The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The Famous Internet entrepreneur and former hacker Kim Dotcom , who introduced legendary Megaupload and MEGA file sharing services to the World, has came up with another crazy idea — To start his very own Internet that uses the "blockchain". Just last month, Kim Dotcom, a German millionaire formerly known as Kim Schmitz , launched the public beta of its end-to-end encrypted video and audio chat service called " MegaChat ", which it says gives better protection than alternatives such as Skype and Google Hangouts. Now, his latest series of tweets referred to Kim Dotcom's supposed " MegaNet " which, he believes, would be immune to the global mass surveillance conducted by governments or corporations and would not be based on IP addresses. MegaNet would be a decentralized, non-IP based network in which the blockchain used by Bitcoin will play an " important role ". Decentralizing the Internet means to take the power of the Web

A vulnerability has been discovered in the wildly popular Google's Stock Android Email App , that could be exploited by malicious attackers to remotely crash your smartphone application just by sending a specially crafted email. A Spain security researcher, Hector Marco , successfully exploited the vulnerability on his Samsung Galaxy S4 Mini running version 4.2.2.0200 of Stock Android Email App. He said the flaw appears to affect all older versions of Stock Android Email App, though devices running 4.2.2.0400 and newer versions are not affected. According to the researcher, when the victim receives the malicious email and tries to view it, the email app crashes. Further attempts to open the email again triggers a crash in the application before the victim can do anything. The flaw ( CVE-2015-1574 ) is due to incorrect handling of the Content-Disposition header . Hackers could exploit the vulnerability by sending an email with a malformed Content-Disposition header to th

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Diagnosing network fault is one of the toughest questions for an IT Pro to answer because there is no single or best way. IT infrastructures are multi-layered and integrate many different systems which makes identifying the cause of network fault a difficult task. At a high level, the process of handling a fault breaks down into four steps: Find it Fix it Diagnose the root cause Prevent the fault from happening again A highly recommended solution to make fault identification and prevention simple is using Security Information and Event Management (SIEM) technology. The log and event analysis features of a SIEM can provide a comprehensive strategy for fault diagnosis and prevention. SolarWinds Log & Event Manager is a fully-functional SIEM designed to make diagnosing network fault a quick and easy task. Log & Event Manager automates collecting, analyzing, and diagnosing log data to help you find, fix, diagnose, and prevent network fault. You can downloa

The U.S. National Security Agency (NSA) may be hiding highly-sophisticated hacking payloads in the firmware of consumer hard drives over the last 15 to 20 years in a campaign, giving the agency the means to eavesdrop on thousands of targets' computers, according to an analysis by Kaspersky labs and subsequent reports. 'EQUATION GROUP' BEHIND THE MALWARE The team of malicious actors is dubbed the the " Equation Group " by researchers from Moscow-based Kaspersky Lab, and describes them as " probably one of the most sophisticated cyber attack groups in the world," and "the most advanced threat actor we have seen. " The security researchers have documented 500 infections by Equation Group and believes that the actual number of victims likely reaches into the tens of thousands because of a self-destruct mechanism built into the malware. TOP MANUFACTURERS' HARD DRIVES ARE INFECTED Russian security experts reportedly uncovered sta

If you are a traveler and loves to travel then you must be annoyed of those calls you sometimes get from your bank when buying things far from home, and the most annoyed part is when the company won't approve the transaction as it fears your card was stolen. VISA MOBILE LOCATION CONFIRMATION APP The payment processing and credit card giant Visa has came forward to put an end to this problem by letting cardholders the chance to buy things wherever they are. The company plans to release a new location-based feature that will help cardholders to update their location via smartphone. Starting in April, the banks will include the software application, dubbed Visa Mobile Location Confirmation , in their smartphone apps. The app will use cardholders smartphone's ability to locate itself and verify that they're near where the card is being used. IN WAKE OF INCREASING CREDIT CARD FRAUD The idea behind this new move is to reduce the rising incidents of credit card fraud and fraud

The most popular Chinese Bitcoin exchange BTER announced that it has been hacked on Valentine's Day and lost more than £1.1 Million-worth ($1.75 Million; one BTC is about $270) of the digital currency. The Bitcoin Exchange hasn't revealed more details about suspects behind the breach or how the cold wallets were compromised, except that 7,170 Bitcoin cryptocurrency was stolen from the company's " cold wallets ," a way of storing the digital currency offline. " All wallets have been shut down and withdrawals of unaffected coins will be arranged later, " the official website of BTER Bitcoin exchange states. Internet sleuths are already on the hunt to trace the missing Bitcoin. Because of the way the digital currency works, it is possible to trace any transaction or funds easily by using public available service, called " blockchain ." According to the announcement, the stolen Bitcoin cryptocurrencies were broadcast through the trans

President Barack Obama signed an executive order on Friday that encourages and promotes sharing of information on cybersecurity threats within the private sector and between the private sector companies and the government agencies as well. AREAS TO IMPROVE During his speech at the White House Cybersecurity Summit at Stanford University in California, where many tech leaders and other government officials also assembled, the President highlighted events affecting cybersecurity and the development of the Internet. The four areas that Obama believes must be improved are listed below: Development and evolution of the Internet Cybersecurity Rights of individuals in regards to the Internet Cooperation between the Government and private companies EVERYONE IS VULNERABLE - OBAMA " The cyber world is sort of the Wild Wild West and to some degree we are asked to be the sheriff ," Mr. President told a crowd at the Memorial Auditorium. " When something lik