The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Over a month ago, The Hacker News reported about the Dropbox Hack , where hackers had managed to steal more than 68 Million Dropbox accounts in a data breach that was initially disclosed by the online cloud storage platform in 2012. Although the initial announcement failed to reveal the true scale of the data breach, it was in late August when the breach notification service LeakBase obtained files containing details on over 68 million accounts, which contains email addresses and hashed passwords for Dropbox users. Last month, a hacker was selling this Dropbox data dump on a Dark Web marketplace known as TheRealDeal for around $1200 . However, Motherboard recently discovered that a researcher has just uploaded the full dump of hacked Dropbox database online. Download DropBox Data Dump Here: Thomas White, known online as The Cthulhu, uploaded Monday the full Dropbox data dump onto his website in a move, as he claims, to help security researchers examine the data breach. ...

With rapidly growing Internet of Thing (IoT) devices, they have become a much more attractive target for cybercriminals. Just recently we saw a record-breaking Distributed Denial of Service (DDoS) attacks against the France-based hosting provider OVH that reached over one Terabit per second (1 Tbps), which was carried out via a botnet of infected IoT devices. Now, such attacks are expected to grow more rapidly as someone has just released the source code for IoT botnet, which was 'apparently' used to carry out world's largest DDoS attacks. Internet of Things-Botnet 'Mirai' Released Online Dubbed Mirai , the malware is a DDoS Trojan that targets BusyBox systems , a collection of Unix utilities specifically designed for embedded devices like routers. The malware is programmed to hijack connected IoT devices that are using the default usernames and passwords set by the factory before devices are first shipped to customers. Spotted by Brian Krebs , the...

Since the foundation of the Internet, a contract has been handed over to the United States Commerce Department under which the department had given authority to regulate the Internet. After 47 years, this contract ends tonight at midnight EDT i.e. Saturday, October 1st, 2016. If you think that the United States owns the Internet, then you're wrong. It doesn't. Founded in 1998, non-profit organization ICANN (The Internet Corporation for Assigned Names and Numbers) oversees the Internet's "address book" (or root zone) — the process of assigning domain names and the underlying IP addresses to keep the Internet running smoothly. But according to the contract, ICANN and its IANA department (the Internet Assigned Numbers Authority) was set to work under the supervision of National Telecommunications and Information Administration (NTIA), an agency of the U.S. Department of Commerce. That contract is ending today, and the US Commerce Department is schedule...

The massive data breach that Yahoo! confirmed to the world last week is claimed by the company to have been carried out by a "state-sponsored actor" in 2014, which exposed the accounts of at least 500 Million Yahoo users . But, now it seems that Yahoo has downplayed a mega data breach and trying to hide it's own security blunder. Recently the information security firm InfoArmor that analyzed the data breach refuted the Yahoo's claim, stating that the data breach was the work of seasoned cyber criminals who later sold the compromised Yahoo accounts to an Eastern European nation-state. Over 1 Billion Accounts May Have Been Hacked Now, there's one more twist in the unprecedented data heist. A recent advancement in the report indicates that the number of affected Yahoo accounts may be between 1 Billion and 3 Billion. An unnamed, former Yahoo executive who is familiar with the company's security says that the Yahoo's back-end system's arch...

Well, there's some good news for Hackers and Bug hunters, though a terrible news for Apple! Exploit vendor Zerodium has tripled its bug bounty for an Apple's iOS 10 zero-day exploit, offering a maximum payout of $US1.5 Million. Yes, $1,500,000.00 Reward. That's more than seven times what Apple is offering (up to $200,000) for iOS zero-days via its private, invite-only bug bounty program. Zerodium, a startup by the infamous French-based company Vupen that buys and sells zero-day exploits to government agencies around the world, previously offered US$500,000 for remote iOS 9 jailbreaks, which was temporarily increased to $1 Million for a competition help by the company last year. The company paid out $1 million contest reward for the first three iOS 9 zero-days in November to an unnamed hacker group, then lowered the price again to $500,000. With the recent release of iOS 10, Zerodium has agreed to pay $1.5 Million to anyone who can pull off a remote jail...