Apple has just modified its warranty programs to make it easier for you to get your iPhone battery or in some cases, the whole device exchanged at an Apple Store. Under its new AppleCare+ policy , the company is offering to replace the batteries in your iOS devices for free until January 2016 , but if and only if you are eligible. Are you Eligible for New iPhone Battery? To make sure your iPhone is eligible, you need to check these simple things: You need to have bought the iPhone between September 2012 and January 2013 If yes, then the capacity of your battery also has to hold less than 80% of its original capacity Previously, the policy offers replacement of ...

Get ready for a new Android Browser! Android ROM developer CyanogenMod has announced that it is working on a new browser for Android devices. Dubbed Gello , the open-source browser is based on Google's Chromium project and includes a ton of customization options for Android. The team provided a first look of Gello through a demo video that actually reveals a lot about the new Android browser. Some Specific Features of Gello include: " Save for Offline " Reading Mode Night Mode and Immersive Mode options Extensive site-by-site Privacy and Security Settings, including Ad Blocker Advanced Download Manager that allow you to rename files and select file paths Customized interface , including Tab Animations and Management Moreover, Lots of other granular controls. The Gello web browser would be aimed at those who prefer Android Open Source Project (AOSP) versions instead of Google's Android. The team noted that the Gello browser will not...

Security firm Trend Micro has identified a 20-year-old Brazilian college student responsible for developing and distributing over 100 Banking Trojans selling each for around US$300 . Known online as ' Lordfenix ', ' Hacker's Son ' and ' Filho de Hacker ', the computer science student first began his career by posting in forums, asking for programming help for a Trojan he was developing, researchers said. Developed More than 100 Trojans However, Lordfenix has "grown quite confident in his skills" and began developing and distributing malware tailored to pilfer financial information since at least 2013. "Based on our research, Lordfenix has created more than 100 different banking Trojans , not including his other malicious tools, since April 2013," Trend Micro says . "With each Trojan costing around R$1,000 (roughly $320), this young cybercriminal channeled his talent in programming into a lucrative, illegal venture." Trend Mi...

The Internet is running out of IPv4 (Internet Protocol version 4) addresses — a computer's unique address on the Internet. It's just become harder to get IPv4 addresses. IPv4 Exhaustion Gets Real. Is this the end of IPv4 addresses? Finally, North America ran out of iPv4 addresses and officially exhausted its supply of IPv4 addresses, joining Asia, Europe, and Latin America. The American Registry for Internet Numbers (ARIN), which is responsible for handing out Internet addresses, has warned that it is unable to fulfil a request for the allocation of large blocks of IPv4 addresses due to IPv4 Exhaustion of available address pool. On Wednesday, ARIN activated an " IPv4 Unmet Requests Policy " for the first time and placed a waitlist for companies that request blocks of IP addresses for their services. According to the ARIN, ISPs are left with only three choices: They can either accept a smaller block (limited to 512 and 256 addresses) They can jo...

Difficulty in remembering complicated Passwords? Forget Passwords and Fingerprints now – and get ready to authenticate your online purchases with your SELFIES . MasterCard is experimenting a new app that would let you make online purchases by taking a selfie rather than typing a password, moving a step forward in the mobile payments evolution. This experimental ID Check security system uses the front camera of your mobile phone and "facial recognition" technology to get your payment done with a quick shot of your face. And MasterCard thinks this generation people will love it. " The new generation, which is into selfies...I think they will find it cool, " MasterCard President of Enterprise Safety and Security Ajay Bhalla told CNNMoney. " They'll embrace it ." How this new feature works? MasterCard will provide you a new mobile app to download in order to use the feature. After you make an online payment, the new app will...

Anonymity is something that seems next to impossible in this era of government surveillance. Even Tor and VPNs are no longer seem to be enough to protect user privacy. Once your IP address is discovered, your Game Over! However, a method have been devised that not only allow users to anonymously connect to public Wi-Fi network, but also let them connect from about 2.5 Miles away . Security researcher Benjamin Caudill has developed a device that adds an extra layer of anonymity to whistleblowers, journalists, dissidents and, of course, criminals. Dubbed ProxyHam , it's a " hardware proxy " that allows users to connect to a long-distance public Wi-Fi network over an unidentifiable low-frequency radio channels, making it more difficult for government agencies and spies to unearth the real identity and source of the Internet traffic. How Proxyham is made?  Proxyham is comprised of a WiFi-enabled Raspberry Pi computer , along with a three antennas setu...

During a wide-ranging online question-and-answer session on his Facebook page Tuesday, Facebook co-founder Mark Zuckerberg predicted some wild things for Future. It includes: Telepathy Technology , the ability for humans to talk to each other with their minds. Laser Beams , used to transmit data from the sky to Earth. Growth of Artificial Intelligence and Virtual Reality . Today, Mark Zuckerberg has posted a couple of demonstration pictures from its Connectivity Lab. To help connect people around the world, Facebook's Internet.org initiative is testing a method for delivering the Internet via Lasers. Laser Beam Technology - Future of The Internet  According to Mark, the Connectivity Lab has developed a laser beam technology (as shown) that has the ability to transmit data from the sky into communities. He has plans to equip drones and satellites with lasers to allow those laser-equipped devices to beam down Internet signals anywhere in the w...

Apple has released updates to patch dozens of security vulnerabilities in iOS and OS X Yosemite operating system. The updates include iOS 8.4 version of the mobile operating system, OS X Yosemite 10.10.4 and Security Update 2015-005. iOS 8.4 Update The iOS 8.4  update includes patches for over 20 security vulnerabilities that could lead to remote code execution (RCE) , application termination, the intercepted encrypted traffic, man-in-the-middle attacks and other problem. Certificate trust policy issues, buffer overflow vulnerabilities, apache compatibility issues, memory corruption flaws, and a host of WebKit, kernel, and CoreText vulnerabilities were also patched in the latest iOS update. OS X Yosemite 10.10.4 update The OS X Yosemite 10.10.4 update includes patches for QuickTime, ImageIO, and OpenSSL along with Remote Code Execution (RCE) flaws and other issues that may allow attackers to gain elevated privileges or crash applications. The Safar...

The US State Department and the Federal Bureau of Investigation are willing to pay a total $4.2 Million for information leading to the arrest and/or conviction of top 5 most wanted cyber criminals accused of conducting frauds of hundreds of millions of dollars. Evgeniy Bogachev,30; Nicolae Popescu, 34; Alexsey Belan, 28; Peteris Sahurovs, 26; and Shailesh Kumar Jain, 45; are in the list of FBI's Top 5 most-wanted hackers. 1. Evgeniy Mikhailovich Bogachev | Reward - $3 MILLION Evgeniy Mikhailovich Bogachev , also known under the aliases "lucky12345," "Slavik," and "Pollingsoon," is the mastermind behind the GameOver Zeus botnet , which was allegedly used by criminals to infect more than 1 Million computers, resulting in up to $100 Million in losses since 2009. Besides GameOver Zeus botnet, Bogachev is also accused of developing CryptoLocker Ransomware , which was designed to extort money from computer victims by holding their system...