The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Facebook is in trouble once again regarding its users' privacy. Facebook is facing a class-action lawsuit in Northern California over allegations that the company systematically scans its users' private messages on the social network without their consent and makes the profit by sharing the data with advertisers and marketers. According to the lawsuit filing, Facebook might have violated federal privacy laws by scanning users' private messages. Facebook routinely scans the URLs within users' private messages for several purposes like anti-malware protection and industry-standard searches for child pornography, but it has been claimed that the company is also using this data for advertising and other user-targeting services. Also Read:   Google to Face a Record $3.4 Billion AntiTrust Fine in Europe The plaintiffs, Matthew Campbell, and Michael Hurley argue that the Facebook is scanning and collecting URLs-related data in a searchable form, violating both the...

Meet this Robin Hood Hacker: Phineas Fisher, who breached Hacking Team last year, revealed on Reddit Wednesday that he hacked a bank and donated the money to Kurdish anti-capitalists in Rojava autonomous region in northern Syria that borders territory held by the ISIS ( Islamic State militant group ). Fisher, also known as "Hack Back" and "@GammaGroupPR," claimed responsibility for both the Hacking Team and Gamma Group data breaches. The vigilant hacker donated 25 Bitcoin (worth around US$11,000) to a crowdfunding campaign known as the Rojan Plan, which has been set up by members of the Rojava's economic committee, described by Fisher as "one of the most inspiring revolutionary projects in the world." Also Read:  Here's How Hackers Stole $80 Million from Bangladesh Bank The funds donated to the campaign came from a bank heist, though the hacker neither revealed the name of the bank nor provided any further details of the bank heist. Whe...

Here's some good news for victims who are trying to unlock and remove TeslaCrypt ransomware. Now, you can decrypt all your important files that have been encrypted by TeslaCrypt ransomware. So, stop Googling about How to decrypt TeslaCrypt Ransomware encrypted files, as the malware authors themselves provided the solution to your problem. Since its launch in March last year, TeslaCrypt computer virus has been used in massive malvertising attacks. The ransomware, which often targets PC gamers, locks up files until a ransom is paid, usually $500 in Bitcoin. Infection generally comes through corrupted websites, malvertising or phishing emails. In a surprising move in the malware's story, the cybercriminals behind the nefarious TeslaCrypt ransomware have apparently shut down their operations and released a master key to the public that can unlock all encrypted files on PCs infected by the latest versions of TeslaCrypt. The icing on the cake is that the universal decryption...

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible" non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers. Astrix's Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar : "One dangerous habit we've had for a long time is trusting application logic to act as the guardrails. That doesn't work when your AI agent is powered by LLMs that don't stop and think when they're about to do something wrong. They just do it." Why AI Agents Redefine Identity Risk Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each addit...

Get Ready for a whole new Artificial Intelligence-based Messaging experience. At I/O event Wednesday, Google unveiled its new messaging app named Allo : A smart messaging app powered with machine learning programming and the company's newly announced AI bot Google Assistant. You just have to sign up with your phone number and link your Google account to Allo, and you are all set to go. AI Bot and Smart Replies: With Allo, besides chatting with your friends and family using animated graphics and enlarging or shrinking text, you can also call Google within the app to buy things, plan events, and even think of what to reply, i.e. smart replies. I found Smart Reply feature a bit fascinating, as it offers you some assumptions that you can reply when someone says something, shares a picture or something else. This feature learns to get more smart and productive over time as you use it. Also Read: How to Run Android Apps Without Installation Smart replies contain stickers ...

Downloading an app is a real pain sometimes when you don't want to install the complete app on your smartphone just for booking a movie ticket, or buying something online. Isn't that? Now, Imagine the world where you can use any Android app without actually the need to download or even install it on your smartphone. This is exactly what Google has intended to offer you with its all new Instant Apps feature. Announced at Google I/O event Wednesday, Android Instant Apps will break down the walls between websites and Android apps by allowing people to tap on a URL and open an Android app instantly, without even having to install it. As a live demonstration, Google's presenter on stage showed how just clicking a Buzzfeed Video link, which has a dedicated app, opened the relevant part of an app — all in just 2 seconds. Also Read: Google Unveils AI-powered Smart Messaging App In another demonstration, the presenter showed a link to buy a camera bag at B&H Ph...