The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Since, we are living in the era where nothing could be possible without the help of the Internet. From every unimportant to every major and important data are stored in our computers and servers, and there is a massive growth in the volume of data all around us. But, computer drives can fail, and usually they give no advance warning. One minute they're working fine, and the next minute they're toasted. Data loss can be very costly, and due to the increase in cyber threat these days, all computer data is at risk from threats or damage. Even with the most reliable equipment and the most secure operating environment, there is always the possibility of something going wrong. So, a solution to all problems is to have a backup of entire data stored on your computer, and for that it is important for you to have a right choice. Want to know - How to backup the server/workstation? Well, there are many options, some are reliable and some are not. Now, at this point, you won

The Mozilla Firefox web browser is used by roughly 30% of all Internet users and the company is seriously concerned about the Security of its users for many years. To Improve the Stability, Security and performance of Firefox web browser , Mozilla announced back in  2013 that it planned to enable ' Click to Play ' feature in upcoming Firefox versions, which will block most vulnerable plugins like Java by default. " Plugins are a significant source of poor performance, crashes and security vulnerabilities ", Mozilla said . The Feature ' Click to play ' blocks the execution of all plugins automatically, though this feature was annoying to the users, so to prevent all plugins from default blocking, Mozilla announced to maintain a whitelist of approved plugins. "By allowing users to decide which sites need to use plugins, Firefox will help protect them and keep their browser running smoothly." ~Benjamin Smedberg, Engineering Manager. Plugin authors ca

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

In the last few years, this emerging domain for the  Internet of Things  has been attracting the significant interest, and will continue for the years to come. It would be a $20 Trillion Market over the next several years, but Security and privacy are the key issues for such applications, and still face some enormous challenges. Cisco has announced a global and industry-wide initiative to bring the Security community and Researchers together to contribute in securing the Internet of Things (IoT) and launched a contest called the " Internet of Things Grand Security Challenge ", offering prizes of up to $300,000  for winners. Since Smart devices are growing at an exponential pace with increase in connecting devices embedded in cars, retail systems, refrigerators, televisions and countless other things people use in everyday life and is expected to grow to 50 billion by 2020. So, in an effort to deliver the security solutions necessary to protect the increasing range of

' Russia Today ', Moscow based Russia's biggest news channel website ( RT.com ) has been hacked and defaced by an unknown group of hackers. Hackers have replaced " Russia " or " Russians " with " Nazi " or " Nazis "  word from the headlines, as shown. " RT website has been hacked, we are working to resolve the problem, "  Russia Today tweeted from  the official Twitter account. Modified headline, i.e. i.e.   Russian Senators Vote To Use Stabilizing Nazi Forces on Ukrainian territory. Another modified headline stated: " Up to 143,000 Nazis requested asylum in Russia in two weeks ,"   The changes to the ' Russia Today '  website remained in place for nearly 30 minutes and  at the time of reporting, the hack was restored.  " Hackers deface https://RT.com website, crack admin access, place "Nazi" in every headline. Back to normal now. "  RT acknowledged the issue. Recently the   Anonymous group has also announced '

Yahoo! The 4th most visited website on the Internet has been found vulnerable multiple times, and this time a hacker has claimed to spot a critical vulnerability in the Yahoo! sub-domain ' suggestions.yahoo.com ', which could allow an attacker to delete the all the posted thread and comments on Yahoo's Suggestion Board website. Egyptian Cyber Security Analyst, ' Ibrahim Raafat ', found and demonstrated 'Insecure Direct Object Reference Vulnerability' in Yahoo's website on his blog . Exploiting the flaw escalates the user privileges that allow a hacker to delete more than 365,000 posts and 1,155,000 comments from Yahoo! Database . Technical details of the vulnerability are as explained below: Deleting  Comments: While deleting his own comment, Ibrahim noticed the  HTTP Header of POST request, i.e. prop=addressbook& fid=367443 &crumb=Q4 . PSLBfBe . & cid=1236547890 &cmd=delete_comment Where parameter ' fid ' is the