The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

We are all aware of the mass surveillance conducted by the government agencies on us. From our phone calls, emails to web activities, chats and social network activities, everything has been interrupted by the law enforcements. And now they have crossed every limits by using a new way to spy on you. Guess What? Dozens of US law enforcement agencies are quietly taking advantage of the technology that allows them to effectively "see" through walls of buildings to monitor people's activity . This has once again raised privacy questions. Privacy has become just a word as there's nothing private left, not even our homes. According to a recent report from USA Today , over 50 law enforcement agencies, including Federal Bureau of Investigation (FBI) and U.S. Marshals, have secretly been using the new radars for the past two years, but it came to light just last month during a court hearing in Denver . The device, dubbed Range-R , sends out radio waves that can d...

Smartphones in our pockets are exponentially smaller and more powerful that they don't realize the need to carry laptops with us everywhere. Now imagine if a small mouse meets the need of the entire PC? Not just imagination, it has been proved and done by the engineers at a Polish startup. Poland-based Przemysław Strzelczyk and a team of software developers working on a new concept have created what they believe is the future of desktop computing — a mouse that's also a PC. Called " Mouse-Box ", a wireless gadget that packs a 1.4 GHz quad-core ARM processor, a micro-HDMI port, WiFi up to 802.11n, accelerometer, gyroscope, two USB 3.0 ports and 128 GB storage space into a mouse. The only extra hardware needed is a monitor. Mouse Box comes with the same amount of storage as a high-end iPhone 6 Plus , but we know that nobody will be able to work for long with so little storage. The storage capacity can't be physically expanded, but can be extended with the use of clou...

Ransomware  malware threat has forced somebody for the terrible suicide and once again has marked its history by somebody's blood. Sad, but it's True! Joseph Edwards , a 17-year-old schoolboy from Windsor, Berkshire, hanged himself after receiving a bogus email appeared to be from police claiming that he'd been spotted browsing illegal websites and that a fine of 100 pound needed to be paid in order to stop the police from pursuing him. The scam email pushed the well-known Police Ransomware onto the boy's laptop and also downloaded malware that locked up his system once it was opened. Edwards was an A-level student with Autism, a developmental disability, that likely made him more susceptible to believing the Internet scam mail, supposedly sent from from Cheshire police, was genuine, a coroner heard on Thursday. Edwards was so upset and depressed by the accusation and the extortionate demand that he hanged himself hours after falling victim to the crucial threat. He was foun...

After exposing three critical zero-day vulnerabilities in Microsoft's Windows operating systems, Google's Project Zero vulnerability research program has revealed the existence of three more zero-day vulnerabilities, but this time, on Apple's OS X platform. The team has published three zero-day exploits for Apple's OS X, with sufficient information for an experienced hacker to exploit the bugs in an attack. Of course, the details about the zero-days were not released without alerting Apple to these issues. FIRST ZERO-DAY  VULNERABILITY The first flaw, " OS X networkd 'effective_audit_token' XPC type confusion sandbox escape ," allows an attacker to pass arbitrary commands to the networkd OS X system daemon because it does not check its input properly. The flaw may already have been mitigated in OS X Yosemite , but there is no clear explanation of whether this is the case. SECOND ZERO-DAY VULNERABILITY The second and third vulnerability both are relate...

A critical cross-site scripting ( XSS ) vulnerability in the Google Apps administrator console allowed cyber criminals to force a Google Apps admins to execute just about any request on the https://admin.google.com/ domain. The Google Apps admin console allows administrators to manage their organization's account. Administrators can use the console to add new users, configure permissions, manage security settings and enable Google services for your domain. The feature is primarily used by many businesses, especially those using Gmail as the e-mail service for their domain. The XSS flaw allowed attackers to force the admin to do the following actions: Creating new users with "super admin" rights Disabling two-factor authentication ( 2FA ) and other security measures from existing accounts or from multiple domains Modifying domain settings so that all incoming e-mails are redirected to addresses controlled by the attacker Hijack an account/email by resett...

Barrett Brown , a journalist formerly served as an unofficial spokesman for the hacktivist collective Anonymous , was sentenced Thursday to over five years in prison, after pleading guilty to federal charges of  " transmitting a threat in interstate commerce ,"   " for interfering with the execution of a search warrant ," and to being " accessory after the fact in the unauthorized access to a protected computer ." After already having served over 2 years ( 31 months ) in detention, Texas court in Dallas has sentenced Barrett Brown to 63 months in federal prison and also ordered him to pay a little more than $890,000 in restitution and fines related to the 2011 hack of Stratfor Global Intelligence . Over a year ago, another federal judge sentenced Anonymous member Jeremy Hammond to 10 years in prison for making millions of emails from the servers of security firm Stratfor public. It's Hammond who said that Brown simply linked to the hacked ...