The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Until today, there existed such Fingerprint Biometric Readers that required your touch to authenticate yourself as an authorized person. However, the latest research shows that the future of fingerprint scanners lies in a " no-touch " activity by an individual for gaining access. Recently, NIST ( National Institute of Standards and Technology ) has funded a number of startup and companies to develop touchless Fingerprint readers. The Contactless Biometric Technology requires the person's presence, but from meters away. As the fingerprint scanners can sense and read your fingerprint information while you are standing few meters away from the scanner. Contactless Fingerprint Scanners: Fast and Time Saving The touch-free technology is such where authentication is done with a faster speed, saving time while giving importance to hygiene when compared to conventional biometric devices. Imagine a situation, where there's a long queue and to pass through biometric fingerprint...

Do you know? Microsoft has the power to track every single word you type or say to its digital assistant Cortana while using its newest operating system, Windows 10 . Last fall, we reported about a ' keylogger ' that Microsoft openly put into its Windows 10 Technical Preview saying the company 'may collect voice information' as well as 'typed characters.' It was thought that the company would include the keylogger only within the Technical Preview of Windows 10, just for testing purpose. But, the thought was Wrong! The keylogger made its ways to Windows 10 public release offered by Microsoft for free due to which Windows 10 gained millions of adoption in just a few days after its first roll out back in July – but the free upgrade is not always free. Also Read:   Tip — Installing Windows 10‬? Fix 35+ Privacy Issues With Just One Click Yes, besides various privacy issues , there is a software component that tracks your inputs using your k...

How difficult is for hackers to take over your personal photographs? They just need to trick you to download an app, or may be a Porn app . Yes, if you are one of those who can't resist watching porn then you could be an easy target for hackers who are distributing ransomware via malicious pornography app to run you out of your money. A pornography application for Android called Adult Player that promises free pornographic videos has been caught taking photographs of users and then extorting them for ransom ( Cyber Extortion ). Once installed, Adult Player gains administrator access to the victim's device, which then allows it to load malicious ransomware files. When Hackers Turn to Blackmail: Demands $500 Ransom When a user opens the app, Adult Player secretly takes photos of the user with the help of front-facing camera and then demands a $500 (£330) ransom in order to restore the device access and delete all photos stored on attackers server. ...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

In Part I of this  two-part series from The Hacker News , the First Four list of Top Brutal Cyber Attacks shows that whoever you are, Security can never be perfect. As attackers employ innovative hacking techniques and zero-day exploits, the demand for increased threat protection grows. In this article, I have listed another three cyber attacks, as following: #5 Car Hacking Driving a car is a network's game now! ' Everything is hackable ,' but is your car also vulnerable to Hackers ? General Motors' OnStar application and cars like Jeep Cherokee, Cadillac Escalade, Toyota Prius, Dodge Viper, Audi A8 and many more come equipped with more advanced technology features. These cars are now part of the technology very well known as the " Internet of Things ". Recently two Security researchers, Chris Valasek and Charlie Miller demonstrated that Jeep Cherokee could be hacked wirelessly over the internet to hijack its steering, brakes, and transmi...

If you believe that your organization is not at real risk of cyber attack, then you are absolutely wrong. Incidents of massive data breaches, advanced cyber attacks coming from China , groups like Syrian Electronic Army , Hacking Point of Sale machines at retailers such as Target have splashed across the news in the last one year. Whether a Government Agency or Private Company, Small or a Large Tech Company.... ...It's no secret that No one is Immune to Cyber Attacks . This article is the first in a two-part series from The Hacker News , listing first four out of  Top 7 Brutal Cyber Attacks. And here we go... #1 "Hacking Team" Data Breach Hacking Team , the controversial spyware company, recently been hacked by some unidentified hackers that exposed over 400 gigabytes of its internal sensitive data on the Internet. Milan (Italy) based IT firm 'Hacking Team' sells intrusion and surveillance software solutions to Governments and Law Enforcement agen...

Several of Seagate's 3rd generation Wireless Hard drives have a secret backdoor for hackers that puts users' data at risk. A Recent study done by the security researchers at Tangible Security firm disclosed an " undocumented Telnet services " with a hard-coded password in Seagate Wireless Hard Drives. The secret Telnet Vulnerability ( CVE-2015-2874 ) with an inbuilt user account (default username and password — "root") allows an attacker to access the device remotely, left users data vulnerable to theft. According to US-CERT (Computer Emergency and Response Team) public advisory, multiple models of Seagate hard drives contain multiple vulnerabilities. Affected devices are: Seagate Wireless Plus Mobile Storage Seagate Wireless Mobile Storage (Wirelessly streaming your tablet and smartphone's data) LaCie FUEL (Wirelessly extending storage for iPads) The violation that an attacker can activate is, they can gain root access to the device and ac...

Google is planning to introduce a trimmed down special version of Google Play Store and Android Wear to The Mainland China. But wait, if I'm not wrong… Google had ended ties with China five years ago. Then what made Google to re-establish itself in China once again? Business?? Recent reports by Amir Efrati at The Information state that Google has massive plans to re-establish itself in the Mainland China. The search engine giant is aiming to get approval from China (the largest populated country in the world) for: Reviving Google as the Internet service provider Designing a tailor-made Google play store for China Android Wear software for the wearable existing in China Smart steps, though, but what happened back in 2010? Google and China always contradict each other, China's Internet laws and Google's censoring the search engine was one battle. In 2010, Google famously retracted its search engine Google.cn from Mainland China, after they ma...

China Police has arrested nearly 15,000 people on suspicion of cyber crimes as part of an operation dubbed " Cleaning the Internet ," according to reports. According to the Chinese Ministry of Public Security (MPS), the suspects have been arrested for their involvement in cyber crimes that " jeopardized Internet security ." In July, China launched a six-month campaign codenamed " Cleaning the Internet " to fight online criminal activities. Under the program, the police investigated 7,400 cases, including hacking, online fraud and the illegal sale of personal information, spread over 66,000 websites, the official website of the ministry stated . "For the next step, the public security organs will continue to increase their investigation and crackdown on cyber crimes," according to the Chinese Ministry of Public Security. The MPS did not clear exactly when the arrests took place but said the program also took down major online...

Jailbreaking your device may have got you the best of apps but after reading this you will know what a high price you could have to pay for the jailbreak. Read on… A malware named ' KeyRaider ' has supposedly stolen user credentials of approximately 225K iPhone users. It has been given this name as it raids victims' username and passwords, private keys and certificates. Figures say that KeyRaider malware has affected a large number of users in China and worldwide 17 more countries. Also, the origin of malware is suspected to be in China, as said in investigations conducted by Palo Alto Networks for reporting any suspicious tweaks on iPhones. Users falling prey to KeyRaider may be the victims of: Ransomware Data Theft DDoS Attacks Malware is targeting jailbroken phones and when in action, it captures Apple ID of the users and make transactions using it. The researchers say that it is spreading with the help of Cydia app repositories that are popular amo...

We found a high concern for cybersecurity tactics and an increased awareness of the challenges that it brings. This week, we shared lots of stories with our readers, and to help them in identifying the biggest malware threats to their online safety. We are here with the outline of our last week stories, just in case you missed any of them ( ICYMI ). We recommend you read the entire thing ( just click ' Read More ' because there's some valuable advice in there as well ). Here's the list: ➢ How Hackers Can Hack Your Gmail Accounts? Getting smarter in their phishing tactics, hackers have found out ways to fool Gmail's tight security system by bypassing its two-step verification. Hackers are now using text messages and phone-based phishing attacks to circumvent Gmail's security and take over your Gmail accounts. — Read more . ➢ Not Just Windows 10, Windows 7 and 8 Also Spy on You Laughing at controversial data mining and privacy invasion featur...

Nothing could be scarier than that little battery icon in our smart hits the red. All our focus shifts towards searching the nearest charging outlet – and it happens all too often. Yes, the short battery life is the worst thing about our smartphones. It forces us to always carry chargers and battery banks, as well as continually chase plugs walls. But don't worry; Apple is looking to fix this problem soon. The technology giant is working on batteries that could Power its MacBooks and iPhones for 7 Days , according to a new patent filed by Apple. Batteries that Last for 7 Days Apple has filed a new patent for a ' fuel cell system ' that would replace the existing toxic batteries resided in its Macbooks with cells that could last " for days or even weeks without refuelling ". The patent, ' Fuel Cell System to Power a Portable Computing Device ', describes: A fuel cell system that converts fuel to electrical power A controller...

After, Facebook open sourced Thrift Technology ( an internally used tool by Facebook ) in 2007, rival entity Twitter brings Diffy , an internal Twitter service to the world. Yesterday, Twitter introduced " Diffy ," an open source tool, acting as a helping hand for the software developers to catch bugs, test and compare results without writing much code. Diffy plays a vital part in Twitter's development. As a service - Twitter modifies portions of its complex code on a timely basis, and Diffy is packed with such advanced automated techniques that it helps Twitter in its smooth workflow and optimized performance. Diffy simultaneously relieves programmers from writing separate codes to test flaws in the modified code. As, Diffy's minimal setup requirements are adaptable to any kind of environment. Apache Thrift and HTTP-based communication are such elaborate environments where Diffy catches bugs automatically . But, What exactly Diffy is? D...

Rejoice Chrome users! Google has made major improvements to its Chrome web browser that would once again make it one of the least memory eater browsers in the market. Although Chrome is used by hundreds of millions of people worldwide due to its simplicity and power, most people aren't happy with it because it uses too much memory and power. Google has now solved these problems. The most recent release of Chrome ( Chrome 45 ) is intended to make your browsing experience faster and more efficient. Google launched Chrome 45 for Windows, Mac, Linux, and Android two days ago, but the company announced in an official blog post Friday that the new version includes several new updates that focus on making the browser load faster and use less memory. Also Read:  I keep 200+ Browser Tabs Open, and My Computer Runs Absolutely Fine. Here's My Secret Chrome 45 Uses 10% Less RAM A major issue reported by Chrome users was the browser's consumption of PC mem...

Several video baby monitors from six different manufacturers were under scrutiny for in-depth security testing, and the outcome was negative. Yes, they lacked in serving basic security through their devices. At the High Technology Crime Investigation Association (HTCIA) conference on September 2, 2015, a critical security research was made public by Rapid7 after following a disclosure policy. A month ago, The Hacker News (THN) posted about how IoT is making the smart cities vulnerable to the technology. Similarly, this time a highly personal IoT device i.e. ' Baby Monitors ' has been anticipated as a victim of hacking of such devices. According to a 2014 Gartner's report, the IoT space is expected to be crowded with over 25 billion devices in five years, i.e. by 2020. Reportedly, ten vulnerabilities were found in the Baby Monitoring devices and the related vendors were contacted to get their comments on how are they going to address the severe flaws residing ...

In above picture, Have you noticed those numerous crazy spikes? The Device looks like an Alien artifact, which is actually the World's fastest wireless Wi-Fi router for the Game of Thrones generation. Unveiled at IFA 2015, Asus has launched its uniquely designed RT-AC5300 Wi-Fi router , which they said would offer the fastest connection speed ever. Asus RT-AC5300 Wi-Fi router has Eight external dual-band antennas that promise to deliver ultra-wide area coverage, reaching up to 500 square meters with absolute signal stability. The router is compatible with all those geeks who work in networking arena or love to Play Online Games and want stream 4K resolution videos. Specifications Of Asus RT-AC5300 Wi-Fi router The New Tri-Band Router: Delivers up to 1,000Mbps from the 2.4GHz band, and 2,167Mbps from each of the 5GHz bands (total 5334Mbit/s) Supports USB ports 2.0 and 3.0 versions. Equipped with Broadcom's NitroQAM/TurboQAM technologies to allow u...

Remember StingRays ? The controversial cell phone spying tool , known as " Stingrays " or " IMSI catchers ," has been used by authorities to track criminal suspects most of the times without obtaining court orders. But now, the Federal law agencies will have to be more transparent about their use of Stingrays to spy on cell phones. Thanks to the new policy announced Thursday by the US Department of Justice. For years, local police and federal authorities have used and spent over $350,000 on Stingrays , which essentially mimic mobile phone tower, to track cell phones in countless investigations. What is Stingray? Stingrays , made by the Harris Corporation, has capabilities to access user's unique IDs and phone numbers, track and record locations, and sometimes even intercept Internet traffic and phone calls, send fake texts and install spyware on phones. The authorities used these tracking tools for years to breach people's privacy...

US-CERT has outlined about Wireless routers developed by Belkin supposedly containing several vulnerabilities. CERT in their Vulnerability Note VU#201168 (Vulnerability ID) said, that Belkin's N600 DB Wireless Dual-Band N+ Router, model F9K1102 v2 with firmware version 2.10.17 and very likely earlier versions are packed with multiple and critical vulnerabilities. The targeted router is the fastest long-range router with speeds up to 300Mbps + 300Mbps** allows a great multi-device coverage and with its dual-band operating speed empowering and prioritizing exhaustive activities like video streaming and online gaming. Few months back, The Hacker News (THN)  reported about vulnerabilities in routers capable of hijacking user's data at different instances. Belkin router is accused of loopholes that allow an attacker to spoof DNS, conduct man-in-the-middle attack, perform privilege escalation and implement Cross Site Request Forgery(CSRF). CERT lists out the m...