The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Credit: mirror.co.uk If you love wearing tattoos and have one on your wrist, then the Apple Watch won't work for you. Yes, you heard that right. Apple watch is unable to figure out your blood pressure or even sense your skin contact if you wear the watch on a tattooed wrist. Generally, the Apple Watch automatically detects your wrist by your measuring your heart's pulse rate. So, you don't need to enter a password every time you put the watch on your wrist. The issue with the Apple Watch: However, the infrared sensors of the Apple Watch that enable wrist detection often fail when encountered by dark ink tattoos or scars. Many users on Twitter and Reddit have complained online that their Apple watches doesn't play nice when worn on a tattooed wrist. The watch's heart rate sensor loses the connection and gives inaccurate readings, even the device fails to detect direct contact with the user's skin, causing apps to shut down and repeatedly as

Meet Microsoft's replacement to its old web browser Internet Explorer. The Project Spartan Web browser for Windows 10 has now an official name — Microsoft Edge . Yes, Microsoft's new web browser shipping on all Windows 10 devices, from computers to smartphones and tablets, is dubbed Microsoft Edge . The company just announced in its Build developer conference that Edge is going to be its primary/default web browser built into Windows 10 . Microsoft Edge is the successor to Internet Explorer and designed to be basic and minimalist for the future. Highlights of Microsoft Edge: There aren't many details about the unique features of Microsoft Edge yet, but here's what we know about Microsoft Edge so far: It has built-in Cortana support, Microsoft's virtual assistant. It has a built-in reading list, web note-taking and sharing features. The rendering engine is called EdgeHTML. The design focuses on minimalism and simplicity. It has a super useful and we

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

As cybercriminals have started using sophisticated phishing techniques in an attempt to hijack online users' account, Google on Wednesday launched a new Chrome Extension to fight against Phishing . The search engine giant has launched a new Password Alert Chrome extension that will alert you whenever you accidentally enter your Google password on a carefully crafted phishing website that aimed at hijacking your account. So, GO and INSTALL the freely available, open-source Password Alert extension which is now available in the Chrome Web Store. Password Alert extension does two things: Prevents you from re-using your Google account password on other websites. Protects you if you've typed the same Google password on a non-Google website by generating a warning that you have just been phished and should immediately change your password. According to the company , nearly two percent of the e-mail messages to Google's Gmail are phishing emails from cyber

Just to have a good anti-virus protection app in your smartphone doesn't mean a complete Security. As Mobile Device Security is comprised of security of different features, such as: Data privacy and security features Permission restrictions for snoopy apps A blacklist for undesired calls An excellent backup capability, in case your smartphone gets deteriorated. As well as encryption functionality. Google's Android is a very flexible mobile operating system that can fulfill all these mobile device security challenges if you select the right security applications from Google Play Store. No doubt, Google Play Store has an abundance of suitable options, and it's quite difficult for you to select the ones that meet all your expectations. So, I decided to help you by making a short list of the best mobile device security applications that I always carry in my Android smartphone. Here are the best security apps you must have in your Android smartphone; have a look

From past few days, Internet Users in China are dealing with a weird redirection of traffic nationwide while accessing any website that makes use of connect.facebook.net resource. Great Firewall of China , which is infamous for the Internet censorship by Chinese government, believes to be intercepting the JavaScript module used by Facebook Connect Login, which is meant to allow third-party websites to authorize users through Facebook infrastructure. Chinese Internet users are complaining that when they visit any website that contain " Login with Facebook " or " Connect with Facebook " buttons (which is being used by a vast number of sites), they automatically redirect to unrelated websites. The two websites to which the traffic is being redirected: wpkg.org — A website for open source automated software deployment, upgrade, and removal program for Windows. ptraveler.com — A personal travel blog authored by a young couple of Poland. "Th

A critical remote code execution vulnerability has been reported in the eBay owned global e-commerce business PayPal that could be exploited by an attacker to execute arbitrary code on the PayPal's Marketing online-service web-application server. The remote code execution flaw, discovered by an independent security researcher, Milan A Solanki , has been rated Critical by Vulnerability Lab with a CVSS count of 9.3 and affected the marketing online service web-application of PayPal. The vulnerability resides in the Java Debug Wire Protocol (JDWP) protocol of the PayPal's marketing online service web-server. Successful exploitation of the PayPal vulnerability could result in an unauthorized execution of system specific codes against the targeted system in order to completely compromise the company's web server, without any privilege or user interaction. JDWP is a protocol that used for communication between a debugger and the Java virtual machine that i

There is a very sleek line between hacking and security. The security used to protect the public could be misused by hackers against the public itself, and one shouldn't forget that with the advance in technology, the techniques used by cyber criminals also improves. Today, What hackers need to conduct a successful cyber attack? Maybe just a computing device injected under the skin of their bodies, who can bear the pain, would be enough to help complete a successful cyber attack – also known as Biohacking . This was exactly what presented by the former U.S. Navy petty officer and now engineer at APA Wireless Seth Wahle . With no malicious intention, Wahle implanted a small NFC chip in his left hand right between his thumb and his pointer finger in order to display the risks of Biohacking. Hacking Android devices using NFC implants: For those unaware, NFC (Near Field Communications) chips embedded in our smartphone devices are used for transferring files and in various mobile pa

Most of the time, we have reported about WordPress vulnerabilities involving vulnerable plugins, but this time a Finnish security researcher has discovered a critical zero-day vulnerability in the core engine of the WordPress content management system. Yes, you heard it right. The WordPress CMS used by Millions of website is vulnerable to a zero-day flaw that could allow hackers to remote code execution on the Web server in order to take full control of it. The vulnerability, found by Jouko Pynnönen of Finland-based security firm Klikki Oy, is a Cross-Site Scripting (XSS) flaw buried deep into the WordPress' comments system. The vulnerability affects the WordPress versions 3.9.3, 4.1.1, 4.1.2, and the latest WordPress version 4.2. Pynnönen disclosed the details of the zero-day flaw, along with a video and a proof-of-concept code for an exploit of the bug, on his blog post on Sunday before the WordPress team could manage to release a patch. Why the researcher m

The official website of the Telecom Regulatory Authority of India (TRAI) has been allegedly hacked just hours after the site exposed more than 1 Million email addresses of users who spoke in support of Net Neutrality. A hackers collective, calls itself AnonOpsIndia , has claimed responsibility for the distributed denial of service (DDoS) attack against the TRAI official website and bringing the site down. Few hours ago, a Twitter account linked to AnonOpsIndia tweeted about the took down of the trai.gov.in website through DDoS attack. Over a month ago, TRAI released a consultation paper with 20 questions to be answered by citizens of India via an e-mail by April 24, in order to hear their opinion on Net Neutrality. TRAI was planning to allow telecom operators like Vodafone and Airtel to block websites and applications just to extort more money from businesses as well as consumers, which is nothing but an extreme violation of Net Neutrality . However, when eve

Yahoo! don't want you to every time type a PIN or swipe your phone or scan your thumbprint in order to unlock your smartphone. Instead, it only wants you to place your smartphone device on your ear in order to do that. A new concept from Yahoo's Research Labs is out that doesn't focus on old fingerprint biometric scanners that are major form of biometric security on today's smartphones, rather focuses on an idea of Bodyprint as the futuristic biometric security. A team of researchers from the Internet giant has developed a new biometric system called " Bodyprint ," which is a much affordable alternative to fingerprint scanners for mobile phones. What does Bodyprint scan? Bodyprint, built by researchers Christian Holz, Senaka Buthpitiya, and Marius Knaust, is designed to utilize different body parts as biometric sensors for different cases, depending on how the users are using their phones. As mentioned above, Bodyprint can recognize you from your ears