The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Security firm Check Point has uncovered what seems to be a successful, and long-running, cyber-surveillance campaign called “ Volatile Cedar .” Check Point found that targets of the attack included, but were not limited to, defense contractors, media companies, telecommunications, and educational institutions. The attack is said to have originated in Lebanon and possibly has political ties in the region. According to an article in Techworld , previous cyber-campaigns originating from Lebanon have been either extremely unsophisticated or targeted at other countries in the region. However, Volatile Cedar is different. According to the report, this campaign has been in operation since 2012 and has successfully penetrated a large number of targets across the globe. During this time it has allowed the attackers to steal data and monitor a large volume of victim’s actions. The actors involved in this campaign do not appear to be using flashy mechanisms like zero day attacks...

Gaana.com -- One of India's most popular music streaming service with more than 10 Million registered users and 7.5 Million monthly visitors -- has reportedly been hacked, exposing the site’s user information database. A Pakistani hacker, who claimed responsibility for the hack, claims that details of over 10 Million users of Gaana service including their username, email addresses, MD5-encrypted password, date of births, and other personal information has been stolen and made available in a searchable database. At the time of writing, Gaana website is currently down for maintenance without any official statement provided yet. As of now, the site displays, "Site is down due to server maintenance. We will be back shortly. Kindly bear with us till then." Details of 10 Million Users Available in a Searchable Database: The hacker, nicknamed Mak Man , posted the link to a searchable database of Gaana user details on his Facebook page, with images of t...

Just the way you swipe your smartphone screen is enough for your smartphone to identify you. Yes, it’s a Fact, not Fiction! The United States National Security Agency (NSA) has a new technology that can identify you from the way your finger swipe strokes and text on a smartphone screen, according to officials with Lockheed Martin who helped design the technology. John Mears , a senior fellow for Lockheed IT and Security Solutions, told NextGov that Lockheed Martin has been working with the agency to create a " secure gesture authentication as a technique for using smartphones, " and " they are actually able to use it. " Mandrake – New Smartphone-Swipe Recognition Technology This new smartphone-swipe recognition technology, dubbed " Mandrake ," remotely analyses the curve, unique speed and acceleration of a person's finger strokes across their device's touchscreen. " Nobody else has the same strokes, " Mears ex...

Remember the magical Marauder’s Map from the Harry Potter books that reveal the whereabouts of characters as they roam classrooms and the halls of Hogwarts school? A student developer from Cambridge has created a Chrome extension that works similar and also named it Marauder’s Map . The extension that allows you to watch every footstep of your Facebook friends by grabbing location data from Facebook Messenger and rapidly plotting your friends’ locations on a map. We all are aware that Facebook shares our location data with our friends, however, what we probably aren’t aware of the accuracy of that data and easiness of extracting that data from the messaging service. LOCATION SHARING AND MAPPING... Facebook usually encourages Messenger users to share their location by enabling location sharing by default when users install iOS or Android app. Software developer Aran Khanna’s extension dubbed Marauder’s Map, loads the map in Messenger’s Web interface and fetc...

A newly discovered bug in Apple's iOS mobile operating system has emerged this evening that lets iPhone users crash another user’s iPhone by just sending a tiny string of text characters in a message. The bug is related to the Messages app and the notification system used by iPhone and iPad devices and appears to work only if there is iPhone to iPhone communication. A string of particular Arabic characters ( see the image above ) used in the text message causes the iPhone to continuously crash when a certain text is received and — reportedly in some cases — causes the iPhone to reboot without notice. How to Crash an iPhone with a Message: iPhone users who receive the string of text characters with Messages open would not be able to go back to other conversations without crashing the app, but… ...if the string is received while the iPhone is on the lock screen, users would be unable to open the Messages app entirely , or in some cases, the text could cause t...

The Developers of one of the most advanced open source operating system for penetration testing called ' KALI Linux ' have made the operating system available for Docker-addicted system administrators. But, What’s Docker? Docker is a new open-source container technology, released in June 2014, that automates the deployment of applications inside self-sufficient software containers by providing an additional layer of abstraction and automation of operating-system-level visualization on Linux. Docker, built on top of Linux containers, is simply a way of managing multiple containers on a single machine. Nowadays, companies are adopting Docker at a remarkable rate. Docker is not just the favorite of Linux powers like RedHat and Canonical, but also big software firms, including Microsoft, which has embraced Docker. Why bringing Kali Linux for Docker? The same was happened to the developer of Offensive Security, who was requested for a Dockerised image of ...

So you love Minecraft ? You might want to be very careful before downloading the cheats for the popular Minecraft game from Google Play Store. Nearly 3 Million users have downloaded malicious Minecraft Android applications for their smartphone and tablets from the Google Play store, security researchers warned. The security researchers from IT security firm ESET have uncovered as many as 33 fake "scareware" applications that have been uploaded to the Google Play store in the course of the past 9 months, masquerading as Minecraft cheats and tip guides. These malicious applications have been downloaded between 660,000 and 2.8 million times. "All of the discovered apps were fake in that they did not contain any of the promised functionality and only displayed banners that tried to trick users into believing that their Android system is infected with a dangerous virus," ESET researcher Lukas Stefanko wrote in a blog post . Once downloaded, these mali...