The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

After the massive data breaches at U.S retailers Target and Neiman Marcus in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, shows that the Point of Sale (POS) system has become a new target for the cyber criminals. Despite the BlackPOS malware of Point of Sale (POS) system that comes out as the major cause of these data breaches, malware writers are upgrading and developing more Trojans to target POS system. In December, the security researchers at anti-virus firm Kaspersky Lab discovered a Tor-based banking trojan , dubbed " ChewBacca ", that was initially categorized as a Financial trojan, but recently security researchers at RSA have uncovered that 'ChewBacca' is also capable of stealing credit card details from point of sale systems. ' ChewBacca ', a relatively new and private Trojan, used in the 11 countries as a POS malware is behind the electronic theft. ChewBacca communicat...

Downfall in the monopoly of propriety software like Microsoft and Apple accelerated after the Snowden revelations of NSA spying, where technology giants like Microsoft, Google, Apple are sharing a bed with the NSA. The UK government is again planning to ditch Microsoft for Open Source and Free alternatives. Cabinet Office minister Francis Maude announced yesterday that they are move away from Microsoft Office, towards open source softwares like  OpenOffice & LibreOffice suites, in an effort to drive down costs and foster greater innovation. UK has spent about £200 million in the last three years for Microsoft's ubiquitous software suite, but now this migration will save large revenue of the kingdom, according to The Guardian . The cabinet Office minister said, " We know the best technology and digital ideas often come from small businesses, but too often in the past they were excluded from government work. In the civil service there was a sense that if you hir...

A really bad year for the world's second-largest email service provider, Yahoo Mail ! The company announced today, ' we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts ', user names and passwords of its email customers have been stolen and are used to access multiple accounts. Yahoo did not say how many accounts have been affected, and neither they are sure about the source of the leaked users' credentials. It appears to have come from a third party database being compromised, and not an infiltration of Yahoo's own servers. " We have no evidence that they were obtained directly from Yahoo's systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts' most recent sent emails. " For now, Yahoo is taking proactive actions t...

The Encyclopedia giant WIKIPEDIA has been found vulnerable to remote code execution because of a critical flaw in the MediaWiki software . Wikipedia is a name which has become a major source of information for all of us. It has webpages on almost every topic you need to search. This giant is powered by an open source wiki software called MediaWiki. MediaWiki not only empowers Wikipedia, but also a number of other wiki websites. This software is a product of the Wikimedia Foundation and is coded in PHP with a database as backend. Cyber Point Software Technologies found a remote code execution vulnerability in MediaWiki, " This vulnerability affects all versions of MediaWiki from 1.8 onwards. " The vulnerability assigned with ID CVE-2014-1610 allows an attacker to execute shell code remotely via an incorrectly sanitized parameter on the MediaWiki application server. "Shell meta characters can be passed in the page parameter to the thumb.php." Bug 60339...

After Financial and Banking Malwares, Ransomware has become the first choice of money motivated cybercriminals. A new Ransomware Trojan known as ICEPOL has been one of those widespread malware which has been successfully installed approximately 267,786 times worldwide and 42,400 in the USA alone over a five month period, analyzed by the security firm BitDefender . The ICEPOL Trojan categorized as Ransomware that locks your PC and demand for a ransom amount to unlock it. The Malware was using a previously known vulnerability in Java software i.e. CVE-2013-0422 to infect the systems. The malware threatened the user with accusations of illegal piracy or ' porn-related activity ' and requires money for exemption from punishment that pretends to be from the 'police'. " The ICEPOL Trojan extorted victims who downloaded it by sending them a message in any one of 25 languages purporting to be from police accusing them of downloading copyrighted material ...