The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Ever wonder, How can you Track your Stolen Smartphone , Laptop or any Smart Device? ...With IMEI Number? ...Or IP address? ...Or may be some special types of equipment? Well, Not required, because now it is possible to track stolen devices just by scanning their MAC addresses. Yes, Just MAC addresses, which is assigned to each device on a unique basis by the IEEE, but crooks can modify it in an attempt to hide the origin of the stolen device. But given the people's practice to never notice the MAC address of their mobile phone, tablet, laptop, desktop, smart TV, smart refrigerator, or broadband router, MAC addresses can be used to track stolen electronics. This exactly is what an Iowa City cop wants to do.  How Police Can Track Stolen Devices? According to Gazette, an Iowa police officer David Schwindt has developed a sniffing software that helps police find more stolen properties. The software, Schwindt dubbed L8NT (short for Latent analysi

With the release of 12 Security Bulletins , Microsoft addresses a total of 56 vulnerabilities in its different products. The bulletins include five critical updates, out of which two address vulnerabilities in all versions of Windows. The September Patch Tuesday update (released on second Tuesday of each month) makes a total of 105 Security Bulletins being released this year; which is more than the previous year with still three months remaining for the current year to end. The reason for the increase in the total number of security bulletins within such less time might be because of Windows 10 release and its installation reaching to a score of 100 million. Starting from MS15-094 to   MS15-105 ( 12 security bulletins ) Microsoft rates the severity of the vulnerabilities and their impact on the affected software. Bulletins MS15-094 and MS15-095 are the cumulative updates, meaning these are product-specific fixes for security related vulnerabilities that are rated

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

WhatsApp recently claimed to have hit 900 Million monthly active users , but a dangerous security flaw in the web version of the popular instant messaging app puts up to 200 Million of its users at risk . Yes, the web-based extension of WhatsApp is vulnerable to an exploit that could allow hackers to trick users into downloading malware on their computers in a new and more sophisticated way. WhatsApp made its web client, WhatsApp Web , available to iPhone users just last month, after first rolling out its web-based instant messaging service for Android, Windows and BlackBerry Phone earlier in the year. Similar to Facebook Messenger, WhatsApp Web is an effective way to experience the mobile app in a web browser, allowing you to view all of the conversations you have made with your friends – including images, audio files, videos, GPS location and contact cards – straight on your PCs. However, a security flaw discovered by Check Point's security researcher Kasif

Until today, there existed such Fingerprint Biometric Readers that required your touch to authenticate yourself as an authorized person. However, the latest research shows that the future of fingerprint scanners lies in a " no-touch " activity by an individual for gaining access. Recently, NIST ( National Institute of Standards and Technology ) has funded a number of startup and companies to develop touchless Fingerprint readers. The Contactless Biometric Technology requires the person's presence, but from meters away. As the fingerprint scanners can sense and read your fingerprint information while you are standing few meters away from the scanner. Contactless Fingerprint Scanners: Fast and Time Saving The touch-free technology is such where authentication is done with a faster speed, saving time while giving importance to hygiene when compared to conventional biometric devices. Imagine a situation, where there's a long queue and to pass through biometric fingerprint

Do you know? Microsoft has the power to track every single word you type or say to its digital assistant Cortana while using its newest operating system, Windows 10 . Last fall, we reported about a ' keylogger ' that Microsoft openly put into its Windows 10 Technical Preview saying the company 'may collect voice information' as well as 'typed characters.' It was thought that the company would include the keylogger only within the Technical Preview of Windows 10, just for testing purpose. But, the thought was Wrong! The keylogger made its ways to Windows 10 public release offered by Microsoft for free due to which Windows 10 gained millions of adoption in just a few days after its first roll out back in July – but the free upgrade is not always free. Also Read:   Tip — Installing Windows 10‬? Fix 35+ Privacy Issues With Just One Click Yes, besides various privacy issues , there is a software component that tracks your inputs using your k

How difficult is for hackers to take over your personal photographs? They just need to trick you to download an app, or may be a Porn app . Yes, if you are one of those who can't resist watching porn then you could be an easy target for hackers who are distributing ransomware via malicious pornography app to run you out of your money. A pornography application for Android called Adult Player that promises free pornographic videos has been caught taking photographs of users and then extorting them for ransom ( Cyber Extortion ). Once installed, Adult Player gains administrator access to the victim's device, which then allows it to load malicious ransomware files. When Hackers Turn to Blackmail: Demands $500 Ransom When a user opens the app, Adult Player secretly takes photos of the user with the help of front-facing camera and then demands a $500 (£330) ransom in order to restore the device access and delete all photos stored on attackers server.

In Part I of this  two-part series from The Hacker News , the First Four list of Top Brutal Cyber Attacks shows that whoever you are, Security can never be perfect. As attackers employ innovative hacking techniques and zero-day exploits, the demand for increased threat protection grows. In this article, I have listed another three cyber attacks, as following: #5 Car Hacking Driving a car is a network's game now! ' Everything is hackable ,' but is your car also vulnerable to Hackers ? General Motors' OnStar application and cars like Jeep Cherokee, Cadillac Escalade, Toyota Prius, Dodge Viper, Audi A8 and many more come equipped with more advanced technology features. These cars are now part of the technology very well known as the " Internet of Things ". Recently two Security researchers, Chris Valasek and Charlie Miller demonstrated that Jeep Cherokee could be hacked wirelessly over the internet to hijack its steering, brakes, and transmi

If you believe that your organization is not at real risk of cyber attack, then you are absolutely wrong. Incidents of massive data breaches, advanced cyber attacks coming from China , groups like Syrian Electronic Army , Hacking Point of Sale machines at retailers such as Target have splashed across the news in the last one year. Whether a Government Agency or Private Company, Small or a Large Tech Company.... ...It's no secret that No one is Immune to Cyber Attacks . This article is the first in a two-part series from The Hacker News , listing first four out of  Top 7 Brutal Cyber Attacks. And here we go... #1 "Hacking Team" Data Breach Hacking Team , the controversial spyware company, recently been hacked by some unidentified hackers that exposed over 400 gigabytes of its internal sensitive data on the Internet. Milan (Italy) based IT firm 'Hacking Team' sells intrusion and surveillance software solutions to Governments and Law Enforcement agen

Several of Seagate's 3rd generation Wireless Hard drives have a secret backdoor for hackers that puts users' data at risk. A Recent study done by the security researchers at Tangible Security firm disclosed an " undocumented Telnet services " with a hard-coded password in Seagate Wireless Hard Drives. The secret Telnet Vulnerability ( CVE-2015-2874 ) with an inbuilt user account (default username and password — "root") allows an attacker to access the device remotely, left users data vulnerable to theft. According to US-CERT (Computer Emergency and Response Team) public advisory, multiple models of Seagate hard drives contain multiple vulnerabilities. Affected devices are: Seagate Wireless Plus Mobile Storage Seagate Wireless Mobile Storage (Wirelessly streaming your tablet and smartphone's data) LaCie FUEL (Wirelessly extending storage for iPads) The violation that an attacker can activate is, they can gain root access to the device and ac

Google is planning to introduce a trimmed down special version of Google Play Store and Android Wear to The Mainland China. But wait, if I'm not wrong… Google had ended ties with China five years ago. Then what made Google to re-establish itself in China once again? Business?? Recent reports by Amir Efrati at The Information state that Google has massive plans to re-establish itself in the Mainland China. The search engine giant is aiming to get approval from China (the largest populated country in the world) for: Reviving Google as the Internet service provider Designing a tailor-made Google play store for China Android Wear software for the wearable existing in China Smart steps, though, but what happened back in 2010? Google and China always contradict each other, China's Internet laws and Google's censoring the search engine was one battle. In 2010, Google famously retracted its search engine Google.cn from Mainland China, after they ma

China Police has arrested nearly 15,000 people on suspicion of cyber crimes as part of an operation dubbed " Cleaning the Internet ," according to reports. According to the Chinese Ministry of Public Security (MPS), the suspects have been arrested for their involvement in cyber crimes that " jeopardized Internet security ." In July, China launched a six-month campaign codenamed " Cleaning the Internet " to fight online criminal activities. Under the program, the police investigated 7,400 cases, including hacking, online fraud and the illegal sale of personal information, spread over 66,000 websites, the official website of the ministry stated . "For the next step, the public security organs will continue to increase their investigation and crackdown on cyber crimes," according to the Chinese Ministry of Public Security. The MPS did not clear exactly when the arrests took place but said the program also took down major online

Jailbreaking your device may have got you the best of apps but after reading this you will know what a high price you could have to pay for the jailbreak. Read on… A malware named ' KeyRaider ' has supposedly stolen user credentials of approximately 225K iPhone users. It has been given this name as it raids victims' username and passwords, private keys and certificates. Figures say that KeyRaider malware has affected a large number of users in China and worldwide 17 more countries. Also, the origin of malware is suspected to be in China, as said in investigations conducted by Palo Alto Networks for reporting any suspicious tweaks on iPhones. Users falling prey to KeyRaider may be the victims of: Ransomware Data Theft DDoS Attacks Malware is targeting jailbroken phones and when in action, it captures Apple ID of the users and make transactions using it. The researchers say that it is spreading with the help of Cydia app repositories that are popular amo