The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The arrest is the first major outcome since TalkTalk – the biggest phone and broadband provider in the UK with more than 4 Million customers – had suffered a serious data breach. The Police Service of Northern Ireland (PSNI) and the investigating officers from the Metropolitan police's cyber crime unit (MPCCU) have arrested a 15-year-old boy in connection with the latest cyber attack on TalkTalk . The press release issued by the police said the boy was detained in County Antrim at about 4.20pm on Monday on suspicion of committing offences under the Computer Misuse Act. The Computer Misuse Act 1990 is an act of the Parliament of the United Kingdom, according to which any computer misuse offences like: Unauthorised access to computer material. Unauthorised access with the intent to commit further offences. Unauthorised acts with the intent to impair, or with recklessness as to impairing, operation of the computers, and other electronic devices. ...Are consi...

PRIVACY  – a bit of an Internet buzzword nowadays. Why? Because the business model of the Internet has now become data collection. If you trust Google, Facebook or other Internet giants to be responsible managers of your data, the ongoing Edward Snowden revelations are making it all clear that this type of information can be easily snooped by the intelligence agencies like NSA and GCHQ. In short, the simple truth is that you have no or very little privacy when you are online. So, if you are worried about identity thieves, or your ISP spying on or throttling your traffic, the most efficient way to secure your privacy on the Internet is to use a Virtual Private Network (VPN) service. Though you can take other measures to increase security on your end, like installing a firewall as well as blocking known intrusive IP addresses that might be spying on you — But VPN takes your security to the next level by encrypting all inbound and outbound data. VPN (Virtual ...

The German authorities have initiated a further investigation into espionage by the United States secret service NSA and British intelligence agency GCHQ after...   ...the head of the German Federal Chancellery unit had his private laptop infected. According to a recent report published by Der Spiegel , the laptop of the Chancellery division leader was infected with Regin – a highly advanced espionage malware program that has been linked to the National Security Agency (NSA) and its UK counterpart, the Government Communications Headquarters (GCHQ). As The Hacker News reported almost a year ago, Regin is one of the most highly advanced, sophisticated malware programs that was used to spy on a wide range of international targets including: Internet service providers (ISPs) Telecommunications backbone operators Energy firms Airlines Government entities Research institutes Other high-profile individuals …around the world since at least 2008. Regin h...

Car Hacking is a hot topic today. Today, many automobiles companies are offering vehicles that run on the mostly drive-by-wire system, which means that a majority of car's functions are electronically controlled, from instrument cluster to steering, brakes, and accelerator. No doubt these auto-control systems makes your driving experience better, but at the same time they also increase the risk of getting hacked. Previously researchers demonstrated how hackers can remotely hijack your car to control its steering, brakes and transmission. And Now… According to a team of security researchers, Hackers can successfully disable car's airbags – as well as other functions – by exploiting a zero-day vulnerability in third-party software that is commonly used by car mechanics. The team, including András Szijj and Levente Buttyán of CrySyS Lab, and Zsolt Szalay of Budapest University, demonstrated the hack on an Audi TT car sold by Volkswagen, and said any ...

Do you need a FitBit Tracker while jogging or running or even sleeping? Bad News! FitBit can be hacked that could allow hackers to infect any PC connected to it. What's more surprising? Hacking FitBit doesn't take more than just 10 Seconds . Axelle Aprville , a researcher at the security company Fortinet, demonstrated "How to hack a Fitbit in only 10 seconds," at the Hack.Lu conference in Luxembourg. Aprville's test was a proof of concept (POC) that did not actually focus on executing malicious payload, rather a logical attack. By using only Bluetooth, Aprville was able to modify data on steps and distance. However, she said it is possible to infect the device in an attempt to spread malware to synced devices. Fitbit Flex tracker is a flexible wristband that measures health statistics, such as blood pressure and heart rate. The Flex is a product of Fitbit, and its salient features are: It can wake you up with a silent vibrati...

TalkTalk , one of the biggest UK-based phone and Internet service provider with more than 4 Million customers, has been hacked again, the company announced late Thursday. TalkTalk is informing its 4 million customers that it has fallen victim to a "significant and sustained cyber attack" and it is possible that sensitive data including bank details have been stolen. In February, TalkTalk suffered a major data breach in which its customer details were stolen and misused by scammers to access additional information as well as steal considerable amount of money. What data might have been Exposed? According to the company, potentially all of its 4 Million customers could be affected by the data breach. However, TalkTalk hasn't specified exactly what kind of data was stolen from its servers, but says that the systems accessed by hackers contained information including: Credit card details and/or bank details Full names Postal addresses Dates ...

Joomla – one of the most popular open source Content Management System (CMS) software packages, has reportedly patched three critical vulnerabilities in its software. The flaws, exist in the Joomla version 3.2 to 3.4.4, include SQL injection vulnerabilities that could allow hackers to take admin privileges on most customer websites. The patch was an upgrade to Joomla version 3.4.5  and only contained security fixes. The vulnerability, discovered by Trustwave SpiderLabs researcher Asaf Orpani and Netanel Rubin of PerimeterX, could be exploited to attack a website with SQL injections. SQL injection ( SQLi ) is an injection attack wherein a bad actor can inject/insert malicious SQL commands/query (malicious payloads) through the input data from the client to the application. The vulnerability is one of the oldest, most powerful and most dangerous flaw that could affect any website or web application that uses an SQL-based database. The recent SQLi in J...