The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Al-Jazeera says hackers have targeted the Qatar-based TV satellite channel for the second time in a week, sending out false news reports on its mobile sms service. Al Jazeera confirm the hack in a tweet ," We'd like to inform our subscribers that Aljazeera sms sevice is being compromised by pirates and they've sent fake news news with no basis " " The story claiming that the Prime Minister (Sheikh Hamad bin Jassem) has been the target of an assassination attempt in the royal palace is completely false and was a result of hacking of the service ," the channel said in breaking news. A pro-Damascus group known as the Syrian Electronic Army quickly claimed responsibility for the Sunday hack on Twitter.  Social networks, including Twitter, quoted Al-Jazeera's mobile service on Sunday as saying that Sheikh Hamad was targeted in an attack on the palace in Doha and that the wife of the emir, Sheikha Moza bint Nasser, was lightly wounded. Hackers posted a pro-Syrian stateme

Last month, those assholes in the California State Assembly passed a resolution urging state educational institutions to more aggressively crack down on criticism of the State of Israel on campuses, which the resolution defines as "anti-Semitism." The anti-democratic resolution is the latest step in the broader campaign to stifle and suppress dissent on California's increasingly volatile campuses. Get this, it passed without public discussion. The vote on the resolution came when most students were between semesters and away from their campuses. The resolution uses the classic trick employed by defenders of Israel's Zionist regime: lumping together any criticism of the Israeli state's policies or of the US government's support for them with racist attacks on Jews. The bulk of the resolution is dedicated to defining criticism of the state of Israel as "anti-Semitism."  It lists the following as examples of "anti-Semitism": • "language or behavior [that] demonizes and delegitimizes Is

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Iranian National Computer Emergency Response Team releases a tool for Gauss malware detection . Cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login and passwords, according Kaspersky Lab, a leading computer security firm. Gauss primarily infects 32-bit versions of Windows, though a separate spy module for USB drives can collect information from 64-bit systems. Infections are mainly split between Windows 7 and Windows XP, although some of the Gauss modules don't work against Windows 7 Service Pack 1. Mac and Linux machines appear to be safe. Multiple modules of Gauss serve the purpose of collecting information from browsers, which include the history of visited websites and passwords. Detailed data on the infected machine is also sent to the attackers, including specifics of network interfaces, the computer's drives and BIOS information. The Gauss module is also capable of stealing data from the clients of several Leb

Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS (Hypertext Transfer Protocol Secure) connections. From the security researchers who created and demonstrated the BEAST (Browser Exploit Against SSL/TLS) tool for breaking SSL/TLS encryption comes another attack that exploits a flaw in a feature in all versions of TLS. The new attack has been given the name CRIME by the researchers.The CRIME attack is based on a weak spot in a special feature in TLS 1.0, but exactly which that feature is has not been revealed by the researchers. They will say that all versions of TLS/SSL including TLS 1.2, on which the BEAST attack did not work are vulnerable. Once they had the cookie, Rizzo and Duong could return to whatever site the user was visiting and log in using her credentials. HTTPS should prevent this type of session hijacking because it encrypts session cookies while in transit or when stored in the browser. But the new attack, devis

Julian Assange's mother, Christine Assange has done an excellent job of compiling the facts surrounding the issue of Julian's extradition case. Please, everyone share this, copy it, email it and send it to your elected officials and congressional representatives. The truth is what will set Julian Assange free and he must be freed immediately. Assange Extradition Fact Sheet 1) Julian Assange is not charged with anything in Sweden or any other country. [Source: @wikileaks ] 2) Julian Assange did not flee Sweden to avoid questioning. He was given permission to leave the country on the 15th September 2010, after remaining 5 weeks in Sweden for the purpose of answering the allegations made against him. [Source: Undue delay for Julian Assange's interrogation ] 3)  The case against Julian Assange was initially dropped, and deemed so weak it could not warrant investigation. After the intervention of a Swedish politician close to American diplomats, it was revived by a different prosec