The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

As the most wonderful time of the year has come - Christmas , it has brought with itself the time of online shopping. According to National Retail Federation , more than 151 million people shopped in store, but more than 100 Million shopped online during Cyber Monday sales and even why wouldn't it be so given the vast conveniences of online shopping. It is quite visible in these days that more and more people are heading towards online shopping rather than the malls to purchase gifts for Christmas. However, the main question arises: Is it safe to do so? Especially with so many users sharing credit card information online. Here are some tips that you have to keep in mind before providing your credit card number and clicking, ' BUY ' 1. DO NOT CLICK On Suspicious Links Malicious links are sent by scammers who look more real than the original ones. As these links are specifically of the well-known sites like eBay and Flipkart, many online users fal

Want to buy a touch-screen laptop but couldn't afford it? But what if I told you that you can turn your existing non-touch-screen laptop into a Touch Screen laptop? Yes, it's possible. You can now convert your laptop or PC into a touch screen with the help of a new device called AirBar . Touch screen has become a popular feature on laptops these days, and many laptops are moving toward having touch screens, but not every laptop or desktop model comes with the feature. Swedish company Neonode has brought to you a new device, AirBar, that would bring the touch technology to virtually any computer from your non-touch laptops to notebooks. What is AirBar and How does it Work? AirBar is a small plug-and-touch bar that attaches magnetically to the bottom of your machine's display. When connected to your laptop via an available USB port, AirBar starts emitting a beam of invisible light across your screen that is used to track touchscreen movements

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

As organizations expand their IT infrastructure to match their evolving business models and meet changing regulatory requirements, they often find that their networks have become extremely complex and challenging to manage. A primary concern for many IT teams is detecting threats in the mountain of event data being generated every day. Even a relatively small network can generate hundreds or thousands of events per second, with every system, application, and service generating events. The sheer volume of data makes it virtually impossible to identify manually and link those few events that indicate a successful network breach and system compromise, before the exfiltration of data. The AlienVault Unified Security Management (USM) platform is a solution to help IT teams with limited resources overcome the challenge of detecting threats in their network. USM platform accelerates and simplifies your ability to detect, prioritize, and respond to the most critical

Juniper Networks has announced that it has discovered " unauthorized code " in ScreenOS , the operating system for its NetScreen firewalls, that could allow an attacker to decrypt traffic sent through Virtual Private Networks (VPNs). It's not clear what caused the code to get there or how long it has been there, but the release notes posted by Juniper suggest the earliest buggy versions of the software date back to at least 2012 and possibly earlier. The backdoor impacts NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20, states the advisory published by the company. However, there's no evidence right now that whether the backdoor was present in other Juniper OSes or devices. The issue was uncovered during an internal code review of the software, according to Juniper chief information officer Bob Worrall , and requires immediate patching by upgrading to a new version of the software just released today. &quo

Ever wonder how to hack Instagram or how to hack a facebook account? Well, someone just did it! But, remember, even responsibly reporting a security vulnerability could end up in taking legal actions against you. An independent security researcher claims he was threatened by Facebook after he responsibly revealed a series of security vulnerabilities and configuration flaws that allowed him to successfully gained access to sensitive data stored on Instagram servers , including: Source Code of Instagram website SSL Certificates and Private Keys for Instagram Keys used to sign authentication cookies Personal details of Instagram Users and Employees Email server credentials Keys for over a half-dozen critical other functions However, instead of paying him a reward, Facebook has threatened to sue the researcher of intentionally withholding flaws and information from its team. Wesley Weinberg , a senior security researcher at Synack, participated in Facebook's b

What do you do to earn up to $150,000? Somebody just hacks into airlines and sells fake tickets. That's exactly what a 19-year-old teenager did and made approximately 1.1 Million Yuan (£110,000 or $150,000) by hacking into the official website of an airline and using the stolen booking information to defraud hundreds of passengers. The teenager, identified as Zhang from Heilongjiang, north-east China, hacked into a Chinese airline website and illegally downloaded 1.6 Million passengers bookings details, including: Flight details Names ID card numbers Email addresses Mobile phone numbers Zhang then used this information to successfully defraud hundreds of customers by convincing them that there was some issue with their booking flights, and they had to pay extra fees, according to People's Daily Online . Moreover, the hack caused the airline to lose almost 80,000 Yuan ( $12,365 USD ) as a result of customers requesting refunds. The incident too

Many Windows 7 and Windows 8.1 users don't want to upgrade their machines to Microsoft's newest Windows 10 operating system now or anytime soon. Isn't it? But what if you wake up in the morning and found yourself a Windows 10 user? That's exactly what Microsoft is doing to Windows 7 and 8.1 users. Windows 10 Upgrade Becomes More Aggressive Ever since Microsoft launched its new operating system over the summer, Windows 7 and 8.1 users have been forced several number of times to upgrade their machines to Windows 10. It was relatively inoffensive at first, but as days have passed, Microsoft has become increasingly aggressive to push Windows users to upgrade to Windows 10 . Microsoft has left very little choice over whether to upgrade their systems to Windows 10 or not. At last, the users end up upgrading their machines to the latest Windows operating system. Users now see a pop up on their computers, as InfoWorld reports , that displays only t

So what would anyone need to bypass password protection on your computer? It just needs to hit the backspace key 28 times , for at least the computer running Linux operating system. Wait, what? A pair of security researchers from the University of Valencia have uncovered a bizarre bug in several distributions of Linux that could allow anyone to bypass any kind of authentication during boot-up just by pressing backspace key 28 times. This time, the issue is neither in a kernel nor in an operating system itself, but rather the vulnerability actually resides in Grub2 , the popular Grand Unified Bootloader , which is used by most Linux systems to boot the operating system when the PC starts. Also Read: GPU-based Linux Rootkit and Keylogger . The source of the vulnerability is nothing but an integer underflow fault that was introduced with single commit in Grub version 1.98 (December 2009) – b391bdb2f2c5ccf29da66cecdbfb7566656a704d – affecting the grub_password

Remember the notorious hacker group Lizard Squad that spoiled last Christmas holidays of many game lovers by knocking the PlayStation Network and Xbox Live offline with apparent Distributed Denial of Service (DDoS) attacks? But, Will you be able to Play Xbox and PlayStation Game this Christmas? Probably Not. Because a new hacking group is threatening to carry out similar attacks by taking down the Xbox LIVE and PlayStation Network for a week during Christmas. Be Ready this Christmas for Attacks on PSN and XBox LIVE In a series of tweets, a bunch of DDoS hackers calling themselves " Phantom Group " (@PhantomSquad) announced that they will disrupt the XBox Live and PlayStation networks in a coordinated DoS attack. The attacks could prevent millions of gamers worldwide from enjoying their newly opened Christmas gifts and accessing games online. Also Read: PlayStation 4 Jailbreak Confirms . Here are the tweets by Phantom Squad: We are goi