The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Can you ever imagine that a single text message is enough to hack any Facebook account without user interaction or without using any other malicious stuff like Trojans, phishing , keylogger etc. ? Today we are going to explain you that how a UK based Security Researcher, " fin1te " is able to hack any Facebook account within a minute by doing one SMS. Because 90% of us are Facebook user too, so we know that there is an option of linking your mobile number with your account, which allows you to receive Facebook account updates via SMS directly to your mobile and also you can login into your account using that linked number rather than your email address or username. According to hacker , the loophole was in phone number linking process, or in technical terms, at file  /ajax/settings/mobile/confirm_phone.php This particular webpage works in background when user submit his phone number and verification code, sent by Facebook to mobile. That submission form h

Security experts are confident that the Chinese hackers group known as Comment Crew is still operating under cover. " The Comment Crew is back again " this is the rumor within Intelligence community, researchers suspect the involvement of the group of hackers in the recent cyber dispute between U.S. and China. Let's make a step back, last February Mandiant Intelligence firm released an interesting report that revealed an enterprise-scale computer espionage campaign dubbed APT1. Mandiant linked the APT1 attacks, that compromised 141 organizations in seven years, to Chinese military unit called " 61398 ". The is very interesting is that the security firm identified a common pattern for the attacks conducted by Chinese hackers group, it was also able to define a series of key indicators for identifying ongoing APT attacks. Mandiant security firm had monitored the group during last years and report details its operations, it wasn't the only one FireEye is anoth

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Once again NSA whistleblower Edward Snowden revealed the truth, that the NSA hacks into China's mobile operators to steal millions of text messages.  Every month Washington come up with new reports  and accuse other nations, particularly China, for cyber hacking , but the biggest culprit of such crime is in fact the United States. All of this appeared to go relatively well for Washington until revelations emerged of the U.S. National Security Agency's PRISM surveillance program . According to Snowden, U.S. spies had hacked 3 major mobile phone companies in China and a core network to steal text messages of millions of Chinese citizens. Fang Binxing, a President at Beijing University who is considered the chief pioneer of China's Great Firewall Internet filtering system, has warned in the past that telecom equipment from international companies like Cisco is a threat to China's national security. As such, it could have allowed NSA operatives to access int

Serious security vulnerability was recently discovered on the Samsung flagship Galaxy S4 device, claiming that attackers can use it to silently send text messages. Qihoo 360 Technology, an antivirus company based in China, said that this particular vulnerability is related to the " cloud backup " feature of Galaxy S4, which is not properly protected and can be abused. This vulnerability was first discovered on June 17 and already reported the issue to Samsung and the company is already in the process of developing an official update to fix the vulnerability. A rogue mobile application could contain code exploiting the vulnerability to send fraudulent scam text messages ordering premium-rate services, the firm said. By exploiting the vulnerable cloud backup feature, malware could pretend to be the identity of any contact, friend, relative, or organization when faking phishing SMS messages. When these phishing SMS messages are received, users may be tricked i

Russian President Vladimir Putin bluntly rejected U.S. pleas to extradite National Security Agency Whistleblower Edward Snowden on Tuesday, says since Snowden has not committed a crime in that country, the government will not extradite him back. Putin said, "Mr. Snowden is a free man," Snowden did not cross the Russian border, implying that he is still in the Moscow airport's transit zone, a sort of diplomatic neutral space. " He arrived as a transit passenger – he didn't need a visa, or other documents, " Putin said. After arriving Sunday on a flight from Hong Kong, Snowden booked a seat on a Havana-bound flight from Moscow on Monday en route to Venezuela and then possible asylum in Ecuador, but he didn't board the plane. " The sooner he selects his final destination point, the better both for us and for himself ," Putin said. White House Press Secretary Jay Carney on Monday urged Russia to ultimately turn him over. " We do ex