The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The importance of increasing online security around personal information has risen due to the increase in cyber attacks and data breaches over recent years. I find it hilarious people are still choosing terrible passwords to protect their online accounts. The massive LinkedIn hack is the latest in the example that proves people are absolutely awful at picking passwords. The data breach leaked 167 Million usernames and passwords online, out of which "123456" was used by more than 750,000 accounts, followed by "LinkedIn" ( 172,523 accounts ), and "password" ( 144,458 accounts ). In a typical authentication mechanism, two-factor verification is the second layer of security that is designed to ensure that you are the only person who can access your account, even if someone knows your password. Project Abacus: Password-free Logins Now Instead of just relying on uniquely generated PINs, Google intends to use your biometrics data – like your typi...

In an era where major data hacks are on the rise, it is no surprise breaches on individuals are also up. In just three hours, over 100 criminals managed to steal ¥1.4 Billion ( approx. US$12.7 Million ) from around 1,400 ATMs placed in small convenience stores across Japan. The heist took place on May 15, between 5:00 am and 8:00 am, and looked like a coordinated attack by an international crime network. The crooks operated around 1,400 convenience store ATMs from where the cash was withdrawn simultaneously in 16 prefectures around Japan, including Tokyo, Osaka, Fukuoka, Kanagawa, Aichi, Nagasaki, Hyogo, Chiba and Nigata, The Mainichi reports . Also Read: Tyupkin Malware Hacking ATM Machines Worldwide Many ATM incidents involve a long-established technique called ' ATM Skimming ' in which criminals install devices to obtain card details via its magnetic stripe, or use ATM malware or from data breaches, and then work with so-called carders and money mules to pilfe...

Despite browsing incognito, blocking advertisements, or hiding your tracks, some websites monitor and track your every move online using a new web-tracking technique called Audio Fingerprinting . This new fingerprinting technique can be utilized by technology and marketing companies to deliver targeted advertisements as well as by law enforcement to unmask VPN or Anonymous users, without even decrypting the traffic. Researchers at Princeton University have conducted a massive privacy survey and discovered that Google, through its multiple domains, is tracking users on nearly 80 percent of all Top 1 Million Domains using the variety of tracking and identification techniques. Out of them, the newest tracking technology unearthed by the researchers is the one based on fingerprinting a machine's audio stack through the AudioContext API . "All of the top five third-parties, as well as 12 of the top 20, are Google-owned domains," the researchers note. "In fact, Goog...

How to hack an Instagram account? The answer to this question is difficult to find, but a bug bounty hunter just did it without too many difficulties. Belgian bug bounty hunter Arne Swinnen discovered two vulnerabilities in image-sharing social network Instagram that allowed him to brute-force Instagram account passwords and take over user accounts with minimal efforts. Both brute-force attack issues were exploitable due to Instagram's weak password policies and its practice of using incremental user IDs. "This could have allowed an attacker to compromise many accounts without any user interaction, including high-profile ones," Swinnen wrote in a blog post describing details of both vulnerabilities. Brute-Force Attack Using Mobile Login API Swinnen discovered that an attacker could have performed brute force attack against any Instagram account via its Android authentication API URL, due to improper security implementations. According to his blog post , fo...

Bangladesh is not the only bank that had become victim to the cyber heist . In fact, it appears to be just a part of the widespread cyber attack on global banking and financial sector by hackers who target the backbone of the world financial system, SWIFT. Yes, the global banking messaging system that thousands of banks and companies around the world use to transfer Billions of dollars in transfers each day is under attack. A third case involving SWIFT has emerged in which cyber criminals have stolen about $12 million from an Ecuadorian bank that contained numerous similarities of later attacks against Bangladesh's central bank that lost $81 Million in the cyber heist . The attack on Banco del Austro (BDA) in Ecuador occurred in January 2015 and, revealed via a lawsuit filed by BDA against Wells Fargo, a San Francisco-based bank on Jan. 28, Reuters reported. Here's how cyber criminals target banks: Uses malware to circumvent local security systems of a bank. Gains acces...