The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

" Hacking " is not just popular among cyber security experts and criminals, but also is a great interest for movies industries as well. Hollywood movies such as 1995 released Hackers and 2001 released Swordfish are examples of it, and now Chris Hemsworth 's new flick Blackhat . Blackhat – An upcoming cyber thriller, directed and co-written by Michael Mann ( who also directed Tom Cruise' Collateral ), in which actor Chris Hemsworth trades brawn for brains to save the world. The latest trailer for Blackhat has arrived online, and you can watch it below. Hemsworth's character in the upcoming cyber thriller is a former Blackhat hacker, named Nicholas Hathaway , who is serving a 15-year sentence for cyber crimes. He was recruited straight from prison by a mixed team of American and Chinese law enforcement officials to stop high-level cybercrime network from Chicago to Los Angeles to Hong Kong to Jakarta and save the world from global hackers. Hathaway a

The users of WordPress , a free and open source blogging tool as well as content management system (CMS), are being informed of a widespread malware attack campaign that has already compromised more than 100,000 websites worldwide and still counting. The news broke throughout the WordPress community earlier Sunday morning when Google blacklisted over 11,000 domains due to the latest malware campaign , that has been brought by SoakSoak.ru , thus being dubbed the ' SoakSoak Malware ' epidemic. While there are more than 70 million websites on the Internet currently running WordPress, so this malware campaign could be a great threat to those running their websites on WordPress. Once infected, you may experience irregular website behavior including unexpected redirects to SoakSoak.ru web pages. You may also end up downloading malicious files onto your computer systems automatically without any knowledge. The search engine giant has already been on top of this infection a

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

British government surveillance agency GCHQ – counterpart of NSA – has fired-up another debate over the Internet by launching Android application to encourage teenagers to tackle emerging cybersecurity threats. The newly launched Android app , dubbed " Cryptoy ", was developed by STEM (science, technology, engineering and maths) students on an industrial year placement at GCHQ. The Cryptoy app was highly appreciated and liked by GCHQ at the Cheltenham Science Festival that they made it available to download today. The app is designed mainly to tempt youngsters between the ages of 14 and 16 into trying their hand in cryptography and code-breaking, but can be used by anyone interested in cryptography. According to GCHQ , Cryptoy app will help users to understand basic encryption methods, teach the codes of the past, and create their own encrypted messages. The app allows users to share these encoded messages by using four code-breaking techniques – Shift, Subs

Alibaba Group has patched a major security vulnerability in one of its e-commerce portals that exposed account details of tens of millions of Merchants and shoppers to cyber criminals. An Israeli application security firm, AppSec Labs, found a Cross site scripting (XSS) vulnerability in AliExpress, the company's English language e-commerce site that was found vulnerable to similar flaw a week ago that compromised personal information of Alibaba customers. The flaw was fixed shortly after Cybermoon security firm disclosed it to Alibaba. AliExpress is an online marketplace owned by Chinese E-Commerce giant Alibaba.com, also known as Google of China. The company serves more than 300 Million active users from more than 200 countries including the U.S., Russia and Brazil. But the critical vulnerability found by the researcher could allow an attacker to hijack merchant's account. Using AliExpress XSS vulnerability an attacker can inject any malicious payload script as value

Sony Pictures Entertainment hack that started at the end of the last month and so far has caused a severe damage to its reputation as well as resources, from internal system shutdown to upcoming movies and scripts leak. Now, a similar cyber attack against Casino operator Las Vegas Sands Corp has been revealed that occurred on February 2014. The cyber attack occurred on this year's February but the details of damages to the casino was not publicized until Bloomberg Businessweek exposed it in a story on Thursday. Hackers crippled thousands of servers and computers across the network of the giant Las Vegas Sands Corp. by wiping them with highly destructive malware. The hack attack was believed to be in response to the statement given by the chief executive officer and largest shareholder of Las Vegas Sands Corp., Sheldon Adelson . On October 2013, the billionaire made a statement at the Manhattan campus of Yeshiva University that Iran should be bombed to get the country to

We are living in an era of smart devices that we sync with our smartphones and make our lives very simple and easy, but these smart devices that inter-operates with our phones could leave our important and personal data wide open to hackers and cybercriminals. Security researchers have demonstrated that the data sent between a Smartwatch and an Android smartphone is not too secure and could be a subject to brute force hacks by attackers to intercept and decode users' data, including everything from text messages to Google Hangout chats and Facebook conversations. Well this happens because the bluetooth communication between most Smartwatches and Android devices rely on a six-digit PIN code in order to transfer information between them in a secure manner. Six-digit Pin means approx one million possible keys, which can be easily brute-forced by attackers into exposing entire conversations in plain text. Researchers from the Romania-based security firm Bitdefender ca