The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Let's Encrypt , a project aimed to provide free-of-charge and easier-to-implement way to obtain and use a digital cryptographic certificates (SSL/TLS) to secure HTTPS website, is looking forward to issue its first digital certificates next month. With Let's Encrypt , any webmaster interested in implementing HTTPS for their services can get the certificates for free, which is a great move for encouraging people to encrypt their users' connections to their websites. Let's Encrypt is a combined effort of digital-era rights advocate Electronic Frontier Foundation (EFF), Mozilla Foundation , Cisco Systems , Internet content distributor Akamai Technologies , certificate provider IdenTrust and researchers from the University of Michigan . Generally, the process of implementation of an SSL certificate, including the need to obtain and install a certificate, is complicated for most web developers as it sounds. In most cases, the cost related issues force web adm

More than 600 Million users of Samsung Galaxy smartphones, including the newly released Galaxy S6, are potentially vulnerable to a software bug that allows hackers to secretly monitor the phone's camera and microphone, read text messages and install malicious apps. The vulnerability is due to a problem with the Samsung built-in keyboard app that enables easier predictive text. One of the keyboard app version, SwiftKey IME , that comes prepackaged with Samsung's latest Galaxy smartphones could allow a malicious hacker to remotely execute code on user's phone even when if they are not using the keyboard app. Users cannot get rid of this Flaw The app cannot be uninstalled or disabled by the users of the Samsung smartphone devices, so it is up to Samsung to fix the critical bug. The vulnerability was discovered by NowSecure mobile security researcher Ryan Welton, who notified Samsung about the bug in December last year. The keyboard app periodic

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

I think you'll agree with me when I say: Apple devices are often considered to be more safe and secure than other devices that run on platforms like Windows and Android, but a recent study will make you think twice before making this statement. A group of security researchers have uncovered potentially deadly zero-day vulnerabilities in both iOS and OS X operating systems that could put iPhone/iPad or Mac owners at a high risk of cyber attacks. Researchers have created and published a malicious app on the App Store that was able to siphon users' personal data from the password storing Keychain in Apple's OS X , as well as steal passwords from iCloud, banking and email accounts. Dubbed XARA (cross-app resource access), the malware exploit app was able to bypass the OS X sandboxing mechanisms that are supposedly designed to prevent an app from accessing the credentials, contacts, and other important data related to other apps. The Consequences are Dire!

The USB flash drives or memory sticks are an excellent way to store and carry data and applications for access on any system you come across. With storage spaces already reaching 256 gigabytes, nowadays USB drives are often larger than past's hard drives. Thanks to increased storage capacity and low prices, you can easily store all your personal data on a tiny, easy-to-carry, USB memory stick. The USB drive is a device that is used by almost everyone today. However, there's a downside… I think you'll agree with me when I say: USB sticks are easily lost or stolen. Aren't they? However, in today's post I am going to show you how to use your USB drives without fear of being misplaced. If you are not aware, the leading cause of data breaches for the past few years has been the loss or theft of laptops and USB storage devices. However, USB flash memory sticks are generally treated with far less care than laptops, and criminals seeking for corporate devices could cost your c

Whether you are a one-stop-shop IT guy or a network admin on a large IT team you owe it to yourself to learn about Security Information and Event Management (SIEM) technology. Why? SIEM lets you correlate between events recorded in different logs for related systems. This is significant because attackers often exploit multiple vulnerabilities on separate but connected systems. For a complete picture of what's going on in your network, look beyond the network itself to correlate events in applications, databases, and middleware. With today's distributed applications, the challenge of troubleshooting more routine failures or slowdowns is not so different. The breakdown often lies in the connection between two systems, rather than in one or the other. What makes a good SIEM tool different from all other management and monitoring tools you have is its breadth. SolarWinds Log & Event Manager is a powerful SIEM tool that pulls together logs from virtually every s

We at The Hacker News get a lot of requests via emails and messages from people who want to hack into someone else's Facebook account or Gmail account or break into somebody's network. However, 80 to 90 percent requests we receive every day are from people who want to hack into their girlfriend, boyfriend, wife, or husband's Facebook account in order to read their private conversations and reveal their secret relationships, if any. Even though we strongly deny any such requests because accessing someone else's account without their knowledge or permission is a crime… ...but there are demands from people – those cheated by their love, betrayal of trust, driven by greed or revenge – to break into the Facebook accounts of other people. So, what about Hiring a Hacker? As money could buy everything, a service received a lot of popularity earlier this year – even featured on the front page of the New York Times – claims to connect these needy people to professional

I don't know about your part, but I make heavy use of tabs. I currently have 200+ tabs open in my Google Chrome Web browser. And sometimes the number is even more. For me it's a daily thing, as I regularly open new tabs because of my habit of reading lots of stuff online, including cyber security updates, hacking news, knowledgeable articles of various categories, new recipes to cook something delicious and, of course, funny viral videos. Browsers — Everything for us, But Biggest Memory Eaters! I think you'll agree with me when I say: It's really hard to manage so many tabs on Chrome — and Firefox too. But worse still is the obstruction in the performance of your computer, as the tabs continue to run background processes and feed on your system's memory. It gets difficult to sort through them, everything slows down, and sometimes it crashes the browser itself. Doesn't it? But, I really don't face any issue while surfing on 200+ tabs at one time

Google has recently announced its latest version of the mobile operating system called Android M at its official Google I/O 2015 developer event May 28 in San Francisco. We don't know exactly what is the ' M ' stands for just yet. My guess is it could be Marzipan or maybe Milky Way. Let me know what you guys think, so write me your guesses down below in the comments. Android M is not going to be an immense move in look or architecture like Android Lollipop , but it is bringing some eye-catching upgrades that you are going to love. However, after a Google I/O event and having the Developer Preview of Android M and installing it in my Nexus 6, I have got a pretty good idea what I think are the top 10 Best New Features of Android M. PRIVACY AND APP CONTROL 1. Powerful App Permissions Manager: The biggest change that Google's Android M will bring is a granular permissions system, somewhat similar to what Apple has. Currently, Android app permissions

After Google made its Android users happy by unveiling new features in Google I/O developer conference last month, it's now time for Apple fans… WWDC 2015 event is upon us. Apple's Worldwide Developers Conference is going on in San Francisco and the company has many new surprises for its users. One of them is the new operating system for Macs, which Apple unveiled on stage on Monday. Long served Yosemite, a Heartiest Welcome to the newest version of OS X: El Capitan . Yes, El Capitan — the famous mountain in Yosemite National Park — is the latest version of Apple's desktop operating system that. What are the best features of EI Capitan? EI Capitan is the Apple major move towards providing a better desktop experience to its users. With OS X El Capitan, Apple wants to focus heavily on performance improvements to make its Mac computers " snappier and more efficient. " So, What's new in OS X 10.11 El Capitan? Improved User Experience 1. New sm

Python is an excellent programming language that has rapidly become popular among Hackers, Reverse engineers, software testers, Forensic analyst and Penetration testers. Python is a simple object-oriented and minimalistic language that is easy to learn for novice programmers as well as experienced developers. Most Python programs run on all major operating systems including Windows, Linux, Mac, etc. What makes Python such an effective platform for Security Professional and Hackers? Python supports pre-built extensive libraries that are specifically designed for penetration testing and provide some powerful functionalities. So if you are looking for a most widely used and easy to learn scripting language, go for Python. Here I'm introducing you a Free IT training from Cybrary – Python for Security Professionals . There is nothing wrong if I say that scripting languages like BASH, Perl, and Ruby can not do the same things as Python, but building those ca