The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Have you recently purchased a Windows computer? Congratulations! As your new Windows computer has inbuilt disk encryption feature that is turned on by default in order to protect your data in case your device is lost or stolen. Moreover, In case you lost your encryption keys then don't worry, Microsoft has a copy of your Recovery Key. But Wait! If Microsoft already has your Disk Encryption Keys then what's the use of using disk encryption feature? Doesn't Encryption mean Only you can unlock your disk ? Microsoft Probably Holds your Encryption Keys Since the launch of Windows 8.1, Microsoft is offering disk encryption as a built-in feature for Windows laptops, Windows phones and other devices. However, there is a little-known fact, highlighted by The Intercept, that if you have logged into Windows 10 using your Microsoft account, your system had automatically uploaded a copy of your recovery key to Microsoft's servers secretly, and you can't pre...

The Adobe Flash Player just said goodbye to the year with another bunch of vulnerability patches. Adobe released an out-of-band security update on Monday to address Nineteen ( 19 ) vulnerabilities in its Flash Player, including one ( CVE-2015-8651 ) that is being exploited in the wild. All the programming loopholes could be abused to execute malicious code (here malicious Flash file on a web page) on victims' computers in order to hijack an unpatched PC or Mac entirely. So, if you are running the Flash Player plugin on Windows, Mac OS X, Linux, or Chrome OS, it is time for you to upgrade your system as soon as possible before criminals start taking advantage of the bugs. Here're the details of the Flash's 19 security vulnerabilities patched in the emergency APSB16-01 update posted Monday afternoon: A Type Confusion Vulnerability that could lead to arbitrary code execution ( CVE-2015-8644 ) An Integer Overflow Vulnerability that also leads to code e...

BREAKING: A misconfigured database has resulted in the exposure of around 191 Million voter records including voters' full names, their home addresses, unique voter IDs, date of births and phone numbers. The database was discovered on December 20th by Chris Vickery , a white hat hacker, who was able to access over 191 Million Americans' personal identifying information (PII) that are just sitting in the public to be found by anyone looking for it. Vickery is the same security researcher who uncovered personal details of 13 Million MacKeeper users two weeks ago, which included names, email addresses, usernames, password hashes, IP addresses, phone numbers, and system information. However, the recent discovery made him shocked when he saw his own information in the database, according to DataBreaches.net, whom the researcher contacted and provided all the details about his finding. 300GB Trove of Voters' Information Leaked Vickery has his hands on all ...

Some of Bitcoin's Core developers have left the Bitcoin project and started building their separate cryptocurrency called DECRED . Decred aims to prevent the issues Bitcoin is currently facing regarding project governance and development funding. CEO of ' Company 0 ', Mr. Jacob Yocom-Piatt , who has funded Bitcoin development since early 2013, said the actual development of the Bitcoin cryptocurrency is funded by external entities that forms a conflict of interests between the groups and the project's core developers. According to Bitcoin's developers, these group puts limitations on input in Bitcoin's governance, selecting options that are favorable to their own interests only, and generally ignoring the developers' and project's best interests. "The Bitcoin software is controlled by a small group of people who decide exclusively what can and cannot be changed," Jacob says in a press release . "This is in part due to a la...

If you rely on encrypted services to keep your data private and, unfortunately, you are in China, then you are about to be worried. As of now Chinese government could snoop into the operations of technology companies as well as circumvent privacy protections in everyday gadgets. China So-called Anti-Terrorism Law Despite months of objections from major technology firms and concerns over human rights… China passed its controversial new anti-terrorism law on Sunday that requires tech companies to help decrypt information or hand over encryption keys to officials when they want to spy on someone's communication in order to counter terror operations. However, the officials swear that the law wouldn't require technology firms to install " backdoors " in their products, but it doesn't make any difference when the government mandate companies operating in China to provide encryption keys and passwords when requested. Just like recent propo...

The Raspberry Pi is now gaining attention from malware distributors who want the popular mini-computers to deliver with pre-install malware. The Raspberry Pi Foundation has made a shocking revelation that the charitable foundation has been offered money to install malware onto the Raspberry Pi machines before they were shipped out to users. The Raspberry Pi is an extremely simple computer that looks and feels very basic, but could be built into many geeky projects. Due to the low-cost appeal of the Raspberry Pi, the Foundation has sold over 4 million units. Just Last month, Raspberry Pi unveiled its latest wonder: The Raspberry Pi Zero – a programmable computer that costs just $5 (or £4), may rank as the world's cheapest computer. Last Wednesday, the Foundation tweeted a screenshot of an email in which " business officer"  Linda effectively asked Foundation's director of communications Liz Uptonto to install a suspicious executable file onto Ras...