The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

This week you have quite a long list of updates to follow from Microsoft, Adobe as well as Firefox. Despite announcing plans to kill its monthly patch notification for Windows 10, the tech giant has issued its May 2015 Patch Tuesday , releasing 13 security bulletins that addresses a total of 48 security vulnerabilities in many of their products. Separately, Adobe has also pushed a massive security update to fix a total of 52 vulnerabilities in its Flash Player, Reader, AIR and Acrobat software. Moreover, Mozilla has fixed 13 security flaws in its latest stable release of Firefox web browser, Firefox 38, including five critical flaws. First from the Microsoft's side: MICROSOFT PATCH TUESDAY Three out of 13 security bulletins issued by the company are rated as 'critical', while the rest are 'important' in severity, with none of these vulnerabilities are actively exploited at this time. The affected products include Internet Explorer (IE), ...

Small office and home office (SOHO) routers are an increasingly common target for cybercriminals, not because of any vulnerability, but because most routers are loosely managed and often deployed with default administrator credentials. A new report suggests that hackers are using large botnet of tens of thousands of insecure home and office-based routers to launch Distributed Denial-of-Service ( DDoS ) attacks . Security researchers from DDoS protection firm Incapsula uncovered a router-based botnet, still largely active while investigating a series of DDoS attacks against its customers that have been underway since at least last December, 2014. Over the past four months, researchers have recorded malicious traffic targeting 60 of its clients came from some 40,269 IP addresses belonging to 1,600 ISPs around the world. Almost all of the infected routers that were part of the botnet appear to be ARM-based models from a California-based networking company Ubiquiti Net...

Last week, I have to communicate with my friend overseas in China. We both were aware that our email communications were being monitored. So, we both were forced to install and use a fully-fledged encrypted email system. Although it appeared to be very secure, it was quite cumbersome to handle. If you are ever faced with the same situation, I am here to introduce you a very simple and easy-to-use approach to encrypt your files and send them to the person you want to communicate with. Here's the Kicker: You don't even need to install any software or sign up to any website in order to use the file encryption service. So, what do I have today in my box? " Otr.to " — an open-source peer-to-peer browser-based messaging application that offers secure communication by making use of "Off-the-Record" (OTR) Messaging, a cryptographic protocol for encrypting instant messaging applications. We first introduced you Otr.to two months ago. At that time,...

Wait! What? A $9 computer? This is something magical. A Californian startup lead by Dave Rauchwerk is currently seeking crowdfunding on Kickstarter to create a computer that will cost as much as $9 (or £6). The new microcomputer, dubbed CHIP, is a tiny, Linux-based, super-cheap computer that's described as being "built for work, play, and everything in between!" Project 'Chip' that hit Kickstarter on Thursday has already blown its target goal of $50,000 to raise over $1 Million from almost 19,638 people at the time of writing with 26 days left in its campaign. Let's have a look on what does this $9 buy you? And the answer is a lot — more than what you could expect for just $9 . CHIP packs a 1GHz R8 ARM processor, 4GB of internal flash storage, 512MB of DDR3 RAM, Bluetooth, and Wi-Fi — something you do not find in even the modern microcomputer, Raspberry Pi. If look at the output front of the CHIP, it features a single full-sized US...

A controversial piece of security and maintenance software for Mac OS X computers, known as MacKeeper, has been found to be vulnerable to a critical remote code execution vulnerability. MacKeeper antivirus software for Mac OS X is designed to improve Mac performance and security, but it is infamous for its noisy "clean up your Mac" pop-under ads that stress the need for a system cleanup. If you try to close the ad, the software will prompt you to " Leave Page/Stay on This Page " dialogues. The vulnerability details were disclosed on Friday after the patch release, which allows an attacker to execute remotely malicious commands with root privileges on Mac OS X systems when a victim visits specially crafted Web pages. MacKeeper Versions Earlier to 3.4.1 are Affected The remote code execution flaw, affecting the versions earlier to 3.4.1, caused due to the way MacKeeper malware removal software handles its custom URLs, security researchers at Secure...

Let's be honest, a network attack of any scale is inevitable in today's IT world. Do you have the ability to quickly identify the details of the attack? If your network goes down, your network monitoring tool can tell you what happened, but knowing details about who was vulnerable or why the attack happened is even more valuable. An often overlooked feature of log management software is the ability to conduct forensic analysis of events. Instead of searching for a needle in a haystack, forensic analysis tools can make drilling down to identify details a quick and easy task. SolarWinds Log & Event Manager has cutting-edge IT search for fast and easy forensic analysis. Here are six ways that the forensic analysis feature of Log & Event Manager can help you piece together what really happened. 1) Incident response Say goodbye to complex queries. Conducting forensic analysis, in general, is a quicker and simpler way to do incident response. The faster you...