The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The year 2014 starts with the formation of new mobile malware like ' Android . HeHe ', with the ability to steal text messages, intercept phone calls, and other malware such as ' XXXX . apk ' uses WiFi networks or hotspots to steal information, infected more than 24,000 Devices. But it should not be forgotten by us that 2014 marks the 10th Anniversary of the World's First mobile malware . FortiGuard Labs has published a whitepaper  that briefly explains the major mobile threats from 'Cabir' to 'FakeDefend' over the last decade. The world's first mobile malware was ' Cabir ', detected in 2004 when mobiles were not so popular among all of us. It was developed by the group of hackers known as 29A , designed to infect the Nokia Series 60 , the most popular Smartphone platform with tens of millions users worldwide at that time. The name " Caribe " appears on the screen of the infected phones and the worm spreads itself by seeking other devices such as

Hackers broke into an Israeli defense ministry computer via an email attachment tainted with malicious software. Reuters reported Israeli Defense is the latest illustrious victim of the Spear Phishing Attack , and hackers penetrated into an Israeli defense ministry computer using a malicious email as a vector. Aviv Raff , Chief Technology officer at Seculert , confirmed that an Email with a malicious attachment that looked like it had been sent by the country's Shin Bet Secret Security Service. The attackers have penetrated into the network of Israeli Defense accessing to 15 computers, one of them managed by the Israel's Civil Administration that monitors Palestinians in Israeli-occupied territory. The Civil Administration is a unit of Israel's Defense Ministry that control the passage of goods between Israel and the West Bank and Gaza Strip. It is clear that the information contained in the infected system represents a precious target for someone that intend to examin

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Western landscapes are facing a hell lot of data breaches started with Target , Neiman Marcus and now country's largest crafts chain ' Michael's Art and Crafts ' may be is the latest retailer hit by a security breach. In a statement, Irving, Texas-based company acknowledged a possible data security breach that may have affected its customers' payment card information at its 1250 stores across the United States and Canada. They also announced that it is working closely with federal law enforcement and is conducting an investigation with the help of third-party data security experts to establish the facts. " Michaels said in its statement that it had "recently learned of possible fraudulent activity on some US payment cards that had been used at Michaels, suggesting that the company may have experienced a data security attack " company said . CEO Chuck Rubin said that the company has not confirmed a breach, but wanted to alert customers:

Apart from various Government websites falling victim to Hacking attacks, the latest to be targeted by hackers belongs to the world's richest cricket Board, the Board of Control for Cricket in India (BCCI). Late night on 26th January ( 65th Republic Day of India ), the official website of Indian cricket's Governing body, BCCI.TV has been defaced by Bangladeshi hacker who goes by the name Ashik Iqbal Chy . The ' About Us ' page on the website has the message " Don'T MesS UP WitH TiGeRs! " along with the image of the Bangladesh national cricket team running with the Bangladeshi Flag. The ' Attack ' on BCCI's website is most likely in response to the latest draft proposal, which aims to shift the control of global cricket from the hands of International Cricket Council (ICC) into the hands of top three cricket boards BCCI, Cricket Australia (CA), England and Wales Cricket Board (ECB) ; therefore the fate of cricket in smaller countries like Bangladesh, New Zeala

Pwnium is the annual Hacking competition where Google invites coders from around the world to find security holes in Google Chrome. Google has announced its 4th Pwnium Hacking Contest hosted at the Canadian Security conference in March, offering more than $2.7 million in potential rewards for hacking Chrome OS-running ARM and Intel Chromebook. This year the security researchers have a choice in between an ARM-based Chromebook, the HP Chromebook 11 (WiFi) and the Acer C720 Chromebook (2GB WiFi) based on Intel's Haswell microarchitecture . The attack must be demonstrated against one of these devices running " then-current " stable version of Chrome OS. " Security is a core tenet of Chromium, which is why we hold regular competitions to learn from security researchers. Contests like Pwnium help us make Chromium even more secure ," Jorge Lucángeli Obes, Google Security Engineer said. Amongst the payouts are $110,000 for the browser or s

Cyber Security Expert and Penetration tester, Ebrahim Hegazy has found a serious vulnerability in Yahoo's website that allows an attacker to remotely execute any commands on the server i.e. Remote Command Execution vulnerability. According to Ebrahim blog post , the vulnerability resides in a Chinese subdomin of Yahoo website i.e. https://tw.user.mall.yahoo.com/rating/list?sid= $Vulnerability Any remote user can manipulate the input to the sid parameter in the above URL, that passes the parameter value to an eval() PHP function on the server end. If an attacker is able to inject a PHP code into this web application, it forces the server to execute it, but this method only limited by what PHP is capable of. In a POC Video he has successfully demonstrated few Payloads: Example-1: https://tw.user.mall.yahoo.com/rating/list?sid= ${@print(system("dir"))} Example-2: https://tw.user.mall.yahoo.com/rating/list?sid= ${@print(system("ps"))} Last week, He

For the first time in history, Indian Law Enforcement Agency 'Central Bureau of Investigation' (CBI) has arrested a Cyber criminal after getting a tip-off from the US Federal Bureau of Investigation (FBI). 33-Year-old Amit Vikram Tiwari , son of an Indian Army colonel and an engineering dropout, who allegedly ran two websites offering services for hacking into email accounts was arrested on Friday from Pune city. According to the details submitted by FBI, he had compromised more than 1,000 Accounts around the world and offering illegal services for cracking email account login for $250 - $500 via two websites www.hirehacker.net and www.anonymiti.com hosted on U.S. Based servers. Amit received most of the payments from his Clients via Western Union Money Transfer or PayPal. During the investigation, police found several fictitious names of clients and bank account numbers in his computer. Initial investigation clarifies that he has clients in China, Romania, an

Snapchat suffered a massive data breach back in December in which 4.6 million usernames and phone numbers were compromised. Earlier this month, the company launched an update to its iOS and Android apps, added a new security measure to ensure that new users aren't spambots or a robot. While signing up for the first time, it now displays nine images and then ask you to pick which images have a " ghost ". Within 24 hours of Snapchat releasing an improved security feature, a developer has written a computer program capable of cracking it. Another hacker, ' Steven Hickson ' took only 30 minutes to write a script that can crack this new security feature. In this CAPTCHA feature, basically have you choose from amongst a bunch of images, identifying the ones that have the Snapchat ghost to prove you are a person. " The problem with this is that the Snapchat ghost is very particular. You could even call it a template. For those of you familiar with template m

Cyber criminals are taking advantage of the widespread popularity of the mobile messaging app ' WhatsApp '. A malware expert at the Kaspersky Lab revealed a large-scale spamming campaign, advertising a fake PC version of the WhatsApp , to spread a banking trojan. According to the report, unaware users have received an email written in Portuguese language , it also tries to deceive the recipient with a social engineering tactic in which cyber criminals composed the malicious email informing that victims already have 11 pending friend invitations.  If users click on the " Baixar Agora " (Download Now) link in the spam email, they will be redirected to a Hightail.com URL to download the Trojan. Hightail is a cloud storage service, the malicious component deployed on it then downloads the malware via a server in Brazil. The file stored on Hightail server looks like a 64-bit installation file bundled with 2.5 megabyte MP3 file. According to Virus Total engine, onl

Hey Android users! I am quite sure that you must be syncing your Smartphone with your PCs for transferring files and generating backup of your device.  If your system is running a windows operating system, then it's a bad news for you. Researchers have discovered a new piece of windows malware that attempts to install mobile banking malware on Android devices while syncing. Last year in the month of February, Kaspersky Lab revealed an Android malware that could infect your computer when connected to Smartphone or tablets.   Recently, Researchers at Symantec antivirus firm discovered another interesting windows malware called ' Trojan . Droidpak ', that drops a malicious DLL in the computer system and then downloads a configuration file from the following remote server: https://xia2.dy[REMOVED]s-web.com/iconfig.txt The Windows Trojan then parses this configuration file and download a malicious APK (an Android application) from the following location on the

A well-known pro-Syrian hacker group known as Syrian Electronic Army (SEA) , aligned with President Bashar al- Assad, who successfully attacked The New York Times, Huffington Post, and Twitter, BBC, National Public Radio, Al-Jazeera, Microsoft, Xbox, Skype and responsible for cyber-attacks against various other U.S media companies in the past. Last evening, the Group claimed the responsibility for hacking another big media outlet " CNN ", compromised their Twitter, Facebook account and the website. CNN's twitter profile with 11.6 million followers saw a number of fake tweets from hackers, including allegations that the Central Intelligence Agency (CIA) is behind the Al-Qaida network. Hackers Tweeted, " Tonight, the #SEA decided to retaliate against #CNN's viciously lying reporting aimed at prolonging the suffering in #Syria. "   Following fake tweets were posted: " Syrian Electronic Army Was Here … Stop lying … All your reports are fake! "  " Obama Bin Laden

Tor is one of the best and freely available privacy software that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship. When you use the Tor software, your IP address remains hidden and it appears that your connection is coming from the IP address of a Tor exit relay or nodes , which can be anywhere in the world. An exit relay is the final relay that Tor traffic passes through before it reaches its destination. According to a recent report ' Spoiled Onions: Exposing Malicious Tor Exit Relays ', published by security researchers Phillip Winter and Stefan Lindskog revealed that almost 20 exit relays in the Tor anonymity network that attempted to spy on users' encrypted traffic using man-in-the-middle techniques. Both Researchers spent more than four months studying on the Tor exit nodes using their own scanning software called " exitmap " and detected su

Facebook has paid out its largest Bug Bounty ever of $33,500 to a Brazilian security researcher for discovering and reporting a critical Remote code execution vulnerability, which potentially allows the full control of a server. In September, ' Reginaldo Silva' found an XML External Entity Expansion vulnerability affecting the part of Drupal that handled OpenID, which allows attacker to read any files on the webserver. As a feature, Facebook allows users to access their accounts using OpenID in which it receives an XML document from 3rd service and parse it to verify that it is indeed the correct provider or not i.e. Receives at https://www.facebook.com/openid/receiver.php  In November 2013, while testing Facebook's ' Forgot your password ' functionality, he found that the OpenID process could be manipulated to execute any command on the Facebook server remotely and also allows to read arbitrary files on the webserver. In a Proof-of-Concept ,

How many of you use Google Chrome for surfing the Internet and feel safe while working on it? I think many of you. Chrome is one of the most trusted Web Browsers that provide a user friendly environment and cyber security, but this we all know that every product has its negative side too, and so has Google's Chrome. Chrome has a 'Voice Recognition' feature, that use your system's microphone and allows you to speak instead of typing into any text box, to make hands-free web searches, quick conversions, and audio translator also work with them. Google's browser is also not immune to bugs and this time the new bug discovered in Chrome is capable to listen and record your whole private conversations without your knowledge, by abusing the voice recognition feature. While working on ' Annyang ', a voice to text software for websites, the web developer ' Tal Ater ' discovered a vulnerability that can be exploited and lets malicious sites to turn your Go

Privacy is "workings of your mind". We share our personal moments captured in images, credit card details, thoughts that are personal or professional with a person or a certain group at different instances of time and want it to be safe and secure. We use an electronic gadget to share something trusting blindly the service provider company which may have to obey some unveiled laws of that country to which it belong and our data might be at risk. The surveillance programs can force these companies to store the information and share it with the Government and can even sniff all the data passing through the channels i.e. Wire or Air, and hence compromise our privacy. Though surveillance programs were in existence before Snowden's leaks, but after the revelation of NSA's surveillance programs, we need to think twice when it comes to our privacy. 28% of all Internet users, i.e. 415 Million people say that they use some sort of privacy tool for their Internet browsing sessio

" Guccifer " arrested in Romania, the infamous hacker who was responsible for breaching the social media and email accounts of numerous high profile US and Romanian Politicians. Romanian authorities collaborated with US services to catch him and the officers of the Directorate for Investigating Organized Crime and Terrorism (DIOCT) raided His House last Wednesday. His well known leaks included the emails of former secretary of state ' Colin Powell ', suggested that he was having an affair, which was later denied by Colin. He was also responsible for breaking into the Bush family e-mails . The Hacker also infiltrated the email from George Maior , chief of the Romanian Intelligence Service (SRI). Guccifer is a 40-year-old Marcel Lazar Lehel , a resident of Arad , who was convicted of several other computer crimes in 2012, according to Romanian media report . But those charges stemmed from Lazăr Lehel's attacks on dozens of Romanian officials between O

A New day begins with a Cup of Coffee and with new massive Data Breach News. This time in Germany, the Digital identities of about 16 million online users had been stolen, and posing a risk to their accounts linked to social media and other services. Federal Office for Information Security (BSI) discovered a security breach after running an analysis of the botnet network of computers infected with malware . The compromised accounts have email addresses as their username and also the passwords were stolen, that could also be sold to spammers and people looking to " phish " account holders. Until now it hasn't been known that how and when the analysis was carried out and who exactly were involved behind this massive data breach, as the BSI refused to give details on the source of the information. Authorities have set up a German-language website which allows users to enter their email address and check whether their email accounts are compromised or not.

Cyber Criminals will not let any way out without making Money. Another huge Credit Card theft and this time they targeted Gas Stations. 13 men were suspected and charged for stealing banking information, using Bluetooth enabled Credit Card Skimmers planted on the gas stations throughout the Southern United States. They made more than $2 Million by downloading the ATM information, as well as PIN numbers from the gas pumps and then used the data to draw cash from the ATMs in Manhattan. Manhattan District Attorney Cyrus R. Vance explained the operation that the skimming devices were internally installed so was undetectable to the people who paid at the pumps and the devices were Bluetooth enabled, so it did not need any physical access in order to obtain the stolen personal identifying information. " By using skimming devices planted inside gas station pumps, these defendants are accused of fueling the fastest growing crime in the country. Cybercriminals and ident

China has always tried to support its homegrown tech industry and even the security concerns over U.S. secret surveillance which gives Chinese Government another reasons to trust domestic vendors.Many other countries are also in favor to develop their own technology industries to reduce their dependence on U.S. The Government of China is not too fond of foreign mobile operating systems and therefore are trying to break the monopoly of Microsoft, Apple and Google in the country. This week at an event in  Beijing,  China has unveiled its own Linux-based mobile platform, dubbed China Operating System (COS) , developed as a joint effort between a company ' Shanghai Liantong ', ISCAS ( Institute of Software at the Chinese Academy of Sciences ) and the Chinese Government. According to  COS website , it is designed for PCs, Smartphones, tablets, TVs, set-top boxes and other smart appliances. It runs Java applications, supports HTML5 and can run over 100,000 apps. At

In the previous reports of Cyber Intelligence firm ' IntelCrawler ' named Sergey Tarasov , a 17-year-old teenager behind the nickname " ree[4] ", as the developer of BlackPOS malware. BlackPOS also known as "reedum" or 'Kaptoxa' is an effective crimeware kit, used in the massive heist of possibly 110 million consumers' Credit-Debit cards, and personal information from the TARGET . Later Researchers's investigation revealed that the original coder of BlackPOS Malware was actually a 23-year-old young hacker named Rinat Shabayev and the teen, Sergey Taraspov is the incharge for the technical support department. In an interview with Russian channel ' LifeNews ', Rinat Shabayev admitted that he had developed the BlackPOS crimeware kit. He clarified that the program developed by him was not meant for any kind of data theft, instead the program was written for the security testing. He developed the malware with the he