The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

An Arkansas lawyer representing three police whistleblowers has claimed that the law enforcement officials at the Fort Smith Police Department (FSPD) tried to infect his computer with Trojan viruses in order to spy on their legal opponents. What's the issue? A lawyer Matthew Campbell of the Pinnacle Law Firm in North Little Rock is representing Don Paul Bales, Rick Entmeier, and Wendall Sampson, current and former officers of the Fort Smith Police Department in the lawsuit since January 2014. The three whistleblowers exposed some frauds within the corrupt department, and, therefore, the police have illegally investigated them. " Since July 2013, the plaintiffs have been the target of nearly two dozen various investigations , Campbell told the Northwest Arkansas Democrat Gazette. " [This range] from accusations that they misspent FSPD funds to allegations that they were impugning the FSPD on Facebook. " What happened? Campbell provided a blank ha

The Market of E-commerce websites is at its peak, as today people love to shop online to save their time. However, E-commerce and financial sites stand first in the rundown of potential victims as they manage financial exchanges. The traditional way to target victims of e-commerce sites is to use targeted "phishing" attacks via social media and emails. But… …due to increased awareness among the people about the threat of phishing attacks, hackers have now discovered new way — by malvertising legitimate websites where people assume to be safe and secure. We know: Today, there are many ready-to-use e-commerce platforms available on the Internet that are very easy to install and manage and that too at no extra cost; ' Magento ' is one of the most popular out of them. The most popular, the most targeted: Yes! Security researchers at Sucuri have found a malicious code inside the Magento e-commerce website that was intended to send all the data

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

Google has finally rolled out the latest version of its popular web browser, i.e. Chrome 42 for Windows, Mac, and Linux users that now lets websites send you alerts, no matter your browser is open or not. The release of the latest Chrome 42 version is a great deal as it costs Google more than $21,000. Yes, $21,000! The latest version of Chrome comes with fixes for 45 security vulnerabilities in the web browser, reported by different security researchers [listed below]. Let's know about the Major updates : Major updates and significant improvements for Chrome version 42 includes: Advanced Push API and Notifications API Disabled Oracle's Java plugin by default as well as other extensions that use NPAPI Patched 45 security bugs and paid out more than $21,000 Push API : Google includes Push API in its web browser for the first time. Push API, when combined with the new notifications API, allows websites to push notifications to you through y

I frequently receive emails and messages on how to hack my friend's Facebook account , how to become a hacker, how to penetrate networks , how to break into computers, and how to compromise routers? These are some of the most frequent queries I came across, and in this article I'll attempt to answer these along with a solution on how to get started as a beginner. Before we begin, first let's know… ...What is Ethical Hacking? Most people want to learn hacking just for fun to hack into their friend's Facebook account or Gmail. Remember, Hacking is a skill and if you are here for the same reason, sadly but this platform may not work for you. Ethical hacking is testing the IT resources for a good cause and the betterment of technology. Ethical hackers are none other than computer security experts and researchers who focus on penetration testing and weaknesses in the organization's information systems they associated. A way to become an ethical hacker is to get C

Are you one of those Windows users who have found themselves as victims of the CoinVault Ransomware ? If Yes, then we have a Good news for you: Victims of CoinVault ransomware can now decrypt their files encrypted by malware using a free tool released by Kaspersky Lab. With the Help of The National High Tech Crime Unit (NHTCU) of the Dutch Police, Security Researchers at Kaspersky Labs have developed ' CoinVault Ransomware Decryptor ' that decrypts files locked by ransomware like CoinVault. Ransomware malware is a growing cyber threat in which hackers primarily gain access to a user's system and demand a ransom be paid. Ransomware malware infects a computer or device to restrict the user's access to the infected computer. Typically, the ransomware malware will either 'lock' the computer to prevent normal usage or encrypt the files on it to prevent access. Recently, during an investigation of the CoinVault ransomware, the Dutch police we

Today device unlocking has become far more secure over the years, from PIN number unlock to Pattern unlock and biometric unlocks including fingerprinting and facial recognition. But... ...What If Your Android Device Can Identify Your Voice before authenticating any access? This exactly what Google is trying to provide its Android 5.0 Lollipop users. Users running Android 5.0 Lollipop on their smartphone devices may soon be able to unlock their devices simply by saying " OK Google ." " Smart Lock " is one of the most convenient security features provided in Lollipop that offers a handful of clever ways to unlock an Android device automatically, which yet includes: Trusted Device Trusted Places Trusted Face However, Google is now rolling out a new smart lock, dubbed " Trusted Voice ," that uses your voice as a password to unlock your device. Just as your fingerprint or face recognition is considered distinctive enough for biom

Security researchers have unearthed a serious security flaw in all supported versions of Windows that could let hackers steal users' credentials from computers, tablets or servers running any version of Windows operating system, including the as-yet-released Windows 10. This vulnerability in Windows was first discovered 20 Years ago : The critical bug, dubbed " Redirect to SMB ," is a variant of a vulnerability found in Windows by researcher Aaron Spangler nearly 18 years ago that caused Windows to expose a user's Windows username and password automatically. However, according to researchers at security firm Cylance who discovered the flaw, this weakness in Windows was never patched by Microsoft, as Microsoft says that this flaw is not worth focusing on, and, therefore... ...This results in a new hack that targets the SMB file sharing protocol . But, What is SMB? SMB, or Server Message Block, is a protocol that allows users to share files o

When it comes to cyber security, even big organizations lack the basic knowledge of how to protect company's data from the outside. Everyday businesses are facing the threat of phishing, ransomware , data breaches and malware attacks that not only results in millions of dollars losses, but also damaged the reputations. A new study shows that five out of six of the most serious IT security threats directly relate to phishing or the aftermath of a successful phishing attack . SEA, short for Syrian Electronic Army , is famous for its advanced phishing attack capabilities and with the help of the same technique they fooled many popular organizations, social media and news media, including Twitter, Microsoft, Skype, Forbes, eBay and Paypal. Where do we lack? According to the annual Verizon Data Breach Investigations report, about 58% of cyber security incidents were caused by employees, either due to failure in handling data or approving malicious data. So, in

A State-sponsored Cyber Espionage Group -- most likely linked to the Chinese government becomes the first group to target the so-called " Air-Gapped Networks " that aren't directly connected to the Internet. What are Air-Gapped systems? Air-gapped systems are known to be the most safest and secure systems on the earth. These systems are isolated from the Internet or any other Internet-connected computers or external networks. Air-gapped systems are generally used in the critical situations that demand high security like in payment networks to process debit and credit card transactions, military networks, and in industrial control systems that operate critical infrastructure of the Nation. Why Air-Gapped? It is very difficult to siphon data from Air-Gapped systems because it requires a physical access to the target system or machine in order to do that and gaining physical access is possible only by using removable devices such as a firewire cab

After the last year's scary celebrities photo leaks incident 'The Fappening' and ' The Spanning ', we thought that the celebs private pictures and contents are finally safe due to tight security provided by various cloud service provider and online awareness. But … Kelly Brook has reportedly fallen victim to the another photo scandal. Yes, you heard right. The famous ' One Big Happy ' star has once again become the victim of a hacker and 34 more pictures of 35-year-old model leaked online last week, according to The Sun. This is the second time when Kelly Brook's private photos have been hacked and leaked on the Internet. Last year, Brook was among the group of those celebrities who had their private pictures accessed by hackers. The huge photo leak hack affected many high profile stars including Jennifer Lawrence , Kim Kardashian , Rihanna and Selena Gomez . Previously leaked photos of Kelly on the Internet was pictured posing in a bikini and goin

What if you get into the bank account of the World's most richest person? Maybe it could be difficult for you as well as I. But not for this guy… ... Konstantin Simeonov Kavrakov , a Bulgarian hacker, who hacked into the ATM and stole thousands of dollars from the bank account of Microsoft mogul Bill Gates with fake ATM cards arrested in Philippines, according to the Philippine National Police. The 31-year-old man was arrested red-handed by the Philippine National Police while he was withdrawing cash from an ATM using fake cards. He had stolen tens of thousands of dollars from many victims by hacking into the automated teller machines (ATMs). In 2011, Kavrakov got arrested and was jailed in Paraguay for hacking into the Bill Gates' account in The Philippines' densely-populated Quezon City and stealing thousands of dollars. Since then Kavrakov was on the hit list of many countries police. During the arrest, the police recovered seven cloned credit card

Perhaps you have heard about "Net Neutrality," and the recent controversies over it in India. But first let's understand What does Net Neutrality mean? Net Neutrality is simply the Internet Freedom — Free, Fast and Open Internet for all. Net Neutrality is the principle that Internet service providers (ISPs) should give consumers access to all and every contents and application on an equal basis, treating all Internet traffic equally. Today, if there's something that makes everyone across the world "Equal" is nothing but the Internet. Equality over the Internet means, the richest man in the world has the same rights to access the Internet as the poorer. And this is what "Net Neutrality" aims at. But, What if someone snatches this Internet Freedom from you all? What if you have to pay extra for every single app you want? What if you have to pay extra for loading website of your choice faster? This is exactly what the Tel

China has something very impressive that we are not aware of. The country has a powerful and previously unknown weapon that its government is using to bolster their cyber attack capabilities: Dubbed " The Great Cannon. " INTERNET CENSORSHIP IN CHINA When I talk about Internet censorship, it is incomplete if I don't mention China. China is famous for its Great Wall of China and Great Firewall of China . The censoring of Internet access and blocking an individual website in China by its government, known as the Great Firewall of China. But, why the Chinese government does that? The answer is very simple: The Chinese government restricts those contents it deems sensitive for its country's so-called democracy. It illegalize certain online speech and activities, block selected websites, and filter keywords out of searches initiated from computers located in Mainland China. The worse: Those Chinese citizens who offend authorities against Int

U.S. and European law enforcement agencies have shut down a highly sophisticated piece of the botnet that had infected more than 12,000 computers worldwide , allowing hackers to steal victims' banking information and other sensitive data. The law enforcement agencies from the United States, United Kingdom and the European Union conducted a joint operation to get rid of the botnet across the globe and seized the command-and-control server that had been used to operate the nasty Beebone (also known as AAEH ) botnet . What's a Botnet? A botnet is a network of large number of computers compromised with malicious software and controlled surreptitiously by hackers without the knowledge of victims. Basically, a "botnet" is a hacker's "robot" that does the malicious work directed by hackers. Hackers and Cyber Criminals have brushed up their hacking skills and started using Botnets as a cyber weapon to carry out multiple crimes such as DDoS attacks

By now, everyone knows that the major federal agencies and big organisations like FBI, NSA and CIA are spying on you under their massive global surveillance programmes. But here's the Kicker: Your local police might be spying on your activities, too. According to the recent details published by the New York Civil Liberties Union (NYCLU), the police department of Erie County, New York, has used the controversial " Stingray " spying tool nearly 46 times since 2010 without any warrant. Also, the police department of Baltimore used the latest version of the Stingray surveillance device, called Hailstorm , more than 4,000 times in recent years, reports the Baltimore Sun. Late last year, we reported how US Marshals Service gathered data from millions of mobile phones by using a little device, nicknamed " Dirtbox ," in order to track criminals while recording innocent citizens' information. Dirtbox was used in spy airplanes to mimic mobile phone