The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A security researcher who was pulled out from a United Airlines flight last month had previously admitted to Federal Bureau of Investigation (FBI) that he had taken control of an airplane and made it fly briefly sideways. Chris Roberts, the founder of One World Labs , was recently detained, questioned and had his equipment taken by federal agents after he landed on a United flight from Chicago to Syracuse, New York following his tweet suggesting he might hack into the plane's in-flight entertainment system. In that particular tweet, Roberts joked: " Find me on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? 'PASS OXYGEN ON' Anyone? :) " The federal agents addressed the tweet immediately and took it seriously following the Roberts' capabilities of such hacking tactics. In the FBI affidavit first made public Friday - first obtained by APTN National News - Roberts told the FBI earlier this year about not once, b...

If you are one of those using cocaine, law enforcement officials may soon catch you by simply examining your fingerprints. Scientists have developed a new type of drug test that can tell whether you have taken cocaine by analyzing chemical traces left behind in your fingerprint. A team of scientists led by the University of Surrey discovered a test that makes use of the Mass spectrometry chemical analysis technique – a method proved more accurate than those currently used saliva, blood or urine samples relied on by authorities. " When someone has taken cocaine, they excrete traces of benzoylecgonine and methylecgonine as they metabolize the drug, and these chemical indicators are present in fingerprint residue ," said Dr. Melanie Bailey, the lead researcher from the University of Surrey. How is it all done? A person's fingerprint sample is treated with a mixture of methanol and water in an attempt to locate the traces. A mass spectrometer is then used to ...

Be careful while leaving your important and valuable stuff in your lockers. A 3D printed robot has arrived that can crack a combination lock in as little as 30 seconds. So, it's time to ditch your modern combination locks and started keeping your valuable things in a good old-fashioned locker with keys. A well-known California hacker Samy Kamkar who is expert in cracking locks has built a 3D-printed machine, calling his gadget the " Combo Breaker ," that can crack Master Lock combination padlocks – used on hundreds of thousands of school lockers – in less than 30 seconds. A couple of weeks ago, Kamkar introduced the world how a manufacturing flaw in Master Lock combination locks can easily reveal the full combination by carefully measuring the dial interaction with the shackle in eight or fewer attempts. However, it requires some software and things to do, and who has that much of time? So to make it simple for everyone – On Thursday, the hacker showe...

If you are a security researcher and fond of traveling from one conference to another, then United Airlines' bug bounty program would be of great interest for you. United Airlines has launched a new bug bounty program inviting security researchers and bug hunters to report vulnerabilities in its websites, apps and web portals. Bug bounty programs are very common among technology firms, including Google and Facebook, who offer you hundreds of thousands of dollars as rewards for exposing security flaws and errors in their products. So, what's different in United Airlines new bug bounty? The most interesting part of this bug bounty program is – Instead of offering cold, hard cash, United Airlines is offering air miles as the reward for yours . Let's see what United Airlines says about its bug bounty program: " At United, we take your safety, security and privacy seriously. We utilize best practices and are confident that our systems are secure ," ...

Target's data breach is a chilling example: After the widely publicized hack, 12% of loyal shoppers no longer shop at that retailer, and 36% shop at the retailer less frequently. For those who continue to shop, 79% are more likely to use cash instead of credit cards.  According to DeMeo, Vice President of Global Marketing and Analytics at Interactions Marketing Group, shoppers who use cash statistically spend less money, hurting the company. Indeed, 26% say they will knowingly spend less than before. So, why did Target get hacked? There could be two reasons, either they (or one of their vendors) lacked in their IT Security implementation or their employees were not stepped through effective security awareness training. In Target's case, an employee at one of their vendors was tricked into clicking on a phishing link. Now, let's have a look at what Target affirmed: "Target was certified as meeting the standard for the payment card industry in Septembe...

Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security glitch uncovered last year that rendered communications with many well-known web services insecure, potentially exposing Millions of plain-text passwords. But don't panic. Though the recent vulnerability has a more terrific name than HeartBleed , it is not going to cause as much danger as HeartBleed did. Dubbed VENOM , stands for Virtualized Environment Neglected Operations Manipulation , is a virtual machine security flaw uncovered by security firm CrowdStrike that could expose most of the data centers to malware attacks, but in theory. Yes, the risk of Venom vulnerability is theoretical as there is no real-time exploitation seen yet, while, on the other hand, last year's HeartBleed bug was practically exploited by hackers unknown number of times, leading to the theft of critical personal information. Now let's know more about Ven...