The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Two Researchers have discovered a couple of vulnerabilities in Signal , the popular end-to-end encrypted messaging app recommended by whistleblower Edward Snowden. One of those vulnerabilities could allow potential attackers to add random data to the attachments of encrypted messages sent by Android users, while another bug could allow hackers to remotely crash vulnerable devices. The vulnerabilities have just been patched, but the updated version of Signal is yet available on the Github open source repository, and not on the Google's official Play Store for Android apps, leaving millions of privacy conscious people vulnerable to attacks. That means, if you have installed Signal messaging app via Google Play Store, like other millions of Android users, you are still vulnerable to hackers. Developed by open source software group Open Whisper System, Signal is a free and open source messaging application specifically designed for Android and iOS users to make secure and e...

Note — Don't miss an important update at the bottom of this article, which includes an official statement from Xiaomi . Do you own an Android Smartphone from Xiaomi, HTC, Samsung, or OnePlus? If yes, then you must be aware that almost all smartphone manufacturers provide custom ROMs like CyanogenMod, Paranoid Android, MIUI and others with some pre-loaded themes and applications to increase the device's performance. But do you have any idea about the pre-installed apps and services your manufacturer has installed on your device?, What are their purposes? And, Do they pose any threat to your security or privacy? With the same curiosity to find answers to these questions, a Computer Science student and security enthusiast from Netherlands who own a Xiaomi Mi4 smartphone started an investigation to know the purpose of a mysterious pre-installed app, dubbed AnalyticsCore.apk , that runs 24x7 in the background and reappeared even if you delete it. Xiaomi is one of the ...

Should you put a tape or a sticker over the lens of your laptop's webcam? Yes, even Facebook CEO Mark Zuckerberg and FBI Director James Comey do that. Covering your laptop's webcam might be a hell cheap and good idea to guard against hackers and intruders who might want to watch your private life and environment through your devices. In fact, Comey recently came out defending his own use of tape to cover his personal laptop's webcam. People Are Responsible for Their Safety, Security & Privacy During a conference at the Center for Strategic and International Studies, when Comey was asked that he still put tape over his cameras at home, he replied: "Heck yeah, heck yeah. And also, I get mocked for a lot of things, and I am much mocked for that, but I hope people lock their cars… lock your doors at night. I have an alarm system. If you have an alarm system you should use it, I use mine." Comey went on to explain that it was common practice at ...

Another Day, Another Data Breach! And this time, it's worse than any recent data breaches. Why? Because the data breach has exposed plaintext passwords, usernames, email addresses, and a large trove of other personal information of more than 6.6 Million ClixSense users. ClixSense, a website that claims to pay users for viewing advertisements and completing online surveys, is the latest victim to join the list of " Mega-Breaches " revealed in recent months, including LinkedIn , MySpace , VK.com , Tumblr , and Dropbox . Hackers are Selling Plaintext Passwords and Complete Website Source Code More than 2.2 Million people have already had their personal and sensitive data posted to PasteBin over the weekend. The hackers who dumped the data has put another 4.4 Million accounts up for sale. In addition to un-hashed passwords and email addresses, the dump database includes first and last names, dates of birth, sex, home addresses, IP addresses, payment histories,...

Why waiting for researchers and bug hunters to know vulnerabilities in your products, when you can just throw a contest for that. Google has launched its own Android hacking contest with the first prize winner receiving $200,000 in cash. That's a Hefty Sum! The contest is a way to find and destroy dangerous Android vulnerabilities before hackers exploit them in the wild. The competition, dubbed ' The Project Zero Prize ,' is being run by Google's Project Zero, a team of security researchers dedicated to documenting critical bugs and making the web a safer place for everyone. What's the Requirements? Starting Tuesday and ending on March 14, 2017, the contest will only award cash prizes to contestants who can successfully hack any version of Android Nougat on Nexus 5X and 6P devices. However, the catch here is that Google wants you to hack the devices knowing only the devices' phone numbers and email addresses. For working of their exploits, contes...