The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Cyber attacks get bigger, smarter, more damaging. P*rnHub launched its bug bounty program two months ago to encourage hackers and bug bounty hunters to find and responsibly report flaws in its services and get rewarded. Now, it turns out that the world's most popular p*rn*graphy site has paid its first bounty payout. But how much? US $20,000! Yes,  P*rnHub  has paid $20,000 bug bounty to a team of three researchers, who gained Remote Code Execution (RCE) capability on its servers using a zero-day vulnerability in PHP – the programming language that powers  P*rnHub 's website. The team of three researchers, Dario Weißer (@haxonaut), cutz and Ruslan Habalov (@evonide), discovered two use-after-free vulnerabilities ( CVE-2016-5771/CVE-2016-5773 ) in PHP's garbage collection algorithm when it interacts with other PHP objects. One of those is PHP's unserialize function on the website that handles data uploaded by users, like hot pictures, on multiple pat...

Guess What? Someone just downloaded Twitter's Vine complete source code. Vine is a short-form video sharing service where people can share 6-second-long looping video clips. Twitter acquired the service in October 2012. Indian Bug bounty hunter Avinash discovered a loophole in Vine that allowed him to download a Docker image containing complete source code of Vine without any hassle. Launched in June 2014, Docker is a new open-source container technology that makes it possible to get more apps running on the same old servers and also very easy to package and ship programs. Nowadays, companies are adopting Docker at a remarkable rate. However, the Docker images used by the Vine, which was supposed to be private, but actually was available publically online. While searching for the vulnerabilities in Vine, Avinash used Censys.io – an all new Hacker's Search Engine similar to Shodan – that daily scans the whole Internet for all the vulnerable devices. Using Censys, Avina...

Finally, Someone has come forward to buy Yahoo! Guess Who? The telecommunication giant Verizon . Yes, Verizon Communications Inc. is reportedly closing in on a deal to acquire Yahoo's core business for about $5 Billion, according to a report from Bloomberg. Since the agreement between the companies has not been finalized, it is unclear at this moment that which Yahoo's assets the deal would include. "In order to preserve the integrity of the process, we're not going to comment on the issue until we've finalized an agreement," a Yahoo spokeswoman said in a statement provided to CNNMoney. You might be wondering Why Verizon is buying Yahoo! Well, I'll come to it in the second half of my article, because before discussing this point, let's first focus on why Yahoo! wants to get acquired. Why Yahoo Was Up For Sale? Founded in 1995, Yahoo! was once the brightest star of the Web. But when its rivals including Google, Facebook and even few-years-old com...

Today, whistleblowing website Wikileaks has finally published more than 19,000 e-mails, which contains more than 8,000 attachments from the US Democratic National Committee (DNC) . The new trove of documents apparently pilfered from the DMC released after Wikileaks yesterday announced via its official Twitter account that a "series" about Hillary Clinton is coming soon. The published documents are part one of Wikileaks' new Hillary Leaks series, Wikileaks said in a press release. The emails released by Wikileaks were handed over to the whistleblower organization by the DNC hacker using handle " Guccifer 2.0 ," who hacked DNC's computer systems in a such a way that the hacker was able to read all email and chat traffic. The leaked 19,252 emails cover a period from January 2015 to May 2016 and allegedly come from the accounts of seven key figures in the DNC: Communications Director Luis Miranda — 10770 emails. National Finance Director Jordon Kapl...

We just cannot imagine our lives without smartphones, even for a short while, and NSA whistleblower Edward Snowden had not owned a smartphone since 2013 when he began leaking NSA documents that exposed the government's global surveillance program. Snowden fears that cellular signals of the smartphone could be used to locate him, but now, to combat this, he has designed an iPhone case that would detect and fight against government snooping. With help from renowned hardware hacker Andrew "Bunnie" Huang, Snowden has devised the design, which they refer to as an " Introspection Engine, " that would keep journalists, activists, and human rights workers from being tracked by their own devices leaking their location details. "This work aims to give journalists the tools to know when their smartphones are tracking or disclosing their location when the devices are supposed to be in airplane mode," Huang and Snowden wrote in a blog post published Thu...