The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A self-described teenage hacker has claimed to have hacked into personal AOL email account of Central Intelligence Agency (CIA) Director John Brennan and swiped sensitive top-secret data. It's Really a major embarrassment for Brennan as well as the CIA. The hacker, who describes himself as an American high school student, called the New York Post to describe his exploits. According to the teenage hacker, Brennan's private email account held a range of sensitive files, which includes: His 47-page application for top-secret security clearance Social Security numbers (SSNs) and personal information of more than a dozen top US intelligence officials A government letter discussing " harsh interrogation techniques " used on terrorist suspects Sensitive Information Leaked The teenage hacker operates with under the Twitter name " Crackas With Attitude " with Twitter handle @_CWA_ . He confirmed the Post that he also controlled the

Recently, Chinese iOS developers have discovered a new OS X and iOS malware dubbed XcodeGhost that has appeared in malicious versions of Xcode, Apple's official toolkit for developing iOS and OS X apps. The hack of Apple's Xcode involves infecting the compiler with malware and then passing that malware onto the compiled software. This is a unique approach because the hack does not attempt to inject attack code into a single app, and then try and sneak that past Apple's automated and human reviewers. Instead, the malicious code is infected on Xcode itself, which is used by software developers to craft and develop the apps for iOS and OS X operating system. The primary behavior of XcodeGhost in infected iOS apps is to collect information on devices and upload that data to command and control (C2) servers. Once the malware has established a foothold on infected devices, it has the ability to phish user credentials via fake warning boxes, open specific URLs in a

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Facebook just launched a new notification feature that will alert you if the social network strongly suspects that your account is being hijacked or targeted by hackers working in the interest of a nation-state. The message, which you can see below, recommends users to turn ON " Login Approvals ," so that their Facebook accounts can only be accessed using stronger two-factor authentication. Facebook insists that some necessary steps are already taken to secure users' Facebook accounts that may be targeted by hackers, but the company has also stepped up to directly warn its users when a government-sponsored attack is under away. In a blog post published Saturday, Facebook Chief Security Officer (CSO) Alex Stamos announced that this step to secure accounts is necessary "because these types of attacks tend to be more advanced and dangerous than others." Stamos added that "it's important to understand that this warning is not related t

Microsoft wants Windows 10 users to use its Edge browser , and the company is pulling every trick out to make it happen. In a newly leaked Windows 10 preview release ( build 10568 ) , Microsoft has added a new prompt that appears whenever you try to switch away from default apps, including Microsoft Edge . Considering the wide adoption of Microsoft's newest operating system Windows 10, it seems that users are still hesitant in adopting Edge browser that comes bundled with  Windows 10 . To help encourage a higher adoption of Microsoft's default apps bundled with Windows 10, the software giant seems to be taking some steps. Come, Give Microsoft Edge A Shot!  If you already have Microsoft Edge as your default browser, then installing another rival browser, such as Google Chrome or Mozilla Firefox , and switching the defaults will make a dialog box with " Give Microsoft Edge a shot " appear. The prompt highlights some of the latest features in

We are back with THN Weekly RoundUp to spread lights on last week's top cyber security threats and challenges, just in case you missed any of them (ICYMI). Last week, we came to know about many security threats including how Google records and stores our Voice searches, How hackers can use Radio-waves to control our Smartphones from 16 feet away and How did the NSA break Trillions of Encrypted connections. Also, some of last week's news included USB Killer v2.0 and a real-life Thor-like Hammer . I recommend you to read the entire news (just click ' Read More ' because there's some valuable advice in there as well). Here's the list: 1. Google OnHub Router Runs on Chrome OS; Here's How to Root it Google OnHub Router runs Chrome operating system, the same Linux-based OS that powers Google Chromebook laptops and desktops. Google OnHub is a modern wireless router designed by Google and TP-Link. It operates networks on both t