The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

In order to secure sensitive information such as Finance, many companies and government agencies generally use totally secure computer systems by making sure it aren't connected to any network at all. But the most secure systems aren't safe anymore. Security researchers at the Cyber Security Labs at Ben Gurion University in Israel have found a way to snoop on a personal computer even with no network connection. STEALING DATA USING RADIO SIGNALS Researchers have developed a proof-of-concept malware that can infiltrate a closed network to lift data from a machine that has been kept completely isolated from the internet or any Wi-Fi connection by using little more than a mobile phone's FM radio signals. Researcher Mordechai Guri , along with Professor Yuval Elovici of Ben Gurion University, presented the research on Thursday in the 9th IEEE International Conference on Malicious and Unwanted Software ( MALCON 2014 ) held at Denver. This new technology is kno...

If you are fan of the largest social networking site Facebook, but also want to remain anonymous while using your Facebook account, then there is really a Good news for you. Facebook on Friday began offering a way for security and Privacy conscious users to connect to its social networking service using the anonymizing service running on the Tor networ k, by launching a .onion address. This is really a historic move of the social network. Tor Browser is an open source project, launched in 2002, designed to increase the anonymity of your activities on the Internet by not sharing your identifying information such as your IP address and physical location with websites and your service providers. Browsing and data exchange over a network is made through encrypted connections between computers. The social network just created a special URL – https://facebookcorewwwi.onion – that will allow users running Tor-enabled browsers to connect Facebook's Core WWW Infrastructure. Hidden service...

The co-founder of The Pirate Bay torrent site Gottfrid Svartholm Warg (Anakata) and his 21-year-old Danish co-defendant have been found guilty by a Danish court of hacking into systems operated by American IT giant CSC and illegally downloading files. It was the biggest hacking case ever conducted in the history of Denmark . By breaking into the servers maintained by CSC, Svartholm Warg illegally accessed police email accounts and stolen email addresses and passwords of over 10,000 policemen, explored the European border control database, and downloaded millions of social security numbers belonging to Danish citizens. The initial hack attack took place for about six months. " This is the largest hacking case to date. The crime is very serious, and this must be reflected in the sentence, " Prosecutor Maria Cingali said. Gottfrid Svartholm allegedly committed the crime along with his his 21-year-old co-defendant between February and August 2012. His co-defendant ...

Nearly a decade-long cyber espionage group that targeted a variety of Eastern European governments and security-related organizations including the North Atlantic Treaty Organization (NATO) has been exposed by a security research firm. The US intelligence firm FireEye released its latest Advanced Persistent Threat ( APT ) report on Tuesday which said that the cyber attacks targeting various organisations would be of the interest to Russia, and " may be " sponsored by the Russian government. The Report entitled " APT28: A Window Into Russia's Cyber Espionage Operations " published by FireEye has " evidence of long-standing, focused operations that indicate a government sponsor - specifically, a government based in Moscow. " " Despite rumours of the Russian government's alleged involvement in high-profile government and military cyber attacks, there has been little hard evidence of any link to cyber espionage, " Dan McWhort...

The open-source Wget application which is most widely used on Linux and Unix systems for retrieving files from the web has found vulnerable to a critical flaw. GNU Wget is a command-line utility designed to retrieve files from the Web using HTTP, HTTPS, and FTP, the most widely used Internet protocols. Wget can be easily installed on any Unix-like system and has been ported to many environments, including Microsoft Windows, Mac OS X, OpenVMS, MorphOS and AmigaOS. When a recursive directory fetch over FTP server as the target, it would let an attacker " create arbitrary files, directories or symbolic links " due to a symlink flaw. IMPACT OF SYMLINK ATTACK " It was found that wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP ," developer Vasyl Kaigorodov wrote in a Red Hat Bugzilla comment . A remote unauthentica...

China's number one — and the world's 3rd largest — smartphone manufacturer, Xiaomi , which is trying to make inroads into India's booming mobile phone market, was found secretly sending users' personal data , including IMEI numbers, phone numbers and text messages to the web servers back to Beijing in China. INDIA AND TAIWAN vs XIAOMI This issue raised higher concerns across many countries, proactively in India, Singapore and Taiwan. The Indian Air Force (IAF) — among the largest in the world — warned its employees and their belongings that their private information was being shipped over to servers in China, and asked them to avoid using Xiaomi smartphones due to security risk. Taiwanese Government underlined similar concerns before Xiaomi's launch in India. Xiaomi is facing an investigation in Taiwan for alleged cyber security threat, as a result of which last month the Taiwanese government decided to ban the company due to several privacy controversies. When i...