The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

If you are one of those 70 Million users who have upgraded their systems to the newest Windows 10 operating system, Microsoft could be scanning your PC for pirated games and unauthorized hardware . Almost three weeks have passed after the worldwide launch of Windows 10, Millions of users have upgraded their systems to the Microsoft's latest operating system.  However, we have seen many privacy concerns around the new OS, including: Turned ON bandwidth sharing to distribute updates to other Windows 10 users Default settings sending users' data to Microsoft servers Wi-Fi password sharing feature i.e. Windows Wi-Fi Sense enabled Forcing Automatic software updates for Windows 10 Also Read: How to Fix 35+ Windows 10 Privacy Issues With Just One Click Unlike at first glance, these changes made by Microsoft in its new Free Windows upgrade do not actually felt free to its users due to a lack of transparency from the company about the reality of the new ...

"Android M will be Muffin?, or Mango shake?, Milkshake?, Malt ball?, Moon Pie?, Macaroon?, or is it Mars?, Marshmallow?"... …this was the guessing game that occupied most of us when Google created a suspense three months ago, at the launch of the Android M Developer Preview at Google I/O in May. Much awaited Android M is named as ' Marshmallow '; it is the thirteenth Google's Android operating system. Google revealed the 'Marshmallow' by following its ritual of keeping the statue of Android robot with a Marshmallow in his hand. Google has maintained its tradition of naming the dominant mobile Android operating system by the names of sugary delights, starting from: Cupcake Donut Eclair Froyo Gingerbread Honeycomb Ice Cream Sandwich Jelly Bean KitKat Lollipop Official Android 6.0 SDK Available for Download After the final Developer Preview, the official Android 6.0 Software Developer Toolkit (SDK) is now available for d...

Two weeks ago, we reported about a critical mediaserver vulnerability that threatened to crash more than 55 percent of Android devices, making them unresponsive and practically unusable to perform most essential tasks. Now, security researchers at Trend Micro have uncovered another flaw in the Android's mediaserver component that could be remotely exploited to install malware onto a target device by sending a specially crafted multimedia message. The vulnerability ( CVE-2015-3842 ) affects almost all the versions of Android devices from Android 2.3 Gingerbread to Android 5.1.1 Lollipop, potentially putting hundreds of Millions of Android devices open to hackers. Since Google has patched this issue, but hopefully the patch issued by Google this time isn't incomplete like its patch for the Stagefright vulnerability that affects 950 Million Android devices worldwide. How the Vulnerability Works? The security flaw involves a mediaserver component called Aud...

A flaw discovered in several widely used BitTorrent applications, including uTorrent, Vuze and Mainline , could be used to carry out a devastating distributed denial of service (DDoS) attack that makes it very easy for a single undetectable hacker to bring down large sites. A new research by Florian Adamsky of the City University London shows that open BitTorrent protocol can be exploited to carry out Distributed Reflective Denial of Service (DRDoS) attacks . The bitTorrent protocol is a file-sharing protocol used by Millions of active online users at any given point in the day to exchange files over the Internet. DRDoS attack is a more sophisticated form of conventional DDoS attack where open and misconfigured DNS (Domain Name System) can be used by anyone to launch high-bandwidth DDoS attacks on target websites. In a paper , titled " P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks ," the resea...

Previously, we posted about a privacy issue in Facebook messenger ; Aran Khanna , a Harvard University student, discovered ' A Marauder's Map ' that could sense and give the geolocations of your friends on the messenger. Khanna had received an opportunity to work as an intern for Facebook… …But destiny had planned something else for him, as after publicly stating the risk associated with the app; Facebook withdrew his candidature as a summer intern. Why Facebook Fired Him? Khanna himself confessed to be an avid user of the Facebook Messenger app , as it is an integral part of his social life. However, one day, while going through his chat history he found that a location is attached to each message he has sent and received from his device. Also, the location is shared with the ' power of default ' even if you choose to turn the location sharing option off. This made him look for the complete inside story, which brought him to a strange thing while writing the...

Wanna hack someone's Android smartphone by sending just an MMS message? Yes, you can, because Google's patch for the Stagefright vulnerability in hundreds of Millions of Android devices is BUGGY. Last week, Google issued an official patch for Stagefright vulnerability that affects 95 percent of Android devices running version 2.2 to version 5.1 of the operating system, an estimated 950 Million Android devices in use worldwide. But, the patch is so flawed that hackers can still exploit the Stagefright vulnerability (CVE-2015-3824) anyways. "The [original] patch is four lines of code and was (presumably) reviewed by Google engineers prior to shipping," researchers at Exodus Intelligence wrote in a blog post published Thursday. "The public at large believes the current patch protects them when it, in fact, does not." Buggy Patch Issued by Google The patch doesn't fix the vulnerability, allowing booby-trapped MP4 videos that supplied...