The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

It's fair to say the success of the ARM-powered Raspberry Pi computers have surpassed expectations and have been a godsend to hobbyists, hackers, and students. If you're one of those people looking for unofficial hacks to install Android OS on a Raspberry Pi device, then stop and wait for the official release. Raspberry Pi computers have largely been Linux affairs, as several Linux distributions have supported this tiny ARM computer. Now, it seems like Raspberry Pi is ready to get official support for one of the most popular mobile operating systems out there: Android . Google has recently registered the $35 Raspberry Pi 3 ‒ the newest version of the Raspberry Pi ‒ as a new device 'tree' in its Android Open Source Project (AOSP) repository . If you're not aware, Raspberry Pi is cheap, credit card-sized, single board ARM computer that looks and feels very basic, but could be built into many geeky projects. What Google is planning for Android and the P

The FBI and other law enforcement agencies have waged legal war on encryption and privacy technologies. You may have heard many news stories about the legal battle between Apple and the FBI over unlocking an iPhone that belonged to the San Bernardino shooter. However, that was just one battle in a much larger fight. Now, in an effort to make its iPhone surveillance-and-hack proof, Apple has rehired security expert and cryptographer Jon Callas , who co-founded the widely-used email encryption software PGP and the secure-messaging system Silent Circle that sells the Blackphone. This is not Apple's first effort over its iPhone security . Just a few months back, the company hired Frederic Jacobs , one of the key developers of Signal — World's most secure, open source and encrypted messaging app . Now Apple has rehired Callas, who has previously worked for Apple twice, first from 1995 to 1997 and then from 2009 to 2011. During his second joining, Callas designed a ful

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Last year, a white hat hacker developed a cheap Arduino-based device that looked and functioned just like a generic USB mobile charger, but covertly logged, decrypted and reported back all keystrokes from Microsoft wireless keyboards. Dubbed KeySweeper , the device included a web-based tool for live keystroke monitoring and was capable of sending SMS alerts for typed keystrokes, usernames, or URLs, and work even after the nasty device is unplugged because of its built-in rechargeable battery. Besides the proof-of-concept attack platform, security researcher Samy Kamkar, who created KeySweeper, also released instructions on how to build your own USB wall charger. Now, it seems like hackers and criminal minds find this idea smart. The FBI has issued a warning advisory for private industry partners to look out for highly stealthy keyloggers that quietly sniff passwords and other input data from wireless keyboards. According to the advisory, blackhat hackers have developed their

The importance of increasing online security around personal information has risen due to the increase in cyber attacks and data breaches over recent years. I find it hilarious people are still choosing terrible passwords to protect their online accounts. The massive LinkedIn hack is the latest in the example that proves people are absolutely awful at picking passwords. The data breach leaked 167 Million usernames and passwords online, out of which "123456" was used by more than 750,000 accounts, followed by "LinkedIn" ( 172,523 accounts ), and "password" ( 144,458 accounts ). In a typical authentication mechanism, two-factor verification is the second layer of security that is designed to ensure that you are the only person who can access your account, even if someone knows your password. Project Abacus: Password-free Logins Now Instead of just relying on uniquely generated PINs, Google intends to use your biometrics data – like your typi

In an era where major data hacks are on the rise, it is no surprise breaches on individuals are also up. In just three hours, over 100 criminals managed to steal ¥1.4 Billion ( approx. US$12.7 Million ) from around 1,400 ATMs placed in small convenience stores across Japan. The heist took place on May 15, between 5:00 am and 8:00 am, and looked like a coordinated attack by an international crime network. The crooks operated around 1,400 convenience store ATMs from where the cash was withdrawn simultaneously in 16 prefectures around Japan, including Tokyo, Osaka, Fukuoka, Kanagawa, Aichi, Nagasaki, Hyogo, Chiba and Nigata, The Mainichi reports . Also Read: Tyupkin Malware Hacking ATM Machines Worldwide Many ATM incidents involve a long-established technique called ' ATM Skimming ' in which criminals install devices to obtain card details via its magnetic stripe, or use ATM malware or from data breaches, and then work with so-called carders and money mules to pilfe