The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The world's most popular Free Web Hosting company 000Webhost has suffered a major data breach, exposing more than 13.5 Million of its customers' personal records. The stolen data includes usernames, passwords in plain text, email addresses, IP addresses and last names of around 13.5 Million of 000Webhost's customers. According to a recent report published by Forbes , the Free Hosting service provider 000Webhost was hacked in March 2015 by an anonymous hacker. In a post on its official Facebook page, the hosting company has acknowledged the data breach and posted the following statement: "We have witnessed a database breach on our main server. A hacker used an exploit in old PHP version to upload some files, gaining access to our systems. Although the whole database has been compromised , we are mostly concerned about the leaked client information." The stolen data was obtained by Troy Hunt , an Australian security researcher, who received the dat

In our previous article, The Hacker News reported that the EFF had won its battle over the limits that were put on a car's copyrighted software, allowing car owners to fiddle with their car's software. EFF has participated in the rulemaking procedure held by the United States copyright office (DMCA) earlier also, and this time they have got a bag full of success. As… ...Library of Congress has not only allowed the consumers to repair and modify their Car's Software, but also exempted restrictions from: Device unlocking Jailbreaking Ripping videos for remix This simply means that now anybody can: Ripe off video from DVDs or BluRay disks, as well as online streaming services, for remixes. Jailbreak their phones, tablets, and smartwatches and run operating systems and applications from a third party source. Reconfigure video games that are no longer supported by their publisher. "We are pleased that the Librarian of Congress and the Copyright O

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Yes, you heard right. You can now hack a car by making necessary modifications – but to the car owned by you, not your neighbors. Last year, President Obama passed a bill called 'Unlocking Consumer Choice and Wireless Competition Act,' following which users could unlock their devices – generally those locked under a contract – to use a specific service provider. Also Read:   It's Now Legal to Jailbreak Smart TV, Smartphone Or Tablet . The same year, Electronic Frontier Foundation (EFF) filed a petition with the Librarian of Congress, which has the authority to grant Digital Millennium Copyright Act (DMCA) exemptions , for allowing customers and independent mechanics to repair their vehicles on their own by making necessary modifications. Though many automakers were in opposition to this petition, as they believed by doing so the safety measures of vehicles are going to be at a higher risk. EFF got Success! Yesterday, Library of Congress approve

Webmasters can track all your activities on the Internet – even if you have already cleared your browsing history and deleted all saved cookies. A researcher demonstrated two unpatched flaws that can be exploited to track Millions of Internet users, allowing malicious website owners: List Building: To compile a list of visited domains by users, even if they have cleared their browsing history Tracking Cookies: To tag users with a tracking cookie that will persist even after they have deleted all cookies These two Browser Fingerprinting techniques abuse HTTP Strict Transport Security (HSTS) and Content Security Policy – new security features already built into Mozilla Firefox and Google Chrome, and expected to make their ways to other mainstream browsers in near future. WHAT IF, The Website owners turn these Security features against You? A security researcher has proved exactly the same last weekend at Toorcon security conference in San Diego. Yan Zhu, an

A large number of third-party Android apps have reportedly been discovered grabbing copies of all text messages received or sent to infected devices and sending them to the attackers' server. More than 63,000 Android applications use Taomike SDK – one of the biggest mobile advertisement solutions in China – to help developers display ads in their mobile apps and generate revenue. However, around 18,000 of these Android apps contains a malicious code that spy on users text messages, according to researchers at Palo Alto Networks, who made the discovery . Taomike provides a Software Development Toolkit (SDK) and services to the Android app developers using which they can: Displaying advertisements to users Offer in-app purchases (IAPs) Android Apps Stealing SMS Messages Focussing on distributing the app and techniques for building revenue, "Not all apps that use the Taomike library steal SMS messages," security researchers said. The security