The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The official website of the Telecom Regulatory Authority of India (TRAI) has been allegedly hacked just hours after the site exposed more than 1 Million email addresses of users who spoke in support of Net Neutrality. A hackers collective, calls itself AnonOpsIndia , has claimed responsibility for the distributed denial of service (DDoS) attack against the TRAI official website and bringing the site down. Few hours ago, a Twitter account linked to AnonOpsIndia tweeted about the took down of the trai.gov.in website through DDoS attack. Over a month ago, TRAI released a consultation paper with 20 questions to be answered by citizens of India via an e-mail by April 24, in order to hear their opinion on Net Neutrality. TRAI was planning to allow telecom operators like Vodafone and Airtel to block websites and applications just to extort more money from businesses as well as consumers, which is nothing but an extreme violation of Net Neutrality . However, when eve

Yahoo! don't want you to every time type a PIN or swipe your phone or scan your thumbprint in order to unlock your smartphone. Instead, it only wants you to place your smartphone device on your ear in order to do that. A new concept from Yahoo's Research Labs is out that doesn't focus on old fingerprint biometric scanners that are major form of biometric security on today's smartphones, rather focuses on an idea of Bodyprint as the futuristic biometric security. A team of researchers from the Internet giant has developed a new biometric system called " Bodyprint ," which is a much affordable alternative to fingerprint scanners for mobile phones. What does Bodyprint scan? Bodyprint, built by researchers Christian Holz, Senaka Buthpitiya, and Marius Knaust, is designed to utilize different body parts as biometric sensors for different cases, depending on how the users are using their phones. As mentioned above, Bodyprint can recognize you from your ears

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

The details of the next version of Google Glass has been revealed - the search engine giant is planning to launch Google Glass 2.0 soon . Massimo Vian , the chief executive officer of Italian eyewear company Luxottica , said his company is working with Google engineers on not just one, but two new versions of the Google's Internet-connected eyewear device. Luxottica is better known for its two famous brands owns brands – Oakley and Ray-Ban . It is also the same company that worked with the search engine giant on frames for the original version of Google Glass. Here's the Big Deal: During his company's general meeting in Milan, Italy, Vian said, "What you saw was version 1. [We are] now working on version 2, which is in preparation." A Google spokesperson told the Wall Street Journal that "the team is heads down building the future of the product," which will soon be available in the market, but she declined to give a specific t

A critical vulnerability resides in AFNetworking could allow an attacker to cripple the HTTPS protection of 25,000 iOS apps available in Apple's App Store via man-in-the-middle (MITM) attacks . AFNetworking is a popular open-source code library that lets developers drop networking capabilities into their iOS and OS X products. But, it fails to check the domain name for which the SSL certificate has been issued. Any Apple iOS application that uses AFNetworking version prior to the latest version 2.5.3 may be vulnerable to the flaw that could allow hackers to steal or tamper data, even if the app protected by the SSL (secure sockets layer) protocol . Use any SSL Certificate to decrypt users' sensitive data: An attacker could use any valid SSL certificate for any domain name in order to exploit the vulnerability, as long as the certificate issued by a trusted certificate authority (CA) that's something you can buy for $50. " This meant that a coffee sh

The administrator of the popular Darknet email service , SIGAINT , is warning its users that the email service has become a target of a suspected law enforcement agency who tried to compromise it. About a week ago, SIGAINT has been targeted by an attacker who tried to hack the service by using nearly 70 bad Tor exit nodes , one of the service's administrator informed its users via the tor-talk mailing list on Thursday. Before jumping on the news, Let's first understand what are Exit Nodes? As I said, SIGAINT uses TOR anonymization network which means when an email sent from one user to any destination, the email routed through multiple relays/nodes that actually aren't aware of the sender's identity. The last machine that processes the email known as a Tor exit relay or Tor exit node. The end user who receives that email can see the IP of the exit node instead of the IP address of the original sender. And this is how, SIGAINT allows you to send

After reaching heights in cyber attacks by targeting SCADA systems , hackers are looking forward to crash trains. It isn't only assumptions; it could actually happen in real. A new hi-tech railway signalling system being tested in the United Kingdom could potentially be hacked by cyber criminals to cause oncoming trains to crash into one another at highest speeds , an Internet security expert has warned. The Loophole: The European Rail Traffic Management System , a new digital system that are designed to make train lines secure and safer… ...actually lack in security that could easily expose the systems to malware and allows malicious actors (like terrorists) to cause massacre around the UK. 'Nasty Accident is Waiting.' Internet security expert Professor David Stupple told the BBC that plans to replace old railway signal lights with new digital systems could expose the railway network to cyber attack, causing a "nasty accident" t