The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

At Information Security Conference PacSec 2013 in Tokyo, Apple's Safari browser for the iPhone 5 and the Samsung Galaxy S4 have been exploited by two teams of Japanese and Chinese white hat hackers. In HP's Pwn2Own 2013 contest , Japanese squad Team MBSD, of Mitsui Bussan Secure Directions won won $40,000 reward for zero day exploit for hacking Samsung Galaxy S4. The vulnerabilities allow the attacker to wholly compromise the device in several ways, such as using a drive-by download to install malware on the phone. In order for the exploit to be successful, the group lured a user to a malicious website, gained system-level privileges and installed applications that allowed the team to gather information, including SMS messages, contacts and browsing history. They  Another Hackers Team from Keen Cloud Tech in China showed how to exploit a vulnerability in iOS version 7.0.3 to steal Facebook login credentials and a photo from a device running iOS 6.1....

Popular Mac news and information site MacRumors user forums have been breached by hackers on Monday this week. More than 860,000 usernames, emails and hashed passwords were potentially compromised. Users are advised to users that they change their passwords on the forums, as well as any other sites or services where the same password has been used. MD5 with or without salt, to be an inadequate means of protecting stored passwords. Back in 2012, the original author of the MD5 password hash algorithm has publicly declared that MD5 is no longer considered safe to use on commercial websites. u The owner of the site, Arnold Kim, apologized for the intrusion and said that it occurred because the hacker gained access to a moderator account, which then allowed the intruder to escalate their own privileges with the goal of stealing user login credentials. " We are looking into it further to see if there was another exploit, but there hasn't been any evidence of it...

Another Bitcoin Exchange hacked!  Bitcash. CZ based out of the Czech Republic has been hacked and Money from 4000 Bitcoin wallets have been Stolen, value of over 2 million Czech Koruna i.e. Approx $100,000. Bitcash.cz  is currently down with a maintenance message that on the evening of November 11, their server was compromised by unknown Hackers and  bitcoins from its clients were stolen. Hackers appear to have sent emails from Bitcash.cz email accounts pretending to be members of staff. The emails claim the company had to use a US recovery company to get back the bitcoins that have been stolen and recipients are then apparently asked to send 2 BTC to a wallet address in order for their bitcoins to be returned. " We are trying to resolve the situation, but we want to warn our users about fraudulent emails and scams [claiming to be from Bitcash] " site said on their Facebook page. Meanwhile, GBL, the Chinese Bitcoin exchange mysterio...

Today computer telecommunications have become one of the most prevalent techniques used by pedophiles to share illegal photographic images of minors and to lure children into illicit sexual relationships. The Internet has dramatically increased the access of the preferential sex offenders to the population they seek to victimize and provides them greater access to a community of people who validate their sexual preferences. The Fourth Amendment is the most implicated and litigated portion of the Constitution. Courts are increasingly confronting the problems associated with adapting Fourth Amendment principles to modern technology. If you think that your peer-to-peer file sharing can be kept under wraps, then please think again. A federal judge ' Christina Reiss ' in Vermont has ruled that there should be no expectation of privacy for data shared across peer-to-peer file-sharing services. In a Child pornography case, three defendants argued that information gained...

Adobe released critical security patches for its ColdFusion web application server and  Adobe Flash Player for Mac, Windows and Linux. Adobe AIR and the AIR SDK and Compiler are also being updated. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system, dubbed as CVE-2013-5329, CVE-2013-5330. The following software versions are affected and should be updated as soon as possible: Adobe Flash Player 11.9.900.117 and earlier versions for Mac and Windows Adobe Flash Player 11.2.202.310 and earlier versions for Linux Adobe AIR 3.9.0.1030 and earlier versions for Windows and Macintosh Adobe has also released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and Linux, addresses two vulnerabilities: Cross-site scripting (XSS) vulnerability (CVE-2013-5326) Allow unauthorized remote read access (CVE-2013-5328) Both products have be...