The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The Deep Web (or Invisible web) is the set of information resources on the World Wide Web not reported by normal search engines. According several researches the principal search engines index only a small portion of the overall web content, the remaining part is unknown to the majority of web users. What do you think if you were told that under our feet, there is a world larger than ours and much more crowded? We will literally be shocked, and this is the reaction of those individual who can understand the existence of the Deep Web , a network of interconnected systems, are not indexed, having a size hundreds of times higher than the current web, around 500 times. Very exhaustive is the definition provided by the founder of BrightPlanet, Mike Bergman, that compared searching on the Internet today to dragging a net across the surface of the ocean: a great deal may be caught in the net, but there is a wealth of information that is deep and therefore missed. Ordinary

NSA intercepting 1.7 billion American electronic communications daily Since 9/11, the Agency has been able to "spy" on electronic communications without the need for court-approved warrants. The group has a large complex in Utah that cost $2 billion and holds the data. In 2006 the New York Times revealed that the Bush administration was eavesdropping on the electronic communications of Americans without the warrants required by law. The American Civil Liberties Union has created an infographic for mass distribution that shows some scary figures related to the U.S. National Security Agency. Four years ago Congress authorized the electronic surveillance of suspected terrorists and foreign agents located outside the United States, with provisions that supporters said would adequately protect the privacy of Americans. The only positive aspect of the FISA Amendments Act of 2008 was that the Congress imposed a four-year sunset provision on the powers it authorized. That sunse

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

New Jersey mayor arrested for hacking recall website The FBI last week arrested the mayor of the northern New Jersey town of West New York, together with his son, on charges of hacking into a website and a related email account that called for the mayor's recall. Felix Roque, 55, the mayor of West New York, N.J., was arrested with his son, Joseph Roque, 22. They were released on $100,000 personal bond after neither entered a plea. According to the criminal complaint filed against Felix Roque and his son, on 2 February 2012 the two men began to conspire to hack into and disable a website called www.recallroque.com. Joseph Roque then allegedly performed a password reset for the Go Daddy account used to administer recallroque.com. This allowed him to cancel the domain name and effectively disable the website, the FBI agent said in the affidavit. The conspiracy and unauthorised computer access charges each carry a maximum possible sentence of five years in prison and a fine of u

Hackers took control of two satellites for few minutes According to a US report recently claimed that hackers had managed to interfere with two military satellites, but one expert argues the amount of energy required would be too great for ordinary hackers. The hackers took control of the Landsat-7 and Terra AM-1 satellites for a grand total of 12 minutes and two minutes respectively. One might hope that the communications satellites suspended in orbit above the earth might be one component of the planet's technology infrastructure that is safely out of harm's way. But as satellite communications enthusiast Paul Marsh explained at the London Security B-Sides event in April, there are reasons to doubt the reports. He spoke about a similar story, reported in the late 1990s, about hackers supposedly accessing UK military satellite communications network SkyNet and 'nudging' one satellite out of synch. Whether Chinese hackers have that capability now is just one more matter of specu

Flame Malware - 21st Century Massive cyber attack on Iran A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyber-espionage operation. The Flame computer virus not only stole large quantities of information from various Iranian government agencies, but apparently even disrupted its oil exports by shutting down oil terminals, information security firm Symantec Israel said yesterday. The Flame virus recently found in Iran could be used to infect other countries, according to the International Telecommunications Union. As the United Nations agency charged with helping members protect their data networks, the ITU plans to issue a warning about the danger of Flame. Iran's National Computer Emergency Response Team (Maher) said in a statement that the detection and clean-up tool was finished in early May and is now ready for distribution to organisations a

NASA SSL Digital Certificate hacked by Iranian Hackers Iranian hackers ' Cyber Warriors Team ' announced in an online post that it compromised an SSL certificate belonging to NASA and subsequently accessed information on thousands of NASA researchers. A space agency representative revealed that they're currently investigating the incident. The group said the certificate was compromised by exploiting an existing vulnerability within the portal's login system, but they didn't outline the entire attack. Once they had control over the certificate, they claim to have used it to "obtain User information for thousands of NASA researcher With Emails and Accounts of other users [sic]." " These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives, " Paul K.