The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Facebook's Free Internet access to India has hit a hurdle: The Telecom Regulatory Authority of India ( TRAI ) has ordered the mobile carrier to temporary suspend the Facebook's Free Basics Internet program. Facebook's Free Basics is an app that allows users to access certain Internet websites, including Facebook, for free. However, India's independent regulatory body has asked Reliance Communications – the only mobile carrier that provides Free Basics in India – to disable the free internet service temporarily while the regulator investigates whether the service violates net neutrality . Facebook's Free Basics – Free Internet for ALL Facebook introduced Free Basics ( then known as Internet.org ) app to India in February this year, offering people access to more than three dozen Web services for free. Users of Facebook's Free Basics app must have a Reliance mobile network and are limited to a range of portals including Wikipedia, BBC New...

Hyatt Hotels Corporation is notifying its customers that credit card numbers and other sensitive information may have been stolen after it found malware on the computers that process customer payments. "We recently identified malware on computers that operate the payment processing systems for Hyatt-managed locations," the company announced on Wednesday. "As soon as we discovered the activity, we launched an investigation and engaged leading third-party cyber security experts." What type of information? The company didn't confirm whether the attackers succeeded in stealing payment card numbers, neither it say how long its network was infected or how many hotel chains were affected in the malware attack. But as the payment processing system was infected with credit-card-stealing malware, there is a possibility that hackers may have stolen credit card numbers and other sensitive information. What happened? Hyatt spokeswoman Stephanie Sheppard ...

Breaking News: A 23-year-old Bahamian man has been arrested and charged with hacking into the email accounts of 130 celebrities and stealing the unreleased movie and TV scripts, tapes, explicit images and even the upcoming album of a famous A-List Celebrity . The hacker named Alonzo Knowles contacted a famous radio host to sell the stolen scripts for the first six episodes of a hit television drama currently being filmed. The unnamed host informed about it to the Homeland Security that cooked up a sting operation and had the radio host put the hacker in touch with an undercover investigator posing as an interested buyer. The LOSE Among the items he offered to sell were: Scripts for three comedy films A hip-hop biopic Another television show Social Security numbers for actors and professional athletes Emails and phone numbers of at least 130 celebrities Tapes of celebrities The hacker was arrested on Monday in Manhattan, a day after arriving from the B...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Internet millionaire and Megaupload founder Kim Dotcom and his three associates are eligible for extradition to the US to face criminal charges over massive copyright infringement on Megaupload (now-shuttered), the court has ruled citing " overwhelming " evidence. On Tuesday afternoon, New Zealand District Court Judge Nevin Dawson told the court that the United States had presented enough evidence against Dotcom and his co-defendants and that they should be surrendered to the US. US prosecutors want Dotcom, and colleagues Mathias Ortmann , Bram van der Kolk and Finn Batato to stand trial on charges of copyright infringement, racketeering, and money laundering. "No matter what happens in Court tomorrow, I'll be fine. Don't worry. Enjoy your Christmas & know that I'm grateful to have you, my friends," Dotcom  tweeted before the court hearing. The court ruling comes almost three years after the New Zealand police raided Dotcom's ...

In the wake of a hoax bomb threat, all public schools in Los Angeles were closed for a day last week, and now German authorities have seized an encrypted email server. But, Does that make sense? In a video statement posted on Monday, the administrator of Cock.li – an anonymous email provider service – said German authorities had seized a hard drive from one of its servers that used to host the service in a Bavarian data center. The email provider was thought to have been used last week to send bomb threatening emails to several school districts across the United States, resulting in the closure of all schools in the Los Angeles Unified School District. Despite The New York City Department of Education dismissed the e-mail as an obvious hoax, German authorities seized a hard drive that, according to the service admin, actually holds "all data" on the company. According to the service administrator Vincent Canfield, "SSL keys and private keys and f...

What would require crashing the wildly popular WhatsApp messaging application? Nearly 4000 Smileys . Yes, you can crash your friends'  WhatsApp , both WhatsApp Web and mobile application, by sending them not any specially crafted messages, but just Smileys. Indrajeet Bhuyan , an independent researcher, has reported The Hacker News a new bug in WhatsApp that could allow anyone to remotely crash most popular messaging app just by sending nearly 4000 emojis to the target user, thereby affecting up to 1 Billion users. Bhuyan is the same researcher who reported a very popular WhatsApp crash bug last year that required 2000 words ( 2kb in size ) message in the special character set to remotely crash Whatsapp messenger app. After this discovery, the company patched the bug by setting up the limits of characters in WhatsApp text messages, but unfortunately, it failed to set up limits for smileys send via WhatsApp. "In WhatsApp Web, Whatsapp allows 65500-660...

Security issues have long tantalized over 850 Million users that have Oracle's Java software installed on their computers. The worst thing is that the software was not fully updated or secure for years, exposing millions of PCs to attack. And for this reason, Oracle is now paying the price. Oracle has been accused by the US government of misleading consumers about the security of its Java software. Oracle is settling with the Federal Trade Commission (FTC) over charges that it " deceived " its customers by failing to warn them about the security upgrades. Java is a software that comes pre-installed on many computers and helps them run web applications, including online calculators, chatrooms, games, and even 3D image viewing. Oracle Left Over 850 Million PCs at Risk The FTC has issued a press release that says it has won concessions in a settlement with Oracle over its failure to uninstall older and insecure Java SE software from customer PCs u...

As the most wonderful time of the year has come - Christmas , it has brought with itself the time of online shopping. According to National Retail Federation , more than 151 million people shopped in store, but more than 100 Million shopped online during Cyber Monday sales and even why wouldn't it be so given the vast conveniences of online shopping. It is quite visible in these days that more and more people are heading towards online shopping rather than the malls to purchase gifts for Christmas. However, the main question arises: Is it safe to do so? Especially with so many users sharing credit card information online. Here are some tips that you have to keep in mind before providing your credit card number and clicking, ' BUY ' 1. DO NOT CLICK On Suspicious Links Malicious links are sent by scammers who look more real than the original ones. As these links are specifically of the well-known sites like eBay and Flipkart, many online users fal...

Want to buy a touch-screen laptop but couldn't afford it? But what if I told you that you can turn your existing non-touch-screen laptop into a Touch Screen laptop? Yes, it's possible. You can now convert your laptop or PC into a touch screen with the help of a new device called AirBar . Touch screen has become a popular feature on laptops these days, and many laptops are moving toward having touch screens, but not every laptop or desktop model comes with the feature. Swedish company Neonode has brought to you a new device, AirBar, that would bring the touch technology to virtually any computer from your non-touch laptops to notebooks. What is AirBar and How does it Work? AirBar is a small plug-and-touch bar that attaches magnetically to the bottom of your machine's display. When connected to your laptop via an available USB port, AirBar starts emitting a beam of invisible light across your screen that is used to track touchscreen movements...

As organizations expand their IT infrastructure to match their evolving business models and meet changing regulatory requirements, they often find that their networks have become extremely complex and challenging to manage. A primary concern for many IT teams is detecting threats in the mountain of event data being generated every day. Even a relatively small network can generate hundreds or thousands of events per second, with every system, application, and service generating events. The sheer volume of data makes it virtually impossible to identify manually and link those few events that indicate a successful network breach and system compromise, before the exfiltration of data. The AlienVault Unified Security Management (USM) platform is a solution to help IT teams with limited resources overcome the challenge of detecting threats in their network. USM platform accelerates and simplifies your ability to detect, prioritize, and respond to the most critical ...

Juniper Networks has announced that it has discovered " unauthorized code " in ScreenOS , the operating system for its NetScreen firewalls, that could allow an attacker to decrypt traffic sent through Virtual Private Networks (VPNs). It's not clear what caused the code to get there or how long it has been there, but the release notes posted by Juniper suggest the earliest buggy versions of the software date back to at least 2012 and possibly earlier. The backdoor impacts NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20, states the advisory published by the company. However, there's no evidence right now that whether the backdoor was present in other Juniper OSes or devices. The issue was uncovered during an internal code review of the software, according to Juniper chief information officer Bob Worrall , and requires immediate patching by upgrading to a new version of the software just released today. ...

Ever wonder how to hack Instagram or how to hack a facebook account? Well, someone just did it! But, remember, even responsibly reporting a security vulnerability could end up in taking legal actions against you. An independent security researcher claims he was threatened by Facebook after he responsibly revealed a series of security vulnerabilities and configuration flaws that allowed him to successfully gained access to sensitive data stored on Instagram servers , including: Source Code of Instagram website SSL Certificates and Private Keys for Instagram Keys used to sign authentication cookies Personal details of Instagram Users and Employees Email server credentials Keys for over a half-dozen critical other functions However, instead of paying him a reward, Facebook has threatened to sue the researcher of intentionally withholding flaws and information from its team. Wesley Weinberg , a senior security researcher at Synack, participated in Facebook's b...

What do you do to earn up to $150,000? Somebody just hacks into airlines and sells fake tickets. That's exactly what a 19-year-old teenager did and made approximately 1.1 Million Yuan (£110,000 or $150,000) by hacking into the official website of an airline and using the stolen booking information to defraud hundreds of passengers. The teenager, identified as Zhang from Heilongjiang, north-east China, hacked into a Chinese airline website and illegally downloaded 1.6 Million passengers bookings details, including: Flight details Names ID card numbers Email addresses Mobile phone numbers Zhang then used this information to successfully defraud hundreds of customers by convincing them that there was some issue with their booking flights, and they had to pay extra fees, according to People's Daily Online . Moreover, the hack caused the airline to lose almost 80,000 Yuan ( $12,365 USD ) as a result of customers requesting refunds. The incident too...

Many Windows 7 and Windows 8.1 users don't want to upgrade their machines to Microsoft's newest Windows 10 operating system now or anytime soon. Isn't it? But what if you wake up in the morning and found yourself a Windows 10 user? That's exactly what Microsoft is doing to Windows 7 and 8.1 users. Windows 10 Upgrade Becomes More Aggressive Ever since Microsoft launched its new operating system over the summer, Windows 7 and 8.1 users have been forced several number of times to upgrade their machines to Windows 10. It was relatively inoffensive at first, but as days have passed, Microsoft has become increasingly aggressive to push Windows users to upgrade to Windows 10 . Microsoft has left very little choice over whether to upgrade their systems to Windows 10 or not. At last, the users end up upgrading their machines to the latest Windows operating system. Users now see a pop up on their computers, as InfoWorld reports , that displays only t...

So what would anyone need to bypass password protection on your computer? It just needs to hit the backspace key 28 times , for at least the computer running Linux operating system. Wait, what? A pair of security researchers from the University of Valencia have uncovered a bizarre bug in several distributions of Linux that could allow anyone to bypass any kind of authentication during boot-up just by pressing backspace key 28 times. This time, the issue is neither in a kernel nor in an operating system itself, but rather the vulnerability actually resides in Grub2 , the popular Grand Unified Bootloader , which is used by most Linux systems to boot the operating system when the PC starts. Also Read: GPU-based Linux Rootkit and Keylogger . The source of the vulnerability is nothing but an integer underflow fault that was introduced with single commit in Grub version 1.98 (December 2009) – b391bdb2f2c5ccf29da66cecdbfb7566656a704d – affecting the grub_password...

Remember the notorious hacker group Lizard Squad that spoiled last Christmas holidays of many game lovers by knocking the PlayStation Network and Xbox Live offline with apparent Distributed Denial of Service (DDoS) attacks? But, Will you be able to Play Xbox and PlayStation Game this Christmas? Probably Not. Because a new hacking group is threatening to carry out similar attacks by taking down the Xbox LIVE and PlayStation Network for a week during Christmas. Be Ready this Christmas for Attacks on PSN and XBox LIVE In a series of tweets, a bunch of DDoS hackers calling themselves " Phantom Group " (@PhantomSquad) announced that they will disrupt the XBox Live and PlayStation networks in a coordinated DoS attack. The attacks could prevent millions of gamers worldwide from enjoying their newly opened Christmas gifts and accessing games online. Also Read: PlayStation 4 Jailbreak Confirms . Here are the tweets by Phantom Squad: We are goi...

Researchers have come up with an all new way to revolutionize the standard computer chip that comes inbuilt in all our electronics. Researchers from Carnegie Mellon , Stanford , and t he University of California , Berkeley among others, have invented a new material that could replace the 'silicon' in conventional chips – built in all electronic devices – making the device's processing  speed 1,000 times faster . This means that the new chip made with nano-material could solve complex problems in a fraction of the time our computers take. The brand new chip, dubbed Nano-Engineered Computing Systems Technology (N3XT) , takes the landscape from a resource-heavy single-storey layout to an efficient ' Skyscraper ' approach, claims a Rebooting Computing special issue of the IEEE Computer journal. Silicon Chip – A Resource-Heavy Single-Storey Layout The standard silicon chips currently used in all electronic devices have one major issue: The ...

UK's Secretive Spy Agency Government Communications Headquarters (GCHQ) has open-sourced one of its tools on code-sharing website GitHub for free... A graph database called ' Gaffer .' Gaffer , written in Java, is a kind of database that makes it "easy to store large-scale graphs in which the nodes and edges have statistics such as counts, histograms and sketches." Github is a popular coding website that allows software developers to build their project on a single platform equipped with all the requirements that are gone in the making of a software. Gaffer and its Functionalities In short, Gaffer is a framework for creating mass-scale databases, to store and represent data, and is said to be useful for tasks including: Allow the creation of graphs with summarised properties within Accumulo with a very less amount of coding. Allow flexibility of stats that describe the entities and edges. Allow easy addition of nodes and edges. Allo...