The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Browser extensions have become a standard part of the most popular browsers and essential part of our lives for surfing the Internet. But not all extensions can be trusted. One such innocent looking browser add-on has been caught collecting browsing history of millions of users and selling them to third-parties for making money. An investigation by German television channel NDR ( Norddeutscher Rundfunk ) has discovered a series of privacy breaches by Web Of Trust (WOT) – one of the top privacy and security browser extensions used by more than 140 Million online users to help keep them safe online. Web of Trust has been offering a " Safe Web Search & Browsing " service since 2007. The WOT browser extension, which is available for both Firefox and Chrome, uses crowdsourcing to rate websites based on trustworthiness and child safety. However, it turns out that the Web of Trust service collects extensive data about netizens' web browsing habits via its brows...

With just two days before the presidential election, WikiLeaks late Sunday night published a new trove of emails apparently hacked from the Democratic National Committee (DNC). The most recent dump of more than 8,000 emails came after the whistleblowing site, on a daily basis over last four weeks, has already leaked over 50,000 emails stolen from the key figure in the DNC – Hillary Clinton's campaign chairman John Podesta. However, this time, not everything went as planned by WikiLeaks. WikiLeaks early Monday morning announced on Twitter that shortly after the release of hacked DNC emails the organization was the target of a major Distributed Denial of Service (DDoS) attack. What's more?  Soon after WikiLeaks reported the DDoS attack on its email publication servers, Twitter also went down, and the outage lasts for at least 30 minutes. According to a status monitor, the Twitter outage began at around 6.45am GMT and continued for nearly half an hour, though report...

Almost 20,000 Tesco Bank customers have had their money stolen from their accounts after the banking arm of UK's biggest retailer fall victim to a hacking attack this weekend. As a result of the hack, Tesco Bank has frozen online transactions in an attempt to protect its customers from, what it described as, the " online criminal activity. " However, customers can still use their debit and credit cards for cash withdrawals and card-based payments. Tesco Bank has not disclosed any details of the cyber attack or how accounts had been compromised, but Benny Higgins, chief executive of Tesco, confirmed that the hack affected 40,000 of its 136,000 accounts, half of which had already been used to withdraw money fraudulently over the weekend. The bank would not disclose the total amount stolen from the accounts, but confirmed that the amount stolen was a " big number but not a huge number. " If you have been affected by this incident, don't worry! Higgins has apo...

China has long been known for its strict censorship policies, which has already made it difficult for foreign companies to do business in the world's most populous country of more than 1.35 Billion people. Now, the Chinese government has approved a broad new controversial cybersecurity regulations that would further strengthen the country's censorship regime, making it more difficult for technology companies to operate in the country. Made public on Monday, the legislation, passed by China's rubber-stamp parliament and set to go into effect in June 2017, aims at combating growing threats like hacking and terrorism, but actually comes with data localization, real-name requirements, and surveillance. The Cybersecurity Law requires instant messaging services and other internet operators to force users to register with their real names and personal information, which restricts anonymity of a user online. The proposed law also includes requirements for ' Data Locali...

Indian embassy websites in seven different countries have been hacked, and attackers have leaked personal data, including full name, residential address, email address, passport number and phone number, of Indian citizens living abroad. This incident is extremely worrying because it involves diplomatic personnel working in the embassies that have always been a favorite target of state-sponsored hackers launching cyber espionage campaigns. Security pen-testers who go by the name Kapustkiy and Kasimierz have claimed responsibility for the hack and told The Hacker News that the reason behind the hack was to force administrators to consider the cyber security of their websites seriously. In Pastebin link shared on their Twitter account , the hackers claimed to have hijacked Indian Embassy websites in Switzerland, Italy, Romania, Mali, South Africa, Libya, and Malawi and leaked personal details of hundreds of Indians, including students studying abroad. The pair exploited a si...