The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Users in Iran call Internet as " Filternet ", because of the heavily censored Internet access they have. Million Iranians used VPN servers to access the outside world. In October, 2013 Jack Dorsey, the co-founder of Twitter asked Iranian President, ' Are citizens of Iran able to read your tweets? ' In Reply Mr. The President said that he will work to make sure Iranians have access to information globally in what appears to be a reference to reducing online censorship. Just after promising to support Internet Freedom, the Iran Government has banned yet another web application called -  Cryptocat , a tool that allows for secure and encrypted chat. The app is well known for bringing encrypted communications to the masses, popular with human rights activists and journalists around the world. According to ' Blockediniran.com ', Cryptocat website and the associated private chat service were inaccessible to our users in Iran. Currently since Monday.  ' I...

The NSA has the ability to trace " anyone, anywhere, anytime ". In September we reported that how NSA and GCHQ planted malware via LinkedIn and Slashdot traffic to hack largest telecom company Belgacom's Engineers. Yesterday, a  Dutch newspaper has   published a new secret NSA document provided by former intelligence employee  Edward Snowden . According to the newly exposed slide, NSA has infected more than 50,000 computer networks worldwide with software designed to steal sensitive information i.e. Malware . The slide from the NSA's 2012 management presentation, shows a world map with more than 50,000 targeted locations, uses a procedure called ' Computer Network Exploitation ' (CNE) that can secretly install malware in computer systems. The malware can be controlled remotely and be turned on and off at will. From the NSA website we found that, CNE includes enabling actions and intelligence collection via computer networks that exploit data gathere...

The  CryptoLocker Malware continues to spread, infected more than 12,000 U.S computers in one week and threatening millions of computers in the UK. Just last week, The UK National Crime Agency urge people afflicted by CryptoLocker not to pay ransom, not least because there is no guarantee that they will even receive an unlock key. Not even Police departments are immune to CryptoLocker. In November second week, Massachusetts' Swansea Police Department paid a 2 Bitcoin ($750 that time) ransom to decrypt images and Word documents encrypted by CryptoLocker ransomware . " It gave us 100 hours to pay and it was literally a timer, " said Police Department. " A big red screen comes up with a timer that says you have 100 hours to pay or your files will be encrypted forever. " Malware usually distributed through spam emails, encrypting the user's files on the infected machine and also the local network it is attached to. However, Police Depar...

Facebook is one of the most powerful and reliable social networking website. It allows users to interact with other users after being friends with one another. Facebook allows users to make the friend list public or private. If it is made private, your friend list won't appear on your publicly viewable profile. Irene Abezgauz , a security researcher from the Quotium Seeker Research Center has found a vulnerability in Facebook  website that allows anyone to see a users' friends list, even when the user has set that information to private. v The exploit is carried out by abusing the ' People You May Know ' feature on Facebook , which suggests new friends to users. It suggests friends to you based on mutual connections and other criteria such as work or education information. This Hack is really very simple! All a hacker would have to do would be to create a fake Facebook profile and then send a friend request to their target. Even if the targeted user ...

Oren Hafif , a security researcher has discovered a critical vulnerability in the Password reset process of Google account that allows an attacker to hijack any account. He managed to trick Google users into handing over their passwords via a simple spear-phishing attack by leveraging a number of flaws i.e. Cross-site request forgery (CSRF), and cross-site scripting (XSS), and a flow bypass. In a proof of concept video demonstration, the attacker sends his victim a fake " Confirm account ownership " email, claiming to come from Google. The link mention in the mail instructs the recipient to confirm the ownership of the account and urged user to change their password. The link from the email apparently points to a HTTPS  google.com URL, but it actually leads the victim to the attacker's website because of CSRF attack with a customized email address. The Google HTTPS page will will ask the victim to confirm the ownership by entering his last password and then w...

Researchers at Trusteer   spotted a new banking malware program on the underground Russian cybercrime market , that communicates with attackers over the I2P anonymity network is for sale on underground Russian cybercrime forums. Dubbed ' i2Ninja ', malware has most of the features found in other financial malware including the ability to perform HTML injections and form grabbing in Internet Explorer, Firefox and Chrome. i2Ninja can also steal FTP and e-mail credentials. It also has a PokerGrabber module feature that targets poker sites. The traffic between the malware and the command server cannot be easily blocked by intrusion prevention systems or firewalls because it's encrypted and transmitting over the Invisible Internet Project (I2P). Everything from delivering configuration updates to receiving stolen data and sending commands is done via the encrypted I2P channels. I2P communication can make it much harder for security researchers to fin...

Sweden today has announced the extradition of 30-year-old  The Pirate Bay Cofounder ' Gottfrid Svartholm Warg ' to Denmark where he is wanted for questioning on alleged hacking charges. He was living in Cambodia last year but was later arrested and deported to Sweden. Currently he is serving a one-year sentence in Sweden for hacking into the computer systems of contractors working for the national tax authority. His extradition will take place on 27th November . Along with a 20-year-old Dane, they are accused of hacking into the servers of a Denmark government contractor and stealing police files files between April and August 2012. The motivation for the hacks remains unknown, but the police say it can't be ruled out that changes were made to the records. There are, however, no indications that any of the downloaded files have been exploited. Even, The Pirate Bay may no longer be safe to use. It is no longer in the hands of the original owners. An Anonymous act...