The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

An alarming dispatch from the Hack In The Box security conference in Amsterdam arrived on Wednesday: a hacker says he's found a way to take over airplane controls . That's probably not true. At least according to the Federal Aviation Administration (FAA), the European Aviation Safety Administration (EASA) and Honeywell, the maker's of the cockpit software, it's not. The FAA, for one, says, " The described technique cannot engage or control the aircraft's autopilot system using the FMS or prevent a pilot from overriding the autopilot. " The agency assures America that this hack " does not pose a flight safety concern because it does not work on certified flight hardware. " So why did Hugo Teso, the German hacker in question, tell everybody at the conference as well as countless journalists who've latched on to the story that he could take over the software? Well, Teso says he's successfully taken over a plane's controls in a flight...

A large distributed brute force attack against WordPress sites is understood to be occurring. A large botnet with more than 90,000 servers is attempting to log in by cycling through different usernames and passwords. According to a blog update on IXWebHosting, they are currently experiencing issues where there is a brute force attack on the default  WordPress  login pages of  their customers. " As you can see from our numbers, we were seeing 30 to 40 thousand attacks per day the last few months. In April 2013, it increased to 77,000 per day on average, reaching more than 100,000 attempts per day in the last few days. " Sucuri study says. This attack is greatly effecting Linux servers and attack is possibly conducted using  botnets . To solve the issue, hosting administrator block all connections to wp-login.php. " At this moment, we highly recommend you log into any WordPress installation you have and change the password to something that m...

It is a terrifying prospect, a hack that allows an attacker to take control of plane navigation and cockpit systems has been revealed at a security conference in Europe. This was demonstrated by Hugo Teso , a researcher at security consultancy N.Runs in Germany who's also a commercial airline pilot. He explained that by building an exploit framework called Simon and a complimentary Android app that delivers attack messages, he could manipulate a plane's path as he saw fit. " You can use this system to modify approximately everything related to the navigation of the plane ," Teso told reporters. Teso found he was able to eavesdrop on the system's communications over its 1MBps link, as well as blocking information and injecting data into link.  It took three years of hunting down holes in standard systems to work out how he could use radio signals to send his own navigation commands to a plane's control system, using publicly available Flight Management System (FMS) ...

You can install the industry's strongest and most expensive firewall. You can educate employees about basic security procedures and the importance of choosing strong passwords. You can even lock-down the server room, but how do you protect a company from the threat of social engineering attacks? For any of you that are involved in security awareness efforts, you know what I am talking about. It could happen tomorrow, it could happen today or it might already have happened. In a recent disclosure  posted by renowned hacker and developer  DarkCoderSc (Jean-Pierre LESUEUR) explained that how one can easily Socially Engineer Microsoft Skype Support team to get access to any skype account. From a social engineering perspective, employees are the weak link in the chain of security measures in place. He simply used the weakness of Skype password recovery system itself. One simply need to request a new password to Skype support and aski...

Russian hackers have figured out a way to download free games from Ubisoft's servers, exploiting an existing vulnerability in Ubisoft's uPlay launcher. According to reports, the copies of Far Cry 3 Blood Dragon that are available on torrent sites are the result of a hack of Ubisoft's uPlay service. The hack has allowed users to download advance copies of Far Cry 3: Blood Dragon, a game which has yet to be officially released. Blood Dragon will be officially released on 1st May, for Xbox 360, PS3 and PC. As a proof of the exploit, hackers even posted an 1 hour 30 mins long footage of the game. A Ubisoft spokesman said that the company was aware of the issue and was working to resolve it quickly.  An earlier tweet on their account attributed yesterday's outage to hackers as well, saying " Servers were attacked which limited service from 2:30PM to 9:00PM Paris time [8:30AM to 3:00PM EST]. " The hackers developed a piece of software which tricks ...