The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Valentine's Day   - a day of hearts, Chocolates, Flowers and Celebrations when people express their emotions to their loved ones and most of us send E-cards, purchase special gifts with the help of various Online Shop Sites and many other tantrums making them feel special. While you are busy in Googling ideal gifts for your loved ones, the Cyber thieves are also busy in taking advantage of such events by spreading various malware , phishing campaigns and fraud schemes as these days come out to be a goldmine for the cyber criminals. Online Shopping Scams are popular among Cyber criminals as it is the easiest way for hackers to steal money in easy and untraceable ways. Security Researchers at Anti virus firm - Trend Micro discovered various Valentine's Day threats which are common at such occasion i.e. A flower-delivery service and it appears to be a normal promotional e-mail, but the links actually lead to various survey scams. The Malware threats also arr...

In past months, we have reported about critical vulnerabilities in many wireless Routers including Netgear, Linksys,  TP-LINK, Cisco, ASUS, TENDA and more vendors, installed by millions of home users worldwide. Polish Computer Emergency Response Team (CERT Polska) recently noticed a large scale cyber attack ongoing campaign aimed at Polish e-banking users. Cyber criminals are using known router vulnerability which allow attackers to change the router's DNS configuration remotely so they can lure users to fake bank websites or can perform Man-in-the-Middle attack. ' After DNS servers settings are changed on a router, all queries from inside the network are forwarded to rogue servers. Obviously the platform of a client device is not an issue, as there is no need for the attackers to install any malicious software at all. ' CERT Polska researchers said. That DNS Hijacking trick is not new, neither most of the router vulnerabilities are, but still millions of...

Last October, the social network ' LinkedIn ' launched a controversial Smartphone app called ' Intro ' that intercepts and route all of your emails through LinkedIn servers to inject LinkedIn profiles of the sender directly into the mails. The app was released for Android , as well as iOS devices. Why Controversial? The app puts the security and privacy of your data entirely in the company's hands, and at that time everyone criticized and reacted negatively, but LinkedIn defended Intro, claiming that all information was fully encrypted and deleted from LinkedIn's servers immediately. Just two days back, I got an e-mail from LinkedIn with the subject line " We're retiring LinkedIn Intro. " i.e. LinkedIn is giving up so quickly just four months of the launch! In a blog post today, LinkedIn SVP of products Deep Mishar explained, " We are shutting down LinkedIn Intro as of March 7, 2014. The intro was launched last year to bring the power of LinkedIn to your emai...

With the beginning of a new week, we always came across a new revelation of surveillance programs run by the U.S. Government. A Recent NYT Report disclosed that how whistleblower Edward Snowden downloaded 1.7 million classified files which are revealing a number of secret spying projects that are being executed by NSA. The only lesson we have learned, is about taking our PRIVACY very seriously.  To Communicate using electronic media, we need to explore something which can make the conversation more secure and private. The only point where my search ends is to 'Encrypt the message' to be sent with a robust encryption technique which might provide at least a handy balance of security and convenience. Recently, it was reported that most widely adopted encryption technique RSA had a backdoor for the NSA . So 'Privacy' becomes a question to all of us and what technology we should trust upon. We have various sets of options to choose encryption e.g. Advanced Encry...

Last Saturday millions of France Internet users saw a strange message on Google's Homepage, rather than any GOOGLE DOODLE, as shown above. Despite Paying €150,000 ($228,147)  Fine to France Government, Google has been forced to post a ' Privacy Fine Notice ' on its French Search Engine homepage for violating Data-Processing and Freedoms Laws. The French Data-protection authority - ' The Commission Nationale de l'information et des Liberties ' (CNIL) said on Friday that Google's appeal to suspend the order of January decision has been denied by the Conseil d'Etat i.e. The Administrative Court and the company is ordered to post a notice for 48 hours on its Google.fr page within eight days as of the notification of the decision. In 2012, Google's new privacy policy that combined several separate policies under one umbrella and allowed Google to take advantage of user data from multiple different services at once, was in violation of " fun...

National Security Agency (NSA) – the one that had ruled over the privacy of the entire world from countries to individuals, the one with master access to read anyone's data, intruded into large fiber networks, and can target anyone, at any time, at any place; but lapsed somewhere in protecting its own privacy and security of the confidential data. If I am wrong, then from where did Snowden gets hold over roughly 1.7 million NSA's confidential files in sequence? According to the Intelligence officials who has investigated the insider theft by Snowden, noticed that he had accessed all these documents using some ' web crawler ', a freely available automated tool also known as spiders, which used to search, index and backup a website, " scraped data out of our systems " he said. " We do not believe this was an individual sitting at a machine and downloading this much material in sequence ," he added. He used the web crawler tool against NSA 's internal network and 'probably...

Smartphone manufacturers are adding ways for owners to track and manage their phones if they ever get lost or stolen. Find My iPhone is a service that comes with every iOS device that allows you to track your iPhone, whether it was lost or stolen. Normally, the iPhone requires a password if you want to deactivate " Find My iPhone ", but it isn't entirely perfect and thieves are now smart enough to disable ' Find My iPhone ' on devices running iOS 7.0.4 and lower version, without having to enter a password. The exploit was discovered and demonstrated security researcher ' Bradley Williams ' and performing a successful bypass means you won't be able to locate, make sound and wipe out. The vulnerability could put the devices at risk, and the exploitation method involves a few simple steps that involve making changes in the iCloud settings, even if they don't know the password. Steps to hack 'Find My iPhone': Navigate to iCloud in the settin...

In the era of Smart devices, we have Smartphones, Smart TVs, Smart Fridges, and even the Smart cars! We have made our life very easy and comfortable by providing the master control of every task to such smart devices. But imagine if an attacker wants to take revenge or hurt someone, now they can hack your car, rather failing breaks in the traditional way. Sounds Horrible ! WELL, Two Security researchers - Javier Vazquez-Vidal and Alberto Garcia Illera have developed a home-made gadget called ' CAN Hacking Tools (CHT) ', a tiny device smaller than your Smartphone, which is enough to hack your Cars. The Kit costs less than $20, but is far capable to give away the entire control of your car to an attacker from windows and headlights to its steering and brakes. The device uses the Controller Area Network (CAN) ports that are built into cars for computer-system checks, and draws power from the car's electrical system. Injecting a malicious code to CAN ports all...