The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Police have arrested a fourth person, a 16-year-old boy , from London in connection with the high-profile hack of British telecoms giant TalkTalk. The investigating officers from the Metropolitan Police Cyber Crime Unit (MPCCU) arrested the teenager at his home in Norwich on suspicion of Computer Misuse Act offences. TalkTalk was subjected to a ' significant and sustained ' hacking attack on its official website two weeks back, which put the Bank Details and Personally Identifiable Information (PII) of its 4 Million customers at risk. The telco confirmed last week that at most 1.2 Million names, email addresses and phone numbers and around 21,000 unique bank account numbers and sort codes were compromised in the attack. However, TalkTalk said that the stolen credit card details were incomplete, so the payment cards could not be used for any false financial transactions. But, the company advised customers to remain vigilant against financial fraud. S

Unless we are a human supercomputer, remembering a different password for every different site is not an easy task. But to solve this problem, there is a growing market of best password manager and lockers, which remembers your password for every single account and simultaneously provides an extra layer of protection by keeping them strong and encrypted. However, it seems to be true only until a hacker released a hacking tool that can silently decrypt and extract all usernames, passwords, as well as notes stored by the popular password manager KeePass . Dubbed KeeFarce , the hacking tool is developed by Kiwi hacker Denis Andzakovic and is available on GitHub  for free download. Hackers can execute KeeFarce on a computer when a user has logged into their KeePass vault, which makes them capable of decrypting the entire password archive and then dumping it to a file that attackers can steal remotely. How Does KeeFarce Work? KeeFarce obtains passwords by lever

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

The China's Google-like Search Engine Baidu is offering a software development kit (SDK) that contains functionality that can be abused to give backdoor-like access to a user's device, potentially exposing around 100 Million Android users to malicious hackers . The SDK in question is Moplus , which may not be directly available to the public but has already made its way into more than 14,000 Android apps, of which around 4,000 are actually created by Baidu. Overall, more than 100 Million Android users, who have downloaded these apps on their smartphones, are in danger. Security researchers from Trend Micro have discovered a vulnerability in the Moplus SDK, called Wormhole , that allows attackers to launch an unsecured and unauthenticated HTTP server connection on affected devices, which works silently in the background, without the user's knowledge. Also Read:   More than 26 Android Phone Models Shipped with Pre-Installed Spyware This unsecured serv

The Online Hacktivist group Anonymous announced it plans to reveal the identities of about 1,000 Ku Klux Klan (KKK) members on 5th November , the day of the Global Protest movement known as the Million Mask March. Million Mask March , where protesters don Guy Fawkes masks in hundreds of cities around the world, and march together against the corrupt Governments and corporations. Ku Klux Klan (KKK) is classified as a White Supremacist Racist group by the Anti-Defamation League and the Southern Poverty Law Center, allegedly having total 5,000 to 8,000 members. It was founded after the Civil War by former Confederate soldiers to fight against the reforms imposed by the North during Reconstruction. " We've gained access to yet another KKK Twitter account. Using the info obtained, we will be revealing about 1000 Klan member identities. ", Anonymous Hackers tweeted last week. The list of 1000 KKK Members, to be released on 5th November, apparently includes the

Imagine the internet that would offer you to communicate privately with anyone else without censorship, safe from the prying eyes of surveillance authorities…. … Decentralized, Encrypted, Peer-to-Peer Supported and especially a non-IP Address based Internet. Yeah, a New Private Internet that would be harder to get Hacked. This Internet is a dream of all Internet users today and, of course, Kim Dotcom – the Famous Internet entrepreneur who introduced legendary Megaupload and MEGA file sharing services to the World. Kim Dotcom announced plans to start his very own private internet at the beginning of this year and has now revealed more details about MegaNet — a decentralized, non-IP based network that would share data via " Blockchains ," the technology behind Bitcoins. On Thursday, Dotcom remotely addressed a conference in Sydney, Australia, where he explained how MegaNet will utilize the power of mobile phones and laptops to operate. How will M

Hackers are now going crazy and trying new ways in Biohacking . Until now, we have seen a hacker who implanted a small NFC chip in his hand in order to hack Android smartphones and bypass almost all security measures. However, now the level of craziness has gone to a whole new level. A Swedish hacker has devised a neat trick that makes him able to buy groceries or transfer money between bank accounts by just waving his hand. Yes, you heard that right.  Patric Lanhed , a software developer at DigitasLBi, implanted a small NFC (Near Field Communications) chip with the private key to his Bitcoin wallet under his skin. So How Does the Trick Work? So, while sending Bitcoin payment from one digital wallet to another, he just has to wave his hands against an NFC chip reader that will scan the data, and a custom software will confirm the authenticity of the key, triggering the money transfer. A proof-of-concept video demonstration by Patric and his acquaintanc

Well, here's some terrible news for all Apple iOS users… Someone just found an iOS zero-day vulnerability that could allow an attacker to remotely hack your iPhone running the latest version of iOS, i.e. iOS 9. Yes, an unknown group of hackers has sold a zero-day vulnerability to Zerodium , a startup by French-based company Vupen that Buys and Sells zero-day exploits. And Guess what, in How much? $1,000,000. Yes, $1 Million. Last month, a Bug bounty challenge was announced by Zerodium for finding a hack that must allow an attacker to remotely compromise a non-jailbroken Apple device through: A web page on Safari or Chrome browser, In-app browsing action, or Text message or MMS. Zerodium's Founder Chaouki Bekrar confirmed on Twitter that an unnamed group of hackers has won this $1 Million Bounty for sufficiently submitting a remote browser-based iOS 9.1/9.2b Jailbreak (untethered) Exploit. NO More Fun. It's Serious Threat to iOS Use

Avoiding Credit Card Fraud is simply easy as long as you use cash. But, what if you even get hacked while withdrawing cash from an ATM? If you are living in Germany or traveling there, then think twice before using your payment cards in the ATMs. Here's why: A Security researcher in Germany has managed to hack ATM and self-service terminal from Sparkasse Bank that allowed him to reveal the sensitive details from the payment card inserted into the machine. Benjamin Kunz-Mejri , CEO of Germany-based security firm Vulnerability Lab , discovered a vulnerability while using a Sparkasse terminal that suddenly ejected his card, and changed status to " temporarily not available. " Meanwhile, the machine automatically started performing software update process in the background. However, Benjamin used a special keyboard combination to trick the ATM into another mode. Benjamin's trick forced ATM system to put update process console (cmd) in the foreground

Hey friends, guess what? Yes, yes.. you read that right... It's Party time for all of us, as The Hacker News (THN) is celebrating its 5th Anniversary Today. And what an epic 5 years it has been! We began our journey on this same day back on November 1, 2010, as a dedicated news platform for Hackers, Security researchers, technologists and nerds. And just because of your support ' The Hacker News ' has become one of the World's popular Hacking and Technology News Platform that went from ~100,000 Readers to more than 4 Million unique monthly readers. So now it's time to Celebrate… and most importantly, Congratulate you all for the success of THN. Thank you all for your enthusiasm, contribution, support, sharing, love, time and efforts as well. We wouldn't be here, five years on and still going strong, if you didn't support us too. Future Plans at The Hacker News We don't cover everything, never did, never could, we just publicized the th