The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Distributed Denial of Service ( DDoS ) attack is becoming more sophisticated and complex, and, according to security experts , the next DDoS vector to be concerned about is SNMP (Simple Network Management Protocol) amplification attacks. Yesterday afternoon, the SANS Internet Storm Center reported SNMP scans spoofed from Google’s public recursive DNS server searching for vulnerable routers and other devices that support the protocol with DDoS traffic and are opened to the public Internet. " We are receiving some reports about SNMP scans that claim to originate from 8.8.8.8 (Google's public recursive DNS server), " wrote Johannes Ullrich, dean of research of the SANS Technology Institute and head of the Internet Storm Center. " This is likely part of an attempt to launch a DDoS against Google by using SNMP as an amplifier/reflector. " Simple Network Management Protocol (SNMP) is a UDP-based protocol designed to allow the monitoring of network-...

A High-school student Arsh Shah Dilbagi has invented a portable and affordable device that converts breath into speech, helping people suffering from different developmental disabilities like locked-in syndrome, Parkinson's, or ALS to communicate using only their breath. A 16-year-old Dilbagi who hails from Harayana’s Panipat region in India has come up as the only entry from Asia in the 15 global finalists at the Google Science Fair 2014 , a competition open to 13 to 18 year old thinkers. This augmentative and alternative communication (AAC) device, Dilbagi dubbed it as ' Talk ', can turn breath signals into speech using the assistance of Morse code. This innovative device can be used by people with developmental disabilities whose communication abilities are impaired. Over 1.4 percent of the world's total population suffers from some disorder that renders victims almost completely paralyzed, making them difficult in speaking and forcing them to use an...

The National Security Agency and its British counterpart, GCHQ , gained secret access to the German telecom companies’ internal networks, including Deutsche Telekom and Netcologne, in an effort to “ map the entire Internet — any device, anywhere, all the time. ” As reported by German news publication Der Spiegel, citing the new set of leaked documents provided by former NSA contractor Edward Snowden, the five major intelligence agencies including NSA and GCHQ have been collaborating to get near-real-time visualization of the global internet as a part of NSA’s ‘ Treasure Map ’ surveillance program , also dubbed as "the Google Earth of the Internet." TREASURE MAP TRACKS YOU 'ANYWHERE AND ALL THE TIME' The data collected by the intelligence agencies doesn’t just include information from large traffic channels, such as telecommunications cables. Rather, it also include information from every single device that is connected to the internet somewhere in the w...

After providing the glimpses of the next Windows, one of the screenshot leakers has now obtained a short video showing off a build of the very new Windows 9 , aka "Threshold , " features as well as how users can expect to use it. Two German sites, ComputerBase and WinFuture , posted 20 screenshots on Thursday of what purports to be next major version of Windows, presumably called Windows Threshold that Microsoft recently distributed to its partners, giving us a closer look at Microsoft's next platform. Now, there's a video on YouTube , provided by German publication WinFuture, which shows how the returning feature might work in the next iteration of the Operating System. As calculated from the screenshots, the video doesn't provide any major new information about Windows 9, but pretty much confirms what we expected. The video gives Windows’ users a first look at the new Start menu in action. It also shows off three new features in Windows 9: ...

Yahoo! has broke its silence and explained why it handed over its users’ data to United States federal officials, thereby promising to expose those court documents which ordered the snooping. The US government threatened Internet giant with a $250,000 fine per day several years ago if it failed to comply with National Security Agency ’s notorious PRISM Surveillance program, according to unclassified court documents released by Yahoo! on Thursday. " The released documents underscore how we had to fight every step of the way to challenge the US Government’s surveillance efforts ," the company's general counsel Ron Bell said on Yahoo's Tumblr page . " At one point, the US Government threatened the imposition of $250,000 in fines per day if we refused to comply. " The documents released by Yahoo! shed new lights on the NSA’s secret surveillance program PRISM, which was previously leaked from the agency’s confidential documents provided by Global su...

Gmail credentials leaked online? Oh my God! Again I have to change my password…!! Yes, you heard right. Millions of Gmail account credentials (email address and password) have been stolen and made publicly available through an online forum, causing a large number of users worldwide to change their Gmail password again. The website that published the email addresses with matching passwords is Russian. The credentials seem to be old and likely sourced from multiple data breaches. It is believed that the leaked passwords are not necessarily those used to access Gmail accounts, but seem to have been gathered from other websites where users used their Gmail addresses to register. 5 MILLION GMAIL CREDENTIALS LEAKED ONLINE The news broke when a user posted a link to the log-in credentials on Reddit frequented by hackers, professional and aspiring. But the archive file containing nearly 5 million Gmail addresses and plain text passwords was posted on Russian Bitcoin secur...

The informational systems that the National Oceanic and Atmospheric Administration (NOAA) run are loaded with several critical vulnerabilities that could leave it vulnerable to cyber attacks. According to the findings of an audit recently conducted by the Department of Commerce’s Office of the Inspector General (OIG), the Joint Polar Satellite System’s (JPSS) ground system is vulnerable to a large number of high-risk vulnerabilities. The JPSS ground system is used to collect data from several polar-orbiting weather satellites, and distribute the information to users worldwide. This system also provides command, control and data processing for current and future weather satellites. But, the vulnerabilities identified in the system could impair technology controlling the United States’ next generation of polar-orbiting environmental satellites. “ Our analysis of the JPSS program’s assessments of system vulnerabilities found that, since FY 2012, the number of high-ris...