The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Staminus Communications – a California-based hosting and DDoS (Distributed Denial of Service) protection company – is recovering a massive data breach after hackers broke down into its servers and leaked personal and sensitive details of its customers. Though the company acknowledged that there was a problem in a message posted to Twitter on Thursday morning, it did not specify a data breach. Staminus's website went offline at 8 am Eastern Time on Thursday, and on Friday afternoon, a representative said in a Twitter post that "a rare event cascaded across multiple routers in a system-wide event, making our backbone unavailable." What type of information? The dump of information on Staminus' systems includes: Customer usernames Hashed passwords E-mail addresses Customer real names Customer credit card data in plain text Customer support tickets Server logs data Chat logs Source code of some of the company's services including Intreppi...

The Department of Justice (DoJ) has warned Apple that it may force the tech giant for handing over the source code to the complete operating system if it does not help the Federal Bureau of Investigation (FBI) unlock the San Bernardino shooter's iPhone . Apple is battling with the FBI over iPhone encryption case. The federal investigators needs Apple's assistance to unlock an iPhone 5C belonging to San Bernardino shooter Syed Rizwan Farook. However, Apple CEO Tim Cook has said explicitly that providing a backdoor would likely open up the company's iPhones to not just the federal agents, but also to malicious hackers who could use it for evil purposes. On Thursday, Apple and the FBI head to another court hearing on the San Bernardino iPhone case. The DOJ's latest 43-page brief filing contains an implicit threat that if Apple does not create the vulnerable version of its iOS operating system needed to bypass the passcode protection on the terroris...

Microsoft reckoned Bitcoin was the future of payment system and added it as a payment option for Windows store at the end of 2014, but the company has silently pulled support for Bitcoin in the Windows 10 Store. In November 2014, Microsoft struck a deal with third-party bitcoin payment processor ' Bitpay ' that allowed people to use Bitcoin to purchase Microsoft's products and services from Windows Stores. However, Microsoft quietly updated the Windows Store FAQ that popped up " Microsoft Store doesn't accept Bitcoin. " The end of support for Bitcoin payments only applies to Windows 10 and Windows 10 Mobile stores.  "Microsoft Store doesn't accept Bitcoin. You can no longer redeem Bitcoin into your Microsoft account," the update reads. "Existing balances in your account will still be available for purchases from Microsoft Store, but can't be refunded." In short, you can make use of an existing balance in your accou...

The Federal Communication Commission (FCC) has put forward a proposal that aims to protect Internet user's privacy. The proposal [ pdf] will regulate the amount of customers' online data the Internet Service Providers (ISPs) are able to collect and sell to the advertising companies. Currently, there is no particular rule by law covering broadband providers and customer privacy, and if adopted, this would be the first privacy rule for ISPs. The FCC already governs how phone companies can use and resell customer data, and the Chairman Tom Wheeler believes similar rules should be applied to ISPs. Is Your ISP Tracking Your Web Surfing and Selling Data to Advertisers? Your complete Internet traffic passes through your Internet Service Provider, which gives it the ability to access to vast and potentially lucrative amount of your web-browsing activity. If you are using a mobile phone, your ISP can also track your physical location throughout the day in real time. ISPs ...

Typos are really embarrassing, but this time it saved the Bangladesh Central Bank and the New York Federal Reserve by preventing a nearly $1 Billion ( £700 Million ) heist. Last month, some unknown hackers broke into Bangladesh's central bank, obtained credentials needed for payment transfers and then transfer large sums to fraudulent accounts based in the Philippines and Sri Lanka . But… A single spelling mistake in an online bank transfer instruction prevented the full theft, according to Reuters . Here's what actually was happened: Nearly three dozen requests hit the Federal Reserve Bank of New York on 5 February using the Bangladesh Bank's SWIFT code, out of which four resulted in successful transfers, for a total value of about $81 million. However, when the hackers attempted to make their fifth transfer of $20 Million to a Sri Lankan non-governmental organization called the Shalika Foundation , they made a typo by attempting a transfer to the Shalika " ...