The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Ruby on Rails contains a flaw in its design that may allow attackers to more easily access applications. Websites that rely on Ruby on Rails's default cookie storage mechanism   CookieStore  are at risk. The vulnerability was actually reported two months ago, but still thousands of website are running a vulnerable version of Ruby on Rails that allows a malicious attacker to gain unauthorized access again and again without password, if someone manages to steal users' cookies via via cross site scripting or session sidejacking or with physical access.  More than 10,000 websites are vulnerable to Ruby on Rails's cookie storage mechanism flaw, but this vulnerability requires your user's session cookies to be compromised in the first place. Security researcher G.S. McNamara provided the details of the vulnerability in a blog post , he analyzed nearly 90,000 sites running specialized scripts and discovered 1,897 sites based on old versions of Ruby on Rails ( versi...

The breaking news is that, another Bitcoin exchange  company gets hacked i.e. BIPS ( bips.me ), one of the largest European Danish Bitcoin payment processors. On Friday evening, a bunch of cyber criminals just broke into BIPs - Bitcoin payment processor servers and wiped out around 1,295 Bitcoin from people's wallets, currently worth $1 Million. More than 22,000 consumer wallets have been compromised and BIPS will be contacting the affected users. Initially on 15th November, Hackers launched Distributed Denial of Service (DDoS) attack on BIPS, originate from Russia and neighboring countries and then hackers attacked again on 17th November. This time somehow they got access to several online Bitcoin wallets, which allowed them to steal the 1,295 BTC. " As a consequence Bips will temporarily close down the wallet initiative to focus on real-time merchant processing business which does not include storing of Bitcoins. " company says. " All existing users will be aske...

Two most important moments in the history of Bitcoin are : Its creation by Satoshi Nakamoto , and the burst of The Silk Road's Founder  Ross William Ulbricht . The silk Road's black market was a Bitcoin economy. According to a report published by two Israeli computer scientists,  Ross William Ulbricht , aka Dread Pirate Roberts , may be financially linked to Satoshi Nakamoto. Even if the Bitcoin buyers and sellers remained anonymous, but the transactions themselves are public, So the scientists were able to trace the interactions. The Scientists, Ron and Shamir were exploring the connection between the operator of Silk Road who was recently arrested by the FBI for running the Internet blackmarket Silk Road and the entity that invented the bitcoin. The bitcoin network was established in 2008 and it has been popularly believed that the first accounts in the early days of the bitcoin were of Satoshi Nakamoto , accumulated some 77,600 BTC as a result of 'mini...

Users in Iran call Internet as " Filternet ", because of the heavily censored Internet access they have. Million Iranians used VPN servers to access the outside world. In October, 2013 Jack Dorsey, the co-founder of Twitter asked Iranian President, ' Are citizens of Iran able to read your tweets? ' In Reply Mr. The President said that he will work to make sure Iranians have access to information globally in what appears to be a reference to reducing online censorship. Just after promising to support Internet Freedom, the Iran Government has banned yet another web application called -  Cryptocat , a tool that allows for secure and encrypted chat. The app is well known for bringing encrypted communications to the masses, popular with human rights activists and journalists around the world. According to ' Blockediniran.com ', Cryptocat website and the associated private chat service were inaccessible to our users in Iran. Currently since Monday.  ' I...

The NSA has the ability to trace " anyone, anywhere, anytime ". In September we reported that how NSA and GCHQ planted malware via LinkedIn and Slashdot traffic to hack largest telecom company Belgacom's Engineers. Yesterday, a  Dutch newspaper has   published a new secret NSA document provided by former intelligence employee  Edward Snowden . According to the newly exposed slide, NSA has infected more than 50,000 computer networks worldwide with software designed to steal sensitive information i.e. Malware . The slide from the NSA's 2012 management presentation, shows a world map with more than 50,000 targeted locations, uses a procedure called ' Computer Network Exploitation ' (CNE) that can secretly install malware in computer systems. The malware can be controlled remotely and be turned on and off at will. From the NSA website we found that, CNE includes enabling actions and intelligence collection via computer networks that exploit data gathere...