The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Do you still have Java installed? There is a bad news for you ! FireEye has detected yet another Java zero-day vulnerability being exploited in attacks in the wild. The vulnerability targets browsers that have the latest version of the Java plugin installed Java v1.6 Update 41 and Java v1.7 Update 15 and  FireEye warned that the   vulnerability is being exploited to install a remote-access trojan dubbed McRat , researchers from security firm. " Not like other popular Java vulnerabilities in which security manager can be disabled easily, this vulnerability leads to arbitrary memory read and write in JVM process," "After triggering the vulnerability, exploit is looking for the memory which holds JVM internal data structure like if security manager is enabled or not, and then overwrites the chunk of memory as zero. " The exploit is reportedly different from the one used to attack Facebook, Twitter, Apple, and several other companies last mont...

Cloud note-taking service Evernote has been hacked and now you have to reset your password  imminently . A ccording to  a post on the official Evernote blog , an  unidentified attacker compromise the servers and extracted usernames, email addresses, and passwords. " Evernote's Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service. " But those passwords were encrypted, so  all users must change their password before they can log back into their account. " In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. " Evernote also said that they h ave no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed. There are also several important steps that you can t...

The UK High Court has ordered  BSkyB , BT , Virgin Media and three other UK broadband providers to block access to three music and movie file-sharing websites  Kickass Torrents , H33T and Fenopy. Judge Richard Arnold said   that t hese websites  infringed 10 music companies copyrights on an industrial scale. He  granted an order to 10 record labels including EMI, Sony and Universal against six UK internet service providers requiring them to take measures to block or at least impede access by their customers to these three file-sharing websites. " The orders are necessary and appropriate to protect the intellectual property rights of the claimants and other copyright owners. "  Judge said.  The ISPs have been given 15 working days to block access to the sites.  Each ISP will decide how to warn customers and subsequently attempt to curb alleged illegal file sharing activity. Verizon decided to send a series of warni...

The Australian Broadcasting Corporation (ABC) is investigating data breach after Lateline interviewed Dutch anti-Islam politician Geert Wilders. A hacker going by the handle " Phr0zenMyst " has claimed to have hacked a web site associated with the ABC television program Making Australia Happy, leaking the details of its users online. The files contain the personal email addresses, locations and genders of almost 50,000 of registered users of ABC websites, including encrypted versions of their login passwords. The data was posted in 10 separate pastebin's which can be accessed online.  There were some indications on social media sites that the attack was in retaliation for some of the ABC's recent editorial decisions. The hacker, believed to be associated with the online activist group Anonymous, wrote on Twitter, " ABC hacked for giving a platform to Geert Wilders to spread hatred #OpWilders - database leaked! " " This breach originated ...

Today social media are spreading a shocking news, authors of Stuxnet virus that hit Iranian nuclear program in 2010 according a new research proposed by Symantec security company started in 2005 and contrary to successive instance of the malware he was designed to manipulate the nuclear facility's gas valves. The attacker strategy was to destroy the nuclear plant causing an explosion due the sabotage of gas valves, hackers purpose was physical destruction of the targets, due this reason the press and security community labeled Stuxnet as first cyber weapon of the history.  Francis deSouza, Symantec's president of products and services, during an interview with Bloomberg revealed that the version detected was a sort of beta version of the final weapon and that in the period between 2005 and 2009 the authors were testing its capabilities. " It looks like now the weapon tried a few things before it hit on what would actually work ,"' " It is clear that this has been a ...