The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

One of the best 3rd party Android Mobile Keyboard called ' SwiftKey ' turned into a Keylogger Trojan by an Android developer to show the possible security threat of using pirated cracked apps from from non-official App Stores, " anyone pirating Swiftkey is taking a serious risk " developer said to ' The Hacker News '. He demonstrated how to inject a Keylogger snippets of code into a legitimate Android Keyboard application that infected a mobile device with Trojan, connected with a remote server and transmitted data from the device inducing your all key logs. " Cracked copies of PC and iPhone apps can have malware as well of course but on both those platforms most software is compiled to machine code. Android apps are coded in Java and compiled to byte code that is run on the Dalvik VM and this byte code is not that hard to edit and insert back into an APK. " he explained. He developed a keylogger from SwiftKey( APK Download ), a mali...

IRAN has spent years fending off cyber attacks, blocking access and isolated their own intranet off from the outside world. Many Iranians was using of virtual private network (VPNs), which provides encrypted links directly to private networks based abroad, to access Sites like YouTube and Facebook after bypassing the country's internet filter. But recently, Iranian authorities have blocked the use of most virtual private network to stop people in the country from circumventing the government's internet filter. A widespread government internet filter prevents Iranians from accessing many sites on the official grounds they are offensive or criminal. Ramezanali Sobhani-Fard, the head of parliament's information and communications technology committee said, " Within the last few days illegal VPN ports in the country have been blocked. Only legal and registered VPNs can from now on be used. " Registered and legal VPN access can still be purchased, but the typical fi...

It's Microsoft Patch Tuesday, and time of the month in which we gather round, hold hands, and see just how much of Microsoft's software needs patching. Prepare your systems, Microsoft is expected to issue seven bulletins affecting all versions of its Windows operating system (OS), some Office components and also Mac OS X, through Silverlight and Office and 4 out of 7 are critical patches. Critical :  The first bulletin will address a remote code execution vulnerability affecting Windows and Internet Explorer. Critical : The second bulletin addresses a remote code execution vulnerability affecting Microsoft Silverlight. Critical :  The third bulletin addresses a remote code execution vulnerability affecting Office. The fourth security bulletin addresses a critical elevation of privilege vulnerability affecting both the Office and Server suites. Important : The fifth and sixth security bulletins address an information disclosure vulnerability affectin...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

If hackers want to get into your computer network, they will find a way. You can make it harder but you can't stop them. According to  Australian Financial Review report on Monday, the Reserve Bank of Australia (RBA) was hacked by hackers who infiltrated its networks and allegedly stole information using a Chinese piece of malware. After investigations they found multiple computers had been compromised by malicious software seeking intelligence. Several RBA staffers including heads of department were sent the malicious emails over two days, but it isn't known if the malware executed and succeeded in capturing information from the compromised computers.  The malware consisted of a web address that linked to a zip file that contained a Trojan which at the time was not detected by the anti-virus program, according to the bank.  A Defence department spokesperson said: " The government does not discuss specific cyber incidents, activities or capabilitie...

Today a cyber attack on Pakistan Government servers crash many Government departments's official websites including Ministry of Information Technology, Ministry of Railways, Ministry of Economic Affairs & Statistics, Ministry of Interior, Ministry of Religious Affairs, Ministry of Science and Technology, Ministry of Environment and many more. Indian Hacker ' Godzilla ' continue to strike Pakistan Government because of their support to terrorism activities. Hacker said," all network owned including switches because they deserve it, I have not touched any innocent website because target is only Government " While Pakistani official are already aware about the risk from the newest viruses, worms and cyber attacks, so they having their servers running through a proxy server located at  https://202.83.164.6/ , but flawed cyber security practices once again results to messed up whole setup and hacker successfully breach into cen...

A Google developer helps Apple to fixed a security flaw in its application store that for years has allowed attackers to steal passwords and install unwanted or extremely expensive applications. Security loophole allowed attacker to hijack the connection, because Apple neglected to use encryption when an iPhone or other mobile device tries to connect to the App Store. Researcher Elie Bursztein revealed on his blog that he had alerted Apple of numerous security issues last July but that Apple had only turned on HTTPS for the App Store last week. An attacker only needs to be on the same network as the person who is using the App Store. From there, they can intercept the communications between the device and the App Store and insert their own commands. The malicious user could take advantage of the unsecure connection to carry out a number of different attacks i.e steal a password, force someone to purchase an app by swapping it with a different app that the buyer actually intende...