The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Have you given shed to Zombies in your house? No???? May be you have no idea about it. After Computers, Servers, Routers, Mobiles, Tablets…. Now its turn of your home appliances to be a weapon or a victim of cyber war. Recently Security Researchers from Proofpoint  found more than 100,000 Smart TVs, Refrigerator, and other smart household appliances compromised by hackers to send out 750,000 malicious spam emails. As the ' Internet of Things ' becoming smart and popular it became an easy weapon for cyber criminals to launch large scale of cyber attacks. " The attack that Proofpoint observed and profiled occurred between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting Enterprises and individuals worldwide." Previously, such attacks were only drafted theoretically by researchers, but this is the first such proven attack involved smart household appliances that are used as ' thingB...

The Holiday data breach at TARGET appeared to be part of a broad and highly sophisticated international hacking campaign against multiple retailers, involving the heist of possibly 110 million Credit-Debit cards, and personal information. Target confirmed last weekend that a malicious software was embedded in point-of-sale (POS) equipment at its checkout counters to collect secure data as the credit cards were swiped during transactions. The Malware called ' BlackPOS ' also known as " reedum " or ' Kaptoxa ' is an effective crimeware  kit, that was created in March 2013 and available in underground sites for $1800-$2000. Investigators from IntelCrawler found a 17-years old hacker who actually developed the BlackPOS crimeware kit. His nickname is ' ree4 ' and original name: ' Sergey Taraspov ' from  St . Petersburg  and  Nizhniy Novgorod ( Russian Federation). IntelCrawler's sources mentioned that the BlackPOS malware was created i...

After the exposure of various surveillance programs, including PRISM, XKeyscore, MUSCULAR, DROPOUTJEEP in recent revelation, NSA has come up as the only ' Government that Actually Listen '. Another day and here comes another revelation - According to the The Guardian , National Security Agency (NSA) has collected almost 200 million text messages per day from across the globe and is using them to extract data including location, contact networks and even credit card details. The two names that come in the limelight are,  DISHFIRE  that collects " pretty much everything it can "and PREFER  that conducted automated analysis of the untargeted communications. The program was designed to collect the text messages automatically from various service providers, to pull the details of financial transactions, roaming charges, delayed flights, missed calls and scheduled alerts, address book contacts, credit cards, bank accounts and visited locations. Now If I am not wrong...

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...

Watch out, coffee drinkers. If you are one of those 10 million Starbucks customers, who purchases drinks and food directly from their Smartphones, this news is for you! If you use Starbucks' official iOS app, you should know that the company is not encrypting any of your information, including your password. The app allows the Starbucks customers to check their balance, transaction history, fund transfer, and store location, etc. A Security researcher Daniel E. Wood found a vulnerability (CVE-2014-0647) in STARTBUCKS v2.6.1. iOS mobile application, that stores your credential details and GPS locations in plain text format into the file system. To extract the information from the mobile, an attacker just needs to connect the device to a computer and accessing ' session . clslog ' file from the location given below: /Library/Caches/ com . crashlytics . data/ com . starbucks . mystarbucks /session . clslog The vulnerability , however, requires that the hacker has physical...

I hope you all still remember the famous and powerful Remote Administration Tool (RAT) called ' Dark Comet ', developed by a French computer geek ' Jean-Pierre Lesueur ', also known as ' DarkCoderSc '. However, He had closed the Dark Comet project, when the Syrian government found to be using it to track down and to spy on their people. After that  DarkCoderSc  started working under a new banner ' Phrozen Software ' to develop many new security softwares and penetration testing tools. Just yesterday, Jean-Pierre and his team-mate Fabio Pinto  from French University, have released a new tool called ' Rakabulle ', a file binder with some cool features for penetration testers and malware researchers. File binder is an application that allows a user to bind multiple files together, resulting in a single executable file. When you execute that single application, all previous merged files will be extracted to a temporary location, and will be exe...