The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

About 20 percent of Microsoft Account logins are found on lists of compromised credentials in the wake of hack attacks on other service providers, Eric Doerr, Group Program Manager for Microsoft's Account system said . A significant proportion of compromised credentials Microsoft sees from other services have the same username and password on the Microsoft account system (formerly Windows Live ID) logins, which cover services such as Hotmail, Messenger and SkyDrive. These logins have not been compromised from the Microsoft server, but are instead based on login information leaked from other sites. " These attacks shine a spotlight on the core issue people reuse passwords between different websites ," he said. Microsoft regularly gets lists of compromised third-party login details from ISPs, law enforcement and vendors, as well as from lists published on the internet by hackers, according to Doerr. This information is checked against Microsoft login details using an auto

What if when you sent a message to someone, it had a very good chance of going to someone else in your contact list? That would be pretty scary right? That what some Skype users are reporting. The bug was first discussed in Skype's user forums, and seems to have followed a June 2012 update of the Skype software. Skype has confirmed the bug existence and that a fix is in the works. However, the company characterizes the bug as "rare." Purchased by Microsoft last year for $8.5 billion, the Luxemburg company which has as many as 40 million people using its service at a time during peak periods, explained that messages sent between two users were in limited cases being copied to a third party, but did not elaborate further on the matter. Five other individuals of the Microsoft-owned program confirmed they were also seeing instant messages being sent to the wrong person from their contact list. Sometimes it's just a few messages, while other times it's a whole conversation. Sk

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Barack Obama has signed an executive order that could hand control of the internet to the U.S. Government, in the event of a natural disaster or terrorist attack. " The federal government must have the ability to communicate at all times and under all circumstances to carry out its most critical and time sensitive missions ," Obama said . President Obama adds that it is necessary for the government to be able to reach anyone in the country during situations it considers critical, writing, " Such communications must be possible under all circumstances to ensure national security, effectively manage emergencies and improve national resilience ." Later the president explains that such could be done by establishing a " joint industry-Government center that is capable of assisting in the initiation, coordination, restoration and reconstitution of NS/EP [national security and emergency preparedness] communications services or facilities under all conditions of emerging threats, cr

The latest release of Google's Android mobile operating system has finally been properly fortified with an industry-standard defense. It's designed to protect end users against hack attacks that install malware on handsets. Android 4.1 Jelly Bean includes several new exploit mitigations and a more extensive implementation of ASLR to help defeat many kinds of exploits. ASLR is an exploit mitigation method that randomizes the positions of key data areas such as libraries, heap, stack, and the base of the executable, in a process's address space, and that makes it near impossible for malware authors and hackers to predict where their malicious payloads will be loaded. " As we mentioned in our previous post on Android ASLR, the executable mapping in the process address space was not randomized in Ice Cream Sandwich, making ROP-style attacks possible using the whole executable as a source of gadgets. In Jelly Bean, most binaries are now compiled/linked with the PIE fla

Apple is investigating yet another security breach in its iTunes app store . A Russian hacker worked out a way that allows people to bypass payment in the App Store and download products for free. The hacker, dubbed ZonD80 , posted a video of the crack on YouTube (Deleted by Youtube now ) and claims that the technique makes it possible to beat Apple's payment systems by installing a couple of certificates and assigning a specific IP address to the device. The new service, which has already been subject to attempts at shutting it down, requires no jailbreaking and only minimal configuration changes. It works by funneling purchase requests through a server operated by the hacker, rather than the legitimate one offered by Apple. As a result, charges that normally would be applied to a user's account are bypassed. Below are the steps to the hack: Install two certificates: CA and in-appstore.com. Connect via Wi-Fi network and change the DNS to 62.76.189.117. Press the Like but

Nvidia shut down its Developer Zone online forum today after hackers gained access to members' account details.A statement Nvidia posted on the forum reads , " Nvidia suspended operations today of the Nvidia Developer Zone. We did this in response to attacks on the site by unauthorised third parties who may have gained access to hashed passwords. " Users are also warned not to provide any personal, financial or sensitive information in response to any email purporting to be sent by an NVIDIA employee or representative. All user passwords will be reset when the system comes back online, though it wasn't mentioned when that was going to be. NVIDIA insists it is "continuing to investigate this matter. Nvidia forum hack follows the recent LinkedIn and Yahoo! hacks . Earlier 6.5 million LinkedIn hashed passwords were stolen and subsequently published on unauthorized websites.

Nikhil Kolbekar, aka HellsAngel, was arrested on July 11 in Mumbai, India. Eric Bogle, known as Swat Runs Train, and Justin Mills, or xTGxKAKAROT, were taken into custody in Canada, respectively Colorado, US.  HellsAngel and  Bogle is suspected of selling complete credit card details, including names, addresses, social security numbers, birth dates, and bank account information. He also sold remote desktop protocol (RDP) access data that could be utilized to breach computers in countries such as Turkey, India, Czech Republic, Brazil, Germany, France, Italy, Spain, Sweden, and others. The suspect, Nikhil Kolbekar, was produced before the Esplanade Court on Thursday and has been remanded in judicial custody. He will be produced before the Patiala House court in Delhi on July 25, with the US pressing for his extradition through the Interpol. Carding refers to various criminal activities associated with stealing personal identification information and financial information belonging to

Phandroid's Android Forums Web site is hacked and user account details stolen, according to a notice posted online. The data includes the user names, e-mail addresses, hashed passwords, and registration IP addresses of the forums' more than 1 million users. If you are one of them, you should change your password: go to your UserCP or use the Forgot your password? . Furthermore, if you use the same e-mail address and password combination elsewhere, you should change it there as well. " I have some unfortunate news to pass along ," the post reads. " Yesterday I was informed by our sever/developer team that the server hosting Androidforums.com was compromised and the website's database was accessed. While the breach is most likely harmless, there are important and potential pitfalls, and we want to provide as much helpful information to our users as possible (without getting too technical). " Phandroid will continue to investigate what happened. The ex

Security researchers working for F-Secure have found a web exploit that detects the operating system of the computer and drops a different trojan to match.The attack was first seen on a Columbian transport website which had been hacked by a third party. This malware is known as GetShell.A and requires users to approve a Java applet installation. It detects if you're running Windows, Mac OS X, or Linux, and then downloads the corresponding malware for your platform. The malicious files developed for each type of OS connect to the same Command & Control server that F-Secure has localized at IP address 186.87.69.249. Karmina Aquino, a senior analyst with F-Secure said " All three files for the three different platforms behave the same way. They all connect to 186.87.69.249 to get additional code to execute. The ports are 8080, 8081, and 8082 for OSX, Linux and Windows, respectively ." On upcoming 29th July 2012 Security Researchers  Sina Hatef Matbue and Arash Shirk

A list of over 450,000 email addresses and plain-text passwords, in a document marked " Owned and Exposed " apparently from users of a Yahoo! service, is in circulation on the internet. The affected accounts appeared to belong to a voice-over-Internet-protocol, or VOIP, service called Yahoo Voices, which runs on Yahoo's instant messenger. The Voices service is powered by Jajah, a VOIP platform that was bought by Telefonica Europe BV in 2010. The dump, posted on a public website by a hacking collective known as D33Ds Company , said it penetrated the Yahoo subdomain using what's known as a union-based SQL injection. By injecting powerful database commands into them, attackers can trick back-end servers into dumping huge amounts of sensitive information. Since all the accounts are in plain-text, anyone with an account present in the leak which also has the same password on other sites (e-mail, Facebook, Twitter, etc), should assume that someone has accessed their accoun

Two Argentina-based cyber security experts -   Chris Russo  and Fernando Viacanel , who claimed to have cracked the security code of IT systems involved in the discovery of 'God Particle', today conducted training sessions for Indian government officials. Both the hackers are partners of IT security firm E2 Labs and their company in arrangement with industry chamber Assocham has plans to conduct series of technology exchange programmes on cyber security. Russo said that three times he has been able to find vulnerability in IT system of European Organisation for Nuclear Research (CERN) that has been involved in discovery of 'God Particle' or Higgs Boson. Programme was attended by officials from Cabinet secretariat, National Technical Research Organisation, Airforce, C-DAC, Income Tax Department, Assam's AMTRON along with representatives from private sector entities, Aircel and Cisco. "Talents required to be cyber security experts are mostly available in peo

Formspring, a social Q&A website popular with teenagers,this week disabled its users' passwords after discovering a security breach. Formspring founder and CEO Ade Olonoh apologized to users for the inconvenience, and advised them to change their passwords when they log back into Formspring. A blog entry posted by Formspring's CEO and founder Ade Olonoh explains that the passwords of all 28 million users have been disabled and the company was notified that 420,000 password hashes that seem to belong to its users have been posted to a security forum, and immediately began an internal investigation. Usernames and other identifying information were not posted with the passwords, but Formspring found that someone had broken into one of its development servers and stolen data from a production database. Encrypted passwords aren't immediately useable, although they can sometimes be decoded by a savvy attacker. Formspring launched in 2009 as a crowd-powered question-and-a