The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

In the mob of Smart Devices, after Smartphones... Google glass would definitely be the next must-have device. It's non-other than a small computer you wear like eyeglasses allows you to surf the Web, email, text, take photos, live videos and more, -- all hands free. Google Glasses are yet in very limited release, but researchers have developed the world's first spyware that could hijack your Google's Glass computer eyepieces. Two Polytechnic graduate researchers, 22-year-old Mike Lady and 24-year-old Kim Paterson , from California designed an app that has the capability to convert the Google Glass into a Spy Camera, click a photo every ten seconds without giving any visible sign to the wearer, Forbes reported yesterday . The malware app developed by the researchers, masquerades itself as a fair piece of note-taking software, ironically dubbed as ' Malnotes ', that trick users accept the permissions which allow them to capture images of whatever the glass wearer is l

I am quite sure that you must be syncing your Smartphone with your Computers for transferring files and taking backup of your device. If you are using windows operating system and Android devices, then it's a bad news for you, because FireEye Security Researchers have identified a new piece of windows malware that can also infects your Android Devices. During an investigation of a targeted attack on a US based financial institution, researchers spotted a new version of Windows Remote Access Trojan (RAT) called ' Win-Spy Software Pro v16 ', a spying and monitoring tool.  WinSpy was embedded in macro documents to kick off a spam campaign via a spear phishing email. " The recent surge in Android-based RATs such as Dendroid and AndroRAT shows a spike in the interest of malicious actors to control mobile devices.  GimmeRAT  is another startling example of malicious actors venturing into the Android ecosystem ," security firm said. The Researchers dubbed the

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Since all the versions of the popular game ' Grand Theft ' gone blatant and during the first week of the release of the Grand Theft Auto 4 in 2008, it topped half of millions of dollars, sold 3.6 million copies and generated $310 million in sales i.e., earning about 5 times as much as the blockbuster movie - Iron Man. But the latest version -- Grand Theft Auto V is only available for the Xbox 360 and PS3 and there are rumors of a PC version of it on GameStop's PowerUp Rewards website. So, it's very common that if I offer you Grand Theft Auto V for PC, you eagerly want it.  Mind this, " There is no Grand Theft Auto V for PC ," accept the reality and don't let cyber criminals take leverage of this fact. If you receive any email that alerts that you have been invited to the PC beta test for the game, considering it unreal, don't click on embedded links in the email because it can lead you to several bad websites that will infect you with all kinds of malwa

Mark Zuckerberg is continually denying working with the NSA or any other Government Intelligence Agency in serving out data they gathered through extended surveillance, and even he expressed his indignation over the damage the Government is creating for all, on the phone call to the US President Obama . " I've called President Obama to express my frustration over the damage the government is creating for all of our future ," he said in a blog post. Facebook - HTTPS Now, just yesterday morning, Facebook's Chief Security Officer Joe Sullivan sat down whiteboard session on social networks in Silicon Valley headquarters for providing information on the company's security policy diving. The session was conducted after a recent report revealed by The Intercept , suggested the National Security Agency (NSA) may have masqueraded as the social network to infect a number of target's computers, according to Edward Snowden documents. He said, " no one co

Last Weekend Google Play Store was crashed twice by a Turkish hacker when he tried to test vulnerability he discovered on the Android  apps  publishing system, known as Google's Developer Console . Turkish hacker ' Ibrahim Balic ' claimed responsibility for the Google Play Store attack and told ' The Hacker News ', he found a flaw in the Android operating system while working with Android tools i.e. Compiler, debugger on his Emulators, that was crashing again and again.  ' I successfully confirmed that it affects Android 4.2.2 , 4.3 and 2.3 ' he said. Then he created an Android app to exploit the vulnerability, ' causes a possible memory corruption '  and uploaded it to the Google's Developer Console. Unfortunately, OR Luckily the malformed Android app crashed whole Google's Developer Console, and he didn't expect that the app will knock everyone offline from Play Store. He was not sure about the outage caused by him or not,

27-year-old Infamous Moroccan-Russian hacker arrested by Thailand's Department of Special Investigation (DSI)  in Bangkok, accused of cracking Switzerland Bank Computers and websites. Farid Essebar , went by the online screen name " Diabl0 ", has been wanted from last three years, and finally arrested on Tuesday with the joint operation of Thai and Swiss authorities and will be extradited to Switzerland soon. In 2011, He allegedly duplicated the Bank website pages to dupe more than 1,000 people and responsible for damage of $4 Billion and subject to an 'International' arrest warrant for forgery and piracy of financial institutions. '' We arrested the suspect at a condominium on Rama IV Road. Next Thailand will send him to Switzerland within 90 days in accordance with the extradition agreement, '' Police Colonel Songsak Raksaksakul of the Department of Special Investigation said. In 2005, 18-year-old Farid Essebar was arrested b

In late 2013, Security Researchers identified thousands of Linux systems around the world infected with the OpenSSH b ackdoor trojan and  credential stealer  named Linux/Ebury ,  that allows  unauthorized access of an affected computer to the remote attackers. Antivirus Firm ESET's Reseacher team has been tracking and  investigating the operation behind Linux/Ebury and today team  uncovers the details [ Report PDF ] of a massive,  sophisticated and organized  malware campaign called ' Operation Windigo ', infected more than 500,000 computers and 25,000 dedicated servers. ' We discovered an infrastructure used for malicious activities that is all hosted on compromised servers. We were also able to find a link between different malware components such as Linux/Cdorked, Perl/Calfbot and Win32/Glupteba.M and realized they are all operated by the same group. '  ESET reported. Malware used in Operation Windigo: Linux/Ebury –  an OpenSSH backdoor use

You all are quite aware of phishing attacks , and for those who are not, Phishing scams are typically fraudulent email messages, masquerading as a well known and trustworthy entity in an attempt to gather personal and financial information from victims. However, phishing attacks have become more sophisticated recently. The Pro-hacker group, Syrian Electronic Army (SEA) is also popular for its advance phishing attack and had purposely targeted twitter account and websites of various popular brands like Forbes, Microsoft, Obama, Facebook, CNN, eBay and PayPal in the past using phishing techniques. Security researchers have seen an increase in the number of phishing attacks every day, but recently a tricky scam came across by the researchers at the Symantec , which is targeting Google Docs and Google Drive users. Under this phishing scam, an email with a subject of " Documents ", tricks recipient to view an ' important document ' stored on the Google Docs by cli

Despite so many warnings from Microsoft and Cyber Security Experts, Windows XP is still being used by a number of Government organizations, Financial institutions as well as big Corporations all around the world. If we look at the statistics then almost 30% of computers you will find that still run Windows XP , including banks, airline companies, and other huge enterprises, the count in real is likely to be even higher than the estimated. But If you stick with Windows XP after April 8 2014 , you might be at a great risk as XP will take its last breath officially on that day and will die! This fact poses danger to its users as they will be exposed to all kinds of threats. Almost thirteen years after it was 'first released' i.e. April 8 when the Redmond, Washington-headquartered Corporation will stop support for its longest running and most successful OS, Windows XP. Continue using Windows XP after April 8, it will serve you as a Dead Zombie, because Microsoft w

The Internet is becoming a dangerous place day-by-day and especially for those innocent web users who rely on 3rd party services. The latest bad news is that the World's largest and most widely used Google's free public DNS (Domain name system) resolvers  raised   security red flags yesterday. DNS is the master address list for the Internet, which translates IP addresses into human readable form and vice versa. According to Internet monitoring firm BGPmon , Google's DNS server 8.8.8.8 /32 was hijacked yesterday for 22 minutes. The Google's DNS server handles around 150 billion queries a day and during the 22 minutes of hijacking, millions of Internet users, including Financial institutions , Governments were redirected to BT's (British multinational telecommunications services company) Latin America division in Venezuela and Brazil. It is suspected that Hackers exploited a well-known  vulnerability in the so-called Border Gateway Protocol ( BGP) , which