The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

It has only been a few days since the launch of Apple's brand new iPhone 7 and iPhone 7 Plus, but it appears that the new iPhone has already been jailbroken. That didn't take long. Right? Security researcher and well-known hacker Luca Tedesco shared an image of his jailbroken smartphone on his Twitter account to show off the world that the new iPhone 7 has been jailbroken. The image posted by Tedesco on Wednesday clearly shows an iPhone 7 running both iOS 10.0.1 as well as the Cydia app store, which allows jailbreakers to install apps and other software that Apple does not officially support. Unfortunately, Tedesco has not publically released the exploit, nor he has provided much information about it. So, right now, it is hard to say if and when he will release the iPhone 7 jailbreak to the public. It is also not clear whether the exploit is an untethered jailbreak. The untethered jailbreak is a jailbreak where your device doesn't require any reboot every ti

Hey! Wait! Wait! Wait! Don't plug in that USB stick into your laptop. It could infect your computer with malware and viruses. Australia's Victoria Police Force has issued a warning regarding unmarked USB flash drives containing harmful malware being dropped inside random people's letterboxes in the Melbourne suburb of Pakenham. It seems to one of the latest tactics of cyber criminals to target people by dropping malware-laden USB sticks into their mailboxes, in the hope unsuspecting users will plug the infected devices into their personal or home computers. The warning, published on the official website of the Victoria Police, one of Australia's state police departments, reads: "Members of the public are allegedly finding unmarked USB drives in their letterboxes. Upon inserting the USB drives into their computers victims have experienced fraudulent media streaming service offers, as well as other serious issues [malware]. The USB drives are belie

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

In past few months, Microsoft opened the source code of a lot of its projects, convincing people that the company loves Linux . But a new report shows that Microsoft is not really a big supporter of Linux. Microsoft has banned Linux on some Windows 10 powered Signature Edition PCs, which provides the cleanest Windows experience on the market. Signature Edition PCs are different from other systems because it is carefully and meticulously configured by Microsoft to run Windows 10 with no bloatware, paid promotional web shortcuts, or other pre-installed apps, for providing better performance. But besides bloatware and other pre-installed apps, Microsoft won't allow you to install Linux (or any operating system) on it. This news is not a rumor as a Reddit user BaronHK reported that he found it impossible to install Linux on the Signature Edition Lenovo Yoga 900 ISK2 UltraBook because Microsoft has locked the SSD in a proprietary RAID mode that can only be read by Window

Are you good at hiding your feelings? No issues, your Wi-Fi router may soon be able to tell how you feel, even if you have a good poker face. A team of researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) have developed a device that can measure human inner emotional states using wireless signals. Dubbed EQ-Radio , the new device measures heartbeat, and breath to determine whether a person is happy, excited, sad, or angry. Using EQ-Radio, which emits and captures reflected radio frequency (RF) waves, the team bounced waves off a person's body to measure subtle changes in breathing patterns and heart rates. This data was then run through a bunch of algorithms and a machine-learning process programmed to match a person's behavior to how they acted previously, categorizing the person's emotion as one of the four emotional states: Pleasure, Joy, Anger and Sadness. The impressive part about the technique: EQ-Radio doesn't r

It's a Fact! No matter how smart the criminals are, they always leave some trace behind. Two Harvard students have unmasked around 229 drug and weapon dealers with the help of pictures taken by criminals and used in advertisements placed on dark web markets. Do you know each image contains a range of additional hidden data stored within it that can be a treasure to the investigators fighting criminals? Yeah it's true — "A picture is worth a thousand words." Digital images come with basic metadata, as well as EXIF data that contains information about the device with which it was taken. EXIF, stands for " Exchangeable Image File Format ," may contain image dimensions, date and time (when it was originally taken and modified), the model of camera and its settings, information about the software used for editing, it's creator and copyright information, as well as GPS co-ordinates of the location where the photo was taken. If a criminal, let's say a

Next time when you find yourself hooked up behind the wheel, make sure your car is actually in your control. Hackers can remotely hijack your car and even control its brakes from 12 miles away. Car hacking is a hot topic. Today many automobiles companies have been offering vehicles with the majority of functions electronically controlled, from instrument cluster to steering, brakes, and accelerator. These auto-control electronic systems not only improve your driving experience but at the same time also increase the risk of getting hacked. The most recent car hacking has been performed on Tesla Model S by a team of security researchers from Keen Security Lab, demonstrating how they were able to hijack the Tesla car by exploiting multiple flaws in the latest models running the most recent software. The team said the hacks worked on multiple models of Tesla and believed they would work across all marques. "We have discovered multiple security vulnerabilities and suc

Network equipment vendor Cisco is finally warning its customers of another zero-day vulnerability the company discovered in the trove of NSA's hacking exploits and implants leaked by the group calling itself " The Shadow Brokers ." Last month, the Shadow Brokers published firewall exploits, implants, and hacking tools allegedly stolen from the NSA's Equation Group, which was designed to target major vendors including, Cisco, Juniper, and Fortinet. A hacking exploit, dubbed ExtraBacon , leveraged a zero-day vulnerability (CVE-2016-6366) resided in the Simple Network Management Protocol (SNMP) code of Cisco ASA software that could allow remote attackers to cause a reload of the affected system or execute malicious code. Now Cisco has found another zero-day exploit , dubbed "Benigncertain," which targets PIX firewalls. Cisco analyzed the exploit and noted that it had not identified any new flaws related to this exploit in its current products. But,