The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Advanced Persistent Threat (APT) type attacks continue to emerge on a global scale. What makes these attacks deviate from the norm is often the resources required to develop and implement them: time, money, and the knowledge required to create custom pieces of malware to carry out specific, targeted attacks. Operation Lotus Blossom is one of the more recent APT attacks that has been discovered and analyzed. It is an advanced adversary campaign against the mostly government and state-sponsored entities in the Philippines, Hong Kong, Vietnam, and Indonesia. It is thought that this group carried out the attack to gain a geopolitical advantage by stealing specific information from government and military institutions in that area.  At this point, it is still too early to tell if the reach of the attack will extend to the private sector (a la Stuxnet and Duqu). How does the attack work? It was found that Operation Lotus Blossom involved a novel custom-built malware

Windows 10 is built with the power features of Windows 7 and 8.1, which makes it a robust operating system. It gained 65 million users in the first three days after its release. Still counting and making Windows 10 as a universal platform for all the devices running the same operating system. By Introducing " Windows as a service " utility, The Microsoft is offering Windows 10 Free Upgrade to all the users running Windows 7 or 8.1 as a Windows update, and not as a separate product. From now on, the company will provide regular updates for Windows in the same manner Apple does with its Mac OS X operating system that gets regular updates on a yearly basis and has been known as OS X for over 15 years. Despite some privacy issues , including " Wi-Fi Sense " and " Bandwidth sharing for Windows Update ", and few more, Windows 10 offers a bevy of new and advanced features that makes the operating system unique from others. Also Read: How to Fix 35+ Windows 10 Privacy Iss

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Remember  Mt.Gox ? Once the world's largest Bitcoin exchange… ...then in early 2014, Tokyo-based Mt.Gox Bitcoin exchange filed for bankruptcy saying it lost some 8,50,000 Bitcoins (worth $64 Million) to hackers and suddenly went dark with no explanation. Last Friday, Mark Karpeles , the former CEO of the collapsed Mt.Gox, was arrested by Tokyo Metropolitan Police in connection with the disappearance of Bitcoins worth £247 Million. Police believe Mr. Karpeles had accessed the computer system of the Bitcoin exchange and manipulated the outstanding balance to cover up fraudulent transactions. The company said at the time that 750,000 customers' Bitcoins and another 100,000 belonging to the exchange were stolen due to an unknown vulnerability in the company's software. While he is not yet been charged, the authorities are investigating his involvement in the stealing of Millions of dollars of the Bitcoin virtual currency when the exchange collapsed in 2014. Mt

After installing Windows 10, Feeling like your Internet Bandwidth is dropping away? Windows 10 is stealing your network bandwidth. Along with the privacy features related to Wi-Fi Sense , Windows 10 users should check for another hidden by default feature that uses your network bandwidth to share updates with other Windows 10 users across the Internet. Microsoft launched Windows 10 on July 29 and offered a free upgrade to Windows 7,8 and 8.1 users , and for anyone who wants to download it. But, handling millions of simultaneous 3.5GB downloads is quite difficult for the company. So, in order to cope up with the issue, Microsoft has baked a new feature into its latest desktop operating system that uses the torrent-style approach to obtain software updates , allowing Windows 10 users to download updates from other users. Also Read:  How to Fix 35+ Windows 10 Privacy Issues With Just One Click . Windows 10 is Stealing your Internet Bandwidth The feature, known

Good news for iOS 8.4 users! The Chinese jailbreaking team TaiG has finally released its long-awaited Untethered Jailbreak tool for Apple's iOS 8.4 mobile operating system for the Mac OS X platform. Yes, TaiG Jailbreak is now officially available for OS X users that will allow you to jailbreak iOS 8.4 on your Mac computer without having to resort to using a virtual machine. In late June, the TaiG team released the Jailbreak tool (.exe) only for Windows version, forcing Macs users to rely on other applications or use Boot Camp to tweak their iOS devices. TaiG Jailbreak for Mac, currently at Mac version 1.0.0, is designed from the ground up to support versions of iOS mobile operating system from 8.1.3 to 8.4. You can download the tool from the project's website. How to JailBreak your Device? The process of jailbreaking the device is so easy; anyone can do it. Download and Install the App Disable 'Find My iPhone' on your device's iCloud settings before p

T he O nion R outer (Tor) is weeping Badly! Yes, Tor browser is in danger of being caught once again by the people commonly known as " Spies ," who's one and only intention is to intrude into others' network and gather information. A team of security researchers from Massachusetts Institute of Technology (MIT) have developed digital attacks that can be used to unmask Tor hidden services in the Deep Web with a high degree of accuracy. The Tor network is being used by journalists, hackers, citizens living under repressive regimes as well as criminals to surf the Internet anonymously. A plethora of nodes and relays in Tor network is used to mask its users and make tracking very difficult. Any user when connects to Tor, the connection gets encrypted and routed through a path called a "circuit ." The request first reaches an entry node, also known as a ' Guard ' that knows the actual IP address of the user, and then goes through every ho