The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

After the Heartbleed bug that exposed half of the Internet vulnerable to hackers thereby marking as one of the largest Internet vulnerability in recent history, the critical flaw in the implementation of the DNS protocol could also represent a serious menace to the Internet security. A Serious security vulnerability has been discovered in the algorithms of DNS software – BIND by the two Israeli students ' Roee Hay ' and ' Jonathan Kalechstein ', who are working under a project out at the Laboratory of Computer Communication & Networking in the Faculty of Computer Science at the Technion , which was led by Dr. Gabi Nakibly from Rafael (Rafael Advanced Defense Systems Ltd.). Although, Technion students have not provided any detail explanation about the vulnerability , but indicated that by exploiting the DNS protocol flaw an attacker could redirect the users who are trying to visit a legitimate website to a fake and bogus website which the attacker con...

The collection of slashes and hyphens in URLs of websites make it look complicated and messy, now the new experimental version of the Google Chrome browser bury the whole URL into the top-level domain name. Google's new experiment to the recent update to Chrome 's publicly available Canary browser indicates that in the coming weeks Google may eventually hide the full URLs of the websites and will show only the website name and domain even if you are navigating within the website, something familiar with the mobile version of Safari. Chrome Canary is an early build and a leading-edge of the next version of Google's web browser and a couple of days ago, Google pushed an update to both of its Chrome Canary and beta builds that hide long URLs of a website from the address bar. OMNIBOX - NEW ADDRESS BAR The field that is mostly known as address bar is now better known as "omnibox", a single bar at the top of the screen that gives you ability to type terms you want to ...

An 18-year old Miami University student is facing charges for allegedly breaching the school's computer system to change grades for himself and four other students. Jose Bautista appeared before a judge Friday after he was arrested Thursday by the Miami School Board Police after the principal of Dr. Michael M. Krop Senior High School turned him in, after the student reportedly gave him a written confession. The principal claims he obtained a written confession from the student. " It's not fair to the people that really try ," said Mayan Dehry , a student at Bautista's school. " Like, I know a lot of kids are in AP classes, and they try really hard to get the grades that they get. I don't know, if you're just going to be lazy and then change your grades, that's not what learning is about. " A fellow student Brett Curtis said Bautista's actions are not representative of the majority of his peers. " We have almost 3,000...

After Heartbleed bug , a security flaw in widely used open-source software OpenSSL that puts countless websites at risk, another vulnerability has been found in popular authentication software OpenID and authorization software OAuth. Wang Jing , a Chinese mathematics Ph.D student at the Nanyang Technological University in Singapore, found that the OAuth and OpenID open source login tools are vulnerable to the " Covert Redirect " exploit. The login tools ' OAuth ' and 'OpenID' protocols are the commonly used open standard for authorization. OAuth designed as a way for users to sign in or sign up for other services using an existing identity of a site such as Google, Facebook, Microsoft or Twitter, whereas OpenID is a decentralized authentication system for the Internet that allows users to log in at websites across the internet with same digital identity. The Covert Redirect vulnerability could affect those who use 'OAuth' and 'OpenID' protocols to 'login' to the websites ...

Microsoft had publicized widely its plans to stop supporting oldest and widely used Operating system, Windows XP after 8th April this year, which means Microsoft would no longer issue security patches for XP. A few days back, we reported about a new critical Zero-day vulnerability in all versions of Microsoft's browser Internet Explorer, starting with IE version 6 and including IE version 11. According to the advisory (CVE-2014-1776), All versions of Internet Explorer are vulnerable to Remote Code Execution flaw, which resides ' in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated ,' Microsoft confirmed . An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. FIRST PATCH FOR WINDOWS XP, EVEN AFTER EXPIRATION DATE Internet Explorer vulnerability poses a special concern for people still using Windows XP , but can Microsoft really ignore inno...

An alleged member of the famous amorphous Hacktivist group Anonymous is now facing a total of 44 charges after the filing of the latest superseding Indictment of cyber assaults charges against him with the collective to hack Computer systems of a County Government, a school district and a Newspaper organization in Texas, federal investigators announced on Tuesday. 27-year-old Fidel Salinas of Donna, Texas, charged with several counts of cyber stalking, attempted computer hacking and with intent to harass and intimidate a female victim, making it altogether 44 counts of cyber assaults that could lead him up to 440 years in Jail. Salinas intentionally tried to hack into the computer system of Hidalgo County practically two years earlier, for which he was charged with one count of violating the Computer Fraud and Abuse Act after a grand jury in the United States District Court for the Southern District of Texas found him guilty, last October. It looked like, Salinas wou...