The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

The legal battle between Apple and the FBI (Federal Bureau of Investigation) over a locked iPhone that belonged to one of the San Bernardino shooters may be over, but the Department of Justice (DoJ) are back in front of a judge with a similar request. The American Civil Liberties Union (ACLU) has discovered publicly available court documents that revealed the government has asked Google's assistance to help the Feds hack into at least nine locked Android smartphones citing the All Writs Act . Yes, Apple is not the only company facing government requests over privacy and security — Google is also in the list. The Google court documents released by the ACLU show that many federal agencies have been using the All Writs Act – the same ancient law the DoJ was invoking in the San Bernardino case to compel Apple to help the FBI in the terrorist investigation. Additionally, the ACLU also released 54 court cases in which the federal authorities asked Apple for assistance to help t

If you are a Windows 7 or Windows 8.1 user, who don't want to upgrade to Windows 10 now or anytime soon, you might be sick of Microsoft constantly pestering you to upgrade your OS. Aren't you? With its goal to deploy Windows 10 on over 1 Billion devices worldwide, Microsoft is becoming more aggressive to convince Windows 7 and 8.1 users to upgrade to its newest operating system, and it is getting harder for users to prevent the OS being installed. But if you're worried that this out of control Windows 10 upgrade process will force you into downloading an unwanted OS; I have an easier solution to block Windows 10 upgrade on your PCs. A new free tool, dubbed Never10 , provides the user a one-click solution to disable Windows 10 upgrade until the user explicitly gives permission to install Windows 10 . Never10 has been developed by Steve Gibson, the well-known software developer and founder of Gibson Research, which is why the tool is also known as &quo

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

Last month, the Federal Bureau of Investigation (FBI) was ordered to reveal the complete source code for the TOR exploit it used to hack visitors of the world's largest dark web child pornography site, PlayPen. Robert J. Bryan, the federal judge, ordered the FBI to hand over the TOR browser exploit code so that defence could better understand how the agency hacked over 1,000 computers and if the evidence gathered was covered under the scope of the warrant. Now, the FBI is pushing back against the federal judge's order. On Monday, the Department of Justice (DOJ) and the FBI filed a sealed motion asking the judge to reconsider its ruling, saying revealing the exploit used to bypass the Tor Browser protections is not necessary for the defense and other cases. In previous filings, the defence has argued that the offensive operation used in the case was " gross misconduct by government and law enforcement agencies, " and that the Network Investigative Technique (NIT)

China is very strict about censorship, which makes it difficult for companies to launch their products in the country. But companies like Microsoft are playing smartly to target the largest market in the world. Microsoft has found a way to enter into the banned Chinese Market, but this time with official support for Chinese Government through a new custom and exclusive Windows 10 version for China. It sounds like Microsoft has no issues like Apple, which strongly refused the court order to create a special 'GovtOS' version to help the Feds with unlocking iPhone. Microsoft's CEO for the Greater China region Ralph Haupter has confirmed that the company has built a Chinese government-approved version of Windows 10 OS that includes " more management and security controls " and less bloatware ( pre-installed apps ). Specialized Windows 10 'Zhuangongban' for China In a joint venture with a state-run technology and defense company, CETC ( China Electronic Technology Gr

Security researchers have discovered a remotely exploitable vulnerability in Called ID app " Truecaller " that could expose personal details of Millions of its users. Truecaller is a popular service that claims to "search and identify any phone number," as well as helps users block incoming calls or SMSes from phone numbers categorized as spammers and telemarketers. The service has mobile apps for Android, iOS, Windows, Symbian devices and BlackBerry phones. The vulnerability, discovered by Cheetah Mobile Security Research Lab , affects Truecaller Android version of the app that has been downloaded more than 100 Million times. The actual problem resides in the way Truecaller identify users in its systems. While installation, Truecaller Android app asks users to enter their phone number, email address, and other personal details, which is verified by phone call or SMS message. After this, whenever users open the app, no login screen is ever

Over the past few years, Google has increasingly improved the online security and protections of its Gmail users. Besides two-factor authentication and HTTPS, Google has added new tools and features to Gmail that ensures users security and privacy, preventing cyber criminals and intelligence agencies to hack email accounts . 1. Enhanced State-Sponsored Attack Warnings Apple vs. FBI case urged every company to beef up the security parameters to prevent their services from not just hackers but also the law enforcement. Google for a while now has the capability to identify government-backed hackers , and notify potentially affected Gmail users so they can take action as soon as possible. Google recently announced on its blog post that it will alert Gmail users about the possibility of any state-sponsored attack by showing them a full-page warning with instructions about how to stay safe — very hard to miss or neglect. Meanwhile, the company revealed that ove

End of Apple vs. FBI . At least for now, when the FBI has unlocked iPhone successfully. Yes, you heard it right. The Federal Bureau of Investigation (FBI) has unlocked dead terrorist's iPhone 5C involved in the San Bernardino shooting without the help of Apple. After weeks of arguments, the United States government is withdrawing its motion compelling Apple to build a backdoored version of its iOS that can help the agency unlock iPhone of San Bernardino gunman Syed Farook. The Department of Justice (DOJ) says that FBI has successfully accessed iPhone's data with the help of an undisclosed alternative method and that it no longer needs Apple's assistance. "The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance of Apple," the attorneys wrote in a court filing Monday. "Accordingly, the government hereby requests that the Order Compelling Apple Inc to Assist Agents i

Police have arrested and charged six people with crimes linked to hacking Connecticut state lottery terminals in order to produce more winning tickets than usual. Prosecutors say all the six suspects are either owners or employees of retail stores that produced a much higher number of winning tickets than the state average, according to the Hartford Courant . Suspects Hacked Lottery Terminal The alleged group set up machines to process a flood of tickets at once that caused a temporary display freeze, allowing operators to see which of the tickets about to be dispensed would be winning tickets, cancel the duff ones, and print the good ones. The hack appears to have exploited some  software weaknesses in lottery terminals  that not only caused ticket requests to be delayed but also allowed operators to know ahead of time whether a given request would produce a winning ticket. The actual culprit, in this case, was a game dubbed " 5 Card Cash ." The a

Online harassment has been elevated a step with the advent of popular social networks like Facebook. Cyber stalkers create fake profiles impersonating other Facebook users and start doing activities on their behalf until and unless the owners notice the fake profiles and manually report it to Facebook. Even in some cases, cyber stalkers block the Facebook account holders whom they impersonate in order to carry out mischievous tasks through fake profiles without being detected by the actual account holders. But now, online criminals can no longer fool anyone with impersonation method, as Facebook is currently working on a feature that automatically informs its 1.6 Billion user base about the cloned accounts. If the company detects a duplicate Facebook account of a user, it will automatically send an alert to the original account holder, who'll be prompted to identify if the profile in question is indeed a fake profile impersonating you or if it actually belongs t

After Microsoft's Twitter-based Artificial Intelligence (AI) chatbot ' Tay ' badly defeated earlier this week, Microsoft has expressed apology and explained what went wrong. For those unaware, Tay is Millennial-inspired artificial intelligence chatbot unveiled by Microsoft on Wednesday that's supposed to talk with people on social media networks like Twitter, Kik and GroupMe and learn from them. However, in less than 24 hours of its launch, the company pulled Tay down, following incredibly racist and Holocaust comments and tweets praising Hitler and bashing feminists. In a blog post published Friday, Corporate Vice President Peter Lee of Microsoft Research apologized for the disturbing behavior of Tay, though he suggested the bad people might have influenced the AI teenager. "We are deeply sorry for the unintended offensive and hurtful tweets from Tay, which do not represent who we are or what we stand for, nor how we designed Tay," Lee w

Terrorist organisations are increasingly using high-grade encryption technologies to prevent being caught by the law enforcement. But, that was not in the case of last year's Paris attacks that killed 129 people, as Encryption seems to have played little to no role. So, Who was the Real Culprit Behind the Attacks? The 'Burner' Phones. Burner Phones, or Prepaid mobile phones, are often the quick, easy, and anonymous method of communication. All you need to do is head to your nearest big-box store and pick up a cheap prepaid "burner" phone and a phone card. Now you have an entirely useable phone with no ID that could reveal your identity. It seems that these prepaid "burner" phones are a dream tool for terrorist organisations that bring them in bulk and then disposed of each time they make a communication. The same prepaid phones were utilized in the terrorist attacks in Paris late last year. Therefore, by using different phon

The Federal Bureau of Investigation (FBI) has lengthened its Most Wanted List by adding seven Iranian hackers who are accused of attacking a range of US banks and a New York dam. On Thursday, the United States Department of Justice (DoJ) charged seven Iranian hackers with a slew of computer hacking offences for breaking into computer systems of dozens of US banks, causing Millions of dollars in damages, and tried to shut down a New York dam. The individual hackers, who allegedly worked for computer security companies linked to the Iranian government, were indicted for an " extensive campaign " of cyber attacks against the US financial sector. All the seven hackers have been added to the FBI's Most Wanted list, and their names are: Ahmad Fathi , 37 Hamid Firoozi , 34 Amin Shokohi , 25 Sadegh Ahmadzadegan (aka Nitr0jen26), 23 Omid Ghaffarinia (aka PLuS), 25 Sina Keissar , 25 Nader Saedi (aka Turk Server), 26 All the hackers have been charg