The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Over 60 Barnes & Noble stores have been used by hackers to gain the credit card data, including the PINs, of customers. The New York  company is warning customers to check for unauthorized transactions and to change their personal identification numbers or PINs. It hasn't said how many accounts may have been compromised. The scheme didn't affect Barnes & Noble's Nook tablets or mobile apps, the chain's member database, or any Barnes & Noble College Bookstores. B&N says it caught the problem in mid-September, and that it's safe now to use credit and debit cards at its stores. The New York Times reported that the hackers had already made purchases on some customer credit cards. Federal authorities are investigating. Barnes & Noble said it is working with banks and card issuers to identify compromised accounts so that additional fraud-protection measures can be taken. All keypads at the stories have been removed and shipped to a si...

This year we have seen some big Security breaches that expose millions of passwords like Yahoo! , LinkedIn , eHarmony and Last.fm , among others , SplashData Reveals Its Annual " 25 Worst Passwords of the Year " List. The three worst passwords haven't changed since 2011; they're password, 123456 and 12345678. The new worst passwords added to this year's list include welcome, jesus, ninja, mustang and password1. Have you ever used one of the most popular passwords of 2012 for your own personal accounts? SplashData CEO Morgan Slain stated " At this time of year, people enjoy focusing on scary costumes, movies and decorations, but those who have been through it can tell you how terrifying it is to have your identity stolen because of a hacked password ." " We're hoping that with more publicity about how risky it is to use weak passwords, more people will start taking simple steps to protect themselves by using stronger passwords and using different p...

The number one concern of Internet users is that a web site will keep personal information safe and secure. If you are a site owner, giving importance to security is not only for your own protection but for your users' as well. Despite you have the right to set contents to your contracts and terms of service, you still have a portion of liabilities in case your user encountered information and financial thefts as he perform activities within your website. E-commerce usually involves the processing of credit cards and sensitive customer information so security is very important. Online communities and ecommerce websites are mostly the target places of hackers. Toward this end, many users look for a website to display a third party seal as evidence of security. Using a web site seal is a good idea. But providing true web site security requires more than just a seal it also requires using several kinds of security controls managed by a security program to back th...

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

International hacker group Anonymous is going to create a WikiLeaks competitor scandalous leak portal called Tyler,  for the publication of secret information from governments of various countries. One of the group's members, who specified that he is representing the collective, spoke about the TYLER project and the rift with WikiLeaks in an email interview with the Voice of Russia. They have scheduled this new project to December 21 this year. According to the hacker, who requested anonymity, the conflict between Anonymous and the website of Julian Assange revolves around the forced funding techniques and lack of transparency around money to WikiLeaks. So far Anonymous defends WikiLeaks and Assange personally and supported the mission of the site to share information, news and classified information with the public. They even helped to publish more than 2 million emails, known as the Syrian file. Since Assange has repeatedly threatened to close th...

The PlayStation 3 has been hacked before, originally with the PSJailbreak dongle and fail0verflow, but Sony managed to fight back with Firmware 3.60 which managed to ingeniously re-secure the console. But Hackers have released a custom firmware which allows compromised consoles to log into PSN, alongside LV0 decryption keys which allow the user to bypass future security updates. The hacker group ' The Three Musketeers ' claims that they already had the keys for a while but decided not to publish them. The information also came into the hands of another Chinese hacking group called BlueDiskCFW which was about to release the Iv0 keys for a fee. To avoid others earning money with their hack, The Three Musketeers decided to publish the keys themselves. Here a  Post by Hackers . The team of hackers released the following announcement: As this was a group effort, we wouldn't normally have lost a word about it ever, but as we're done with PS3 now anyways, we ...

A heart defibrillator remotely controlled by a villainous hacker to trigger a fatal heart attack? Yes now its possible, The Government Accountability Office has released a report warning that medical devices are vulnerable to hacking and calling for greater FDA oversight of such devices. The investigation into electronic medical-device safety was initiated after computer-security researchers found dangerous vulnerabilities in insulin pumps. The FDA in 2009 issued guidance urging hospitals and medical device manufacturers to work together to eliminate security risks. But in September, the Government Accountability Office issued a report warning that implantable medical devices could be vulnerable to hacking, posing a safety threat, and asked the FDA to address the issue. " Even the human body is vulnerable to attack from computer hackers ," Representative Anna Eshoo, a Democrat from California, said in a statement on her website . Preventing potential hacking it might s...

Mobile industry watchers have long known that Android is under attack. The number of high risk and dangerous apps targeting Android users jumped from 30,000 in June to 175,000 in September, Trend Micro said in its third quarter security roundup . While some apps are clearly criminal - such as those that secretly purchase premium smartphone services - others are more of a privacy threat. These include "Aggressive Adware" apps that collect more personal information than the user has authorized. App developers may even be aware of the problem, thanks to the existence of rogue ad networks. " Though most adware is designed to collect user information, a fine line exists between collecting data for simple advertising use and violating one's privacy," Trend Micro said. "Because adware normally collect user information for legitimate purposes, they can serve as an effective means to gather more data than some would want to give out. " Many of these issues a...

When it comes to security, small and midsize businesses are largely unaware of the risks they face. Cybercrime is a serious problem which affects businesses of all sizes and can have devastating consequences. U.S. small businesses should understand they cannot completely remain safe from cyber-threats if they do not take the necessary precautions. Although such threats existed long before malware emerged, data theft, fraud and industrial spying are all now typically conducted through cyber-attacks. The picture painted is of an environment under siege, with an alarming 41% of businesses acknowledging themselves less than ready to face cyber-threats. Kaspersky Lab and B2B International recently conducted a survey among IT professionals working for large and medium-sized businesses to find out what IT specialists thought of corporate security solutions, to determine their level of knowledge about current threats, the sort of problems they most often face, and thei...