The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

If you have installed Trend Micro's Antivirus on your Windows computer, then Beware. Your computer can be remotely hijacked, or infected with any malware by even through a website – Thanks to a critical vulnerability in Trend Micro Security Software. The Popular antivirus maker and security firm Trend Micro has released an emergency patch to fix critical flaws in its anti-virus product that allow hackers to execute arbitrary commands remotely as well as steal your saved password from Password Manager built into its AntiVirus program. The password management tool that comes bundled with its main antivirus is used to store passwords by users and works exactly like any other password manager application. Even Websites Can Hack Into Your Computer Google's Project Zero security researcher, Tavis Ormandy, discovered the remote code execution flaw in Trend Micro Antivirus Password Manager component, allowing hackers to steal users' passwords. In short, o...

Yes, from today, Microsoft is ending the support for versions 8, 9 and 10 of its home-built browser Internet Explorer, thereby encouraging Windows users to switch on to Internet Explorer version 11 or its newest Edge browser . Microsoft is going to release one last patch update for IE8, IE9 and IE10 today, but this time along with an " End of Life " notice, meaning Microsoft will no longer support the older versions. So, if you want to receive continuous updates for your web browser and avoid being exposed to potential security risks after 12 January, you are advised to upgrade your browser to Internet Explorer 11, or its new Edge browser. End of Life of Internet Explorer 8, 9 and 10  "Internet Explorer 11 is the last version of Internet Explorer, and will continue to receive security updates, compatibility fixes, and technical support on Windows 7, Windows 8.1, and Windows 10," Microsoft says . This move could be part of Microsoft's bigger ...

A simple, yet effective flaw discovered on eBay's website exposed hundreds of millions of its customers to an advance  Phishing Attack . An Independent Security Researcher reported a critical vulnerability to eBay last month that had the capability to allow hackers to host a fake login page, i.e. phishing page, on eBay website in an effort to steal users' password and harvest credentials from millions of its users. The researchers, nicknamed MLT , said anyone could have exploited the vulnerability to target eBay users in order to take over their accounts or harvest thousands, or even millions, of eBay customers credentials by sending phishing emails to them. MLT published a blog post about the eBay flaw on Monday, demonstrating how easy it is to exploit the flaw like this and steal customers' passwords. Here's How ebay Hack Works The flaw actually resided in the URL parameter that allowed the hacker to inject his iFrame on the legitimate eBay...

A 26-year-old hacker has been sentenced to 334 years in prison for identity theft as well as mass bank fraud in Turkey, or in simple words, he has been sentenced to life in prison . Named Onur Kopçak , the hacker was arrested in 2013 for operating a phishing website that impersonated bank site, tricking victims into providing their bank details including credit card information. Kopçak's website was part of a big credit card fraud scheme in which he and other 11 operators were making use of the illegally obtained bank account details to carry out fraudulent operations. During his arrest in 2013, Turkish law authorities charged Kopçak with: Identity fraud Website forgery Access device fraud Wire fraud... ...and sentenced him to 199 years 7 months and 10 days in prison, following complaints from 43 bank customers. However, during the investigation, 11 other bank customers also filed complaints about their payment card fraud, thus triggering a new trial...

Cyber attacks are getting evil and worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one of the favorite weapon for hackers to temporarily suspend services of a host connected to the Internet. Until now, nearly every big website had been a victim of this attack, and the most recent one was conducted against the BBC 's websites and Republican presidential candidate Donald Trump 's main campaign website over this past holiday weekend. Out of two, the largest DDoS attack in the history was carried out against the BBC website: Over 600 Gbps . Largest DDoS Attack in the History The group calling itself New World Hacking claimed responsibility for taking down both the BBC's global website and Donald Trump's website last week. The group targeted all BBC sites, including its iPlayer on-demand service, and took them down for at least three hours on New Year's Eve. At the moment, the BBC news organiz...