The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Underground sites more commonly offer access to networks of compromised machines or stolen credit card information. Webroot has uncovered a criminal underground store dedicated to selling access to more than tens of thousands of hacked legitimate websites. Their customers can buy an administrator account or shell access in a hacked website, at cheap price i.e. $0.5 to $10 and then allows to perpetrate criminal activities from it, distribute malware, install a botnet  command & control infrastructure, upload illegal content, send spam, and so on. In Screenshots Researchers shows an underground market proposition, whose inventory is currently listing over 6000 compromised/hacked shells internationally. Sites are listed based on the price, page rank, age of the domain, Alexa ranking, language, and number of pages indexed by Google. The site promised access to any number of the compromised websites and the store seems to be quite profitable. The website found to be

The latest release from Edward Snowden shows that the Vodafone, BT, Verizon and some other total seven Private Telecom Companies have been secretly collaborating with the British spy agency, GCHQ and giving unlimited access to the details of phone calls, emails and Facebook entries. Another leak claimed that The US government has paid at least £100m to the UK spy agency GCH Q over the last three years to secure access to and influence over Britain's intelligence gathering programs. One of the PowerPoint presentations, dating 2009, mentions British Telecom, Verizon, Vodafone, Level 3, Global Crossing, Interoute and Viatel, and Sueddeutsche Zeitung calls them key partners of GCHQ. Snowden left the Moscow airport in a taxi, although his intended destination was not clear. The US said it was extremely disappointed by Russia's decision. According to Snowden, when handing over these documents, " It's not just a US problem " and he stated that, in fact, GCHQ is

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

Other than Windows, Now other platforms are becoming more popular every day and attracting bad guys who are starting to create malicious code for other systems.  Java applications can run on multiple platforms with ease, thus no surprise that malicious code written in Java that is designed to target more than one operating system are becoming increasingly common. Researchers at McAfee Labs spotted another sample of Java based trojan dubbed as JV/BackDoor-FAZY  that opens a back door for an attacker to execute commands and acts as a bot after infection. According to researcher, The key to decrypt the config file was encrypted with Base 64, Triple-DES algorithm and Hex. Decrypting the file provides information about the backdoor connection, includes IP address, port number, operating system, mutex information, and password for the connection. " On execution, the JAR file opens the backdoor connection to the IP address and the port mentioned in the plain config

A Georgia Tech researcher has found a weakness in Apple's iOS mobile platform that could let hackers to hide malicious code inside apps and can be surreptitiously planted on the Apple App Store. Researchers team created a proof-of-concept attack that was published in the Apple App Store and used to remotely launch attacks on a controlled batch of devices , enabling them to post unauthorized tweets, take photos and even go after other apps. " Our research shows that despite running inside the iOS sandbox, a Jekyll-based app can successfully perform many malicious tasks, such as posting tweets, taking photos, sending email and SMS, and even attacking other apps all without the user's knowledge. " Using a BeagleBoard, team created a USB malicious charger called Mactans  that can install apps without user knowledge within a minute of being plugged in. In one demonstration, the attacker was able to hide the iPhone Facebook application and install a malicious copy in

Edward Snowden , the former U.S. The intelligence contractor wanted for revealing the National Security Agency 's secret program to collect American phone and internet records, left at Moscow airport after Russian authorities granted him temporary asylum for one year. Mr Snowden's lawyer Anatoly Kucherena said, " Snowden has left the Sheremetyevo airport. He has just been given a certificate that he has been awarded temporary asylum in Russia for one year ," " Edward Snowden was granted temporary asylum in Russia for a year and has now left Moscow airport under the care of Wikileaks' Sarah Harrison ," Wikileaks tweeted. He had gone to a secure location which would remain secret. " His location is not being made public for security reasons since he is the most pursued man on the planet. He himself will decide where he will go ," In a statement released by WikiLeaks , Snowden thanked Russia for giving him asylum and critici