The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

You've got to ask yourself one question. How much hassle does patching cause you? Is the second Tuesday of each month something you dread, or is it just another day for you? If you spend days and days testing and deploying patches; if you stay up until the wee hours of the morning one weekend each month; if you have a current profile on every single server in your environment; then patching is likely to be a heavy burden. But there is another way. Patching is not something that should be a major pain each month. It should be a simple and straightforward administrative task. Admins who patch by hand or are worried about some patch crashing critical systems each month should consider automated patch management. This strategy will boost efficiency and give you back your weekends, and ensure that your systems can be patched quickly, efficiently and safely. Automated patch management helps IT admins patch their servers and workstations in the most efficient way possible, by removi...

Edward Snowden has enough information to cause more damage to the US government in a minute alone than anyone else has ever had in the history of the United States, but he has insisted that they not be made public, including  the blueprints of NSA surveillance program . Glenn Greenwald, the Guardian journalist, who was the first to report on classified documents leaked by Edward Snowden, says the former National Security Agency contractor has what amounts to an " instruction manual for how the NSA is built. " The documents " would allow somebody who read them to know exactly how the NSA does what it does, which would in turn allow them to evade that surveillance or replicate it ," Greenwald said.  " In order to take documents with him that proved that what he was saying was true he had to take ones that included very sensitive, detailed blueprints of how the NSA does what they do. " Greenwald said that Snowden is planning more stories on domestic sp...

A group of  hackers from security firm iSEC found a way to tap right into verizon wireless cell phones using a signal-boosting devices made by Samsung for Verizon and cost about $250. They hack Verizon's signal-boosting devices, known as femtocells or network extenders, which anyone can buy online, and turned it into a cell phone tower small enough to fit inside a backpack capable of capturing and intercepting all calls, text messages and data sent by mobile devices within range. " This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people, " said Tom Ritter, a senior consultant, iSEC. They declined to disclose how they had modified the software on the device and but they plan to give more elaborate demonstrations in various hacking conferences this year. Verizon Wireless already released a Linux software update in March to fix the flaw that prevents its network extenders...

Security expert Dan Melamed discovered a critical vulnerability in Facebook platform that allow an attacker to take complete control over any account. The vulnerability is considered critical because it would allow a hacker to hack potentially any Facebook account. Dan Melamed presented the discovery on his blog . Dan demonstrated that how a hacker can reset the victim's account password just by tricking him to visit a malicious exploit code. The flaw affects the Facebook " claim email address " component. When an user tries to add an email address already registered to Facebook platform, he has the option to " claim it ". The loophole exists here, when user claim an email address, Facebook did not check from whom the request came from. This allows an email to be claimed on any Facebook account. The exploit is possible provided that: An existing account having the email address that the attacker wants to claim. Another existing account to initiate the claim p...

" Ransomware " may be a term you haven't heard before. This type of criminal malware, which spread around the world on PCs in 2012, encrypts some or all the files on a computer and holds them for ransom and  Cyber thieves have already made millions through such methods. Ransomware is no longer all about computers. It has evolved to now target mobile devices, specifically Androids platform. For a hacker, a pop up message is just one more way to steal money by sending fake alerts and serious warnings that scare a user into making a payment. For example, in the case of PCs, we have encountered malware that encrypts crucial data on a user's hard disk, asking the victim to pay a sum to the attacker in order to recover his/her data. Last year in November at many Hacking Conferences, Security Researcher Mohit Kumar ( @Unix_Root ) already demonstrated one the most sophisticated android malware called " Android Malware Engine ", one of its kind yet ...