The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A U.S. Grand jury indicted and accused 13 members of the hacking group Anonymous for allegedly participating in the cyber attacks against a number of websites as an  anti-copyright campaign called " Operation Payback " Hackers took down the sites by inflicting a denial of service, or DDoS, attack , including those belonging to the Recording Industry Association of America, Visa and MasterCard. The attacks were in retaliation for the shutdown of " The Pirate Bay ," a Sweden-based file-sharing website used to illegally download copyrighted material. The DDoS Campaign was later extended to Bank of America and credit card companies such as Visa and MasterCard after they refused to process payments for WikiLeaks . According to the indictment, the suspects are charged with conspiracy to intentionally cause damage to protected computers. Suspects downloaded and used software known as Low Orbit Ion Cannon , or LOIC, to launch distributed denial-of...

Bitcoin Talk , the popular Bitcoin discussion forum, has been hacked and as it stands the site is currently unreachable. Bitcointalk has been down for nearly 6 hours. The forums have been allegedly hacked and Defaced by " The Hole Seekers " and selling 150,000 emails and hashed passwords stolen from Bitcointalk.org for 25 Bitcoins , where the passwords are hashed with sha256crypt. Hacker embedded the "1812 Overture" song in the background with a dazzling animated picture show. According to Bitcointalk admin Theymos, it's possible that the hackers gained access to the database. He says the website will not be restored until he figures out precisely what vulnerability the hackers leveraged. He's offering 50 Bitcoin to the first individual who can pinpoint the security hole. See the video below for the Hack-in-Action: " Hello friend, Bitcoin has been seized by the FBI for being illegal. Thanks, bye " reads one the message in the video. To be safe, i...

Hackers broke into Adobe Systems' internal network on Thursday, stealing personal information on 2.9 million customers and the source code for several of Adobe's most popular products. This an absolutely massive blow to Adobe, especially their reputation. Adobe, which makes Photoshop and other programs, revealed that cyber attackers had access user information, including account IDs and encrypted passwords as well as credit and debit card numbers. The company did not specify which users of its various software programs were hit. But Products compromised in this attack include Adobe Acrobat, ColdFusion , and ColdFusion Builder. " We believe these attacks may be related. We are working diligently internally, as well as with external partners and law enforcement, to address the incident. " the company said in a customer security alert . Adobe's Arkin says the company is not aware of zero-day exploits or other specific threats to its customers due to the...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

The world of mobile search is about to get a bit more anonymous. Thanks to the fears over government surveillance and corporate tracking, Anonymous Search Engine DuckDuckGo continues to break its own search records. DuckDuckGo Search & Stories - Android app deliver the same functionality as traditional services such as Google but with the added promise that your IP address and identity will not be recorded.  In June, Anonymous search engine  DuckDuckGo  had launched its app for  iOS  and Android and during recent update, DuckDuckGo's application for Android also integrated the Tor support. " Privacy is perhaps more important on mobile than on the web, and we haven't had many private alternatives ," DuckDuckGo founder Gabriel Weinberg said. To enable Tor with DuckDuckGo android app, user need to Check " Enable Tor " from setting. It will prompt the user to install about application to anonymize the Mobile data c...

Offering cash rewards for vulnerability reports has become something of a norm when it comes to big tech companies these days.  Yahoo has changed its bug bounty policies following a deluge of negative feedback in the wake of the news that ethical hackers were rewarded with $12.50 in gift vouchers for security flaw discoveries. The company unveiled a new program to reward reporters who shed light on bugs and vulnerabilities classified as new, unique and/or high risk issues. Starting October 31, 2013, individuals and firms who report bugs will be rewarded with anything between $150-$15,000. " The amount will be determined by a clear system based on a set of defined elements that capture the severity of the issue ," Director of security, Ramses Martinez, announced . Yahoo denied that its new program was a response to the criticism, saying it was already working on a new bug bounty system before the furore. Martinez begins by labelling himself as the ...

Nation-state driven cyber attacks are routinely conducted on a global scale to defend national sovereignty and project national power. We are living in the cyber era, human conflict is involving also the fifth domain of warfare , the cyberspace . As never before disputes take place with blows of bits, militias of every government are developing cyber capabilities dedicating great effort for the establishment of cyber units . Network security company, FireEye, has released a report titled " World War C: Understanding Nation-State Motives Behind Today's Advanced Cyber Attacks " which describes the effort spent by governments in cyber warfare context, the document analyzes in detail the different approaches adopted by various countries in conducting nation-state driven cyber attacks . Security experts highlight the intensification of state-sponsored attacks for both cyber espionage and sabotage purpose, campaigns such as Moonlight Maze and Titan Rain or the destruc...