The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Want to buy a touch-screen laptop but couldn't afford it? But what if I told you that you can turn your existing non-touch-screen laptop into a Touch Screen laptop? Yes, it's possible. You can now convert your laptop or PC into a touch screen with the help of a new device called AirBar . Touch screen has become a popular feature on laptops these days, and many laptops are moving toward having touch screens, but not every laptop or desktop model comes with the feature. Swedish company Neonode has brought to you a new device, AirBar, that would bring the touch technology to virtually any computer from your non-touch laptops to notebooks. What is AirBar and How does it Work? AirBar is a small plug-and-touch bar that attaches magnetically to the bottom of your machine's display. When connected to your laptop via an available USB port, AirBar starts emitting a beam of invisible light across your screen that is used to track touchscreen movements

As organizations expand their IT infrastructure to match their evolving business models and meet changing regulatory requirements, they often find that their networks have become extremely complex and challenging to manage. A primary concern for many IT teams is detecting threats in the mountain of event data being generated every day. Even a relatively small network can generate hundreds or thousands of events per second, with every system, application, and service generating events. The sheer volume of data makes it virtually impossible to identify manually and link those few events that indicate a successful network breach and system compromise, before the exfiltration of data. The AlienVault Unified Security Management (USM) platform is a solution to help IT teams with limited resources overcome the challenge of detecting threats in their network. USM platform accelerates and simplifies your ability to detect, prioritize, and respond to the most critical

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Juniper Networks has announced that it has discovered " unauthorized code " in ScreenOS , the operating system for its NetScreen firewalls, that could allow an attacker to decrypt traffic sent through Virtual Private Networks (VPNs). It's not clear what caused the code to get there or how long it has been there, but the release notes posted by Juniper suggest the earliest buggy versions of the software date back to at least 2012 and possibly earlier. The backdoor impacts NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20, states the advisory published by the company. However, there's no evidence right now that whether the backdoor was present in other Juniper OSes or devices. The issue was uncovered during an internal code review of the software, according to Juniper chief information officer Bob Worrall , and requires immediate patching by upgrading to a new version of the software just released today. &quo

Ever wonder how to hack Instagram or how to hack a facebook account? Well, someone just did it! But, remember, even responsibly reporting a security vulnerability could end up in taking legal actions against you. An independent security researcher claims he was threatened by Facebook after he responsibly revealed a series of security vulnerabilities and configuration flaws that allowed him to successfully gained access to sensitive data stored on Instagram servers , including: Source Code of Instagram website SSL Certificates and Private Keys for Instagram Keys used to sign authentication cookies Personal details of Instagram Users and Employees Email server credentials Keys for over a half-dozen critical other functions However, instead of paying him a reward, Facebook has threatened to sue the researcher of intentionally withholding flaws and information from its team. Wesley Weinberg , a senior security researcher at Synack, participated in Facebook's b

What do you do to earn up to $150,000? Somebody just hacks into airlines and sells fake tickets. That's exactly what a 19-year-old teenager did and made approximately 1.1 Million Yuan (£110,000 or $150,000) by hacking into the official website of an airline and using the stolen booking information to defraud hundreds of passengers. The teenager, identified as Zhang from Heilongjiang, north-east China, hacked into a Chinese airline website and illegally downloaded 1.6 Million passengers bookings details, including: Flight details Names ID card numbers Email addresses Mobile phone numbers Zhang then used this information to successfully defraud hundreds of customers by convincing them that there was some issue with their booking flights, and they had to pay extra fees, according to People's Daily Online . Moreover, the hack caused the airline to lose almost 80,000 Yuan ( $12,365 USD ) as a result of customers requesting refunds. The incident too

Many Windows 7 and Windows 8.1 users don't want to upgrade their machines to Microsoft's newest Windows 10 operating system now or anytime soon. Isn't it? But what if you wake up in the morning and found yourself a Windows 10 user? That's exactly what Microsoft is doing to Windows 7 and 8.1 users. Windows 10 Upgrade Becomes More Aggressive Ever since Microsoft launched its new operating system over the summer, Windows 7 and 8.1 users have been forced several number of times to upgrade their machines to Windows 10. It was relatively inoffensive at first, but as days have passed, Microsoft has become increasingly aggressive to push Windows users to upgrade to Windows 10 . Microsoft has left very little choice over whether to upgrade their systems to Windows 10 or not. At last, the users end up upgrading their machines to the latest Windows operating system. Users now see a pop up on their computers, as InfoWorld reports , that displays only t

So what would anyone need to bypass password protection on your computer? It just needs to hit the backspace key 28 times , for at least the computer running Linux operating system. Wait, what? A pair of security researchers from the University of Valencia have uncovered a bizarre bug in several distributions of Linux that could allow anyone to bypass any kind of authentication during boot-up just by pressing backspace key 28 times. This time, the issue is neither in a kernel nor in an operating system itself, but rather the vulnerability actually resides in Grub2 , the popular Grand Unified Bootloader , which is used by most Linux systems to boot the operating system when the PC starts. Also Read: GPU-based Linux Rootkit and Keylogger . The source of the vulnerability is nothing but an integer underflow fault that was introduced with single commit in Grub version 1.98 (December 2009) – b391bdb2f2c5ccf29da66cecdbfb7566656a704d – affecting the grub_password

Remember the notorious hacker group Lizard Squad that spoiled last Christmas holidays of many game lovers by knocking the PlayStation Network and Xbox Live offline with apparent Distributed Denial of Service (DDoS) attacks? But, Will you be able to Play Xbox and PlayStation Game this Christmas? Probably Not. Because a new hacking group is threatening to carry out similar attacks by taking down the Xbox LIVE and PlayStation Network for a week during Christmas. Be Ready this Christmas for Attacks on PSN and XBox LIVE In a series of tweets, a bunch of DDoS hackers calling themselves " Phantom Group " (@PhantomSquad) announced that they will disrupt the XBox Live and PlayStation networks in a coordinated DoS attack. The attacks could prevent millions of gamers worldwide from enjoying their newly opened Christmas gifts and accessing games online. Also Read: PlayStation 4 Jailbreak Confirms . Here are the tweets by Phantom Squad: We are goi

Researchers have come up with an all new way to revolutionize the standard computer chip that comes inbuilt in all our electronics. Researchers from Carnegie Mellon , Stanford , and t he University of California , Berkeley among others, have invented a new material that could replace the 'silicon' in conventional chips – built in all electronic devices – making the device's processing  speed 1,000 times faster . This means that the new chip made with nano-material could solve complex problems in a fraction of the time our computers take. The brand new chip, dubbed Nano-Engineered Computing Systems Technology (N3XT) , takes the landscape from a resource-heavy single-storey layout to an efficient ' Skyscraper ' approach, claims a Rebooting Computing special issue of the IEEE Computer journal. Silicon Chip – A Resource-Heavy Single-Storey Layout The standard silicon chips currently used in all electronic devices have one major issue: The

UK's Secretive Spy Agency Government Communications Headquarters (GCHQ) has open-sourced one of its tools on code-sharing website GitHub for free... A graph database called ' Gaffer .' Gaffer , written in Java, is a kind of database that makes it "easy to store large-scale graphs in which the nodes and edges have statistics such as counts, histograms and sketches." Github is a popular coding website that allows software developers to build their project on a single platform equipped with all the requirements that are gone in the making of a software. Gaffer and its Functionalities In short, Gaffer is a framework for creating mass-scale databases, to store and represent data, and is said to be useful for tasks including: Allow the creation of graphs with summarised properties within Accumulo with a very less amount of coding. Allow flexibility of stats that describe the entities and edges. Allow easy addition of nodes and edges. Allo

Billions of dollars are spent in securing business operations, and yet attackers still find ways to breach a network. With the ever increasing growth in security attacks across all threat vectors, you should consider these New Year's resolutions to help solve your security challenges in 2016: Take stock of what you have Segment your Network Setup controls with ACLs Secure protocols, network ports, & services Monitor account activity Monitor servers & databases Make sure that your applications are secured Ensure security policies are in place Measure effectiveness and ensure your security products are doing their job Add threat intelligence into your security operations As you prepare for 2016 and reflect on all the security news stories from this year, these ten resolutions need to be on your " to-do " list: 1. Take stock of what you have Knowing the genetic makeup of your environment is the key to securing your IT systems. It is critical to have an updated invento

MacKeeper anti-virus company is making headlines today for its lax security that exposed the database of 13 Million Mac users' records including names, email addresses, usernames, password hashes, IP addresses, phone numbers, and system information. MacKeeper is a suite of software that claims to make Apple Macs more secure and stable, but today the anti-virus itself need some extra protection after a data breach exposed the personal and sensitive information for Millions of its customers. The data breach was discovered by Chris Vickery , a white hat hacker who was able to download 13 Million customer records by simply entering a selection of IP addresses, with no username or password required to access the data. 21 GB Trove of MacKeeper Customer Data Leaked 31-year-old Vickery said he uncovered the 21 GB trove of MacKeeper customer data in a moment of boredom while searching for openly accessible databases on Shodan – a specialized search engine that looks fo

Sony's PlayStation 4 – the hottest-selling gaming console in the United States – has been in the market for a while now, and since its release, hackers have been tinkering with it to find a way to run unauthorized software. Though breaking the protection on PlayStation 4 is a huge deal, a hacker who calls himself CTurt has claimed to develop a fully jailbroken version of the PlayStation 4 with the help of a kernel exploit that he previously created. The current jailbreak allows dumping of the system RAM from other processes and installing custom firmware that can be used to run homebrew applications that aren't approved by Sony. Of course, there is still a few other security issues to get by, but it is a foot in the door for game piracy, which can affect the gaming market as a whole. The Twitter account of CTurt seems to indicate that currently the exploit only works for PlayStation 4 firmware version 1.76, but apparently it can be tweaked to work for mor

So how do you catch rogue drones that take your sky? With another Giant Drone, of course! This is exactly how the Tokyo Metropolitan Police Department is catching unwanted and potentially dangerous drones flying over the city, according to Japan Today. The department is launching an anti-drone squad in order to prevent people from flying their drones overcrowded residential areas and important buildings in Tokyo, including the Prime Minister's Office. How So? Instead using a dragnet on the ground, the police authorities will use a drone armed with a net to scoop up the suspected drones and carry them away to safety. Watch the Video: The Tokyo Metropolitan Police have also released a video that shows its special Net-Wielding Drone in action. You can look at the video above. It looks like the police are using a DJI Spreading Wings 900 with a 3 x 2 m² of Net tied to its feet. As soon as a rogue drone is spotted in the sky, the squad will first a

After targeting the Islamic State (ISIS) group in the wake of Deadly terror attacks in Paris, hacktivist group Anonymous has now turned its attention to controversial US presidential candidate Donald Trump . The hacktivist group has declared war against Donald Trump following his recent radical speech stating he wanted to ban Muslims from entering the United States. Anonymous vs. Donald Trump On Wednesday, Anonymous slams Trump by posting a YouTube video in which a man in a Guy Fawkes mask says: "Donald Trump, it has come to our attention that you wish to ban all muslims from entering the United States. Muslims and Islam are not the problem. This policy will have grave impact and will serve only to fuel the emotions that ISIS uses to recruit muslims. Certainly ISIS will use this to their advantage in their social media campaigns. Instead of focusing on the innocent, the focus should be set on ways to protect them from the radicalized individuals they flee. Dona

Meet an all-new Hacker's Search Engine similar to Shodan – Censys . At the end of last month, security researchers from SEC Consult found that the lazy manufacturers of home routers and Internet of Things (IoT) devices have been re-using the same set of hard-coded cryptographic keys , leaving around 3 millions of IoT devices open to mass hijacking. But how did the researchers get this number? Researchers uncovered these devices with the help of Censys – a new search engine that daily scans the whole Internet for all the vulnerable devices. Censys Maintains Complete Database of Everything on The Internet Censys is similar to hacker's search engine Shodan , which is designed specifically to locate any devices that have been carelessly plugged into the Internet without much attempt at preventing unauthorized access. However, Censys employs a more advanced method to find vulnerabilities in the devices and make the Internet a safer place. Censys is a fre