The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A vulnerability has been discovered in the wildly popular Google's Stock Android Email App , that could be exploited by malicious attackers to remotely crash your smartphone application just by sending a specially crafted email. A Spain security researcher, Hector Marco , successfully exploited the vulnerability on his Samsung Galaxy S4 Mini running version 4.2.2.0200 of Stock Android Email App. He said the flaw appears to affect all older versions of Stock Android Email App, though devices running 4.2.2.0400 and newer versions are not affected. According to the researcher, when the victim receives the malicious email and tries to view it, the email app crashes. Further attempts to open the email again triggers a crash in the application before the victim can do anything. The flaw ( CVE-2015-1574 ) is due to incorrect handling of the Content-Disposition header . Hackers could exploit the vulnerability by sending an email with a malformed Content-Disposition header to th...

Diagnosing network fault is one of the toughest questions for an IT Pro to answer because there is no single or best way. IT infrastructures are multi-layered and integrate many different systems which makes identifying the cause of network fault a difficult task. At a high level, the process of handling a fault breaks down into four steps: Find it Fix it Diagnose the root cause Prevent the fault from happening again A highly recommended solution to make fault identification and prevention simple is using Security Information and Event Management (SIEM) technology. The log and event analysis features of a SIEM can provide a comprehensive strategy for fault diagnosis and prevention. SolarWinds Log & Event Manager is a fully-functional SIEM designed to make diagnosing network fault a quick and easy task. Log & Event Manager automates collecting, analyzing, and diagnosing log data to help you find, fix, diagnose, and prevent network fault. You can downloa...

The U.S. National Security Agency (NSA) may be hiding highly-sophisticated hacking payloads in the firmware of consumer hard drives over the last 15 to 20 years in a campaign, giving the agency the means to eavesdrop on thousands of targets' computers, according to an analysis by Kaspersky labs and subsequent reports. 'EQUATION GROUP' BEHIND THE MALWARE The team of malicious actors is dubbed the the " Equation Group " by researchers from Moscow-based Kaspersky Lab, and describes them as " probably one of the most sophisticated cyber attack groups in the world," and "the most advanced threat actor we have seen. " The security researchers have documented 500 infections by Equation Group and believes that the actual number of victims likely reaches into the tens of thousands because of a self-destruct mechanism built into the malware. TOP MANUFACTURERS' HARD DRIVES ARE INFECTED Russian security experts reportedly uncovered sta...

If you are a traveler and loves to travel then you must be annoyed of those calls you sometimes get from your bank when buying things far from home, and the most annoyed part is when the company won't approve the transaction as it fears your card was stolen. VISA MOBILE LOCATION CONFIRMATION APP The payment processing and credit card giant Visa has came forward to put an end to this problem by letting cardholders the chance to buy things wherever they are. The company plans to release a new location-based feature that will help cardholders to update their location via smartphone. Starting in April, the banks will include the software application, dubbed Visa Mobile Location Confirmation , in their smartphone apps. The app will use cardholders smartphone's ability to locate itself and verify that they're near where the card is being used. IN WAKE OF INCREASING CREDIT CARD FRAUD The idea behind this new move is to reduce the rising incidents of credit card fraud and fraud...

The most popular Chinese Bitcoin exchange BTER announced that it has been hacked on Valentine's Day and lost more than £1.1 Million-worth ($1.75 Million; one BTC is about $270) of the digital currency. The Bitcoin Exchange hasn't revealed more details about suspects behind the breach or how the cold wallets were compromised, except that 7,170 Bitcoin cryptocurrency was stolen from the company's " cold wallets ," a way of storing the digital currency offline. " All wallets have been shut down and withdrawals of unaffected coins will be arranged later, " the official website of BTER Bitcoin exchange states. Internet sleuths are already on the hunt to trace the missing Bitcoin. Because of the way the digital currency works, it is possible to trace any transaction or funds easily by using public available service, called " blockchain ." According to the announcement, the stolen Bitcoin cryptocurrencies were broadcast through the trans...