The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Self-described troll and Grey hat AT&T Hacker Andrew "Weev" Auernheimer, 26, has been sentenced to 41 months in prison for exploiting an AT&T security hole three years ago, and releasing thousands of iPad owners email addresses. According to authorities, they obtained the ICC-ID and e-mail address for about 120,000 iPad users. Each charge carried with it a potential prison terms of five years. He will serve 41 months in a federal prison, with concurrent probation for three years. He also owes restitution to the U.S. Treasury to be dispersed to AT&T in the amount of $73,000. In 2010, Auernheimer and Daniel Spitler, discovered that visiting an unsecured AT&T Web server and entering a number associated with the customer's wireless account allowed him to obtain that customer's email address. Computer security researcher Charlie Miller tweeted " We could all go to jail for security research at any moment, and a jury would happily convi

Researchers are already warning that malware authors developing more sophisticated attack techniques for mobile devices, using encryption and randomization or hiding malicious code in image files. As analyzed by Symantec a malicious Infrared X-Ray  Android application, attempting to lure Android device owners to download an app that supposedly allows the camera on the device to see through clothes. This malware app is spreading quickly widely in Japan by sending the spam messages via SMS to phone numbers stored in the device's Contacts, so that the recipients of the spam to be tricked easier because the invitation to download the app is coming from someone they know rather than from an unknown sender. The app is designed to steals all details in the device's contact list and are uploaded to a predetermined server. Symantec  confirmed that there are several variants of this app exist, ". .the latest variants have added an interesting payload: rather than sending SMS message

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Little more than a year ago I wrote about the possibility to attack gaming platform to compromise large audience of gamers in stealthy way, the access to millions of machines represent a dream for every attackers and I hypnotized its repercussion in cyber warfare domains. Gaming platform are usually complex systems equipped with the latest technology and the idea to exploit them as possible attack vectors cultivated by many governments. Researchers at ReVuln, Luigi Auriemma and Donato Ferrante , presented at Black Hat Europe 2013 in Amsterdam how to convert local bugs and features in remotely exploitable security vulnerabilities by using the popular EA Origin 3 platform as an attack vector against remote systems. EA Origin is one of the biggest gaming related digital delivery platforms with more than 40 million the access it to purchase games for any kind of platform, from mobile to PC. Before describe the discovery of the two Italian experts let's give analy

During  March Patch Tuesday of 2013 , Microsoft released seven new security bulletins, with four rated as critical, and others as Important. Most interesting one was MS13-027 , which is rated as "important" because the attack requires physical access to the vulnerable machine. This flaw allows anyone with a USB thumb drive loaded with the payload to bypass security controls and access a vulnerable system even if AutoRun is disabled, and the screen is locked. Flaw exposes your Windows PCs to major risk. If you remember Stuxnet, worm was injected to Iran's nuclear program system using USB thumb drive. Windows typically discovers USB devices when they are inserted or when they change power sources (if they switch from plugged-in power to being powered off of the USB connection itself). To exploit the vulnerability an attacker could add a maliciously formatted USB device to the system. When the Windows USB device drivers enumerate the device, parsing a speciall

Once again Google Security Team Shoot itself in the foot. Ansuman Samantaray , an Indian penetration tester discovered a small, but creative Security flaw in Google drive that poses phishing threat to million of Google users was ignored  by Google Security team by replying that," It is just a mare phishing attempt,not a bug in Google ". According to Ansuman , he reported a JavaScript Script Execution vulnerability in Google Drive Files on 20th December 2012 to Google Security Team and but Google rejected the report on 21st December. Ability to execute malicious script through Google drive files poses security threats, not just phishing attack, but an attacker able to extends the attack to malware spreading, etc. The flaw exist in the way Google Drive preview the documents in the browser. Online preview of the files executing code written in doc files as HTML/JavaScript just by changing the value of a parameter called " export " in the URL. ie.  

It's not a mystery, every nation is worried of the level of security of its infrastructure, the United States are among the most concerned governments due the high number of cyber-attack against its networks. US Government representative such us former States Secretary of Defense Leon Panetta and Secretary of Homeland Security Janet Napolitano warned in more than one occasion on the possible consequences of a cyber offensive and declared the necessity to improve the cyber capabilities of the country.  Senators are interested to evaluate the level of protection of nuclear stockpile of foreign governments against cyber attacks, question has been raised after that Pentagon's chief cyber officer admitted to ignore if countries such as Russia or China have adopted efficient countermeasures. Nelson and Armed Services Committee Chairman Sen. Carl Levin, D-Mich. will request to national intelligence an assessment about the ability of foreign states to safeguard networked

A critical vulnerability discovered in certain LaserJet Pro printers that could give remote attackers access to sensitive data. Homeland Security's Computer Emergency Response Team recently issued a vulnerability note warning that HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized access to data. This flaw was discovered by a Germany security expert, Christoph von Wittich . He detected the vulnerability during a routine network scan of his company's corporate network. He said the vulnerability could also be used for a denial-of-service attack. " As long as the printer is not connected to the Internet, this vulnerability should not cause much trouble for the end user ,". Marked as CVE-2012-5215 ( VU#782451 , SSRT101078), vulnerability affected 12 printer models including HP LaserJet Pro P1102w, P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh Multifunction Printer, M1217n

Israeli mobile security start-up Skycure has exposed a vulnerability that could allow hackers to control and spy on iPhones. A major security vulnerability for iOS configuration profiles  pose malware threat. The vulnerability affects a file known as mobileconf files, which are used by cell phone carriers to configure system-level settings. These can include Wi-Fi, VPN, email, and APN settings. Apple used to use them to deliver patches, and carriers sometimes use them to distribute updates. Adi Sharabani , CEO and co-founder of Skycure, made a demonstration that how sensitive information, including the victim's exact location, could be retrieved, while also controlling the user's iPhone. In Demo, he setup a fake website with a prompt to install a configuration profile and sent the link out to Victim. After installing it, he found out they were able to pull passwords and other data without his knowledge. These malicious profiles can be emailed or downloaded fro

The U.S. government repository of standards based vulnerability management website National Vulnerability Database (NVD) was hacked by some unknown attacker last week. The website of NVD ( https://nvd.nist.gov/index.html ) is down since Friday due to a malware infection on two web servers, discovered on Wednesday. The main page of website reads," The NIST National Vulnerability Database (NVD) has experienced an issue with its Web Services and is currently not available. We are working to restore service as quickly as possible. We will provide updates as soon as new information is available ." According to a post available on Google+ by Kim Halavakoski , who contacted NIST Public Inquiries Office to know about the issue," On Friday March 8, a NIST firewall detected suspicious activity and took steps to block unusual traffic from reaching the Internet. NIST began investigating the cause of the unusual activity and the servers were taken offline. Malware was

Philippines-Malaysia Cyber war over Sabah land dispute take another turn, when Philippines hackers deface their own President  Benigno Aquino III   website early Thursday, and criticized how the President has been handling the conflict in Sabah. The hacker group left a message to the president on the defaced Web site and links to Facebook profiles of the hackers, as shown in screenshot taken. Hacker managed to direct hack into other government websites also including: https://www.gdelpilar.gov.ph https://www.calasiao.gov.ph https://bolinao.gov.ph https://mauban.gov.ph https://apayao.gov.ph https://www.mauban.gov.ph https://www.drd.pnp.gov.ph Complete message from Anonymous Philippines reads: Greetings, President Aquino! We have watched how you signed into law a bill that endangers and tramples upon the citizenship  freedom of speech and expression. Now, we are silent witnesses as to how you are mishandling the Sabah issue. We did not engage the Malaysian hackers who invaded our cyber