The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Keen Team – a mysterious group of Chinese hackers who hacked Apple's Safari Mac OS X Mavericks system in just 20 seconds and Windows 8.1. Adobe Flash in only 15 seconds during Pwn2Own Hacking Competition this year, are no more mysterious as the team revealed its members identity. In an interview with a Chinese newspaper on this 13 April, the key member of the Keen team and co-founder as well as chief operating officer of the team's Shanghai-based parent company, Lv Yiping said half of his team members are the top scoring students in the national college entrance examination, half of them are majored in mathematics, and half are from Microsoft. He also added that the team's eight core members are the top hackers in the country. The Kean team is the first Chinese hackers group to have won the prestigious title at the world hacking contest held in Vancouver this year in March. Back in 2013, they also took part in the Mobile Pwn2Own contest held in Tokyo and succe...

iBanking is nothing but a mobile banking Trojan app which impersonates itself as a so-called ' Security App ' for Android devices and distributed through HTML injection attacks on banking sites, in order to deceive its victims. Recently, its source code has been leaked online through an underground forum that gave the opportunities to a larger number of cyber criminals to launch attacks using this kind of ready-made mobile malware. The malicious iBanking app installed on victims' phone has capabilities to spy on user's communications. The bot allows an attacker to spoof SMS, redirect calls to any pre-defined phone number, capture audio using the device's microphone and steal other confidential data like call history log and the phone book contacts. According to new report from ESET security researchers, now this iBanking Trojan ( Android/Spy.Agent.AF ) is targeting Facebook users by tricking them to download a malware application. The malware uses ...

It's time to update your Java program as Oracle has released its massive patch package for multiple security vulnerabilities. The United States software maker Oracle releases its security updates every three months, which it referred to as " Critical Patch Updates " (CPU). Yesterday, Oracle released its second CPU-date of this year providing important updates that include a total of 104 vulnerabilities, the company has announced . From the overall vulnerabilities, 37 security vulnerabilities impact Java SE and several of these flaws are so serious that it can be remotely exploited by a malicious malware to gain system access and execute arbitrary code with the privileges of a local user. Successful exploitation also allows an attacker to manipulate certain local data on a system and can cause a DoS attack without the need of authentication credentials, which means the flaws can be exploited over a network without the need for a username and password to crashin...

If you are using WhatsApp to chit-chat with your friends or relatives, then you should be careful about sharing your location with them using WhatsApp 'Location Share' feature. No doubt, WhatsApp communication between your phone and company's server is now encrypted with SSL, which means whatever you are sharing with your friends, is secured from the man-in-the-middle attacks . But the extremely popular instant messaging service for Smartphones that delivers more than 1 billion messages per day has another serious security issue. According to Researchers at UNH Cyber Forensics Research & Education Group , WhatsApp location sharing service could expose your location to hackers or Spy Agencies. While sharing the location on WhatsApp users need to first locate themselves on Google Map within the app window, as shown:  Once selected, WhatsApp fetches the location and thumbnail (an image) from the Google Map service to share it as the message icon, but unfortunatel...

Google has updated its privacy terms and conditions on Monday to offer more transparency regarding its email-scanning practices. One of the world's biggest Web internet giant, Google, made it clear that the information its users submit and share with its systems is all analyzed. Last year, Google was accused of its illegal interception of all electronic communications sent to Gmail account holders and using the gathering data to sell and place advertisements in order to serve related ads to its users. Practically, the more information you let Google collect about you, the more accurate its adverts become. But Google has long insisted that its scanning practices are outlined in its terms of service. So, finally admitting the accusation, Google has made some changes in its terms of service res a new paragraph that explains the manner in which its software automatically scans and analyzes the content of Gmail messages when they are sent, received, and stored. " Our ...