The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Hackers have already bypassed Apple's fingerprint scanner using fake fingerprints, and now they have found a way to reproduce your fingerprints by using just a couple of photos of your fingers. Special Fingerprint sensors have already been used by Apple and Samsung in their smartphones for authentication purposes and in near future fingerprints sensors are believed to be the part of plenty of other locked devices that can be unlocked using fingerprints, just to add an extra layer of authentication. But, How secure are your fingerprints? A member of Europe's oldest hacker collective, the Chaos Computer Club (CCC) , claimed to have cloned a fingerprint of a Germany's federal minister of defense , Ursula von der Leyen , using pictures taken with a " standard photo camera " at a news conference. At the 31st annual Chaos Computer Conference in Hamburg Germany this weekend, biometrics researcher Starbug , whose real name is Jan Krissler , explained

A serious security vulnerability has been discovered in the default web browser of the Android OS lower than 4.4 running on a large number of Android devices that allows an attacker to bypass the Same Origin Policy (SOP). The Android Same Origin Policy (SOP) vulnerability ( CVE-2014-6041 ) was first disclosed right at the beginning of September 2014 by an independent security researcher Rafay Baloch. He found that the AOSP (Android Open Source Platform) browser installed on Android 4.2.1 is vulnerable to Same Origin Policy (SOP) bypass bug that allows one website to steal data from another. Security researchers at Trend micro in collaboration with Facebook have discovered many cases of Facebook users being targeted by cyber attacks that actively attempt to exploit this particular flaw in the web browser because the Metasploit exploit code is publicly available, which made the exploitation of the vulnerability much easier. The Same Origin Policy is one of the guidin

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

After the Mysterious Malaysian Airlines flight MH370 incident in March 2014 and the shooting of Malaysia Airline Flight MH17 by a ground-to-air missile in July 2014, yesterday AirAsia flight QZ 8501 with 162 people on board found missing by the time it flew from the Indonesian city of Surabaya to Singapore after losing contact with air traffic control due to weather, the airline company said Sunday. Since, cybercriminals are known to take advantage of every major incident and any occasion that captures public attention – regardless of how sensitive – comes out to be an opportunity for spammers and hackers to snatch users' personal information and spread malware, and the tragedy of the Missing AirAsia flight QZ 8501 is no exception. Cyber criminals are exploiting the disappearance of Indonesia AirAsia flight QZ 8501 by luring users to websites purporting to offer the latest news in order to steal their personal information. Our team has spotted some posts on social media

" The Interview ", the controversial North Korean-baiting film which appeared to be the root cause of the cyber mishap occurred at Sony Pictures Entertainment that threatened terror attack at theaters showing the movie, now threatens to expose users of Android phones to a malware attack. Since its release, everyone is talking about "The Interview" — the Seth Rogen and James Franco-starring comedy centered around a TV host and his producer assassinating North Korean dictator Kim Jong Un. Because cybercriminals are known to take advantage of major events where there is a high level of public interest, The Interview became their target. In a joint investigation, Security researchers of McAfee and Technische Universität Darmstadt and the Center for Advanced Security Research Darmstadt (CASED) has discovered an Android app claiming to download 'The Interview' comedy on their smartphone devices actually infects users' devices with banking trojan in

Hackers claiming affiliation with the hacktivist group "Anonymous" have allegedly leaked more than 13,000 username and password combinations for some of the worlds most popular websites, including Amazon, Xbox Live and Playstation Network . The stolen personal information was released in a massive text document posted to the Internet file-sharing website Ghostbin  (now deleted) , on Friday. The document contains a huge number of usernames and passwords, along with credit card numbers and expiration dates. The news came just a day after the hacker group Lizard Squad compromised Sony's Playstation and Microsoft's Xbox Live gaming networks on Christmas day, which is estimated to have affected Xbox's 48 million subscribers and PlayStation's 110 million users, making it a total of more than 150 million users worldwide. However, data breach of 13,000 users is not the biggest data breach we've ever seen. When millions of passwords are used for sites ar