The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Since, we are living in the era where nothing could be possible without the help of the Internet. From every unimportant to every major and important data are stored in our computers and servers, and there is a massive growth in the volume of data all around us. But, computer drives can fail, and usually they give no advance warning. One minute they're working fine, and the next minute they're toasted. Data loss can be very costly, and due to the increase in cyber threat these days, all computer data is at risk from threats or damage. Even with the most reliable equipment and the most secure operating environment, there is always the possibility of something going wrong. So, a solution to all problems is to have a backup of entire data stored on your computer, and for that it is important for you to have a right choice. Want to know - How to backup the server/workstation? Well, there are many options, some are reliable and some are not. Now, at this point, you won

The Mozilla Firefox web browser is used by roughly 30% of all Internet users and the company is seriously concerned about the Security of its users for many years. To Improve the Stability, Security and performance of Firefox web browser , Mozilla announced back in  2013 that it planned to enable ' Click to Play ' feature in upcoming Firefox versions, which will block most vulnerable plugins like Java by default. " Plugins are a significant source of poor performance, crashes and security vulnerabilities ", Mozilla said . The Feature ' Click to play ' blocks the execution of all plugins automatically, though this feature was annoying to the users, so to prevent all plugins from default blocking, Mozilla announced to maintain a whitelist of approved plugins. "By allowing users to decide which sites need to use plugins, Firefox will help protect them and keep their browser running smoothly." ~Benjamin Smedberg, Engineering Manager. Plugin authors ca

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

In the last few years, this emerging domain for the  Internet of Things  has been attracting the significant interest, and will continue for the years to come. It would be a $20 Trillion Market over the next several years, but Security and privacy are the key issues for such applications, and still face some enormous challenges. Cisco has announced a global and industry-wide initiative to bring the Security community and Researchers together to contribute in securing the Internet of Things (IoT) and launched a contest called the " Internet of Things Grand Security Challenge ", offering prizes of up to $300,000  for winners. Since Smart devices are growing at an exponential pace with increase in connecting devices embedded in cars, retail systems, refrigerators, televisions and countless other things people use in everyday life and is expected to grow to 50 billion by 2020. So, in an effort to deliver the security solutions necessary to protect the increasing range of

' Russia Today ', Moscow based Russia's biggest news channel website ( RT.com ) has been hacked and defaced by an unknown group of hackers. Hackers have replaced " Russia " or " Russians " with " Nazi " or " Nazis "  word from the headlines, as shown. " RT website has been hacked, we are working to resolve the problem, "  Russia Today tweeted from  the official Twitter account. Modified headline, i.e. i.e.   Russian Senators Vote To Use Stabilizing Nazi Forces on Ukrainian territory. Another modified headline stated: " Up to 143,000 Nazis requested asylum in Russia in two weeks ,"   The changes to the ' Russia Today '  website remained in place for nearly 30 minutes and  at the time of reporting, the hack was restored.  " Hackers deface https://RT.com website, crack admin access, place "Nazi" in every headline. Back to normal now. "  RT acknowledged the issue. Recently the   Anonymous group has also announced '

Yahoo! The 4th most visited website on the Internet has been found vulnerable multiple times, and this time a hacker has claimed to spot a critical vulnerability in the Yahoo! sub-domain ' suggestions.yahoo.com ', which could allow an attacker to delete the all the posted thread and comments on Yahoo's Suggestion Board website. Egyptian Cyber Security Analyst, ' Ibrahim Raafat ', found and demonstrated 'Insecure Direct Object Reference Vulnerability' in Yahoo's website on his blog . Exploiting the flaw escalates the user privileges that allow a hacker to delete more than 365,000 posts and 1,155,000 comments from Yahoo! Database . Technical details of the vulnerability are as explained below: Deleting  Comments: While deleting his own comment, Ibrahim noticed the  HTTP Header of POST request, i.e. prop=addressbook& fid=367443 &crumb=Q4 . PSLBfBe . & cid=1236547890 &cmd=delete_comment Where parameter ' fid ' is the