The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The role of hacker is recognized as crucial today in cyber security, these specialists are the nightmare of security experts but their knowledge is fundamental to understand the vulnerabilities of our infrastructures … think like a hacker if you want really protect your system . But hacking is a culture, a way of life that is hard to match ago with the business logic, true hackers don't do this for money, money are fundamental but not all, the must for them is always to put into question their capabilities, try to consistently exceed their limits. Fortunately industry, private business and governments have understood it and have re-evaluated the importance of hackers, these specialists were once seen as shady individuals to avoid, today they are highly sought professionals in both private business and government sectors. Discover vulnerabilities before attackers could exploit them is essential, millions of people and devices are connected to the network, a unique oppo...

GitHub is a source code repository which lets developers work on programs together as a team, even when they are in different locations. Each repository on the site is a public folder designed to hold the software code that a developer is working on. This Tuesday GitHub announced a major upgrades to the site's search engine, " Finding great code on GitHub just got a whole lot easier, ". Yesterday few twitter users pointed out that there is no shortage of embedded private SSH keys and passwords that can easily be found via GitHub new feature. If you upload security information (keys/passwords etc) to a public repository, new search feature will allow anyone to find them. Today, GitHub's search function stopped working , though the site didn't acknowledge the cause. Updated message is " Search remains unavailable. The cluster is recovering slowly and we continue to monitor its progress. We'll provide further updates as they become available...

NASK the domain registrar that operates the " .pl " Polish top-level domain registry has seized multiple domains used for cyber crime activities by spreading Waledac malware distributed by the Virut botnet. According to Poland's Computer Emergency Response Team, Virut was first detected in 2006 and became a serious threat with an estimated size of more than 300,000 compromised computers. NASK said that on Thursday it began assuming control over 23 .pl domains that were being used to operate the Virut network. Virut was responsible for 5.5% of infections in Q3 2012, making it the fifth most widespread threat of the time. They determined that botnet consists of more than 308,000 uniquely compromised machines and that its primary function is to pump out spam and other malicious emails. The most recent take down effort was in December 2012. Unfortunately, the Virut botnet gang managed to get the malicious botnet domain names moved to a new registrar ca...

The banking Trojan known as Shylock has been updated with new functionality, including the ability to spread over Skype. The program was discovered in 2011 that steals online banking credentials and other financial information from infected computers. Shylock, named after a character from Shakespeare's "The Merchant of Venice". Shylock is one of the most advanced Trojans  currently being used in attacks against home banking systems. The code is constantly being updated and new features are added regularly. According to security researchers from CSIS Security Group , the Skype infection is based on a malicious plugin called msg.gsm and allows the malware to send messages and transfer files, clean messages and transfers from Skype history and even bypass the Skype warning for connecting to servers. Beside the new ability to spread through Skype, Shylock can also spread through local shares and removable drives. Infection by the Trojan a...

Today I decided to remove Microsoft Security Essentials Antivirus from my system because Security Essentials failed another certification test by independent testing lab, AV-Test Institute. Microsoft's Security Essentials antivirus for Windows XP, Vista, and Windows 7 is a free add-on to Windows Defender, which blocks adware and spyware on Windows. In its review , AV-Test revealed that 22 of the 25 programs that were tested passed the test, but Security Essentials came up short. The lab tested all programs across three areas: protection, repair ability and usability of the whole computer based on the impact of the software. " We always used the most current publicly-available version of all products for the testing. They were allowed to update themselves at any time and query their in-the-cloud services. We focused on realistic test scenarios and challenged the products against real-world threats. Products had to demonstrate their capabilities using all ...