The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware . One of the most popular Chinese computer manufacturers 'Lenovo' has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells. The feature is known as " Lenovo Service Engine " (LSE) – a piece of code presents into the firmware on the computer's motherboard.  If Windows is installed, the LSE automatically downloads and installs Lenovo's own software during boot time before the Microsoft operating system is launched, overwriting Windows operating system files. More worrisome part of the feature is that it injects software that updates drivers, firmware, and oth...

In the month of February 2015, second generation Raspberry Pi was made available and was commonly known as Raspberry Pi 2 . Buzz was that Windows 10 will be supporting the hardware for its compatibility with the smart objects, popularly known as the ' Internet of Things '. So, finally the Free version of Windows 10 for Raspberry Pi 2 is here. On Monday, public release of Microsoft's Windows 10 for IoT Core, offering support for the Raspberry Pi 2 and the Minnowboard Max , was made available. Microsoft's goal of spreading Windows 10 to a Billion user is going to get fulfilled with this specially trimmed edition for small and embedded devices, that may or may not have screens. Also for devices with screens, Windows 10 IoT Core operating system does not have a Windows shell experience; rather you can write a Universal Windows app that is the interface and 'personality' for your device. It's neither the Windows, as we already are familiar with, nor a substitut...

Updated your PCs to Windows 10 ? Now it's time to patch your Windows 10 software. Microsoft has issued its monthly Patch Tuesday by releasing 14 security bulletins , nearly half of it address vulnerabilities in its latest operating system, Windows 10. Four of them are marked critical, affecting Windows, .Net Framework, Microsoft Office, Microsoft Lync, Internet Explorer, Microsoft Silverlight and Edge Browser . Yes, the critical update includes even Edge browser – Microsoft's newest and supposedly super-secure web browser. Windows users are advised to patch their system as soon as possible because the security flaws can be remotely exploited to execute malicious code on vulnerable systems, allowing hackers to install malware and take full control of systems. Most Critical Security Updates: MS15-079 – The critical update fixes a total of 10 privately disclosed flaws in Internet Explorer. Most of these flaws allow a hacker to execute malicious code on v...

Offensive Security , the creators of Swiss army knife for Security researchers, Penetration testers and Hackers have finally released the much awaited and most powerful version of  Kali Linux 2.0 . Kali Linux 2.0 (Codename 'Kali Sana') , an open-source penetration testing platform brings hundreds of Penetration Testing, Forensics, Hacking and Reverse Engineering tools together into a Debian-based Linux distribution. Kali Linux 2.0 offers a redesigned user interface for streamlined work experience, along with a new multi-level menus and tool categories options. Kali Linux 2.0 is now a rolling distribution, means users will receive tools and core system updates frequently. Kali Linux 2.0 Features: Runs on Linux kernel 4.0,  use full Gnome 3 Desktop instead of gnome-fallback,  improved hardware and wireless driver coverage,  support for a variety of Desktop Environments,  updated desktop environment and tools,  Featuring new cutt...

After the release of Windows 10 , Millions of Windows 7, 8 and 8.1 users have upgraded their systems to Windows 10. Thanks to Microsoft's free system update. Windows 10 inbuilt rollback vs. EaseUS System GoBack Microsoft even offers Windows users with an opportunity to downgrade their computer to their previous version of operating system after an upgrade, but the opportunity lasts for only 30 days. This is really cool, but what if you upgraded your system to Windows 10 , used it for more than a month and then realized that it's hard for you to adopt? Now, How do you get your favorite Windows version back? You don't need to go through that lengthy procedure of downloading and installing the old Windows again to downgrade your system to the previous version. I have a better and an easy solution to your problem. You can now quickly go back to your previous Windows Operating System and restore all your old applications & games with just one click. Tha...

Encrypting your sensitive data is important. As you may know, CIA... C onfidentiality I ntegrity A vailability ...are the essential elements of Information Security. There are a number of tools and methods available out there, but not all encryption tools are same. We are now living in an era where everyone is watching everyone else, and now you need to pay extra attention before choosing any tool. VeraCrypt , a TrueCrypt alternative, is an open source file encryption software designed to protect your online privacy. VeraCrypt enters the market within months after TrueCrypt died , almost similar to it, but with enhancements to further secure your data. A week ago, latest version VeraCrypt 1.12 released with a new feature called PIM, which stands for " Personal Iterations Multiplier ". PIM (Personal Iterations Multiplier) is a new parameter introduced in VeraCrypt 1.12 to secure your data. PIM is basically a secret numerical value that...

It seems like there isn't any end to Android security flaws. After the discovery of the Stagefright vulnerability that allowed hackers to infect Millions of Android devices with just a maliciously-crafted message… Researchers have now warned of another critical security hole in Google's Android mobile operating system platform that impacts over 55 percent of all Android users . Security researchers at IBM have discovered a new privilege escalation vulnerability in the Android platform that could allow " a malicious app with no privileges the ability to become a 'super app' and help the cybercriminals own the device. " Dubbed the Android serialization vulnerability, assigned CVE-2015-3825 , affects Android versions 4.3 and above, including the latest build of Android M. The vulnerability resides in a component of Android's platform called OpenSSLX509Certificate , which can be exploited by an Android app to compromise the system_server process and gain powerful syste...

Well, this was a very unexpected move by Google. Google Co-Founder Larry Page announced a restructuring of the whole company, revealing the creation of the umbrella " Alphabet " corporation. But, don't worry… Google isn't dead! Rather, Google will become part of Alphabet. Why Google Rebrands As 'Alphabet' Over time, Google, the Mountain View company has become a lot more than just a Search Engine. Google created and acquired a large number of other popular Internet services, including Android, YouTube and Gmail, that makes too much difficult for a single company to manage all of them effectively. According to Google Founders, it's time, when different projects require different leaders, different company cultures, and different types of resources. " Our model is to have a strong CEO, who runs each business, with Sergey and me in service to them as needed ," Page wrote . So the founders decided to create an all new parental brand that ...

We have talked a lot about car hacking. Recently researchers even demonstrated how hackers can remotely hijack Jeep Cherokee to control its steering, brakes and transmission. Now, researchers have discovered another type of car hack that can be used to unlock almost every car or garage door. You only need two radios, a microcontroller and a battery, costing barely under $30, to devise what's called RollJam capable to unlock any car or garage at the click of a button, making auto hacking cars so simple that anyone can do it. The recent hack takes advantage of the same vulnerable wireless unlocking technology that is being used by the majority of cars manufacturers. These wireless unlocking systems are Keyless entry systems that enable the car owner to unlock his car just by pressing a button sitting at his workplace remotely ( within a range of 20 metres ). What RollJam does and How? RollJam steals the secret codes, called Rolling Code, that is gene...