The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Last week Apple releases the iPhone 5S  with Touch ID , a fingerprint-scanning feature, promoted by the company as " Your fingerprint is one of the best passwords in the world ". Just after the launch of iOS7 , Hackers around the world come up with a series of security issues and privacy concerns. One of the most embarrassing hack released yesterday, when a group of German Hackers fooled the iPhone 's biometric fingerprint security by just using a high resolution photo of someone's fingerprint. Now, We all are aware about many secret surveillance projects of NSA like PRISM , where U.S. government is collecting data from these Internet companies including - Apple. Apple claimed that, iPhone will never upload fingerprints to their server, but can we believe them anymore ? It is already proven that, During Surveillance operations and for Backup purpose, Smartphone applications can upload anything from your device to their online servers without any...

A new Mac OS Malware has been discovered called OSX/Leverage . A , which appears to be yet another targeted command-and-control Trojan horse, that creates a backdoor on an affected user's machine. The Trojan named ' Leverage ' because the Trojan horse is distributed as an application disguised as a picture of two people kissing, possibly a scene from the television show " Leverage ". The attack launched via a Java applet from a compromised website and which drops a Java archive with the backdoor to the visitor's computer and launches it without a user intercation. To perform the attack, Malware uses two recently disclosed Java vulnerabilies  known as CVE-2013-2465 and CVE-2013-2471. Once it's installed, the Trojan connects to the C&C server on port 7777. Security vendor Intego said that Malware linked to Syrian Electronic Army (SEA) , because after installation Malware attempt to download an image associated with the Syrian Electronic...

Attackers exploiting a zero-day vulnerability CVE-2013-3893 in Microsoft's Internet Explorer browser and served them on compromised popular Japanese news websites. According to FireEye , at least three major Japanese media websites were compromised in watering hole attacks, dubbed Operation DeputyDog , appears to target manufacturers, government entities and media organizations in Japan. The compromised sites recorded more than 75,000 page views before the exploits were discovered. The zero-day vulnerability in IE 8 and 9 allows the stealthy installation of software in the users' computers which then can be remotely accessed by the hackers. The hackers typically use Trojans designed specifically for a pay-to-order attack to steal intellectual property. Researchers saw a payload executable file used against a Japanese target posing as an image file hosted on a Hong Kong server. The attack in Japan was discovered two days after Microsoft disclosed the ...

Android malware is continuing to cause problems for end users with huge amounts of fraud and Malware campaigns going on. A lot of fake apps are currently on Google Play Store fooling thousands of consumers. Grand Theft Auto 5 , which hit stores last Tuesday and is shaping up to be the most lucrative video game release ever. Now, Rockstar Game do plan to bring their Grand Theft Auto V iFruit app for Android devices, but before official released, it's fake malicious versions are out in Google Play Market. Rockstar have confirmed that they haven't released the Android version yet, only the iOS version is available right now and Android owners are warned not to download them, because some could contain malicious malware . There are at least two fake apps have surfaced on the Google Play Store that use the same icon as iFruit in an attempt to mimic the real thing. The deceptive part about these apps is that the developer publicly listed appears as "...

Apple has marketed TouchID both as a convenience and as a security feature. " Your fingerprint is one of the best passwords in the world ," says an Apple promotional video. A European hacker group has announced a simple, replicable method for spoofing Apple's TouchID fingerprint authentication system. The Apple TouchID it the technology developed by Apple to replace passcode on its mobile and help protect users' devices, it is based on a sensor placed under the home button and it is designed to substitute the four-digit passcode to unlock the handset and authorize iTunes Store purchases. But is it really so? Hackers members of the Chaos Computer Club claim to have defeated Apple TouchID fingerprint sensor for the iPhone 5S, just after the start of its sale to the public. " Fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints, " a hacker named Starbug was quoted as sa...