The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

22 million Yahoo! Japan's user IDs may have been stolen during an unauthorised attempt to access the administrative system of its Japan portal. " We don't know if the file of 22 million user IDs was leaked or not, but we can't deny the possibility given the volume of traffic between our server and external terminals ", Yahoo said. The information did not include passwords and the kind of data necessary to verify a user's identity or reset passwords, it said, adding that the company had updated its security measures to prevent a repeat of the incident. In 2011, Sony said information such as usernames, passwords and birth dates of more than 100 million people may have been compromised after hackers struck the PlayStation Network and Sony Online Entertainment services. Japan acknowledges that its preventative measures against cyberattacks remain underdeveloped, with the national police agency having announced this month it would launch a team to analyze and combat cyberatt

Earlier this week, new Mac spyware was discovered on a computer at the Oslo Freedom Forum , which is an annual human rights conference. Dubbed as  OSX/KitM.A , discovered by computer security researcher Jacob Appelbaum . This Mac malware that has been used to spy on activists, targeted via spear phishing attack and had received emails that duped them into installing the malware. The malware is a backdoor application called " macs.app " which launches automatically upon login. There are two command-and-control servers, located at securitytable.org and docsforum.info. Interestingly, the malware is signed with an Apple Developer ID , which is designed to prevent the installation of malware, associated with the name Rajender Kumar  and  the use of the ID appears to be an attempt to bypass Apple's Gatekeeper execution prevention technology. As of right now, F-Secure is looking into the origination of the malware and though it doesn't appear to be widespread.  You can

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

New issue of English-language al-Qaeda magazine posted on the terror group's website earlier this week linked to the Boston terrorist attacks has possibly been hacked by Western intelligence agencies and its content beyond its cover page was scrambled. The magazine, produced by al Qaeda's Yemeni affiliate, al Qaeda in the Arabian Peninsula, which regularly includes how-to instructions for followers to carry out terrorist attacks in the West, has received significant scrutiny in recent weeks. Investigators believe that Boston bomber Tamerlan Tsarnaev accessed Inspire magazine, and the material had instructions on bomb-making, a law enforcement official said.  According to analysts , the explosive devices the Boston bombers built had striking similarities to a bomb recipe in the first issue of the magazine, " How to build a bomb in your Mom's kitchen ", that has been downloaded by militants in multiple Islamist terrorist plots. Previous issu

The Financial Times has become the latest news outlet to be hacked by supporters of the Syrian president Bashar al-Assad , following a phishing attack on the company's email accounts. The posh broadsheet's Tech Blog - at https://blogs.FT.com/beyond-brics was compromised to run stories headlined " Syrian Electronic Army Was Here " and " Hacked by the Syrian Electronic Army ". Twelve posts appeared on the FT's tech blog between 12.38pm and 12.42pm on Friday, with official Twitter feeds also disrupted. In a later Twitter statement the FT said, " Various FT blogs and social-media accounts have been compromised by hackers and we are working to resolve the issue as quickly as possible." The Syrian Electronic Army , understood to be a number of hackers and online activists that support the current Syrian president Bashar al-Assad, may have gained control for up to 14 Twitter accounts run by the newspaper. The group of hackers has claime

Peter Sunde ,   the former spokesman for The Pirate Bay has announced he will run in the European Parliament elections next year. Sunde, will participate for the Finnish branch of the Pirate Party. The Pirate Party was founded in Sweden in 2006, and in 2009 Christian Engström was the first member of the Pirate Party elected to European Parliament. Sunde, along with partners Carl Lundström, Frederik Neij , and Gottfrid Svartholm Warg , were convicted of accessory to breaching copyright laws by a Swedish court in 2009. Peter Sunde, who was born in Sweden but holds Finnish citizenship, is facing a prison sentence for his involvement with BitTorrent doesn't seem to concern him very much. He has been fighting the sentence for a while and if he gets elected things might get very interesting indeed. Sunde describes himself as ' socialist, green and a pirate ' on his blog. " I am doing what I can to help solve the problems we have today, as well as the ones we