#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

DuckDuckGo Goodies that every SysAdmin Should Know

DuckDuckGo Goodies that every SysAdmin Should Know

Feb 04, 2014
DuckDuckGo , a private search engine that doesn't track your data over the internet and respects your online privacy ,  offers hundreds of Goodies that let you quickly do certain things like Programming, Math, Geek, Music related things. In our previous article, we have posted Cryptography hacks using DuckDuckGo search engine and today we are going to give another tutorial on DuckDuckGo Goodies for Sysadmins . Meaning of FTP Code: Being a system administrator, you might need to connect to a number of FTP servers. While handling FTP service you must be aware of the response code that it will give you when you initiate a connection or a new command. The FTP server response code will be of three digits and each digit has a special meaning. First digit denotes whether the response is good, bad or incomplete. There are hundreds of such FTP response codes. DuckDuckGo provides system administrators a facility to find the meaning of the response code received from the FTP
'Chaos Computer Club' filed criminal complaint against German government Over Mass Spying

'Chaos Computer Club' filed criminal complaint against German government Over Mass Spying

Feb 03, 2014
After the revelation of former NSA contractor Edward Snowden , we all very well knew the impact of it on the world, but nobody would have estimated that the impact will be so worst. The revelation, not only defaced NSA, but also its counterpart GCHQ , and various other governments which were serving them in the world's spying scandal. Now, after various allegations on NSA , Chaos Computer Club (CCC) , one of the oldest and Europe's largest association of hackers, along with the International League for Human Rights (ILMR), has filed a criminal complaint with the Federal Prosecutor General's office on Monday. The Chaos Computer club accuses the German government of capitulating to UK, US and other government intelligence agencies and their communications surveillance whims. In a press release they said: " We accuse US, British and German secret agents, their supervisors, the German Minister of the Interior as well as the German Chancellor of illegal and prohibi
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
800,000 Customers' detail stolen in Data Breach at French Telecom 'Orange'

800,000 Customers' detail stolen in Data Breach at French Telecom 'Orange'

Feb 03, 2014
One of the world's largest mobile operator ' Orange ' has been hit by data breach. The French multinational telecommunication company announced recently, it was targeted by unknown hackers on 16th January 2014, who allegedly gained access to the accounts of up to 800,000 customers of Orange website. According to a report published on the PC INpact website, the company warned their customers in an email that their Client Area website orange.fr was hacked and personal data of 3% customers have been stolen, but the passwords are not affected. The hacker has successfully stolen customers' names, mailing address, email, landline and mobile phone numbers. The company warned, with the information lost in this attack, hackers can perform phishing attacks, allowing them to steal personal data, including bank account details and passwords by sending emails that look as if they have come from official sources. Orange has confirmed the data breach, and afte
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

Feb 03, 2014
Cryptographer Professor Jean-Jacques Quisquater has become the part of a targeted attack by the US National Security Agency (NSA) and its British counterpart GCHQ, first reported on Saturday morning by De Standaard . A few months back in September 2013 it was revealed that, Belgacom , the largest telecommunications company in Belgium was hacked and number of employees on Belgacom's network, including their servers were compromised. Later in November 2013 , it was revealed that the NSA and GCHQ were behind the infiltration of the company's computers, according to the document provided by the former NSA contractor Edward Snowden . The document detailed that the British intelligence agency GCHQ created fake ' LinkedIn ' and ' Slashdot ' pages to spy on computers of Belgacom network engineers. They used a method called " quantum insert ", to redirect employees to fake websites that contained malware using Man in the middle attack to a spoofed server ( codenamed "
Microsoft launching 'Transparency Center' for Source code integrity Check

Microsoft launching 'Transparency Center' for Source code integrity Check

Feb 03, 2014
Last Friday at the 50th Munich Security Conference , Microsoft announced to launch ' Transparency centers ' around the World, where government customers will be able to verify the source code of Microsoft's products and can confirm that there are no backdoors. The recent chain of scandals over US global snooping has seriously damaged the trust in U.S. Government and top U.S. Tech companies, that could cost them billions of dollars over the next several years if international clients take their business elsewhere. German Chancellor Angela Merkel , whose private mobile phone was also allegedly bugged by the NSA , warned earlier that U.S. Spying operations are unacceptable. In an effort to re-gain the trust of its customers and Governments around the world, Microsoft has announced that it will expand encryption across its services, reinforce legal protections for customers' data and will also enhance the transparency of its software code. Encryption proced
Test your Mobile Hacking and Penetration testing Skills with Damn vulnerable iOS app

Test your Mobile Hacking and Penetration testing Skills with Damn vulnerable iOS app

Feb 03, 2014
Smartphones are powerful and popular, with more than thousands of new mobile apps hitting the market everyday. Apps and mobile devices often rely on consumers' data, including private information, photos, and location, that can be vulnerable to data breaches, surveillance and real-world thieves. When developing a mobile application, developer has to fulfill high security requirements, established for apps that deal with confidential data of the users. If you are a developer then responsibilities for providing security to the users is very high in comparison to functionality you are going to feed into the app. e.g. A vulnerability found in Starbucks' iOS app could have caused a massive financial data loss. It is always important for all app developers to have enough knowledge about major Mobile platform Security threats and its countermeasures. Today we would like to introduce open source ' Damn Vulnerable IOS App (DVIA) ' developed by Prateek Gianchan
eBay and PayPal UK website hacked by Syrian Electronic Army

eBay and PayPal UK website hacked by Syrian Electronic Army

Feb 02, 2014
A pro-hacker group, aligned with president Bashar al-Assad, very well known as Syrian Electronic Army (SEA) has again gained the media attention by adding the popular sites, i.e. eBay UK and PayPal UK to its victim list. After targeting websites of various media agencies, government organizations and big enterprises, including the latest defaced CNN and Microsoft, today they targeted and defaced the official websites of UK's Ebay ( ebay.co.uk ) and PayPal ( paypal.co.uk ). The group also left a deface page along with a message on the hacked PayPal UK site: " Hacked by Syrian Electronic Army! Fuck the United States Government. " It is clear that the attack on PayPal could put millions of peoples' bank information at risk, but the group said that the attack is not to target account information of people instead was ' Purely a Hacktivist Operation ' with the reason behind is the discrimination of Syrian citizens by PayPal company. " For denying Syrian citizens
Chainfire's Pry-Fi Android App released to defend against NSA Spying under Public Wi-Fi

Chainfire's Pry-Fi Android App released to defend against NSA Spying under Public Wi-Fi

Feb 01, 2014
Turn your face in any direction, someone is always trying to spy on you; doesn't matter who and what you are? Just yesterday we reported that Communications Security Establishment Canada (CSEC) in Canada and NSA are together, running a spying program called ' game-changer '. It was revealed that the agencies are tracking all the travelers who passed through the airport terminal, and could be tracked throughout the country by referencing it with the intercepted information from Wi-Fi in cafes, libraries and other public places. Today XDA Senior Recognized Developer ' Chainfire ' has released a new Android app called Pry-Fi , that allow a user to disable Wi-Fi completely, including the background network scanning.  Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. ' Retailers, crooks, the government, and other
Navy's Cyberwar Expert - New Director of NSA, replacing Gen. Keith Alexander

Navy's Cyberwar Expert - New Director of NSA, replacing Gen. Keith Alexander

Feb 01, 2014
It is very clear that when we talk about Intelligence and Surveillance, the first name comes to our mind is the U.S National Security Agency (NSA) and, the second is Gen. Keith Alexander , the Director of NSA..GEEK behind the massive surveillance Programs. Many documents revealed by the former NSA's contractor Edward Snowden exposed the extend level of worldwide spying scandals projected by U.S Government in the supervision of Gen. Keith Alexander. The Obama Administration has confirmed that they are replacing Gen. Keith Alexander and giving the command of NSA in the hand of a military officer, rather than a civilian who is experienced in Cryptography and Electronic Eavesdropping . Michael S. Rogers , presently the U.S Navy's Cyber Security Chief, will be the new Director of the National Security Agency (NSA) and head of the US military cyber command. He has been involved in cyberdefense and offense policy issues as head of the Fleet Cyber Command. Neither Ro
Android app that notifies you whenever GPS enabled apps access your location

Android app that notifies you whenever GPS enabled apps access your location

Feb 01, 2014
A team of Researchers at Rutgers University has developed an Android application which will notify you every time, whenever an app installed on your Smartphone accesses the GPS functionality. Smartphone is a multipurpose device, having features of both a mobile phone and a computer, allowing us to talk, text, access personal and official e-mail, browse the Internet, make purchases, manage bank accounts, and take pictures. Smartphone also help you to find the way to your destination using GPS (Global Positioning System) technology. Unlike many of our computers, our Smartphones are always with us and many of us rarely turn them off, that means your Smartphone even can be abused to track your real time location on the map. There are many legitimate applications which need your location in order to function properly and to enhance the app features, for example- Zomato app can give the list of all restaurants near you, WeChat like social messaging apps allows you to get
Cybersecurity Resources