The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Yes, you heard it right. A gamer drugged his girlfriend to avoid interruption while playing on his Microsoft's Xbox Live . The 23-year-old German man, who has not been named, was fined EUR€500 (approx USD$555) by a judge in a Castrop-Rauxel district court, German website The Local reports . The man admitted in front of judge that he put between four and five drops of a sedative in his girlfriend's tea to make her fall asleep, so he could keep playing the video game on his console. His girlfriend fell asleep for more than 12 hours and wake up midday on the next day, but even after waking up she felt constantly drowsy.  "Then I got up and drove to work although I was nodding off again and again," the victim told. Girlfriends Broke-Up with her Boyfriend The offender's girlfriend, 24, broke up with her now-ex-boyfriend after he did this to her. Sentencing the man, the court judge said: "Your girlfriend slept long and deeply, wh...

Another Flash zero-day exploit has emerged from the hundreds of gigabytes of data recently leaked from Hacking Team , an Italian surveillance software company that is long been accused of selling spying software to governments and intelligence agencies. The critical zero-day vulnerability in Adobe Flash is a Use-After-Free() programming flaw ( CVE-2015-5122 ) which is similar to the CVE-2015-5119 Flash vulnerability patched last week and allows an attacker to hijack vulnerable computers. Adobe says the cyber criminals are apparently already exploiting this vulnerability for which no patch exists yet. However, it's second time in a single week when the company is working on a fix for the zero-day vulnerability in its Flash Player software. Flash Zero-Day Flaw in the Wild The Exploit code for this flaw is already available online, allowing an attacker to remotely execute malicious code on victims' computers and install malware, Adobe said in an advisory pub...

The four co-founders of The Pirate Bay, the world's most popular torrent website, have been cleared of charges alleging criminal copyright infringement and abuse of electronic communications in a Belgian court. The Pirate Bay co-founders Gottfrid Svartholm , Fredrik Neij, Peter Sunde and Carl Lundström were acquitted by a Belgian court located in Mechelse after it was found that they could not be held responsible for the file-sharing website after selling it in 2006. The Pirate Bay's founders Gottfrid Svartholm and Fredrik Neij, the website representative Peter Sunde and the website investor Carl Lundström were facing criminal charges related to their involvement with the torrenting site that has proven to be an elusive hub for illegal copyrighted content. The Pirate Bay was Sold to other Investors in 2006 However, the case fell apart when the Pirate Bay's co-founders said that they were not involved in any activity related to the website after they sold it to Re...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

The popular instant messaging app WhatsApp might adopt some features from its parent company, Facebook. The messaging giant is testing some new features that might be coming to the app soon. The features include a 'Like' button similar to that of Facebook and a 'Mark as Unread' feature for chat messages, AndroidPit reports . 'Like' Button for Images Ilhan Pektas, WhatsApp beta tester, recently claimed that a future WhatsApp update will introduce a 'Like' button for images, indicating the company might allow users to Like their friend's profile picture and images shared in groups as well. There aren't many details about the new features yet, but if implemented, Like button feature is something that could improve group chats. 'Mark as Unread' Feature to Chats Besides implementing Like button, WhatsApp is also planning to introduce a 'Mark as Unread' feature to chat messages that will offer recipients abil...

Now this is a shockingly dangerous threat when hackers are taking over weapons and missiles. This time I am not talking about weapon systems being hackable, but being HACKED! A German Patriot anti-aircraft missile system stationed on Turkish-Syrian border was reportedly hacked and taken over by an unknown " foreign source " who successfully executed " unexplained commands ." Two Attack Vectors Attacks on the Patriot missiles system were detected when "unexplained" orders were given to the weapons via two supposed weak spots. German trade publication Behörden Spiegel reports that the American-made missile system was accessed either through a Computer Chip that directs weapons guidance or through a Real-Time information exchange that provides communication between arms and commands. The publication speculates that the hackers may have stolen sensitive information and accessed missile control that could result in a missile firing ...

If you are one of our readers who follow The Hacker News every update, you probably know that Public WiFi network is a security risk. But many people aren't aware, including our great politicians. Internet security provider F-Secure carried out an experimental hack against three prominent UK politicians and hacked into their accounts with the help of public Wi-Fi network. To be very clear, all the three politicians – Rt. Hon. David Davis MP, Mary Honeyball MEP and Lord Strasburger – gave their consent to the recent exercise that focused on hacking into their devices using public, freely available Wi-Fi networks across London. F-Secure teamed up with the penetration testing firm Mandalorian Security Services and the Cyber Security Research Institute to carry out the tests . Despite holding major positions within the different parliaments, all three politicians admitted that they had " received no formal training or information about the relative ease " wi...

If you rely on messaging apps to remain in contact with your family members and friends, then you may have to switch back to old-fashioned text messaging service in matter of weeks due to a new law currently going through Parliament. WhatsApp and Facebook Messenger to Ban in UK The popular messaging applications, including WhatsApp, Snapchat, iMessage and Facebook Messenger, could all potentially be banned in the UK under the controversial ' Snoopers Charter '. The Investigatory Powers Bill -- the so-called Snoopers Charter -- mentioned in the 2015 Queen's Speech , would allow UK government to eradicate instant messaging apps that refuse to switch off end-to-end encryption from their services. Earlier this year in light of the Charlie Hebdo shootings in Paris, Prime Minister David Cameron hinted at the crackdown when he claimed that he would ban encrypted messaging apps like Snapchat, WhatsApp and Messenger unless they didn't comply with new surve...

Brains are more powerful than computers. So why not build a computer from Brain?  In fact, Multiple Brains as per sayings, " Two heads are better than one. " Scientists at Duke University have done exactly that. They have successfully developed the first instance of a Brain-machine interface that employs multiple brains at once to operate a single machine. "Organic Computers" – Made from Brains of Rats and Monkeys Scientists were able to interconnect the brains of four rats to create a " Brainet " that is capable of accomplishing computational tasks better than the tasks performed by any one of the rats. In the recent paper published in the journal Scientific Reports, the neurobiologist leading the research, Miguel Nicolelis says: " Recently, we proposed that 'Brainets,' i.e. networks formed by multiple animal brains, cooperating and exchanging information in real time through direct brain-to-brain interfaces, could ...

The mysterious security vulnerability in the widely used OpenSSL code library is neither HeartBleed nor FREAK, but it's critical enough to be patched by sysadmins without any delay. OpenSSL Foundation released the promised patch against a high severity vulnerability in OpenSSL versions 1.0.1n and 1.0.2b, resolving a certificate forgery issue in the implementations of the crypto protocol. The critical vulnerability could allow man-in-the-middle attackers to impersonate cryptographically protected websites, virtual private networks, or e-mail servers, and snoop on encrypted Internet traffic. The vulnerability, ( CVE-2015-1793 ), is due to a problem lies in the certificate verification process. An error in its implementation skipped some security checks on new, untrusted certificates. By exploiting this vulnerability, an attacker could circumvent certificate warnings that enable them to force applications into treating an invalid certificate as a legitimate Certificat...

The corporate data leaked in the recent cyber attack on the infamous surveillance software firm Hacking Team has revealed that the Adobe Flash zero-day (CVE-2015-5119) exploit has already been added to several exploit kits. Security researchers at Trend Micro have discovered evidences of the Adobe Flash zero-day (CVE-2015-5119) exploit being used in a number of exploit kits before the vulnerability was publicly revealed in this week's data breach on the spyware company. The successful exploitation of the zero-day Flash vulnerability could cause a system crash, potentially allowing an attacker to take full control of the affected system. Adobe Flash Zero-Day Targeted Japan and Korea According to the researchers, the zero-day exploit, about which the rest of the world got access on Monday, was apparently used in limited cyber attacks on South Korea and Japan . "In late June, [Trend Micro] learned that a user in Korea was the attempted target of various ...

The BBC has unveiled the final design of the Micro:bit — a pocket-sized computer board designed to lure U.K. school children to embedded electronics. The Micro:bit is essentially a codeable computer that lets kids get creative with technology. It measures 5cm by 4cm and will be available in different colors. The idea behind the Micro:bit is to encourage young children to learn how computers work, and to get kids into programming and engineering at the young age. What does this tiny little computer contain? The Micro:bit, made in collaboration with ARM, Barclays, element14, Freescale, Lancaster University, Microsoft, Nordic Semiconductor, Samsung and the Wellcome Trust, contains: A 32-bit ARM Cortex M0 CPU Programmable Array of 25 red LEDs Micro USB port through which it can be powered Three input-output (I/O) Ring Connectors to hook it up to other kits and sensors Bluetooth for connectivity A 3V output connector to power external devices A 20-pin edge...

An alleged member of Lizard Squad, who claimed responsibility for knocking Sony's PlayStation Network and Microsoft's Xbox Live offline late last year has been convicted of 50,700 counts of cyber crime. The infamous computer hacker gang Lizard Squad launched massive Distributed Denial-of-Service (DDoS) attacks against the largest online gaming networks -- PlayStation Network and Xbox Live -- on Dec. 25, 2014. Then offered to sell its own Lizard-branded DDoS-for-hire tool called Lizard Stresser. Julius "zeekill" Kivimaki , a 17-year-old was given a two-year suspended prison sentence and was "ordered to fight against cybercrime," according to Finnish newspaper Kaleva . Facing more than 50,000 Counts of Computer Crime Finnish authorities arrested Kivimaki in late 2014. Under the alias " Ryan ," the teen participated in an interview with U.K. television station Sky News, openly claiming that he is a member of Lizard Squad a...

The Recent Cyber Attack that exposed 400GB of corporate data belonging to surveillance software firm Hacking Team has revealed that the spyware company have already discovered an exploit for an unpatched zero-day vulnerability in Flash Player. Security researchers at Trend Micro claim that the leaked data stolen from Hacking Team , an Italian company that sells surveillance software to government agencies, contains a number of unpatched and unreported Adobe flaws. Hacking Team has Unpatched Flash Bug  While analyzing the leaked data dump, researchers discovered at least three software exploits – two for Adobe Flash Player and one for Microsoft's Windows kernel. Out of two, one of the Flash Player vulnerabilities, known as Use-after-free vulnerability with CVE-2015-0349 , has already been patched. However, the Hacking Team described the other Flash Player exploit, which is a zero-day exploit with no CVE number yet, as "the most beautiful Flash bug for ...

Attention Please! System Administrator and anyone relying on OpenSSL should be prepared to switch to a new version of the open-source crypto library that will be released this Thursday 9th July. OpenSSL is a widely used open-source software library that provides encrypted Internet connections using SSL/TLS for majority of websites, as well as other secure services. The new versions of OpenSSL crypto library, versions 1.0.2d and 1.0.1p , address a single security vulnerability classified as "high severity," the OpenSSL Project Team announced on Monday. There isn't more details about the mystery security vulnerability available yet, except for the fact that the security vulnerability doesn't affect the 1.0.0 or 0.9.8 series. "The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.0.2d and 1.0.1p," developer Mark J Cox announced in a mailing list note published yesterday. "These releases will be ...

Yes, sometimes even the Hackers get Hacked. Hacking Team , one of the most controversial spyware and malware providers to governments and law enforcement agencies all around the world, allegedly been hacked, with some 500 gigabytes of internal data leaked over the Internet . The leaked data indicates that despite its denials, the spyware company did sell powerful spyware tools to oppressive regimes in Sudan, Bahrain, Ethiopia and Saudi Arabia . Massive Data Breach at Hacking Team The unknown hackers not only managed to make 500 GB of client files , financial documents, contracts and internal emails, publicly available for download, but also defaced Hacking Team's own Twitter account, replacing the company's logo to "Hacked Team." Hacking Team , also known as HT S.r.l, is an Italian company known for providing powerful surveillance software Remote Code System (RCS) to Governments and law enforcement agencies. The company previously claimed to o...

Wireless charging isn't a new concept at all, but to charge your devices you are still required to place your phone on the top of charging pad. Quite annoying sometimes when slightly misaligned of a device caused your phone not to charge. Now, imagine you never have to plug in your smartphones again, or technology that charges multiple devices at one time. This is what Energous Corporation is all set to offer you. WattUp — Wirelessly Charging Technology The technology company Energous Corporation is about to launch WattUp — a wireless charger that will change the way people charge their electronic devices at homes, in the offices, in the car and beyond. "With WattUp, you no longer need to worry about looking for a charge: once you are in a WattUp wire-free charging zone, the battery life of all your devices will simply be managed, seamlessly and intelligently, so you can devote your time and energy to what really matters," the Energous  website  reads. ...

Nothing is scarier than your iPhone alerting you that your battery had hit 5%, especially when you just took it off the charger with a 100 percent full battery about an hour ago.  To be very honest, it literally sucks. However, you no need to worry about this problem now, as there's a solution. Apple has just modified its warranty programs to make it easier for you to get your iPhone battery or in some cases, the whole device exchanged at an Apple Store. Under its new AppleCare+ policy , the company is offering to replace the batteries in your iOS devices for free until January 2016 , but if and only if you are eligible. Are you Eligible for New iPhone Battery? To make sure your iPhone is eligible, you need to check these simple things: You need to have bought the iPhone between September 2012 and January 2013 If yes, then the capacity of your battery also has to hold less than 80% of its original capacity Previously, the policy offers replacement of ...

Get ready for a new Android Browser! Android ROM developer CyanogenMod has announced that it is working on a new browser for Android devices. Dubbed Gello , the open-source browser is based on Google's Chromium project and includes a ton of customization options for Android. The team provided a first look of Gello through a demo video that actually reveals a lot about the new Android browser. Some Specific Features of Gello include: " Save for Offline " Reading Mode Night Mode and Immersive Mode options Extensive site-by-site Privacy and Security Settings, including Ad Blocker Advanced Download Manager that allow you to rename files and select file paths Customized interface , including Tab Animations and Management Moreover, Lots of other granular controls. The Gello web browser would be aimed at those who prefer Android Open Source Project (AOSP) versions instead of Google's Android. The team noted that the Gello browser will not...

Security firm Trend Micro has identified a 20-year-old Brazilian college student responsible for developing and distributing over 100 Banking Trojans selling each for around US$300 . Known online as ' Lordfenix ', ' Hacker's Son ' and ' Filho de Hacker ', the computer science student first began his career by posting in forums, asking for programming help for a Trojan he was developing, researchers said. Developed More than 100 Trojans However, Lordfenix has "grown quite confident in his skills" and began developing and distributing malware tailored to pilfer financial information since at least 2013. "Based on our research, Lordfenix has created more than 100 different banking Trojans , not including his other malicious tools, since April 2013," Trend Micro says . "With each Trojan costing around R$1,000 (roughly $320), this young cybercriminal channeled his talent in programming into a lucrative, illegal venture." Trend Mi...

The Internet is running out of IPv4 (Internet Protocol version 4) addresses — a computer's unique address on the Internet. It's just become harder to get IPv4 addresses. IPv4 Exhaustion Gets Real. Is this the end of IPv4 addresses? Finally, North America ran out of iPv4 addresses and officially exhausted its supply of IPv4 addresses, joining Asia, Europe, and Latin America. The American Registry for Internet Numbers (ARIN), which is responsible for handing out Internet addresses, has warned that it is unable to fulfil a request for the allocation of large blocks of IPv4 addresses due to IPv4 Exhaustion of available address pool. On Wednesday, ARIN activated an " IPv4 Unmet Requests Policy " for the first time and placed a waitlist for companies that request blocks of IP addresses for their services. According to the ARIN, ISPs are left with only three choices: They can either accept a smaller block (limited to 512 and 256 addresses) They can jo...