The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 7 min 44 sek zpět

Google Play Store Launches Bug Bounty Program to Protect Popular Android Apps

1 hodina 39 min zpět
Better late than never. Google has finally launched a bug bounty program for Android apps on Google Play Store, inviting security researchers to find and report vulnerabilities in some of the most popular Android apps. Dubbed "Google Play Security Reward," the bug bounty program offers security researchers to work directly with Android app developers to find and fix vulnerabilities in their
Kategorie: Hacking & Security

KRACK Demo: Critical Key Reinstallation Attack Against Widely-Used WPA2 Wi-Fi Protocol

3 hodiny 25 min zpět
Do you think your wireless network is secure because you're using WPA2 encryption? If yes, think again! Security researchers have discovered several key management vulnerabilities in the core of Wi-Fi Protected Access II (WPA2) protocol that could allow an attacker to hack into your Wi-Fi network and eavesdrop on the Internet communications. WPA2 is a 13-year-old WiFi authentication scheme
Kategorie: Hacking & Security

Enable Google's New "Advanced Protection" If You Don't Want to Get Hacked

18 Říjen, 2017 - 11:19
It is good to be paranoid when it comes to cybersecurity. Google already provides various advanced features such as login alerts and two-factor authentication to keep your Google account secure. However, if you are extra paranoid, Google has just introduced its strongest ever security feature, called "Advanced Protection," which makes it easier for users, who are usually at high risk of
Kategorie: Hacking & Security

Dangerous Malware Allows Anyone to Empty ATMs—And It’s On Sale!

17 Říjen, 2017 - 18:42
Hacking ATM is now easier than ever before. Usually, hackers exploit hardware and software vulnerabilities to hack ATMs and force them to spit out cash, but now anyone can simply buy a malware to steal millions in cash from ATMs. Hackers are selling ready-made ATM malware on an underground hacking forum that anybody can simply buy for around $5000, researchers at Kaspersky Lab discovered
Kategorie: Hacking & Security

Learn Ethical Hacking — Get 8 Online Courses For Just $29

17 Říjen, 2017 - 15:27
With the rise in cyber-crimes, ethical hacking has become a powerful strategy in the fight against online threats. In general terms, ethical hackers are authorised to break into supposedly 'secure' computer systems without malicious intent, but with the aim of discovering vulnerabilities to bring about improved protection. Ethical Hackers are now kind of becoming the alchemists of the 21st
Kategorie: Hacking & Security

Microsoft Kept Secret That Its Bug-Tracking Database Was Hacked In 2013

17 Říjen, 2017 - 13:33
It was not just Yahoo among "Fortune 500" companies who tried to keep a major data breach incident secret. Reportedly, Microsoft had also suffered a data breach four and a half years ago (in 2013), when a "highly sophisticated hacking group" breached its bug-reporting and patch-tracking database, but the hack was never made public until today. According to five former employees of the
Kategorie: Hacking & Security

Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billions of Devices

17 Říjen, 2017 - 10:57
If you think KRACK attack for WiFi is the worst vulnerability of this year, then hold on… ...we have got another one for you which is even worse. Microsoft, Google, Lenovo, HP and Fujitsu are warning their customers of a potentially serious vulnerability in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies. It's noteworthy that this
Kategorie: Hacking & Security

How A Drive-by Download Attack Locked Down Entire City for 4 Days

16 Říjen, 2017 - 19:14
We don't really know the pain and cost of a downtime event unless we are directly touched. Be it a flood, electrical failure, ransomware attack or other broad geographic events; we don't know what it is really like to have to restore IT infrastructure unless we have had to do it ourselves. We look at other people's backup and recovery issues and hope we are smarter or clever enough to keep
Kategorie: Hacking & Security

Hackers Use New Flash Zero-Day Exploit to Distribute FinFisher Spyware

16 Říjen, 2017 - 17:53
FinSpy—the infamous surveillance malware is back and infecting high-profile targets using a new Adobe Flash zero-day exploit delivered through Microsoft Office documents. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash, which was being actively exploited in the wild by a group of advanced persistent threat actors,
Kategorie: Hacking & Security

Yet Another Linux Kernel Privilege-Escalation Bug Discovered

16 Říjen, 2017 - 17:02
Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. Discovered by Venustech ADLab (Active-Defense Lab) researchers, the Linux kernel vulnerability (CVE-2017-15265) is due to a use-after-free memory error in the Advanced Linux Sound Architecture (ALSA)
Kategorie: Hacking & Security

Ukraine Police Warns of New NotPetya-Style Large Scale CyberAttack

14 Říjen, 2017 - 09:24
Remember NotPetya? The Ransomware that shut down thousands of businesses, organisations and banks in Ukraine as well as different parts of Europe in June this year. Now, Ukrainian government authorities are once again warning its citizens to brace themselves for next wave of "large-scale" NotPetya-like cyber attack. According to a press release published Thursday by the Secret Service of
Kategorie: Hacking & Security

New Ransomware Not Just Encrypts Your Android But Also Changes PIN Lock

14 Říjen, 2017 - 09:03
DoubleLocker—as the name suggests, it locks device twice. Security researchers from Slovakia-based security software maker ESET have discovered a new Android ransomware that not just encrypts users’ data, but also locks them out of their devices by changing lock screen PIN. On top of that: DoubleLocker is the first-ever ransomware to misuse Android accessibility—a feature that provides
Kategorie: Hacking & Security

Scam Alert: Your Trusted Friends Can Hack Your Facebook Account

13 Říjen, 2017 - 10:21
If you receive a message from any of your Facebook Friends asking for urgent help to recover their Facebook account, since they've added you as one of their 'Trusted Contacts'—just don’t blindly believe it. Researchers have detected a new Facebook phishing scam that can even trick an experienced technical user into falling victim to the scam, helping an attacker gain access to your Facebook
Kategorie: Hacking & Security

Online Training for CISA, CISM, and CISSP Cyber Security Certifications

12 Říjen, 2017 - 13:52
Believe it or not, but any computer connected to the Internet is vulnerable to cyber attacks. With more money at risk and data breaches at a rise, more certified cyber security experts and professionals are needed by every corporate and organisation to prevent themselves from hackers and cyber thieves. That's why jobs in the cyber security field have gone up 80% over the past three years
Kategorie: Hacking & Security

MS Office Built-in Feature Allows Malware Execution Without Macros Enabled

12 Říjen, 2017 - 13:06
Since new forms of cybercrime are on the rise, traditional techniques seem to be shifting towards more clandestine that involve the exploitation of standard system tools and protocols, which are not always monitored. Security researchers at Cisco's Talos threat research group have discovered one such attack campaign spreading malware-equipped Microsoft Word documents that perform code
Kategorie: Hacking & Security

Buggy Microsoft Outlook Sending Encrypted S/MIME Emails With Plaintext Copy For Months

12 Říjen, 2017 - 10:58
Beware, If you are using S/MIME protocol over Microsoft Outlook to encrypt your email communication, you need to watch out. From at least last 6 months, your messages were being sent in both encrypted and unencrypted forms, exposing all your secret and sensitive communications to potential eavesdroppers. S/MIME, or Secure/Multipurpose Internet Mail Extensions, is an end-to-end encryption
Kategorie: Hacking & Security

Israel Hacked Kaspersky, Caught Russian Spies Hacking American Spies, But...

11 Říjen, 2017 - 14:39
The cold cyber war has just turned hot. According to a story published today by the New York Times, Israeli government hackers hacked into Kaspersky’s network in 2015 and caught Russian government hackers red-handed hacking US government hackers with the help of Kaspersky. In other words — Russia spying on America, Israel spying on Russia and America spying on everyone. What the F^#% is
Kategorie: Hacking & Security

Hackers Steal $60 Million from Taiwanese Bank; Two Suspects Arrested

11 Říjen, 2017 - 13:49
A Taiwanese bank has become the latest to fall victim to hackers siphoning off millions of dollars by targeting the backbone of the world financial system, SWIFT. SWIFT, or Society for Worldwide Interbank Telecommunication, is a global financial messaging system that thousands of banks and commercial organizations across the world use to transfer billions of dollars every day. Hackers
Kategorie: Hacking & Security

Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

11 Říjen, 2017 - 11:13
As part of its "October Patch Tuesday," Microsoft has today released a large batch of security updates to patch a total of 62 vulnerabilities in its products, including a severe MS office zero-day flaw that has been exploited in the wild. Security updates also include patches for Microsoft Windows operating systems, Internet Explorer, Microsoft Edge, Skype, Microsoft Lync and Microsoft
Kategorie: Hacking & Security

OnePlus Secretly Collects Way More Data Than It Should — Here’s How to Disable It

11 Říjen, 2017 - 09:47
There is terrible news for all OnePlus lovers. Your OnePlus handset, running OxygenOS—the company's custom version of the Android operating system, is collecting way more data on its users than it requires. A recent blog post published today by security researcher Christopher Moore on his website detailed the data collection practice by the Shenzhen-based Chinese smartphone maker, revealing
Kategorie: Hacking & Security