The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

ICANN (Internet Corporation for Assigned Names and Numbers) – the organisation responsible for allocating domain names and IP addresses for the Internet – has been hacked , potentially compromising its customers' names, email addresses, hashed passwords, and more. The US-administered non-profit corporation admitted on Wednesday that its server security was breached within the past week and that… …an " unauthorised person " gained access to usernames , email addresses , and encrypted passwords for profile accounts on ICANN.org public website. The organisation believes that the leaked information includes harmless information such as user preferences, public biographies, interests, newsletters, and subscriptions. Less than ten months ago, ICANN was hacked  by a hacker who gained access to its internal system following a spear phishing attack in November last year. Employees were tricked into handing over their credentials after receiving malicious emails...

So you finally upgraded your system to Windows 10 and became one those 70 Million users. No doubt, Windows 10 is the Windows best version released by Microsoft, but you need to know that it does not offer much privacy by default. Windows 10 is making many headlines these days, even it made me to write two detailed articles about Windows 10's most controversial options, i.e. Windows Wi-Fi sense and Windows 10 stealing users' Bandwidth to deliver updates. I noticed over 35 more privacy issues that come enabled by default in Windows 10, which has permission to send your vast amount of data back to Microsoft. While Installation, a click through " Express Settings " allows Windows 10 operating system to gather up your contacts, text and touch input, calendar details, and a lot more, including: Location Data Biometrics and Handwriting data Advertisement and its Tracking Code Apps access to your personal information Windows Defender and Sample subm...

Internet of Things (IoT) with the purpose of providing convenience to the users enabled every object in the universe to be as smart as a whip. By assigning IP address to all sorts of devices, ranging from household appliances, machines, medical devices and sensors to other day-to-day objects, and putting them all together on a standardised network is a common Internet of Things (IoT) practice. Is Internet of Things Secure? In my previous articles, I gave you a glance of the most vulnerable smart cities that are increasingly adopting devices connected to the Internet in an attempt to add convenience and ease to daily activities. By 2020, there will be more than 45 Billion Internet-connected devices that will transform the way we live and work. The bottom line: As the number of IoT enabled systems increases, the complexity of handling them increases; leading to an introduction of new risk and vulnerabilities associated with them. Security of Internet of...

Poor Android users are facing a terrible, horrible, and awful week. Few days ago, Trend Micro security researchers uncovered a Android crashing vulnerability in the widely used mobile operating system, impacting the majority of Android devices in use. The report follows another significant Stagefright vulnerability that was revealed by separate researchers, who warned that nearly 950 Million Android phones can be hijacked by sending a simple text message or via malicious Android app or specially crafted web pages. EXPLOIT TO TRAP ANDROID DEVICES IN ENDLESS REBOOTS Now, the security researchers have discovered a dangerous security bug in the Android operating system that they claim can "brick" your phone, making it unresponsive and completely useless. The new vulnerability, CVE-2015-3823 , can be exploited by potential hackers to cause your Android device to endless Reboot, and is similar to the Stagefright bug in that the flaw exists in the 'media...

If you think Apple's Mac computers are much more secure than Windows-powered systems, you need to think again. This isn't true, and security researchers have finally proved it. Two security researchers have developed a proof-of-concept computer worm for the first time that can spread automatically between MacBooks, without any need for them to be networked. Dubbed Thunderstrike 2 , the new proof-of-concept firmware attack is inspired by previously developed proof-of-concept firmware called Thunderstrike. Thunderstrike Attack , developed by security engineer Trammell Hudson, actually took advantage of a vulnerability in Thunderbolt Option ROM that could be used to infect Apple Extensible Firmware Interface (EFI) by allocating a malicious code into the boot ROM of an Apple computer through infected Thunderbolt devices. Thunderstrike 2 Spreads Remotely Although the original Thunderstrike required an attacker to have physical access to your Mac computer to wor...

Hackers have their hands on something of your concern. A severe zero-day vulnerability in the latest, fully patched version of Apple's Mac OS X is reportedly being exploited in the wild by the hackers. The vulnerability could allow attackers to install malware and adware onto a target Mac, running OS X 10.10 (Yosemite) operating system, without requiring victims to enter system passwords , a new report says. The zero-day bug came over a week after security researcher Stefan Esser discovered a privilege escalation zero-day vulnerability in the latest version of Apple's OS X Yosemite that caused due to environment variable DYLD_PRINT_TO_FILE and dynamic linker dyld , new error-logging features added to the operating system. The developers failed to implement standard safeguards that are needed while adding support for new environment variables to the OS X dynamic linker dyld, allowing hackers to create or modify files with root privileges that can fit anywhere i...