The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Get ready for faster Internet because the WiFi you know today is about to change and get much, much faster. The WiFi Alliance, a self-described "worldwide network of companies that brings you Wi-Fi," has finally certified " WiGig ," an ultra-fast, short-range wireless network technology that will nearly double Wi-Fi's current top speed. As many as 180 Million devices, including routers, smartphones, laptops, tablets, and other devices, arriving by the end of next year will support WiGig or multi-gigabit Wi-Fi 802.11ad on the 60 gigahertz band, the Alliance announced . This certification program aims to encourage the production of devices and hardware that not only operate in the "less congested" 60 GHz spectrum but can also fall back to the regular Wi-Fi – 2.4 or 5 gigahertz bands – for maximum interoperability. "Wi-Fi has delighted users for more than 15 years, and WiGig now gives users even higher performance in a rich variety of appl...

Just last month, researchers explained how an attacker can knock the 911 service offline in an entire state by launching automated Distributed Denial of Service (DDoS) attacks using a botnet of just 6000 smartphones. But, doing so, in reality, could not only land public in danger but the attacker as well. The same happened to an 18-year-old teen from Arizona, who was arrested this week following a severe disruption of 911 emergency systems caused due to one of his iOS exploits. Meetkumar Hiteshbhai Desai discovered an iOS vulnerability that could be exploited to manipulate devices, including trigger pop-ups, open email, and abuse phone features, according to a press release from the Cyber Crimes Unit of Maricopa County Sheriff's Office. In order to prove the flaw, Desai allegedly created several exploits and posted a link to one of his JavaScript exploits on his Twitter account and other websites. People accessing the exploit link from their iPhones and iPads were ...

The infamous botnet that was used in the recent massive distributed denial of service (DDoS) attacks against the popular DNS provider Dyn, causing vast internet outage  last Friday, itself is flawed. Yes, Mirai malware, which has already enslaved millions of Internet of Things (IoT) devices across 164 countries, contains several vulnerabilities that might be used against it in order to destroy botnet's DDoS capabilities and mitigate future attacks. Early October, the developer of the malware publically released the source code of Mirai , which is designed to scan for IoT devices – mostly routers, cameras, and DVRs – that are still using their default passwords and then enslaves them into a botnet, which is then used to launch DDoS attacks. However, after a close look at the source code, a researcher discovered three vulnerabilities, one of which could be used to shut down Mirai's ability to flood targets with HTTP requests. A stack buffer overflow vulnerability wa...

Good News for privacy concerned people! Now, your online data will not be marketed for business; at least by your Internet Service Providers (ISPs). Yes, it's time for your ISPs to ask your permission in order to share your sensitive data for marketing or advertisement purposes, the FCC rules. On Thursday, the United States Federal Communications Commission (FCC) has imposed new privacy rules on Internet Service Providers (ISPs) that restrict them from sharing your online history with third parties without your consent. In a 3-2 vote, the FCC approved the new rules by which many privacy advocates seem pleased, while some of them wanted the Commission to even apply the same rules to web-based services like Google and Facebook as well. Initially proposed earlier this year, the new rule says : "ISPs are required to obtain affirmative 'opt-in' consent from consumers to use and share sensitive information." What does 'sensitive' information mean h...

Guess what? If you own a Windows PC, which is fully-patched, attackers can still hack your computer. Isn't that scary? Well, definitely for most of you. Security researchers have discovered a new technique that could allow attackers to inject malicious code on every version of Microsoft's Windows operating system, even Windows 10, in a manner that no existing anti-malware tools can detect, threaten millions of PCs worldwide. Dubbed " AtomBombing ," the technique does not exploit any vulnerability but abuses a designing weakness in Windows. New Code Injection Attack helps Malware Bypass Security Measures AtomBombing attack abuses the system-level Atom Tables, a feature of Windows that allows applications to store information on strings, objects, and other types of data to access on a regular basis. And since Atom are shared tables, all sorts of applications can access or modify data inside those tables. You can read a more detailed explanation of Atom T...