The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

We are quite aware of the Android malware scanner Google’s Bouncer that tests the apps by running them in a virtualized environment i.e. a simulated phone created in software which automatically scans the apps to watch its real behaviour on users’ devices, before approving them to the Play Store market. To protect its users and their devices from harm, Google launched this apps scanning software tool, two year ago. Bouncer is a security feature for the Android Play store Market that is designed to protect the Android users to not to be a victim of any malicious Android malware app. But does the security tool go far enough? Despite having protective shield factor, we have seen Google play store market is surrounded by many malicious apps which easily by-passes the Bouncer scan test and targets Android users. Security Research from Columbia University have exploited weaknesses in Google's Bouncer service to sneak malicious apps on to the Android market. They publish...

The US Intelligence Agency, NSA has been reportedly intercepting and accessing routers, servers, and other computer networking hardware to plant data gathering “ backdoors ” and other spywares before they are exported and delivered to the international customers, reported by the Guardian. Yesterday in a published excerpt of his forthcoming book, “ No Place to Hide ”, Journalist Glenn Greenwald underlines the interest of National Security Agency in planting backdoors in U.S. suppliers’ routers and other networking devices in order to carry out its massive surveillance program. " A June 2010 report from the head of the NSA's Access and Target Development department is shockingly explicit ," Greenwald said. " The NSA routinely receives — or intercepts — routers, servers and other computer network devices being exported from the US before they are delivered. " While US government is always prohibiting the purchase of Huawei products due to suspected...

A shortage of computer memory in the $2.4 billion Air Traffic Control System caused a Computer crash that resulted in the System collapse, according to an insider close to the incident. The problems began on 30 April, when a U-2 spy plane flew over southwestern US caused the air traffic control system that manages the airspace around Los Angeles' LAX airport, built by Lockheed Martin, to crash due to which hundreds of flight delayed or cancelled two weeks ago. “ In theory, the same vulnerability could have been used by an attacker in a deliberate shut-down, ” security experts told Reuters. Now that the “ very basic limitation of the system ” is known, experts showed concerns about the cyber-attacks . Sources claimed to Reuters that on April 30, 2014 the aircraft traffic failed to obtain the altitude information for a single U-2 spy plane which was flying over the area because a controller entered the altitude of the spook flight into the En Route Automation Moderni...

Till Now the Internet was encountering the traditional Distributed Denial of Service (DDoS) attacks , where a large number of compromised systems use to flood servers with tremendous amount of bandwidth; but in past few months we have noticed massive change in the techniques of DDoS attack. Hackers are using creative, but evil DDoS techniques such as NTP and DNS Amplification DDoS attacks. Last month we have seen that how cybercriminals abused a vulnerability in one of the biggest Chinese video hosting website Sohu.com to convert their millions of visitors to participate into the Layer 7 (Application Layer) DDoS attack with 20 Million requests. According to the new report released by a US based security solutions provider Incapsula , another interesting DDoS attack activities have been noticed by the researchers in which an attacker abused two major anti-DDoS Service providers to perform massive DDoS attack on other websites. Its really EPIC that the services who should...

A Russian Hacker who was arrested in year 2012 by the authorities of the Netherlands and accused for allegedly hacking into the computer networks of more than a dozen major American corporations and stole over 160 million Credit and Debit Card Numbers. Earlier we reported , 33-year-old Russian hacker Vladimir Drinkman is wanted in U.S and Russia for various cyber crime charges, and the Netherlands Court ruled simultaneous requests from the U.S. & Russia for the extradition were admissible. But now it’s up to the Dutch Minister of Justice to decide, whether to which country he would be extradited. However, Hacker Vladimir Drinkman does not want to face charges in US and appealed to the Supreme Court of the Netherlands, Country's highest court, to avoid his extradition to the US, Bloomberg reported. In the U.S. District Court for the District of New Jersey , the U.S. prosecutor plead that he was involved in the theft of more than 160 million credit and debit-...

Google is reportedly testing out some new UI changes for its popular email service, Gmail on the desktop browser that would redesign your inbox in totally different Interface. So, the traditional Gmail we all know may soon get a new makeover and we hope users will definitely love it. Google has invited a selected team of users to test a completely new user friendly interface for the webmail client which appears as a part of the trial, according to the leaked screenshots obtained by Geek 's website. According to the report, we can only presume that the new feature will enable a user to have a fancy access to Google's Gmail with a brand-new fly-in menu system that flies in and out of the browser window replaces Google's otherwise static sidebar on the left bolted into Gmail last year that organizes your inbox, chats, and labels. In the beginning of the April, the Geek also provided the screenshots revealing a series of new feature for the mobile Gmail clien...

Visiting a website certified with an SSL certificate doesn’t mean that the website is not bogus. Secure Sockets Layer (SSL) protect the web users in two ways, it uses public key encryption to encrypt sensitive information between a user’s computer and a website, such as usernames, passwords, or credit card numbers and also verify the identity of websites. Today hackers and cyber criminals are using every tantrum to steal users’ credentials and other sensitive data by injecting fake SSL certificates to the bogus websites impersonating Social media, e-commerce, and financial websites as well. DETECTING FAKE DIGITAL CERTIFICATES WIDELY A Group of researchers, Lin-Shung Huang , Alex Ricey , Erling Ellingseny and Collin Jackson , from the Carnegie Mellon University in collaboration with Facebook have analyzed [ PDF ] more than 3 million SSL connections and found strong evidence that at least 6;845 (0:2%) of them were in fact tampered with forged certificates i.e. self-signed di...