The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Yes, it seems like the mystery has been solved. We are aware of the United States National Security Agency (NSA) powers to break almost unbreakable encryption used on the Internet and intercept nearly Trillions of Internet connections – thanks to the revelations made by whistleblower Edward Snowden in 2013. However, what we are not aware of is exactly how did the NSA apparently intercept VPN connections, and decrypt SSH and HTTPS, allowing the agency to read hundreds of Millions of personal, private emails from persons around the globe. Also Read:  Top Best Password Managers . Now, computer scientists Alex Halderman and Nadia Heninger have presented a paper at the ACM Conference on Computer and Communications Security that advances the most plausible theory as to how the NSA broke some of the most widespread encryption used on the Internet. According to the paper, the NSA has exploited common implementations of the Diffie-Hellman key exchange algorithm – a co...

If you are running Windows 7 or Windows 8.1 and have no plans to switch to Windows 10, then Microsoft could force you to install Windows 10, making it harder for you to cancel or opt-out of upgrading. Note: Above image has been photoshopped, but the original screenshot taken by Windows users is given below. Reports are circulating that some Windows 7 and Windows 8.1 users are claiming that the latest Windows 10 OS has begun to automatically install itself on their PCs. According to complaints by users, Windows Update screen is only offering them the option to either: Start the upgrade process, or Reschedule the upgrade for a later date Other users are finding that the dialog boxes they are presented display a message saying that the " Upgrade to Windows 10 is Ready ," and prompting users to " Restart your PC to begin the installation ." The issue actually resided in the Windows Update process. Microsoft has listed Windows 10 as an " Op...

While the US military continues to build more advanced unmanned aerial vehicles ( UAVs ), popularly known as Drones , the US company Battelle has developed a shoulder-mounted rifle to deal with unwanted drones flying around. Dubbed DroneDefender , the revolutionary weapon specifically designed to target and knock drones out of the sky at a range of just 400 meters, without totally destroying them. The Battelle DroneDefender utilizes radio waves to neutralize in-flight Drones and force them to land or hover or return to its point of origin. Video Demonstration You can watch the video given below to know how the DroneDefender works. It shows how the weapon is able to stop a drone in its tracks and cause it to land. The DroneDefender weighs less than 5 kilograms and can disable a hostile drone within a 400-meter radius. How does DroneDefender Work? As soon as the trigger is pulled, DroneDefender emits radio pulses that interrupt the communications system...

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra's subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them.  All the guest user needs are the permissions to create subscriptions in their home tenant, and an invitation as a guest user into an external tenant. Once inside, the guest user can create subscriptions in their home tenant, transfer them into the external tenant, and retain full ownership rights. This stealthy privilege escalation tactic allows a guest user to gain a privileged foothold in an environment where they should only have limited access. Many organizations treat guest accounts as low-risk based on their temporary, limited access, but this behavior, which works as designed, opens the door to known attack paths and lateral movement within the resource t...

The Chinese Pangu jailbreak team has once again surprised everyone by releasing the first untethered jailbreak tool for iOS 9 – iOS 9.0, iOS 9.0.1, and iOS 9.0.2. The untethered jailbreak is a jailbreak where your device don't require any reboot every time it connects to an external device capable of executing commands on the device. The Pangu team released their iOS 9 jailbreak into the wild instead of submitting it to Zerodium, a company which promised a $1 Million reward for iOS 9 jailbreaks . How to Jailbreak iOS 9.0, 9.0.1 and 9.0.2? Jailbreaking is a process of removing limitations on Apple's iOS devices so you can install third party software not certified by Apple. Before proceeding to Jailbreak your device, back up all personal data of your device using iCloud or iTunes. Also, Disable any Anti-virus programs or firewalls that could prevent Pangu from connecting to the Internet. Now, let's start. Follow these steps to jailbreak your iPhone,...

What if your phone starts making calls, sending text messages and browsing Internet itself without even asking you? No imaginations, because hackers can make this possible using your phone's personal assistant Siri or Google Now. Security researchers have discovered a new hack that could allow hackers to make calls, send texts, browser a malware site, and do many more activities using your iOS or Android devices' personal assistant Siri or Google Now — without even speaking a single word. A Group of researchers from French government agency ANSSI have discovered that a hacker can control Apple's Siri and Android's Google Now by remotely and silently transmitting radio commands from as far as 16 feet away... ...only if it also has a pair of headphones plugged into its jack. How does the Hack Work? It is very interesting and a mind-blowing technique. The Hack utilizes: An iPhone or Android handset with headphones plugged in A radio tra...