The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Two cybersecurity researchers have just taught smartphones a lesson by developing a program that can eavesdrop and steal text messages from any phone on a GSM network – all in about 20 seconds. The Guardian reported that Karsten Nohl and Sylvain Munaut spent a year honing their technology, which starts by sending a text message to a target phone; called a “ghost” message, the text doesn’t show up on the recipient’s phone, but enables the hackers to obtain the handset’s unique identification number. Once that identification number is stolen, Nohl and Munaut were able to record phone conversations and texts from the hijacked phone. Their proof-of-concept hack can be deployed on any phone running on a GSM (Global System for Mobile Communications) network. That’s a pretty big focus group – about 80 percent of the world’s phones run on a GSM network. “Any GSM call is fair game,” Nohl told the BBC. He and his partner in cybercrime demonstrated their data-grabbing technology at last w...

This kind of thing tends to happen from time to time, though this time it seems that Mark Zuckerberg’s name has been dragged into it.   A hacker out there managed to hack into Kenya’s law enforcement body’s website and post some graffiti there, which is some kind of tribute to Facebook’s co-founder.   The site now shows “Got in and all i could think about was zuckerberg!!! This’ for you Mark!” Only the main page seems defaced, as the rest of the site is functional. Hopefully this gets solved sooner rather than later and it’s not a sign of an upcoming trend for 2011.

Video shows how Windows Phone 7 apps can be easily swiped and stripped of DRM protections Once more, Microsoft finds itself in the unenviable position of having one of its security flaws shared with the world. WPCentral has posted a video made by a "'white hat' developer" that shows how cyber shoplifters can easily swipe and unlock apps from Microsoft's Windows Phone 7 Marketplace. The news yet again raises the question of whether Microsoft is slacking on security. WPCentral asserts that it shared this security flaw with Microsoft "well before the publication of [the] article" but opted to make public the information to motivate the company to fix the problem, in defense of developers who are seeing their wares stolen. "While many will condemn us for 'promoting piracy,' we respectfully disagree," said WPCentral. "We have heard many complaints from developers about this weakness for months now and it is their right to know abo...

Barnes and Noble’s full color touch screen, Wi-Fi and 3G enabled eReader tablet NOOK color ships with a Bluetooth chip that is not activated. Well, not anymore. A user occip at XDA-developers has managed to start the Bluetooth on the device and scanning and connecting to devices is working well. NOOK color is really turning out to be quite a tablet. It comes at a much cheaper rate than standard tablets and looks and works like a superior piece of equipment. Way to go, people! What would the tech world be without the developers? Do note that the eReader’s Bluetooth capabilities are not error-free yet. There are some problems such as inconsistency. And you have to be on Android 2.2, not Android 2.1, the default operating system version. In any case, if you want to try this out on your Nook, get the instructions  here . Do this at your own risk. As this implementation will definitely void your equipment’s warranty, be sure you know what you’re doing. NOOK color has been a treat for de...

The Japanese motor company, Honda, today issued an alert to U.S. customers concerning a security breach  resulting from a hacked database. The database that was managed by a third-party marketing group contained confidential information, including names of car owners, personal e-mail addresses, and even Vehicle Identification Numbers (VIN). The company downplayed the breach, saying it would be very difficult for the hackers to actually utilize the stolen information to steal a person’s identity. Honda immediately issued a warning via e-mail to people included in the database once becoming aware of the unauthorized breach. The company cautioned people not to reply to e-mail requests for additional information, such as social security or credit card numbers, as the company itself would not request this information. Acura, the luxury car brand also owned by Honda, owners were also affected in the security breach, as their accounts were also included in the database. About 2.4-million ...