The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

After reaching heights in cyber attacks by targeting SCADA systems , hackers are looking forward to crash trains. It isn't only assumptions; it could actually happen in real. A new hi-tech railway signalling system being tested in the United Kingdom could potentially be hacked by cyber criminals to cause oncoming trains to crash into one another at highest speeds , an Internet security expert has warned. The Loophole: The European Rail Traffic Management System , a new digital system that are designed to make train lines secure and safer… ...actually lack in security that could easily expose the systems to malware and allows malicious actors (like terrorists) to cause massacre around the UK. 'Nasty Accident is Waiting.' Internet security expert Professor David Stupple told the BBC that plans to replace old railway signal lights with new digital systems could expose the railway network to cyber attack, causing a "nasty accident" t...

If you're a bug hunter and love playing with codes than you could grab as much as US$15,000 from Microsoft for finding out vulnerabilities in its latest Project Spartan browser . Yes, $15,000! It seems like Redmond don't want to take a chance to let hackers and cyber criminals get their hands on the company's latest Windows 10 operating system. On Wednesday, Microsoft announced that the company will be expanding its bug bounty program ahead of the release of Windows 10, which will include a two-month hunt for vulnerabilities in its new web browser, Project Spartan. So, it's time for security researchers and hackers to earn extra cash from Microsoft. For those who are unaware… What's Project Spartan? Project Spartan is Microsoft's project for its new web browser to replace the oldest Internet Explorer from its Windows operating system. Though the project is still very much under the developmental stage, Microsoft is making every effort to make Spartan...

After rolling out WhatsApp's Free Voice Calling feature for Android users late last month, the widely popular messaging service has started to roll out the feature to iOS users. Now iOS users can enjoy making free voice calls through WhatsApp, as the new version of the messenger is now live in the iOS App Store with support to calling. WhatsApp calling feature allows you to call your friends and family anywhere in the world for free as long as you have a Wi-Fi network or a working data plan on your registered number. The full description of the WhatsApp Calling feature on the App Store page reads: " Call your friends and family using WhatsApp for free, even if they are in another country. WhatsApp calls use your phone's Internet connection rather than your cellular plan's voice minutes (Data charges may apply) Note: WhatsApp Calling is rolling out slowly over the next several weeks. " The last line indicates that the feature, so far, is not actually a...

Google has just launched its long-rumored wireless cellular service that comes up to give a tough competition for AT&T and Verizon communication. Yes! A wireless Service for Cell Phone users. The web Internet giant, Google is now becoming a Mobile Virtual Network Operator (MVNO) by offering its wireless service. Here's What we Need to Know: 1. Google's MVNO service is named "Project Fi" A new wireless cellular phone service, dubbed Project Fi , could help the web Internet giant gains new heights into the $189 Billion market of mobile industry. 2. The service starts at "$20 per Month." For $20 a month, you will get unlimited calls and texting in your country along with Wireless tethering and International coverage in more than 120 countries. The data pack is for an additional charges of $10 per GB of bandwidth consumed. Therefore, a $20 basic plan plus a $30 3GB plan would cost you a total of $50. International data is at the...

Security researchers have uncovered a zero-day vulnerability in iOS 8 that could repeatedly crash users' Apple iPhones, iPads and iPods when the devices connect to a malicious wireless hotspot. It's like Denial of Service (DoS) attack on Apple's iOS devices that results in crashing either individual iOS apps or users' entire iPhones. NO iOS ZONE Adi Sharabani and Yair Amit of Mobile security firm Skycure presented their latest research, titled " No iOS Zone ", at the RSA security conference in San Francisco on Tuesday. The duo showed: It is possible for an attacker to create malicious Wi-Fi networks in order to crash nearby users' mobile devices with incredible accuracy. Also, even the "No iOS Zone" attack is capable to make iOS things within the range completely unusable by triggering constant numbers of reboots. It is nothing but a DoS attack… ...that makes the device inaccessible by its users, just like in the ca...

Sad but True! Your Apple's Mac computer is vulnerable to a serious privilege escalation flaw, dubbed "RootPipe," even if you are running the latest version of Mac OS X. What's RootPipe? Back in October 2014, a Swedish White Hat hacker Emil Kvarnhammar claimed to have discovered a critical privilege escalation vulnerability, he dubbed the backdoor as " RootPipe ," in some versions of Mac OS X including the then newest version 10.10 Yosemite. The vulnerability ( CVE-2015-1130 ) could allow an attacker to take full control of your desktop Mac computer or MacBook laptop, even without any authentication. Keeping in mind the devastating effect of the RootPipe vulnerability, the researcher privately reported the flaw to Apple and did not disclose the details of the flaw publicly until the company released a patch to fix it. Apple did release an update but failed to patch RootPipe: Earlier this month, Apple released the latest version of Mac OS...

The most popular e-commerce platform owned by eBay, Magento is once again in the news. This time for a critical Remote Code Execution (RCE) vulnerability , affecting hundreds of thousands of online merchants worldwide. If exploited, the critical vulnerability could allow a hacker to compromise completely any online store powered by Magento and gain access to credit card details and other financial as well as personal information related to the customers. Which isn't great? This serious flaw in Magento platform  exploits a series of vulnerabilities that ultimately allow unauthenticated attackers to execute any PHP code of their choice on the web server. All the vulnerabilities that lead to remote code execution (RCE) flaw are present in the Magento core code, and affect the default installation of both Magento Community and Magento Enterprise Editions. Running arbitrary code on the web server gives attackers the ability to bypass all security mechanisms and ...