The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Android users who download a pirated copy of the Walk and Text app are strolling smack into trouble. The rogue app, called Android. Walkinwat, is a corrupted version of the legitimate Android Walk and Text app, the security firm Symantec reported. Walk and Text, which can be found in many third-party app stores in North America and China, uses a smartphone's camera to show users what's in front of them as they're walking and texting. Once Walkinwat is downloaded, a dialogue box appears on the user's phone that, according to Symantec, "gives the appearance that the app is in the process of being compromised or cracked, when, in fact, the app is gathering and attempting to send back sensitive data (name, phone number, IMEI information, etc.) to an external server." This is far from the first instance of a corrupted Android app that harvests user data; in early March, a rogue piece of software called DroidDream was found in 58 apps, which were downloaded more than 200,000 times befor...

A hacker stole the credit card details of over 800 members of the IEEE (Institute of Electrical and Electronics Engineers) last December, according to its law firm. A team of IEEE-appointed forensic investigators "concluded that a file containing customer credit card information had been deleted on or about November 17, 2010", the institute's law firm told the Attorney General of New Hampshire in February [pdf]. The forensic team believed that 828 members' credit card numbers, associated names, expiration dates and security numbers may have been accessed. It discovered "certain vulnerabilities in the system", but the IEEE had no proof that the exposed credit cards had been used to make fraudulant transactions, according to the letter.

Indian Institute Bansal IIT-JEE Hacked, Student Database Leaked by Cyb3R_Shubh4M Hacked Site : https://bansaliitjee.com/ Student Database Leaked, Downlaod : [Link Removed For Safety]

The hacker group that exposed holes in McAfee's website knows it's breaking U.S. law, but vows to continue exposing vulnerabilities, especially on security vendor websites. The hacker group that exposed holes in McAfee's website knows it's breaking U.S. law, but vows to continue exposing vulnerabilities, especially on security vendor websites. "We do understand performing security testings without authorization is illegal under U.S. law," stated YGN Ethical Hacker Group, when contacted by Network World via e-mail. The outfit's own website describes YGN as a "small group of young but mature people" based in the country of Myanmar (Burma) who started working together about three years ago. Based on its website advertising, the group, which seeks to emphasize its goals are "ethical," appears to offer vulnerability-testing services while also working on security testing tools. In response to a question about why it's so secretive,...

After the release of FireSheep, Facebook took an important step to help protect Facebook user accounts by allowing users to choose to keep an encrypted connection as long as they used just Facebook and intelligently designed apps. Savvy users immediately discovered that if they tried to use grossly insecure apps such as Farmville, 21 Questions, or a variety of apps by Rockyou then you were switched back to an unencrypted connection. Having an unencrypted connection means that if you are on an unsecured network, such as those frequently found in coffee shops, airports, and many other public places, then another person can mess around with your account and do things like post messages as if they were you. In fact, they are actually logged into your account for the session, but they don't have your password, so there are some security features they can't change. Still it is enough access that they can cause a lot of damage. Facebook has addressed the problem by making it so that if y...