The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Here we go again! Earlier this week, Apple released iOS 7.0.2 just to fix some Lockscreen bugs in iOS 7 and but a researcher has found a new Lockscreen bug in new iOS 7.0.2. This new Lockscreen bug is found by Dany Lisiansky , and he uploaded a proof of concept video on YouTube with the complete step by step guide. Unlike the previous bugs it will not expose your Email, Photos, Facebook and Twitter but allows attackers to access your phone call history, voicemails and entire list of contacts. A step by step guide released by iDownloadblog : Make a phone call (with Siri / Voice Control) Click the FaceTime button When the FaceTime App appears, click the Sleep button Unlock the iPhone Answer and End the FaceTime call at the other end Wait a few seconds Done. You are now in the phone app Video demonstration  It would be easy for someone who knows you or your love partner or your business partner to obtain your phone and call themselve...

The Wall Street Journal reported that Iranian hackers have successfully penetrated unclassified US Navy computers , the allegations were made by US officials that consider the attacks a serious intrusion within the Government network. " The U.S. Officials said the attacks were carried out by hackers working for Iran's government or by a group acting with the approval of Iranian leaders. The most recent incident came in the week starting Sept. 15, before a security upgrade, the officials said. Iranian officials didn't respond to requests to comment." US officials revealed that a group of Iranian state-sponsored hackers have repeatedly violated US Navy computer systems for cyber espionage purpose, despite no sensitive information has been leaked the event is considered very concerning. US Intelligence fears that such attacks could expose confidential information like the blueprints of a new cyber weapon. US officials added that Congress has been bri...

The Iranian group defeated the very basic phenomenon of an iPhone Fingerprinting scanner, which allows them to unlock an iPhone device with multiple Fingerprints. Apple's iPhone 5s , was launched just available in stores two weeks before with a new feature of biometrics-based security system called " Touch ID ", that involves analyzing a user's fingerprint and using that to unlock the phone. Apple launched the technology that it promises will better protect devices from criminals and snoopers seeking access. With this you can purchase things from the iTunes App Store. Basically, you can now use it in place of your password. " Fingerprint is one of the best passcodes in the world. It's always with you, and no two are exactly alike, " according to the Apple's website. Last week Germany Hackers showed that how they were able to deceive Apple's latest security feature into believing they're someone they're not, using a well-honed technique for...

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...

Kaspersky Lab has identified another Chinese APT campaign , dubbed ' Icefog ', who targeted Governmental institutions, Military contractors, maritime / shipbuilding groups, telecom operators, industrial and high technology companies and mass media. The Hacking group behind the attack who carry out surgical hit and run operations , is an advanced persistent threat (APT) group, used a backdoor dubbed Icefog that worked across Windows and Mac OS X to gain access to systems. " The Mac OS X backdoor currently remains largely undetected by security solutions and has managed to infect several hundred victims worldwide ," the report  (PDF) said. This China-based campaign is almost two years old and follows the pattern of similar APT-style attacks where victims are compromised via a malicious attachment in a spear-phishing email, or are lured to a compromised website and infected with malware . The attackers embed exploits for several known vulnerabilities (CV...

16-Year-Old Teenager has been arrested over his alleged involvement in the World's biggest largest DDoS attacks against the Dutch anti-spam group Spamhaus . The teenager, whose name is unknown at this point, was arrested by British police in April, but details of his arrest were just leaked to the British press on Thursday. He was taken into custody when police swooped on his south-west London home after investigations identified significant sums of money were flowing through his bank account. The suspect was found with his computer systems open and logged on to various virtual systems and forums. The March 20 attack on Spamhaus has been dubbed as the " biggest cyber attack in the history of the Internet " which saw server of the Dutch anti-spam organization being bombarded with traffic in tune of 300 billion bits per second (300Gbps). A DDoS attack takes place when hackers use an army of infected computers to send traffic to a server, causing a shutdown in the process. I...

A College 19-year-old college student and Hacker from Temecula, California has been arrested for hacking the webcams of Miss Teen USA ' Cassidy Wolf ' and other women to extort nude photos and videos from them. Earlier this year Cassidy Wolf received an anonymous email in which the sender claimed to have stolen images from the camera on her home computer. According to the complaint, he threatened to turn her " dream of being a model ... into a ..... " Jared James Abrahams , 19 years-old man forced several women to strip. Based on an investigation launched in March the FBI raided THE suspect's home in June, seizing computers, cell phones and hacking software. Abrahams is accused of hacking the computers of several young women and charged with extortion, that could send him to federal prison for up to two years. Abrahams used malicious software to disguise his identity in order to capture nude photos or videos of victims through remote operat...

An illegal service that sells personal data of US citizens online, which can then be used for identity theft hacked into the networks of three major data brokers and Hacker stole their databases. Cyber attack has given them access to Social Security Numbers , dates of birth, and other personal details that could put all our finances at risk. Krebs's blog revealed that the service, known as SSNDOB ( ssndob.ms)  (Social Security Number Date of Birth) used malware to obtain secret access to the databases of LexisNexis, Dun & Bradstreet and Kroll Background America. Hackers are charging from 50 cents to $2.50 per record and from $5 to $15 for credit and background checks. It was discovered in March that another website, exposed.su was using data collected by SSNDOB to sell to its customers.  Through the use of a botnet Malware, ID thieves the ID thieves gained access to the networks of LexisNexis, that it provides coverage of more than 5...

Italian Researcher Michele Spagnuolo recently revealed a serious vulnerability in the popular Mailbox iPhone app . Mailbox is a tidy iOS the email app recently purchased by Dropbox , has a pretty wide-open hole that could allow bad actors to hijack your device. The flaw occurs in the latest version of Mailbox (1.6.2) currently available from the App Store, that  executes any Javascript which is present in the body of HTML emails. With exploitation of this vulnerability, users could be subject to account hijacking, spam and phishing attacks by simply opening an HTML email containing embedded javascript. You can see a video demonstration below: The good news is that the problem is probably not as bad as it looks, because iOS is tightly sandboxed, its security features are built with this functionality in mind and normally do not allow any potentially harmful operation to take place without the user's permission. Mailbox's statement on this issue,...