The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Smartphone  is the need of everyone today and so the first target of most of the Cyber Criminals . Malware authors are getting to know their market and are changing their way of operations. Since last year we have seen a rise in the number of hackers moving from the Blackhat into the Greyhat. The Head of knowledge delivery and business development for  RSA's FraudAction Group ,  Daniel Cohen  warned users about the new threat via a company  blog  on Thursday, that explains everything about the malware app, called  iBanking . iBanking , a new mobile banking  Trojan app which impersonates itself as an Android ' Security App ', in order to deceive its victims, may intimidate a large number of users as now that its source code has been leaked online through an underground forum. It will give an opportunity to a larger number of cybercriminals to launch attacks using this kind of ready-made mobile malware in the future. Since...

Security Firm FireEye has uncovered yet another critical zero-day vulnerability in widely used Adobe Flash Software and Adobe has been forced to issue a second emergency patch update  in less than a month. All versions of Adobe Flash Player released before today's patch are vulnerable to the zero-day exploit and the patch addresses a critical vulnerability  CVE-2014-0502 , being used in a watering hole attack -dubbed " Operation Greedywonk",  that allows attackers to remotely take control of infected systems. The vulnerability affects the latest versions of Flash, is reported to be targeting the websites of three non-profit institutions, being redirected to an malicious server hosting the zero-day exploit. " Visitors to the Peter G. Peterson Institute for International Economics (www.piie[.]com) were redirected to an exploit server hosting this Flash zero-day through a hidden iframe ." FireEye said. Security updates tackle a number of flaws includi...

So you want to be a Programmer? Want to learn - How to code, Debug, and Program? The Web is full of free resources that can turn you into a programmer in no time, but never knew Where to start or How to troubleshoot your programs . Learning How to be a good programmer begins with learning logic concepts and language syntax and Google is a superb search engine, used by the majority of users online for finding information. But most of the time we don't get helping hands ' easily & quickly ' to debug our programs using Google or other Search engines. Learning to program is hard enough, but debugging is a critical skill, actually - it's frustrating ! DuckDuckGo , a private Search Engine that claims it gives complete anonymity to its users, has ' Programming Goodies ' for you and Software Engineers, i.e. provides a large number of programming tips and solutions from the a number of references, for various programming languages. Following are the...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

Popular Smartphone Messaging app  WhatsApp 's $19 billion acquisition by Social Network giant Facebook  made Headlines this week. While Some are applauding the move, and many other users are worried about WhatsApp's future and their privacy after this acquisition. Why So Serious? WhatsApp currently having 450 million active users and processes 50 billion messages a day. Service charges a nominal service fee of $1/year, that means Facebook is buying at $42.22 per user. $19 Billion / 450 million users  = $42.22 per user These figures show ,  obviously future revenue from WhatsApp can't cover the acquisition cost in the short or mid-term. " You can still count on absolutely no ads interrupting your communication. There would have been no partnership between our two companies if we had to compromise on the core principles that will always define our company, our vision and our product. " WhatsApp founder said in a  blo...

Zeus , a financially aimed Banking Trojan that comes in many different forms and flavors, is capable to steal users' online-banking credentials once installed. This time, an infamous  Zeus Trojan has turned out to be a more sophisticated piece of malware that uses web-crawling action . Instead of going after Banking credentials and performing malicious keystroke logging, a new variant of Zeus Trojan focuses on Software-as-a-service (SaaS) applications for the purpose of obtaining access to proprietary data or code. The SaaS Security firm vendor Adallom , detected a targeted malware attack campaign against a Salesforce.com customer, which began as an attack on an employee's home computer. Adallom found that the new variant had web crawling capabilities that were used to grab sensitive business data from that customer's CRM instance. The Security firm noticed the attack when they saw about 2GB of data been downloaded to the victim's computer in less than 10...

Using Popular Online Dating app - Tinder on iPhone ?? Then you are at significant risk that exposed members' private information without their knowledge. Online Dating app Tinder, available for the iPhone from the app store , has become incredibly popular in the past few months. Tinder app allows you to find dates nearby your location within a few miles and connects you with them, but a vulnerability allowed the attacker to potentially pinpoint your exact location to within 100 feet. Security Researchers at Include Security discovered that Tinder GPS vulnerability making members vulnerable to hackers. The Security flaw was discovered by the company last October, that enabled any member with some programming skills to access the app's API (Application Programming Interface) to get the exact latitude and longitude for another member. " Due to Tinder's architecture, it is not possible for one Tinder user to know if another took advantage of this ...