The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Yes, you heard right. You can now hack a car by making necessary modifications – but to the car owned by you, not your neighbors. Last year, President Obama passed a bill called 'Unlocking Consumer Choice and Wireless Competition Act,' following which users could unlock their devices – generally those locked under a contract – to use a specific service provider. Also Read:   It's Now Legal to Jailbreak Smart TV, Smartphone Or Tablet . The same year, Electronic Frontier Foundation (EFF) filed a petition with the Librarian of Congress, which has the authority to grant Digital Millennium Copyright Act (DMCA) exemptions , for allowing customers and independent mechanics to repair their vehicles on their own by making necessary modifications. Though many automakers were in opposition to this petition, as they believed by doing so the safety measures of vehicles are going to be at a higher risk. EFF got Success! Yesterday, Library of Congress approve...

Webmasters can track all your activities on the Internet – even if you have already cleared your browsing history and deleted all saved cookies. A researcher demonstrated two unpatched flaws that can be exploited to track Millions of Internet users, allowing malicious website owners: List Building: To compile a list of visited domains by users, even if they have cleared their browsing history Tracking Cookies: To tag users with a tracking cookie that will persist even after they have deleted all cookies These two Browser Fingerprinting techniques abuse HTTP Strict Transport Security (HSTS) and Content Security Policy – new security features already built into Mozilla Firefox and Google Chrome, and expected to make their ways to other mainstream browsers in near future. WHAT IF, The Website owners turn these Security features against You? A security researcher has proved exactly the same last weekend at Toorcon security conference in San Diego. Yan Zhu...

A large number of third-party Android apps have reportedly been discovered grabbing copies of all text messages received or sent to infected devices and sending them to the attackers' server. More than 63,000 Android applications use Taomike SDK – one of the biggest mobile advertisement solutions in China – to help developers display ads in their mobile apps and generate revenue. However, around 18,000 of these Android apps contains a malicious code that spy on users text messages, according to researchers at Palo Alto Networks, who made the discovery . Taomike provides a Software Development Toolkit (SDK) and services to the Android app developers using which they can: Displaying advertisements to users Offer in-app purchases (IAPs) Android Apps Stealing SMS Messages Focussing on distributing the app and techniques for building revenue, "Not all apps that use the Taomike library steal SMS messages," security researchers said. The security...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Security researchers at Symantec have uncovered a new Backdoor Trojan that grants hackers remote access and some control over infected machines. " Duuzer ," as dubbed by the researchers, has been targeting organizations in South Korea and elsewhere in an attempt to steal valuable information. The Trojan is designed to infect both 32-bit and 64-bit computers running Windows 7, Windows Vista, and Windows XP. Duuzer gives attackers remote access to the compromised computer, allowing them to: Collect system and drive information Create, enumerate, and end processes Access, modify and delete files Upload and Download additional files Change the time attributes of files Execute malicious commands Steal data from infected system Know about victim's Operating System Duuzer Infects via Spear Phishing or Watering Hole Attacks It is currently unclear how the malware is being distributed, but according to Symantec Researchers, the most obvious routes ar...

Your Headache is not my Problem. If your computer gets hacked and infected with malware that holds your data for ransom, just pay off the criminals to see your valuable data again and do not expect the FBI to save them – it's what the FBI is advising concerning ransomware . Ransomware is a sophisticated malicious software that lets hacker encrypts all the contents of a victim's hard drive or/and server and demands ransom (typically in Bitcoins) for the decrypt key. Also Read:   Free Ransomware Decryption and Malware Removal ToolKit Federal agencies and the FBI have long urged people not to pay ransom to the criminals, as there is no guarantee that they will even receive an unlock key. The FBI – 'Better Pay up the Ransom' However, while speaking at the 2015 Cyber Security Summit on Wednesday, Assistant Special Agent Joseph Bonavolonta , who oversees the FBI's Boston office, advised the companies infected with ransomware to better pay up th...