The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Do you have any idea what the software you have installed is doing stealthily in the background? If it's not an open source software, can you find out? Usually, the answer is no. After Edward Snowden's revelations, it's clear that how desperately government agencies wants to put secret backdoors in your network, devices, and software. However, Bulgaria has come forward with an all new set of laws that would be appreciated by privacy lovers and open-source community. Also Read:  Top Best Password Managers . The Bulgarian Parliament has passed legislative amendments to its Electronic Governance Act that require all software written for the country's government to be fully open-sourced and developed in the public Github repository . This means that source code of software developed for the Bulgarian government would be accessible to everyone and provided free for use without limitations. Article 58A of the Electronic Governance Act states that administrative

Breaking News for Today: Antivirus company Avast Software is planning to acquire Dutch rival AVG Technologies for $1.3 Billion in cash. Avast announced today that it would buy Amsterdam-based AVG Technologies for $25 per share in an all-cash transaction valued at $1.3 Billion in an aim to expand its presence in the emerging markets. With more than 230 Million users worldwide, Avast provides free and paid security software packages for both PCs as well as mobile devices to businesses and individuals. The deal between the two popular security software companies will provide Avast with 400 Million endpoints -- devices that have some form of Avast or AVG application installed. Around 160 Million of those are mobile. However, AVG technologies was in controversies for updating its policy that clearly said that the company will be allowed to collect and sell users' "non-personal data" to online advertisers in order to "make money" from their "free of

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Big technology companies are in the race of bringing Internet connectivity to unconnected parts of the world through flying drones , high-altitude balloons, and laser beams , but Facebook has announced a far less expensive method to provide connectivity to rural areas. Facebook CEO Mark Zuckerberg announced Wednesday the creation of a new open-source wireless communication platform called OpenCellular that can be easily deployed in remote locations by anyone. OpenCellular is a doorbell-sized hardware device that could be attached to a pole or tree at a range of heights from where it can deliver a wireless network, from 2G cell-phone networks to higher speed LTE, and Wi-Fi networks like those inside your home, or local coffee shop. The device is designed to work in rural locations in conditions, including high winds, extreme temperatures, and harsh climates. But, wait! This doesn't mean that Facebook is rolling out its own broadband services. Facebook to Open-Source

To make the configuration of routers easier, hardware vendors instruct users to browse to a domain name rather than numeric IP addresses. Networking equipment vendor TP-LINK uses either tplinklogin.net or tplinkextender.net for its routers configuration. Although users can also access their router administration panel through local IP address (i.e. 192.168.1.1). The first domain offered by the company is used to configure TP-LINK routers and the second is used for TP-LINK Wi-Fi extenders. Here's the Blunder: TP-Link has reportedly " forgotten " to renew both domains that are used to configure its routers and access administrative panels of its devices. Both domains have now been re-registered using an anonymous registration service by an unknown entity and are being offered for sale online at US$2.5 Million each. This latest TP-Link oversight, which was first spotted by Cybermoon CEO Amitay Dan, could lead its users to potential problems. However, it

An Android-based malware campaign has been found to control as many as 85 million Android devices globally and is making its gang an estimated $300,000 per month in fraudulent ad revenue. A Chinese advertising company called Yingmob is responsible for distributing the malware on a massive scale and would appear to be the same firm behind Yispecter iOS malware , cybersecurity company Check Point revealed. Yingmob, based in Chongqing, China, markets itself as an advertising firm, claiming to provide easy-to-deploy ads support (text, pictures and video ads), without affecting the user experience. The service offers pop-up, sidebar, and in-app ads. However, Check Point researchers claim that the company's "Development Team for Overseas Platform" is responsible for two of the biggest waves of malware: HummingBad for Android and Yispecter for iOS. "Yingmob runs alongside a legitimate Chinese advertising analytics company, sharing its resources and technolog