The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Difficult to believe this, as we hardly come across such news. But trust me, a person managed to buy no ordinary .com domain, but — Google.com and that too for one whole minute. Sanmay Ved , an ex-Google employee and current-Amazon employee, experienced something of a shock when he found that the world's largest search engine website, Google.com , was " available " for purchase. What's Even More Shocking? It's the cost of the most-trafficked domain in the world — Only $12 . Expecting to get an error message, Ved added the domain to his shopping cart and made payment. The entire purchasing process went through without any difficulty. Within moments, his inbox and Google Webmaster Tools were flooded with webmaster related messages confirming his ownership for Google.com . "The scary part was I had access to the webmaster controls for a minute," Ved said. However, soon he received an order cancellation email and refund fro

Attention Android users! More than 1 Billion Android devices are vulnerable to hackers once again – Thanks to newly disclosed two new Android Stagefright vulnerabilities . Yes, Android Stagefright bug is Back… …and this time, the flaw allows an attacker to hack Android smartphones just by tricking users into visiting a website that contains a malicious multimedia file, either MP3 or MP4. In July, Joshua Drake, a Security researcher at Zimperium revealed the first Stagefright bug that allowed hackers to hijack Android smartphones with just a simple text message ( exploit code ). How Stagefright Bug 2.0 Works Both newly discovered vulnerabilities ( CVE-2015-6602 and CVE-2015-3876 ) also reside in the Android Media Playback Engine called ' Stagefright ' and affects all Android OS version from 1 to latest release 5.1.1. Reportedly, merely previewing a maliciously crafted song or video file would execute the Stagefright Bug 2.0 exploit , allowing h

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

Apple has rolled out the second minor iteration of its newest mobile operating system iOS 9, which fixes the iOS lockscreen vulnerability . The widely publicized LockScreen bug allowed anyone with physical access to your iOS device running iOS 9.0 or  iOS 9.0.1 to access all the contacts and photos without unlocking the device. Just one week after the last update iOS 9.0.1, Apple rolled out iOS 9.0.2 update that fixes: iMessage activation problems An issue with mobile data settings An issue with iCloud Backup An issue where the screen incorrectly rotates when receiving notifications Improves the stability of Podcasts According to an update on Apple's support website, the iOS lockscreen issue was the only security bug fixed in the latest iOS 9.0.2 release. Last week, iPhone user Jose Rodriguez published a " dead simple " method to bypass lock screen of the devices running iOS 9 and iOS 9.0.1. Using the benevolent nature of Apple's

October 1 Liability shift ENDS! Today, 1st October 2015 , is the deadline for US-based Banks and Retailers to roll out Chip-embedded Credit Cards ( powered by EVM Technology ) to customers that will make transactions more secure. EVM Technology stands for Europay , MasterCard and Visa -- a global standard for Payment Cards equipped with Chips used to authenticate chip card transactions. Starting Thursday, Merchants must have new Payment Terminals installed to accept Chip Cards in their stores or restaurants. Otherwise, they will be responsible for credit card frauds. Stephanie Ericksen, Visa's Vice President Risk Products said, " That's the date by which if a merchant doesn't have a chip terminal, and a counterfeit card is used at that location, they may be liable for that fraud on that transaction. '' 60% Customers Still have Old Credit Cards However, If you have not received a new credit card with chip technology, don't worry,

A highly mysterious update that was pushed out to Windows machines globally was the result of a test that was not correctly implemented. Yes, Microsoft accidentally released a test patch (KB3877432) to consumer machines running Windows 7, making users believe that the Windows Update service got hacked, and they are infected with malware. However, several hours later, a Microsoft spokesperson clear the air by confirming that the company had " incorrectly published a test update " and that they are "in the process of removing it." Windows users started raising concerns on social media, Microsoft community forums, and news-sharing sites that the Update service has been compromised in some way. The rogue patch, 4.3MB in size , advertised itself as a Windows Language Pack and flagged as an " Important " update, but featured strange and inaccessible URLs and lacked any detailed information. Is My Windows PC Being Compromised? A Wi