The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Get Ready for a whole new Artificial Intelligence-based Messaging experience. At I/O event Wednesday, Google unveiled its new messaging app named Allo : A smart messaging app powered with machine learning programming and the company's newly announced AI bot Google Assistant. You just have to sign up with your phone number and link your Google account to Allo, and you are all set to go. AI Bot and Smart Replies: With Allo, besides chatting with your friends and family using animated graphics and enlarging or shrinking text, you can also call Google within the app to buy things, plan events, and even think of what to reply, i.e. smart replies. I found Smart Reply feature a bit fascinating, as it offers you some assumptions that you can reply when someone says something, shares a picture or something else. This feature learns to get more smart and productive over time as you use it. Also Read: How to Run Android Apps Without Installation Smart replies contain stickers

Downloading an app is a real pain sometimes when you don't want to install the complete app on your smartphone just for booking a movie ticket, or buying something online. Isn't that? Now, Imagine the world where you can use any Android app without actually the need to download or even install it on your smartphone. This is exactly what Google has intended to offer you with its all new Instant Apps feature. Announced at Google I/O event Wednesday, Android Instant Apps will break down the walls between websites and Android apps by allowing people to tap on a URL and open an Android app instantly, without even having to install it. As a live demonstration, Google's presenter on stage showed how just clicking a Buzzfeed Video link, which has a dedicated app, opened the relevant part of an app — all in just 2 seconds. Also Read: Google Unveils AI-powered Smart Messaging App In another demonstration, the presenter showed a link to buy a camera bag at B&H Ph

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Is Google or Facebook evil? Forget it! Russian nerds have developed a new Face Recognition technology based app called FindFace , which is a nightmare for privacy lovers and human right advocates. FindFace is a terrifyingly powerful facial recognition app that lets you photograph strangers in a crowd and find their real identity by connecting them to their social media accounts with 70% success rate, putting public anonymity at risk. The FindFace app was launched two months ago on Google Play and Apple's App Store and currently has 500,000 registered users and processed nearly 3 Million searches, according to its co-founders, 26-year-old Artem Kukharenko, and 29-year-old Alexander Kabakov. According to The Guardian , FindFace uses image recognition technology to compare faces against profile pictures on Vkontakte, a very popular social networking site in Russia that has over 200 Million users. Besides showing the social media account of the one you are searching for, FindF

LinkedIn's 2012 data breach was much worse than anybody first thought. In 2012, LinkedIn suffered a massive data breach in which more than 6 Million users accounts login details, including encrypted passwords, were posted online by a Russian hacker. Now, it turns out that it was not just 6 Million users who got their login details stolen. Latest reports emerged that the 2012's LinkedIn data breach may have resulted in the online sale of sensitive account information, including emails and passwords, of about 117 Million LinkedIn users. Almost after 4 years, a hacker under the nickname "Peace" is offering for sale what he/she claims to be the database of 167 Million emails and hashed passwords, which included 117 Million already cracked passwords, belonging to LinkedIn users. The hacker, who is selling the stolen data on the illegal Dark Web marketplace " The Real Deal " for 5 Bitcoins (roughly $2,200), has spoken to Motherboard, confirming th

One of TOR's primary software developers, Isis Agora Lovecruft , has fled to Germany, following the threat of a federal subpoena. Lovecruft is a well-known cryptographer and lead software developer for Tor project from many years. She has worked for a variety of other security and encryption products, such as Open Whisper Systems and the LEAP Encryption Access Project. Since November 2015, the FBI special agents in the United States have been trying to meet with her, but they will not tell her or her lawyer exactly why. When her lawyer reached out the FBI Special Agent Mark Burnett and asked why he wanted to meet with her, the agent assured the lawyer that she is not the target of any investigation, but also said that… Also Read:   Mozilla asks Court to disclose Firefox Exploit used by FBI to hack Tor users . The FBI have their agents on the streets in 5 cities in the United States hunting for her, intending to simply ask her some questions without her lawyer's pre

A group of cyber criminals has infected as much as 1 Million computers around the world over the past two years with a piece of malware that hijacks search results pages using a local proxy. Security researchers from Romania-based security firm Bitdefender revealed the presence of this massive click-fraud botnet, which the researchers named Million-Machine Campaign. For those unaware, Botnets are networks of computers infected with malware designed to take control of the infected system without the owner's knowledge, potentially being used for launching distributed denial-of-service (DDoS) attacks against websites. The malware in question is known as Redirector.Paco that alone has infected over 900,000 machines around the world since its release in 2014. The Redirector.Paco Trojan infects users when they download and install tainted versions of popular software programs, such as WinRAR, YouTube Downloader, KMSPico, Connectify, or Stardock Start8. Once infected, Paco m

A security researcher could have stolen as much as $25 Billion from one of the India's biggest banks ‒ Thanks to the bank's vulnerable mobile application. Late last year, security researcher Sathya Prakash discovered a number of critical vulnerabilities in the mobile banking application of an undisclosed bank that allowed him to steal money from any or all bank customers with the help of just a few lines of code. Being a white hat hacker, Prakash immediately reached out to the bank and alerted it about the critical issues in its mobile app and helped the bank fix them, instead of taking advantage of the security holes to steal money from the bank that has about 25 Billion USD in Deposits. While analyzing the mobile banking app, Prakash discovered that the app lacks Certificate Pinning , allowing any man-in-the-middle attacker to downgrade SSL connection and capture requests in plain text using fraudulently issued certificates. Also Read:  Best Password Manager — For

A 28-year-old Ukrainian hacker has pleaded guilty in the United States to stealing unpublished news releases and using that non-public information in illegal trading to generate more than $30 Million (£20.8 Million) in illicit profits. Vadym Iermolovych, 28, admitted Monday that he worked with two other Ukrainian hackers to hack into computer networks at PR Newswire, Marketwired and Business Wire, and steal 150,000 press releases to gain the advantage in the stock market. The defendants then used nearly 800 of those stolen news releases to make trades before the publication of the information, exploiting a time gap ranging from hours to 3 days. The trades would occur in "extremely short windows of time between when the hackers illegally accessed and shared the [news] releases and when the press releases were disseminated to the public by the Newswires, usually shortly after the close of the markets," said the Department of Justice in a press release . Thirty-two pe

Google faces a record anti-trust penalty of about 3 BILLION Euros (US$3.4 Billion) from the European Commission in the coming days, according to reports. After 7-years of the investigation, the European Commission filed anti-trust charges against Google last year for violating antitrust laws. The European Union accused the search engine giant that it had abused its dominance in search by unfairly prioritize and displaying its own comparison shopping service at the top of its search results at the expense of rival products. British newspaper The Sunday Telegraph reports that the European Union is currently preparing a fine of about 3 Billion Euros ($3.4 billion), which is almost triple the amount (1.06 Billion Euro) that Intel was levied several year ago over violating antitrust law. According to the newspaper's sources, the EU officials, led by Margrethe Vestager , are planning to openly announce the fine against Google as early as next month, although the exact figure

Microsoft has finally decided to remove one of its controversial features  Wi-Fi Sense network sharing feature from Windows 10 that shares your WiFi password with your Facebook, Skype and Outlook friends and enabled by default. With the launch of Windows 10 last year, Microsoft introduced Wi-Fi Sense network sharing feature aimed at making it easy to share your password-protected WiFi network with your contacts within range, eliminating the hassle of manually logging in when they visit. This WiFi password-sharing option immediately stirred up concerns from Windows 10 users especially those who thought the feature automatically shared your WiFi network with all your contacts who wanted access. Must Read: Here's How to run Ubuntu Linux on Windows 10 . But Wi-Fi Sense actually hands over its users controls so they can select which networks to share and which contact list can access their Wi-Fi. Also, the feature doesn't share the actual password used to protect yo