The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A 31-year-old South Korean has been recently accused by the police for the allegation of infiltrating and hacking the accounts of 25 million users of   Naver , one of the popular search portal in South Korea. On Wednesday, the Asian National Police Agency revealed that the suspect purchased the private information of 25 million users, including names, residential numbers, Internet IDs and passwords from a Korean-Chinese, back in August last year, Korea Herald reported. The suspect surnamed  ' Seo ', supposedly used the purchased information to hack into the accounts of Naver users and sent out spam messages and other ' illicit emails ' to the account holders. He had made an illegal profit of some 160 million won ( $148,000 ) using this, according to the report. Also a hacker surnamed  ' Hong ', has been arrested by the police who was suspected to develop the hacking program that automatically enter users' IDs and passwords, which was apparently used by

The devices are becoming smarter, therefore the chances to abuse them have increased. As the share of Android has become 87% in the global Smartphone market, so the Android is by far an elementary target of the mobile malware developers. The number of malware variants has increased rapidly and today 99 out of 100 mobile viruses are targeting Android Devices. Most of the sophisticated malware has the capability to steal keylogs , send text messages to the premium numbers, steal personal data without requesting permission from the device user, also have the caliber to modify SMS and MMS messages and contacts.  Mobile Malware can modify or steal the content stored on your device's SD card and some advance botnet  malware even can give complete remote control of your device to an attacker. DENDROID Beginning this month, we warned our readers from one such sophisticated android malware toolkit discovered by the Symantec researchers that dubbed as ' Dendroid ', which runs on HTTP prot

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

The Android operating system has hardened its security with application Sandboxing features to ensure that no application can access sensitive information held by another without proper privileges. Android applications communicate with each other through Intents and these intents can be abused by hackers to provide a channel for a malicious application to inject malicious data into a target, potentially vulnerable application. Security Researchers at IBM have discovered multiple vulnerabilities in Firefox for Android platform that allow a malicious application to leak the sensitive information related to the user's profile. Android's Firefox app stores the personal data at following location: / data /data/org . mozilla . firefox /files/mozilla/<RANDOM-STRING >. default . Where the random name for user's profile is used to prevent unwanted access to this directory in case of Firefox exploitation. Researchers developed an exploit to brute-force the &

The Mysterious Malaysian Airlines flight MH370 , a Boeing 777-200 aircraft that has gone missing by the time it flew from Kuala Lumpur to Beijing. The Malaysian Prime Minister had also confirmed that the Malaysia Airlines plane had crashed in a remote part of the southern Indian Ocean. Cyber Criminals are known to take advantage of major news stories or events where there is a high level of public interest and now Scammers are also targeting tragedy of MH370 to trap innocent Internet users. Just a few days before we warned you about a Facebook malware campaign claimed that the missing Malaysian Airlines ' MH370 has been spotted in the Bermuda Triangle ' with its passengers still alive and invites users to click a link to view breaking news video footage. This week, Security researchers at FireEye have revealed about various ongoing spear phishing and malware attacks by some advanced persistent threat (APT) attackers. According to the researchers, the Chines

Defending and Analysis of online threats and malwares   have become more challenging nowadays and especially for larger businesses like the popular social networking site - Facebook. To encounter malware, phishing, and other online threats, Facebook has taken an important step forward. Facebook has unveiled its latest security-focused platform, dubbed as ' ThreatData ', which is a framework that aims to standardize its methods for collecting and analyzing data. The ThreatData framework is implemented to import information about the various online threats, malware, phishing and other internet risks, then storing it proficiently for real-time and long-term analysis as well. It consists of three high level components i.e. Feeds, Data storage, and Real-time response. FEEDS:  Feeds will collect data from a distinct source and implement them via a lightweight interface. " Here are some examples of feeds we have implemented: Malware file hashes from VirusTotal; Malicious