The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A huge trove of confidential documents from the Panamanian law firm Mossack Fonseca was made public on Sunday in what's known as One of the World’s Largest Data Leaks ever, called The Panama Papers . Over 11.5 Million Leaked Files including 2.6 Terabytes of Data Even larger than the NSA wires leak in 2013, the Panama Papers includes 2.6 Terabytes of private data , exposing an enormous web of offshore shell companies frequently used by many of the richest and most powerful members around the globe to evade taxes, hoard money, and skirt economic sanctions. Shared with German newspaper 'Suddeutsche Zeitung' by an anonymous source, the leaked documents then passed on to the International Consortium of Investigative Journalists (ICIJ) – in which 370 Reporters from 100 News Media organizations looked into the massive leak for a year. After a year-long investigation, ICIJ and its reporting partners began publishing a series of leaks on Sunday based on the Pa...

A researcher has demonstrated how easy it is to steal high-end drones, commonly deployed by government agencies and police forces, from 2 kilometres away with the help of less than $40 worth of hardware . The attack was developed by IBM security researcher Nils Rodday, who recently presented his findings at Black Hat Asia 2016. Hacking the $28,463 Drone with Less than $40 of Hardware Rodday explained how security vulnerabilities in a drone's radio connection could leverage an attacker ( with some basic knowledge of radio communications ) to hijack the US$28,463 quadcopters with less than $40 of hardware. Rodday discovered ( PPT ) two security flaws in the tested drone that gave him the ability to hack the device in seconds. First, the connection between drone's controller module, known as telemetry box, and a user’s tablet uses extremely vulnerable ' WEP ' ( Wired-Equivalent Privacy ) encryption – a protocol long known to be 'crackable in sec...

The Federal Bureau of Investigation (FBI) worked with Israeli mobile forensic firm Cellebrite to unlock iPhone used in the San Bernardino shooting last year, confirmed by multiple sources familiar with the matter. The United States Department of Justice (DoJ) said on Tuesday that the FBI successfully unlocked iPhone and accessed data with the help of an undisclosed alternative method offered by a third party and that it no longer needs Apple's assistance. Apple was engaged in a legal encryption battle with the DoJ for a month over a court order that forces the company to write new software, which could disable passcode protection on Farook's iPhone 5C to help them access data on it. Apple refused to comply with the order, saying the FBI wants the company to create the " software equivalent of cancer " that would likely threaten the privacy and data security of millions of its iPhone users. FBI to Unlock iPhone in Several Pending Cases Althou...

Did you install the latest update OS X 10.11.4? If yes, then you might be wondering with a fact that the Apple had delivered an ineffective patch update this time. Yes! This news would definitely disappoint many Apple users, as the latest update of OS X El Capitan 10.11.4 and iOS 9.3 still contain a privilege escalation vulnerability that could affect 130 Million Apple customers. Just last week, we reported about a critical privilege escalation vulnerability  in Apple's popular System Integrity Protection (SIP) security mechanism, affecting all versions of OS X operating system. Even after Apple had fixed the critical flaw in the latest round of patches for Macs and iThings, the SIP can still be bypassed in the most recent version of operating system, leaving Apple users vulnerable to flaws that could remotely hijack their machines. SIP Bypass Exploit Code Fits in a Tweet Interestingly, Stefan Esser, a security researcher from Germany, has rele...

Anything connected to the Internet could be hacked and so is the Internet of Things (IoTs) . The market fragmentation of IoTs or Internet-connected devices is a security nightmare, due to poor security measures implemented by their vendors. Now, the researchers at security firm ESET have discovered a piece of Malware that is targeting embedded devices such as routers, and other connected devices like gateways and wireless access points, rather than computers or smartphones. Dubbed KTN-Remastered or KTN-RM , the malware is a combination of both Tsunami (or Kaiten) as well as Gafgyt. Tsunami is a well-known IRC ( Internet Relay Chat ) bot used by miscreants for launching Distributed Denial of Service (DDoS) attacks while Gafgyt is used for Telnet scanning. KTN-RM, which researcher dubbed ' Remaiten ,' features an improved spreading mechanism by carrying downloader executable binaries for embedded platforms and other connected devices. How Does the ...

'Microsoft loves Linux' so much that now the company is bringing the popular Bash shell , alongside the entire Linux command environment, to its newest Windows 10 OS in the upcoming 'Anniversary Update,' Redstone. The rumours before the Microsoft’s Build 2016 developer conference were true. Microsoft has just confirmed that it is going to enable its users to run Bash (Bourne Again Shell) natively on Windows 10. Also Read: Microsoft Drops a Cloud Data Center Under the Ocean . Microsoft has partnered with Ubuntu's parent company Canonical to ensure the Bash experience for users is just as good in Windows OS as it's in variants of Linux. Although the Goal of the partnership, in the end, is to bring Ubuntu on Windows 10, don't expect it to run Ubuntu directly on Windows 10. Users will be able to download Bash from the Windows Store. BASH or Bourne Again Shell is capable of handling advanced command line functionalities that are not a c...

Do you deal with MS Word files on the daily basis? If yes, then are you aware that even opening a simple doc file could compromise your system? It is a matter to think that the virus does not directly affect you, but it is you who let the virus carry out the attack by enabling deadly "Macros" to view the doc contents that are generally on eye-catching subjects like bank invoice. How Macros are Crippling your System? The concept of Macros dates back to 1990s. You must be familiar with this message: " Warning: This document contains macros. " A Macro is a series of commands and actions that help to automate some tasks. Microsoft Office programs support Macros written in Visual Basic for Applications (VBA), but they can also be used for malicious activities like installing malware. Hackers are cleverly using this technique on the shade of social engineering by sending the malicious Macros through doc file or spreadsheet with an eye-catching subject in t...