The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Oh Microsoft, How could you do this to your own Internet Explorer? Microsoft had kept hidden a critical Zero-Day vulnerability of Internet explorer 8 from all of us, since October 2013. A Critical zero-day Internet Explorer vulnerability ( CVE-2014-1770 ), which was discovered by Peter 'corelanc0d3r' Van Eeckhoutte in October 2013 just goes public today by the Zero Day Initiative (ZDI) website . Zero Day Initiative is a program for rewarding security researchers for responsibly disclosing vulnerabilities. ZDI reportedly disclosed the vulnerability to Microsoft when it was first identified by one of its researchers, on which Microsoft responded 4 month later on February 2014 and confirmed the flaw, but neither the Microsoft patch the vulnerability nor it disclosed any details about it. But due to ZDI's 180 days public notification policy, they are obligated to publicly disclosed the details of a Zero-Day vulnerability. ZDI warned Microsoft several days ago ab

If you have an eBay Account then you should change your password immediately, because the World's biggest E-commerce company with 128 million active users announced today in a press release that it had been Hacked. eBay revealed that attackers compromised customers' database including emails, physical addresses, encrypted passwords and dates of birth, in a hacking attack between late February and early March, but financial information like credit card numbers, as well as PayPal information were stored separately and were not compromised. ' After conducting extensive tests on its networks ,' They also said they've found no evidence of unauthorized access or activity by registered eBay users, but as precaution, eBay is resetting everyone's passwords that ' will help enhance security for eBay users. ' Why did eBay wait so long to tell everyone? because just two weeks ago they discovered data breach . They conducted a forensic investigation of its compu

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Federal Bureau of Investigation (FBI) has been authorized by U.S Congress to hire 2,000 new employees this year, and many of those will be young hackers and Programmers in order to built-up its cyber crime division, but FBI's Director 'James B. Comey' is facing some difficulties. Apparently, FBI's Strict Anti-Drug Policy is making it very difficult for them to go after real criminals because most of the hackers have a fondness of smoking weeds, illicit drug. According to US agency policy, they won't hire anyone who used marijuana in the last three years, but it seems that now the law enforcement agency has to think about deviating from its own policy to get right talent to tackle cybercrimes over the Internet which has become a first priority for the agency. Recently, During an annual conference held at Manhattan's New York City Bar Association, One attendee asked James B. Comey that -- One of his friend who considered an FBI job but ultimately did not apply becaus

Netflix, the world's largest Internet Video Subscription service with more than 35.7 million customers in U.S alone, that runs on the Microsoft Silverlight platform, has now become a popular target for cybercriminals, as public awareness of Java and Flash flaws is increasing. Silverlight is a Microsoft's plug-in for streaming media on browsers, similar to Adobe Flash Player , that handles multimedia contents on Microsoft Windows and Mac OS X Web Browsers, and is popularly known for being used in Netflix's streaming video service. But, Netflix isn't the only service that works on Silverlight, many other multimedia services supports Silverlight. Malware and Exploit Kit developers are targeting Silverlight users as they aren't aware of the increasing proliferation of malware for the platform. Silverlight vulnerabilities are mostly exploited using drive-by download attacks to compromise victim's computers with malware, especially through malicious ads. A recent

While US government is always prohibiting the purchase of Huawei products due to suspected backdoors from the Chinese government, China also keep itself totally apart from the US productions. China is a bit famous for using its own operating systems, smartphone application services and lots more, rather than using the US developed Operating Systems, and now China has reportedly banned the installation of Microsoft Corporation's latest operating system, Windows 8 on any of its government computers. The Central Government Procurement Center issued a notice that was posted on its website last week prohibiting the use of Microsoft's latest operating system and the reason behind it is to support the use of energy-saving products, the report said. But the state news agency ' Xinhua ' pointed out a different reason for the ban saying the country wants to avoid any further losing of the support for an operating system like it did recently by pulling out its support from t