The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Security researchers have warned of a pair of vulnerabilities in the Google Play Store that could allow cyber crooks to install and launch malicious applications remotely on Android devices. Tod Beardsley, technical lead for the Metasploit Framework at Rapid7 warns that an X-Frame-Options (XFO) vulnerability – when combined with a recent Android WebView (Jelly Bean) flaw – creates a way for hackers to quietly install any arbitrary app from the Play store onto victims' device even without the users consent. USERS AFFECTED The vulnerability affects users running Android version 4.3 Jelly Bean and earlier versions of Android that no longer receive official security updates from Android security team for WebView , a core component used to render web pages on an Android device . Also, users who have installed third party browsers are affected. According to the researcher, the web browser in Android 4.3 and prior that are vulnerable to a Universal Cross-Site Scripting (...

A Serious vulnerability in Facebook has recently been reported that could allow anyone to delete your complete Facebook photo album without having authentication. Security Researcher Laxman Muthiyah told The Hacker News that the vulnerability actually resides in Facebook Graph API mechanism, which allows "a hacker to delete any photo album on Facebook . Any photo album owned by an user or a page or a group could be deleted." DELETING FACEBOOK PHOTO ALBUMS According to Facebook developers documentation, its not possible to delete albums using the Graph API, but Indian security researcher has found a way to delete not just his own, but also others Facebook photo albums within few seconds. " I decided to try it with Facebook for mobile access token because we can see delete option for all photo albums in Facebook mobile application isn't it? Yeah and also it uses the same Graph API ," he said. In general, Facebook Graph API requires an access tok...

Nearly 40,000 organisations running MongoDB , a NoSQL high performance and cross-platform document-oriented database, are found to be unprotected and vulnerable to hackers. Three students from University of Saarland in Germany at the Centre for IT Security – Kai Greshake, Eric Petryka and Jens Heyens – discovered that MongoDB databases running at TCP port 27017 as a service on several thousands of commercial web servers are easily accessible on the Internet. MongoDB is an open-source database used by companies of all sizes, across all industries for a wide variety of applications. MongoDB is built for scalability, performance and high availability, scaling from single server deployments to large, complex multi-site architectures. By leveraging in-memory computing, MongoDB provides high performance for both reads and writes. The German researchers said that they were able to get "read and write access" to the unsecured MongoDB databases without using any sp...

The GHOST vulnerability is a buffer overflow condition that can be easily exploited locally and remotely, which makes it extremely dangerous. This vulnerability is named after the GetHOSTbyname function involved in the exploit. Attackers utilize buffer overflow vulnerabilities like this one by sending specific packets of data to a vulnerable system. The attack allows the attacker to execute arbitrary code and take control of the victim's vulnerable machine. Unfortunately, the vulnerability exists in the GNU C Library (glibc) , a code library originally released in 2000, meaning it has been widely distributed. Many derivative programs utilize the glibc to carry out common tasks. Although an update released by Linux in 2013 mitigated this vulnerability, most systems and products have not installed the patch. What Can I Do About GHOST Vulnerability? Like with any vulnerability, the best way to mitigate GHOST vulnerability is to identify vulnerable systems, prioritiz...

Remember RapidShare ? Once one of the world's most popular and first ever one-click online file hosting and cloud storage website on the Internet. The company has announced that it will shut down its business at the end of next month. RapidShare file hosting service announced its shut down Tuesday through a notice on its official website, saying that it will stop active service on March 31, 2015. All user accounts on the website will no longer be available after this date, and all files will be deleted automatically. WHAT RAPIDSHARE USERS MUST DO ? " We strongly recommend all customers to secure their data. After March 31st, 2015 all accounts will no longer be accessible and will be deleted automatically ," the notice on RapidShare official website reads. Just two days back, the most popular Torrent website KickAss Torrents banned by the .so registry (Somalian registry), forcing the site's operators to switch to another domain. Now, suddenly the ol...

Microsoft just issued a critical patch to fix a 15-year-old vulnerability that could be exploited by hackers to remotely hijack users' PCs running all supported versions of Windows operating system . The critical vulnerability — named " JASBUG " by the researcher who reported the flaw — is due to a flaw in the fundamental design of Windows that took Microsoft more than 12 months to release a fix. However, the flaw is still unpatched in Windows Server 2003, leaving the version wide open to the hackers for the remaining five months. HACKERS CAN EASILY HIJACK YOUR WINDOWS MACHINE The vulnerability ( CVE-2015-0008 ) could allow an attacker to easily hijack a domain-configured Windows system if it is connected to a malicious network – wirelessly or wired, giving attacker consent to do various tasks including, to go forth and install programs; delete, alter or peruse users' data; or to create new accounts with full user rights. However, Jasbug vulnerability do not affects h...