The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Two of the three co-founders of The Pirate Bay— Fredrik Neij and Gottfrid Svartholm Warg —have been ordered by a Finnish court to pay record labels $477,800 in compensation for copyright infringement on the site. Last year in a similar case, Helsinki District Court in Finland ordered Peter Sunde , the third co-founder of The Pirate Bay, to pay nearly $395,000 (350,000 Euros) in damages to several major record labels, including Sony Music, Universal Music and Warner Music. However, Sunde did not pay any penalty yet, and instead, he later announced his plans to sue those record labels for defamation. The Pirate Bay is still the world's most popular torrent website that has proven to be an elusive hub for illegal copyrighted contents, even after a series of raids and shutdown of its multiple domains , including the primary .SE domain. All the three co-founders of The Pirate Bay were facing criminal copyright infringement and abuse of electronic communications charges

Security researchers are warning of a new, easy-to-exploit email trick that could allow an attacker to turn a seemingly benign email into a malicious one after it has already been delivered to your email inbox. Dubbed Ropemaker (stands for Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky), the trick was uncovered by Francisco Ribeiro, the researcher at email and cloud security firm Mimecast. A successful exploitation of the Ropemaker attack could allow an attacker to remotely modify the content of an email sent by the attacker itself, for example swapping a URL with the malicious one. This can be done even after the email has already been delivered to the recipient and made it through all the necessary spam and security filters, without requiring direct access to the recipient's computer or email application, exposing hundreds of millions of desktop email client users to malicious attacks. Ropemaker abuses Cascading Style Sheets (CSS) and Hyp

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Over 500 different Android apps that have been downloaded more than 100 million times from the official Google Play Store found to be infected with a malicious ad library that secretly distributes spyware to users and can perform dangerous operations. Since 90 per cent of Android apps is free to download from Google Play Store, advertising is a key revenue source for app developers. For this, they integrate Android SDK Ads library in their apps, which usually does not affect an app's core functionality. But security researchers at mobile security firm Lookout have discovered a software development kit (SDK), dubbed Igexin, that has been found delivering spyware on Android devices. Developed by a Chinese company to offer targeted advertising services to app developers, the rogue 'Igexin' advertising software was spotted in more than 500 apps on Google's official marketplace, most of which included: Games targeted at teens with as many as 100 million download

It seems like celebrities have not taken their security seriously, which once again resulted in the leaking of personal photographs of more a-listed celebrities. Dozens of personal and intimate photos of Anne Hathaway, Miley Cyrus, Kristen Stewart, Katharine McPhee, golfer Tiger Woods and his ex Lindsey Vonn have reportedly been surfaced on the Internet, and have widely been shared on Reddit, Tumblr and Twitter. The incident comes a few months after " The Fappening 2.0 " surfaced, leaking alleged pictures of many female celebrities, including Emma Watson and Amanda Seyfried on Reddit and 4chan. The latest release of celebs private photos seems to have come after an unidentified hacker or group of hackers has gained access to celebs' Apple iCloud accounts and stolen private iPhone photos and videos. A similar trick was used in the 2014 Fappening incident , where anonymous hackers flooded the Internet with private photographs of major celebrities, including Jennife

While the moon was eclipsing the sun, Google announced the launch of its new mobile operating system called Android 8.0 Oreo in an Eclipse-themed launch event in New York City. Yes, the next version of sugary snack-themed Android and the successor to Android Nougat will now be known as Android Oreo , the company revealed on Monday. Google has maintained the tradition of naming its Android operating system by the names of alphabetically-ordered sugary delights beginning with Android Cupcake and followed by Donut, Eclair, Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich, Jelly Bean, KitKat, Lollipop, Marshmallow and Nougat. The good news is that the Android team has brought several significant features to your smartphone and tablet with the release of Android Oreo to make its mobile platform more secure, fast, power efficient and offer better multitasking. The new updated mobile operating system, which has been available for the last few months in developer beta, will arriv

After hacking social media accounts of HBO and its widely watched show Game of Thrones , a notorious group of hackers calling itself OurMine took control over the official Twitter and Facebook accounts for Sony's PlayStation Network (PSN) on Sunday. After taking over the accounts, OurMine, Saudi Arabian group of hackers which claims to be a "white hat" security firm, posted its first tweet on Sunday evening, claiming to have breached PlayStation Network and stolen its database. The tweet followed by a series of tweets encouraging the company to contact the hacking group through its website to buy its IT security service in an effort to protect itself from future cyber attacks. "PlayStation Network Databases leaked #OurMine," the first tweet by OurMine on the compromised PlayStation Twitter account read.  "No, we aren't going to share it, we are a security group if you work at PlayStation then please go to our website," the followed Twe

More Ethereum Stolen! An unknown hacker has so far stolen more than $471,000 worth of Ethereum—one of the most popular and increasingly valuable cryptocurrencies—in yet another Ethereum hack that hit the popular cryptocurrency investment platform, Enigma . According to an announcement made on their official website an hour ago, an "unknown entity" has managed to hack their website, slack account and email newsletter accounts, and uploaded a fake pre-sale page with a fake ETH address to send money. The hackers also spammed their fake address in Enigma's newsletter and slack accounts for pre-sale coins, tricking victims to send their cryptocurrencies to hacker's address. Etherscan, a popular search engine for the Ethereum Blockchain that allows users to look up, confirm and validate transactions easily, has already flagged the address as compromised, but people are still sending ETH to the fake address (given below). 0x29d7d1dd5b6f9c864d9db560d72a247c178ae86

Biohacking could be a next big thing in this smart world. At the beginning of this month, several dozen employees of Three Square Market (32M) received microchip implants in their hands during a "chip party," allowing them to log into their office computers, open doors, and pay for food and drinks, by simply waving their hands, AP reported . But, biohacking is already becoming common in Russia. It has been reported that a Siberian doctor has already implanted not one, but at least six microchips underneath his skin and turned his body into a multi-functional gadget for doing a number of jobs by just a wave of his hands. Alexander Volchek , who is an obstetrician/gynaecologist in a hospital in the Novosibirsk region in Russia's north, got his first microchip implant in 2014 and since then he acquired a few more and now has a total of six chips under his skin. However, Volchek does not want to stop here and hopes to implant a cryptosystem and a glucometer mic

The new documents leaked by former NSA contractor Edward Snowden has exposed a United States secretive facility located near a remote town in Australia's Northern Territory for covertly monitoring wireless communications and aiding US military missions. The leaked documents have come from the massive trove of classified material stolen by Snowden from the US National Security Agency (NSA) in 2013 that exposed the extent of the US government's global surveillance programs. The newly released classified documents, obtained by The Intercept, contained references to a secretive facility, which was codenamed "Rainfall," but is officially known as the Joint Defence Facility Pine Gap . The documents reveal that the Joint Defence Facility Pine Gap, located outside Alice Springs, deployed cutting-edge satellite technology for detailed geolocation intelligence that helps the US military locate targets for special forces and drone strikes . The use of unmanned air v