The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A year ago, the U.S. government's Defense Advance Research Projects Agency (DARPA) announced a project to create a powerful new search engine that could find things on the deep web that isn't indexed by Google and other commercial search engines. The project, dubbed Memex Deep Web Search Engine , is well underway, and for the first time on Sunday night, we got an early look at Memex search engine — the crime-fighting search engine in action. The Pentagon's research agency gave Scientific American a preview of the software and 60 Minutes exclusive looks at the technology. The Deep Web is a heap of illegal activity, pervade with child pornography , drug deals, Cyber crime and human trafficking. But because the dark web is 'buried' so deeply that it is out of the reach of mainstream search engines and law enforcement agencies, however, that's until now. Memex Search Engine attempts to secure the Internet from hackers, human traffickers and other c

So far, the torrent users didn't forget the incident of The Pirate Bay seizer, that another most popular Torrent website, KickAss Torrents , has been kicked off by the Somalian registry. KickAss Torrent download website has lost access to its Kickass.so - the Somalian domain with millions of unique visitors per day and the most visited torrent website on the Internet. The domain is currently offline and, according to TorrentFreak, the Somalia based KickAss Torrent download domain was recently listed as "banned" by the .so registry, forcing the site's operators to switch to another domain. Just like The Pirate Bay , KickAss Torrents is also a well-known torrent download service that has often been criticized for providing easy access to pirated content, so it's no surprise that the ban came following a complaint received by Somalian authorities. KickAss Torrents website stopped working around 4 am ET and is still offline and will not be returning. Howeve

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Is Your Smart TV Spying On You?  You just need to make sure you don't hold any private conversations in front of the internet-connected TV. IS SMART TV GETTING TOO SMART? Smart TVs are connected to the Internet, and they are capable of collecting and transmitting our data. Samsung's Smart TV uses voice recognition technology to enable voice commands, but its privacy policy defined by the company says " if your spoken words include personal or other sensitive information, that information will be captured and transmitted to a third party. " In other words, Samsung's Voice Recognition feature is always listening you, unless you deactivate it. So these internet-enabled smart devices can be exploited to reveal a wealth of personal. " In addition, Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features. " Samsung S

The hacktivist group Anonymous has launched a massive cyber attack against the Islamic State of Iraq and Syria (ISIS) — the radical Islamic terrorist group who were  responsible for the terrorist attack against the Paris offices of satirical magazine Charlie Hebdo . With huge social media presence, ISIS is the most active terror group on Facebook, Twitter, YouTube and Instagram accounts. But unluckily, over dozens of Facebook and Twitter accounts linked to ISIS has recently been taken by the Anonymous group. In a video appeared on Youtube, Anonymous group and RedCult announced the operation  #OpISIS  and claimed to have carried out cyber attack against hundreds of Twitter and Facebook accounts used by ISIS for its own propaganda and to recruit new members. According to the video, Operation  #OpISIS  is coordinated by "Muslims, Christians, Jews"  alike and a masked individual discusses the aim of the campaign. They are " hackers, crackers, Hacktivist, phi

The Nation's second largest Health insurer company, Anthem , alerted its customers on Wednesday that hackers had stolen the personal information of over 80 Millions of its customers, making it the largest data breach and double the number of payment cards affected by Target data breach occurred in 2013. The stolen personal information includes residential addresses, birthdays, medical identification numbers, Social Security Numbers, email addresses and some income data belonging to both current and former customers and employees, including its own chief executive. 80 Million is a vast number — it's roughly the populations of California, Texas and Illinois when combined together. So far, there is no evidence whether financial or medical information of the company's customers was compromised, according to a statement given by Anthem's vice president, Kristin Binns. The health giant, based in Indianapolis, has hired cybersecurity firm FireEye's Mandiant division to wo

Cybercriminals are known to take advantage of everything that captures public attention in order to spread malware, and the recently launched web client of the most popular WhatsApp messaging application seems to be their next target. Last month, the messaging giant WhatsApp, with 700 million users worldwide, finally launched its web client to the public. The feature is called " WhatsApp Web ," which gives its users the ability to read and send messages directly from their web browsers. FAKE WHATSAPP WEB SPREADING BANKING TROJANS However, malicious hackers have taken the advantage of the latest WhatsApp Web and have started fooling users all over the world with fake downloads masquerading as a desktop variant of the WhatsApp mobile application. Security researchers at Kaspersky Labs have spotted a seemingly genuine WhatsApp Web for Windows in spam campaign available for fake download that actually spreads financial malware Trojans to the systems worldwide.

Werner Koch , the man who authored the free email encryption software , is running out of funding to continue the development of his crucial open-source GNU Privacy Guard (GnuPG) encryption tools.The code works on plenty of operating systems from Linux and FreeBSD to Windows and OS X. The popular Gnu Privacy Guard (GnuPG or GPG) email encryption software is the same used by the former United States National Security Agency (NSA) contractor and whistleblower Edward Snowden to keep his communication secure from law enforcement authorities. GPG uses the OpenPGP standard to safeguard the communications of millions of people, including journalists, dissidents and security-minded people, around the world from eavesdroppers and other miscreants. GPG EMAIL ENCRYPTION RELIES ON THIS GUY ONLY Werner Koch has been maintaining and improving the code of his own secure email software since its initial development in 1997, and since then he has worked at very low wages, but is now

A critical zero-day vulnerability has been discovered in a popular WordPress plugin , called ' FancyBox for WordPress ', which is being used by hundreds of thousands of websites running on the most popular Blogging Platform Wordpress. 0-DAY FLAW EXPLOITED IN THE WILD The security researchers at network security firm Sucuri issued a warning Wednesday about the zero-day vulnerability that is being " actively exploited in the wild " by malicious hackers in order to infect as many as victims. While there are more than 70 million websites on the Internet currently running WordPress  content management system, over half a million websites use ' FancyBox for WordPress ' Plugin, making it one of the popular plugins of Wordpress for displaying images, HTML content and multimedia in a so-called " lightbox " that floats on top of Web pages.. HACKERS INJECT MALWARE INTO WEBSITES The vulnerability allows attackers to inject a malicious iframe

A malware campaign has been found targeting iOS devices linked to a wide range of entities, including European defense organizations, governments, and media sectors with dangerous espionage spyware capable of breaching non-jailbroken devices, a recent report claims. The spyware campaign, dubbed " Operation Pawn Storm " by security experts, was first detected on Windows computers late last year, but has now made its way to iOS devices , a report by security researchers at TrendLabs noted. The researchers linked the campaign to the Russian government. XAGENT SPYWARE APP One of the two spywares used in the campaign is actually an application, the firm dubbed the app XAgent, that attempts to install and run on iOS devices. " The XAgent app is fully functional malware ," the researchers noted . " The exact methods of installing these malware is unknown; however, we do know that the iOS device doesn't have to be jailbroken ... We have seen one in

The NSA and GCHQ have tracked and monitored the activities of independent and nation-state hackers, along with some of the foremost security researchers in order to gather information on targets and pilfer the stolen data from hackers' archives, top secret Snowden documents reveal. State-sponsored, individual Blackhat hackers and hacking groups target some or other organizations on an ongoing basis. So, by monitoring the work of 'freelance' and rival state hackers, the NSA and its allies get the stolen information, such as email accounts or chats owned by target of their interest, without doing much of hard work. HACKERS STOLE FROM TARGETS & AGENCIES STOLE FROM HACKERS According to the latest revealed documents provided by whistleblower Edward Snowden , the hacks and sophisticated breaches on the targets were carried out by the state-sponsored and freelance hackers, but the stolen data, referred to as 'take', was then pilfered by the agencies for