The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Forbes  is the latest victim in a long line of high-profile attacks by the Syrian Electronic Army (SEA) , sending a reminder to the international community that cyber warfare is alive and well. The pro-Assad group also took responsibility for hacking multiple Forbes websites and hijacked three Twitter accounts related to the website. According to the screenshots published by the team, it appears the hackers gained the access to the Wordpress administration panel of Forbes website and  edited several articles posted earlier on Forbes by authors Travis Bradberry, Matthew Herper, Andy Greenberg, John Dobosz, Steve Forbes  and titled then as " Hacked by Syrian Electronic Army ". Hackers tweeted, " Syrian Electronic Army was here " from the compromised Twitter accounts, including accounts of Social media editor Alex Knapp @TheAlexKnapp and Personal finance report Samantha Sharf  @Samsharf , and @ForbesTech account. The  Syrian Electronic Arm...

After Silk Road , another underground online marketplace ' Utopia ' has been seized by Dutch National Police ,  where users could buy illegal drugs and guns for home delivery. The police started their investigation under Codename ' Operation Commodore ' in 2013,   and finally  seized Utopia's Germany-based servers and arrested total 5 suspects for running this marketplace. One arrested in  Germany and  other four suspects, aged 29 to 46, were detained in The Netherlands.  Two of them had also been involved in another similar underground website ' Black Market Reloaded ', which was closed in December 2013. Utopia  reportedly launched only last week ( https://ggvow6fj3sehlm45.onion/ ),  intended to become a direct competitor of the Silk Road, was  a ' d ark web ' website, which is accessible only by using Tor anonymity software. The website is now displaying a message:  " This hidden ...

We are quite aware of the leaks that the Whistleblower Edward Snowden carried out against the US National Security Agency (NSA) and after reading every related update, watching every document that he provided to various news websites, you all are left with a question in mind that,  How he could carry out this whole operation without any helping hand? Yes, you are right! The former NSA contractor Edward Snowden allegedly managed to access thousands of the classified documents by stealing one of his coworker's passwords, according to an unclassified NSA memorandum obtained by the NBC News . Three Members, one NSA's civilian employee, an active duty member of the U.S. Military and a contractor were found involved in the actions that may have aided Snowden's operation; from which NSA 's civilian employee has been stripped of his security clearance and has resigned. Other two has been obstructed from accessing National Security Agency (NSA) facilities, th...

It seems you cannot go a day without hearing about someone or some group hacking a website or stealing credit card and other sensitive data from e-commerce sites. The Market of E-commerce is at its boom, and that provides even more opportunities to hackers. There are many readymade e-commerce platforms available on the Internet, that are easy to install and easy to manage at no extra cost and 'Magento' is one of the most popular out of them. Recently security researchers at Securatary  have reported a critical cross-store vulnerability in the Magento platform that lets attackers to escalation privilege by creating an administrative user on any ' Gostorego' online store. The authentication bypass vulnerability left 200,000 merchants data vulnerable to hackers before it was patched. To exploit the flaw, an attacker only needed to modify the HOST header to the URI of the target account in the GET request. They dubbed it as " Stealth mode ",...

Having SSL Certification doesn't mean that the website you are visiting is not a bogus website. SSL certificates protect web users in two ways, it encrypts sensitive information such as usernames, passwords, or credit card numbers and also verify the identity of websites. But today hackers and cyber criminals are using every tantrum to steal your credentials by injecting fake SSL certificates to the bogus websites impersonating Social media, e-commerce, and even bank website. Netcraft Security Researchers have discovered dozens of fake SSL Certificates being used to enact financial institutions, e-commerce site vendors, Internet Service Providers and social networking sites, which allegedly allows an attacker to carry out man-in-the-middle attacks. When you will visit a bogus website from any popular web browser; having self signed fake SSL Certificate, you will see a foreboding warning in the web browser, but the traffic originates from apps and other non-browser software fail...