The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

One of the world's largest mobile operator ' Orange ' has been hit by data breach. The French multinational telecommunication company announced recently, it was targeted by unknown hackers on 16th January 2014, who allegedly gained access to the accounts of up to 800,000 customers of Orange website. According to a report published on the PC INpact website, the company warned their customers in an email that their Client Area website orange.fr was hacked and personal data of 3% customers have been stolen, but the passwords are not affected. The hacker has successfully stolen customers' names, mailing address, email, landline and mobile phone numbers. The company warned, with the information lost in this attack, hackers can perform phishing attacks, allowing them to steal personal data, including bank account details and passwords by sending emails that look as if they have come from official sources. Orange has confirmed the data breach, and afte...

Cryptographer Professor Jean-Jacques Quisquater has become the part of a targeted attack by the US National Security Agency (NSA) and its British counterpart GCHQ, first reported on Saturday morning by De Standaard . A few months back in September 2013 it was revealed that, Belgacom , the largest telecommunications company in Belgium was hacked and number of employees on Belgacom's network, including their servers were compromised. Later in November 2013 , it was revealed that the NSA and GCHQ were behind the infiltration of the company's computers, according to the document provided by the former NSA contractor Edward Snowden . The document detailed that the British intelligence agency GCHQ created fake ' LinkedIn ' and ' Slashdot ' pages to spy on computers of Belgacom network engineers. They used a method called " quantum insert ", to redirect employees to fake websites that contained malware using Man in the middle attack to a spoofed server ( codenamed "...

Last Friday at the 50th Munich Security Conference , Microsoft announced to launch ' Transparency centers ' around the World, where government customers will be able to verify the source code of Microsoft's products and can confirm that there are no backdoors. The recent chain of scandals over US global snooping has seriously damaged the trust in U.S. Government and top U.S. Tech companies, that could cost them billions of dollars over the next several years if international clients take their business elsewhere. German Chancellor Angela Merkel , whose private mobile phone was also allegedly bugged by the NSA , warned earlier that U.S. Spying operations are unacceptable. In an effort to re-gain the trust of its customers and Governments around the world, Microsoft has announced that it will expand encryption across its services, reinforce legal protections for customers' data and will also enhance the transparency of its software code. Encryption proced...

Smartphones are powerful and popular, with more than thousands of new mobile apps hitting the market everyday. Apps and mobile devices often rely on consumers' data, including private information, photos, and location, that can be vulnerable to data breaches, surveillance and real-world thieves. When developing a mobile application, developer has to fulfill high security requirements, established for apps that deal with confidential data of the users. If you are a developer then responsibilities for providing security to the users is very high in comparison to functionality you are going to feed into the app. e.g. A vulnerability found in Starbucks' iOS app could have caused a massive financial data loss. It is always important for all app developers to have enough knowledge about major Mobile platform Security threats and its countermeasures. Today we would like to introduce open source ' Damn Vulnerable IOS App (DVIA) ' developed by Prateek Gianchan...

A pro-hacker group, aligned with president Bashar al-Assad, very well known as Syrian Electronic Army (SEA) has again gained the media attention by adding the popular sites, i.e. eBay UK and PayPal UK to its victim list. After targeting websites of various media agencies, government organizations and big enterprises, including the latest defaced CNN and Microsoft, today they targeted and defaced the official websites of UK's Ebay ( ebay.co.uk ) and PayPal ( paypal.co.uk ). The group also left a deface page along with a message on the hacked PayPal UK site: " Hacked by Syrian Electronic Army! Fuck the United States Government. " It is clear that the attack on PayPal could put millions of peoples' bank information at risk, but the group said that the attack is not to target account information of people instead was ' Purely a Hacktivist Operation ' with the reason behind is the discrimination of Syrian citizens by PayPal company. " For denying Syrian citizens ...

Turn your face in any direction, someone is always trying to spy on you; doesn't matter who and what you are? Just yesterday we reported that Communications Security Establishment Canada (CSEC) in Canada and NSA are together, running a spying program called ' game-changer '. It was revealed that the agencies are tracking all the travelers who passed through the airport terminal, and could be tracked throughout the country by referencing it with the intercepted information from Wi-Fi in cafes, libraries and other public places. Today XDA Senior Recognized Developer ' Chainfire ' has released a new Android app called Pry-Fi , that allow a user to disable Wi-Fi completely, including the background network scanning.  Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. ' Retailers, crooks, the government, and other...