The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Android have been a long time target for cyber criminals, but now it seems that they have turned their way towards iOS devices. Apple always says that hacking their devices is too difficult for cyber crooks, but a single app has made it possible for anyone to hack an iPhone. A security flaw in Apple's mobile iOS operating system has made most iPhones and iPads vulnerable to cyber attacks by hackers seeking access to sensitive data and control of their devices, security researchers warned. The details about this new vulnerability was published by the Cyber security firm FireEye on its blog on Monday, saying the flaw allows hackers to access devices by fooling users to download and install malicious iOS applications on their iPhone or iPad via tainted text messages, emails and Web links. MASQUE ATTACK - REPLACING TRUSTED APPS The malicious iOS apps can then be used to replace the legitimate apps, such as banking or social networking apps, that were installed thro...

Russian Internet traffic, including the domestic one, has continuously been re-routed outside the country due to routing errors by China Telecom , which could result in compromising the security of Russian communications. Internet monitoring service Dyn reported Thursday in a blog post that the apparent networking fault is due to the weakness in the Border gateway protocol (BGP) , which forms the underpinning of the Internet's global routing system. The problem started after the BGP peering agreement signed between the China Telecom and top Russian mobile provider Vimpelcom in order to save money on transit operators, so that some of the domestic traffic may carried over the other's network rather than through a more expensive transit operator. Under this deal, Russian domestic traffic was repeatedly being routed to routers operated by China Telecom. Routing Traffic allows law enforcement agencies and hackers with the ability to monitor. " Unlike other routin...

The joint operation by authorities of the U.S. Federal Bureau of Investigation (FBI) and European law enforcement seized Silk Road 2.0 , an alternative to the notorious online illegal-drug marketplace last week, and arrested 26-year-old operator Blake Benthall, but that wasn't the end. US and European authorities over the weekend announced the seizure of 27 different websites as part of a much larger operation called Operation Onymous , which led to take-down of more than "410 hidden services" that sell illegal goods and services from drugs to murder-for-hire assassins by masking their identities using the Tor encryption network. " The action aimed to stop the sale, distribution and promotion of illegal and harmful items, including weapons and drugs, which were being sold on online 'dark' marketplaces, " according to the Europol press release . This globally-coordinated take down is the combined efforts of 17 nations which includes the law enforcemen...

Microsoft has this time quite a big pile of security patches in its November 2014 Patch Tuesday , which will address almost 60 non-security updates for its Windows OS along with 16 security updates . The software giant released Advance Notification for 16 security bulletins, the most in more than three years, which will be addressed as of tomorrow, 11 November, 2014. Five of the bulletins have been marked as " critical ", nine are " importan t" in severity, while two were labeled " moderate ." The updates will patch vulnerabilities in Microsoft's various software including Internet Explorer (IE), Windows, Office, Exchange Server, SharePoint Server and the .NET framework as well. Five critical vulnerabilities affect specific versions of Microsoft Windows, including Windows 7, Windows 8, Windows RT, and Windows Server. One of them also affects Internet Explorer versions 7 through 11 as well. Four of the five critical bugs are said to al...

The authorities of the U.S. Federal Bureau of Investigation have announced that they have arrested " Silk Road 2.0 " operator Blake Benthall , used the alias " Defcon " in California on Wednesday and charged him with conspiracy to commit drug trafficking, computer hacking, money laundering and other crimes. Silk Road 2, an alternative to the notorious online illegal-drug marketplace that went dark in October of 2013, has been seized in a joint action involving the FBI, Department of Homeland Security, and European law enforcement. " As alleged, Blake Benthall attempted to resurrect Silk Road, a secret website that law enforcement seized last year, by running Silk Road 2.0, a nearly identical criminal enterprise, " Manhattan US Attorney Preet Bharara said in a statement . " Let's be clear—this Silk Road, in whatever form, is the road to prison. Those looking to follow in the footsteps of alleged cybercriminals should understand that we will r...

Google introduced a new security tool to help developers detect bugs and security glitches in the network traffic security that may leave passwords and other sensitive information open to snooping. The open source tool, dubbed as Nogotofail , has been launched by the technology giant in sake of a number of vulnerabilities discovered in the implementation of the transport layer security, from the most critical Heartbleed bug in OpenSSL to the Apple's gotofail bug to the recent POODLE bug in SSL version 3. The company has made the Nogotofail tool available on GitHub, so that so anyone can test their applications, contribute new features to the project, provide support for more platforms, and help improve the security of the internet. Android security engineer Chad Brubaker said that the Nogotofail main purpose is to confirm that internet-connected devices and applications aren't vulnerable to transport layer security (TLS) and Secure Sockets Layer (SSL) encry...

Security researchers at Kaspersky Lab have unearthed new capabilities in the BlackEnergy Crimeware weapon that has now ability to hacking  routers , Linux systems and Windows, targeting industry through Cisco network devices. The antivirus vendor's Global Research & Analysis Team released a report Monday detailing some of the new " relatively unknown " custom plug-in capabilities that the cyber espionage group has developed for BlackEnergy to attack Cisco networking devices and target ARM and MIPS platforms. The malware was upgraded with custom plugins including Ciscoapi.tcl which targets The Borg's kit, and According to researchers, the upgraded version contained various wrappers over Cisco EXEC-commands and " a punchy message for Kaspersky , " which reads, " F*uck U, Kaspersky!!! U never get a fresh B1ack En3rgy. So, thanks C1sco 1td for built-in backd00rs & 0-days. " BlackEnergy malware program was originally created and used by cy...

Security researchers from Newcastle University in the UK have found a way to steal larger amounts of money from people's pockets using just a mobile phone, due to a security glitch Visa's contactless payment cards. Contactless payment cards use a cryptoprocessor and RFID technology to perform secure transactions without a need to insert the card in a reader, even an NFC-equipped mobile device may also be used as a payment card. But there is a specified limits country-wise. Contactless payment cards are meant to have a limit of £20 per purchase in UK, using which shoppers can buy things by simply tapping their card on a scanner, without having to type in a PIN. But exploiting a flaw in its protocol could allow cyber criminals to manipulate the cards to transfer up to $999,999.99 in foreign currency into a scammer's account. Researchers on Wednesday at the 21st ACM Conference on Computer and Communications Security, detailed the attack which rely on a "rogue POS te...

Fredrik Neij – known online as " TiAMO ", third and the last founder of the popular file sharing website The Pirate Bay   has been arrested driving across the border of Laos and Thailand. The 36-year-old fugitive  Fredrik Neij  was convicted by a Swedish court in 2009 of aiding copyright infringement and now he has been arrested under an Interpol warrant after four years on the run. The Pirate Bay allows users to share files, including copyrighted content such as movies and music, through peer-to-peer technology. He fled the country after being released on bail and had been living in Laos with his wife and children since 2012. Neij was arrested on Monday while trying to cross a border checkpoint in Nong Khai province, about 385 miles northeast of Bangkok, with his wife, Police said. " Mr. Neij will be transferred to the immigration headquarters in Bangkok on Wednesday where the Swedish embassy is expected to pick him up and bring him back to S...