The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

In order to keep its billions of users safe, Google has introduced another security defense for its Android devices, called Google Play Protect . Google Play Protect , which is part of the Google Play Store app, uses machine learning and app usage analysis to weed out the dangerous and malicious apps, which have always been albatross around the tech giant's neck. Since Google Play Protect actually comes with the Google Play Store, users do not need to install or activate this security feature separately. Google Play Protect for Android devices consists: App scanning Anti-Theft Measures Browser Protection Play Protect's App Scanning Feature Google Play Protect is an always-on service on devices which said to scan 50 billion apps each day across a billion Android devices to ensure they are safe. Google already has a number of security measures in place to help keep your smartphones safe, including Verify Apps and its Bouncer service, but once apps are uploa...

Since the Shadow Brokers released the zero-day software vulnerabilities and hacking tools – allegedly belonged to the NSA's elite hacking team Equation Group – several hacking groups and individual hackers have started using them in their own way. The April's data dump was believed to be the most damaging release by the Shadow Brokers till the date, as it publicly leaked lots of Windows hacking tools , including dangerous Windows SMB exploit. After the outbreak of WannaCry last week, security researchers have identified multiple different campaigns exploiting Windows SMB vulnerability (CVE-2017-0143), called Eternalblue , which has already compromised hundreds of thousands of computers worldwide. I have been even confirmed by multiple sources in hacking and intelligence community that there are lots of groups and individuals who are actively exploiting Eternalblue for different motives. Moreover, the Eternalblue SMB exploit ( MS17-010 ) has now been ported to  Met...

WikiLeaks has published a new batch of the ongoing Vault 7 leak , detailing a spyware framework – which "provides remote beacon and loader capabilities on target computers" – allegedly being used by the CIA that works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10. Dubbed Athena/Hera , the spyware has been designed to take full control over the infected Windows PCs remotely, allowing the agency to perform all sorts of things on the target machine, including deleting data or uploading malicious software, and stealing data and send them to CIA server. The leak, which includes a user manual of Athena, overview of the technology, and demonstration on how to use this spyware, reveals that the program has two implications: Primary: Athena for XP to Windows 10  Secondary: Hera for Windows 8 through Windows 10 According to the whistleblower organization, Athena has the ability to allow the CIA agents to modify its co...

If your PC has been infected by WannaCry – the ransomware that wreaked havoc across the world last Friday – you might be lucky to get your locked files back without paying the ransom of $300 to the cyber criminals. Adrien Guinet, a French security researcher from Quarkslab, has discovered a way to retrieve the secret encryption keys used by the WannaCry ransomware for free, which works on Windows XP, Windows 7, Windows Vista, Windows Server 2003 and 2008 operating systems. WannaCry Ransomware Decryption Keys The WannaCry's encryption scheme works by generating a pair of keys on the victim's computer that rely on prime numbers, a "public" key and a "private" key for encrypting and decrypting the system's files respectively. To prevent the victim from accessing the private key and decrypting locked files himself, WannaCry erases the key from the system, leaving no choice for the victims to retrieve the decryption key except paying the ransom to ...

If you ever ordered food from Zomato, You should be Worried! India's largest online restaurant guide Zomato confirmed today that the company has suffered a data breach and that accounts details of millions of its users have been stolen from its database. In a blog post published today, the company said about 17 Million of its 120 Million user accounts from its database were stolen. What type of information? The stolen account information includes user email addresses as well as hashed passwords. Zomato claims that since the passwords are encrypted, it cannot be decrypted by the attackers, so the "sanctity of your password is intact." It seems Zomato is downplaying the threat or unaware of the fact that these days hackers are using cloud computing, which enables them to decrypt even a 15-18 character passwords within a few hours. So there's no guarantee your passwords will not eventually get cracked. Update: As shown in the above screenshot taken ...