The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A critical cross-site scripting ( XSS ) vulnerability in the Google Apps administrator console allowed cyber criminals to force a Google Apps admins to execute just about any request on the https://admin.google.com/ domain. The Google Apps admin console allows administrators to manage their organization's account. Administrators can use the console to add new users, configure permissions, manage security settings and enable Google services for your domain. The feature is primarily used by many businesses, especially those using Gmail as the e-mail service for their domain. The XSS flaw allowed attackers to force the admin to do the following actions: Creating new users with "super admin" rights Disabling two-factor authentication ( 2FA ) and other security measures from existing accounts or from multiple domains Modifying domain settings so that all incoming e-mails are redirected to addresses controlled by the attacker Hijack an account/email by resett

Barrett Brown , a journalist formerly served as an unofficial spokesman for the hacktivist collective Anonymous , was sentenced Thursday to over five years in prison, after pleading guilty to federal charges of  " transmitting a threat in interstate commerce ,"   " for interfering with the execution of a search warrant ," and to being " accessory after the fact in the unauthorized access to a protected computer ." After already having served over 2 years ( 31 months ) in detention, Texas court in Dallas has sentenced Barrett Brown to 63 months in federal prison and also ordered him to pay a little more than $890,000 in restitution and fines related to the 2011 hack of Stratfor Global Intelligence . Over a year ago, another federal judge sentenced Anonymous member Jeremy Hammond to 10 years in prison for making millions of emails from the servers of security firm Stratfor public. It's Hammond who said that Brown simply linked to the hacked

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Are you worried about your privacy? Its Obvious because of a Hacker or the government could be snooping in your emails, voice or video calls. The Famous Internet entrepreneur Kim Dotcom , who introduced legendary Megaupload and Mega file sharing services to the World, has now released its latest encrypted communication software for video calling, messaging and chat. Kim Doctom's file-sharing site Mega has launched the public beta of its end-to-end encrypted video and audio chat service called " MegaChat ", which the company says gives better protection than alternatives such as Skype and Google Hangouts. MegaChat is currently free to use and right now just provides browser-based audio and video calls, but Mr. Dotcom said on Twitter "Text chat and video conferencing will follow soon," HOW TO USE MEGACHAT Create a Mega account. Simply log in via the web browser and click on the Conversations icon provided on the left-hand side  Contacts will need their own M

The most popular smartphone messaging service WhatsApp is now able to communicate with friends from their PC. No Rumours at all !! Enjoy WhatsApp from your desktop from now on. Last month, it was leaked that Whatsapp was working on a web client and finally from today they are introducing it to the public. The feature is called " WhatsApp Web ," which gives its users the ability to read and send messages directly from their web browsers. HOW TO USE WHATSAPP ON PC/DESKTOP Interested WhatsApp users simply need to open Chrome and navigate to https://web.whatsapp.com A QR code will appear on the web page, which must be scanned using WhatsApp mobile application to activate the service. By scanning the  QR code  that appears, users will automatically have paired their mobile WhatsApp with the WhatsApp web client, as shown.  WhatsApp Web requires that you install and run the latest Whatsapp version of the Android app on your phone. The feature currently works on

Get Ready to update your Java program as Oracle has released its massive patch package for multiple security vulnerabilities in its software. The United States software maker Oracle releases its security updates every three months on Tuesday, which it referred to as " Critical Patch Updates " (CPU). Yesterday, Oracle released its first quarterly CPU-date of this year, issuing a total of 169 security fixes for hundreds of its products including Java, Fusion Middleware, Enterprise Manager and MySQL. The security update for Oracle's popular browser plug-in Java addresses vulnerabilities in the software, 14 of which could be remotely exploitable without authentication, that means an attacker wouldn't need a username and password to exploit them over a network. Four Java flaws were marked most severe and received a score of 10.0 on the Common Vulnerability Scoring System (CVSS) , the most critical ranking. Nine other Java flaws given a CVSS Base Score of 6.0

2015 will be a year more smarter than 2014 with smarter mobile devices, smarter home appliances, and yes Smarter Automobiles. Nowadays, there are a number of automobiles companies offering vehicles that run on a mostly drive-by-wire system, meaning that a majority of the controls are electronically controlled, from instrument cluster to steering, brakes, and accelerator as well. No doubt these systems makes your driving experience better, but at the same time they also increase the risk of getting hacked. According to a recent research, an electronic dongle used to plugged into the on-board diagnostic port of more than two million cars and trucks contains few security weaknesses that makes them vulnerable to wireless attacks, resulting in taking control of the entire vehicle. Since 2008, US-based Progressive Insurance has used the SnapShot device in more than two million vehicles . The little device monitors and tracks users' driving behavior by collecting vehicle location a