The Hacker News
Police Arrest Man Potentially Linked to Group Threatening to Wipe Millions Of iPhones
March 29th, 2017, 06:21 AM
The British authority has reportedly arrested a 20-years-old young man – potentially one of the member of a cyber criminal gang 'Turkish Crime Family' who threatened Apple last week to remotely wipe data from millions of iOS devices unless Apple pays a ransom of $75,000. The UK's National Crime Agency (NCA) arrested a young man from London on Tuesday on suspicion of "Computer Misuse Act and
Hacker Who Used Linux Botnet to Send Millions of Spam Emails Pleads Guilty
March 29th, 2017, 06:21 AM
A Russian man accused of infecting tens of thousands of computer servers worldwide to generate millions in illicit profit has finally entered a guilty plea in the United States and is going to face sentencing in August. Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty in a US federal court on Tuesday for his role in the development and maintenance of the infamous Linux botnet
Symantec API Flaws reportedly let attackers steal Private SSL Keys and Certificates
March 28th, 2017, 06:21 AM
A security researcher has disclosed critical issues in the processes and third-party API used by Symantec certificate resellers to deliver and manage Symantec SSL certificates. The flaw, discovered by Chris Byrne, an information security consultant and instructor for Cloud Harmonics, could allow an unauthenticated attacker to retrieve other persons' SSL certificates, including public and
Apple iOS 10.3 Fixes Safari Flaw Used in JavaScript-based Ransomware Campaign
March 28th, 2017, 06:21 AM
If you own an iPhone or iPad, it's possible you could see popup windows in a sort of endless cycle on your Safari browser, revealing your browser has been locked and asking you to pay a fee to unlock it. Just do not pay any ransom. A new ransomware campaign has been found exploiting a flaw in Apple's iOS Safari browser in order to extort money from users who view pornography content on their
UK Demands Encryption Backdoor As London Terrorist Used WhatsApp Before the Attack
March 27th, 2017, 06:21 AM
The government has once again started asking for backdoor in encrypted services, arguing that it can not give enough security to its citizens because the terrorists are using encrypted apps to communicate and plot an attack. Following last week's terrorist attack in London, the UK government is accusing technology firms to give terrorists "a place to hide," saying Intelligence agencies must
Use Secure VPNs (Lifetime Subscription) to Prevent ISPs From Spying On You
March 27th, 2017, 06:21 AM
Data Privacy is a serious concern today with the vast availability of personal data over the Internet – a digital universe where websites collect your personal information and sell them to advertisers for dollars, and where hackers can easily steal your data from the ill-equipped. If this wasn't enough, US Senate voted last week to eliminate privacy rules that would have forced ISPs to get
Internet-Connected Medical Washer-Disinfector Found Vulnerable to Hacking
March 27th, 2017, 06:21 AM
Internet-of-Things devices are turning every industry into the computer industry, making customers think that their lives would be much easier with smart devices. There are, of course, some really good reasons to connect certain devices to the Internet. For example, remotely switching on your A/C a few minutes before you enter your home, instead of leaving it blasting all day. But does
Fraudsters Using GiftGhostBot Botnet to Steal Gift Card Balances
March 25th, 2017, 06:21 AM
Gift cards have once again caused quite a headache for retailers, as cyber criminals are using a botnet to break into and steal cash from money-loaded gift cards provided by major retailers around the globe. Dubbed GiftGhostBot, the new botnet specialized in gift card fraud is an advanced persistent bot (APB) that has been spotted in the wild by cyber security firm Distil Networks.
Google Chrome to Distrust Symantec SSLs for Mis-issuing 30,000 EV Certificates
March 24th, 2017, 06:21 AM
Google announced its plans to punish Symantec by gradually distrusting its SSL certificates after the company was caught improperly issuing 30,000 Extended Validation (EV) certificates over the past few years. The Extended Validation (EV) status of all certificates issued by Symantec-owned certificate authorities will no longer be recognized by the Chrome browser for at least a year until
US Senate Just Voted to Let ISPs Sell Your Web Browsing Data Without Permission
March 24th, 2017, 06:21 AM
The ISPs can now sell certain sensitive data like your browsing history without permission, thanks to the US Senate. The US Senate on Wednesday voted, with 50 Republicans for it and 48 Democrats against, to roll back a set of broadband privacy regulations passed by the Federal Communication Commission (FCC) last year when it was under Democratic leadership. In October, the Federal
Wikileaks Reveals How CIA Was Hacking Your iPhones And MacBooks
March 23rd, 2017, 06:21 AM
As part of its "Vault 7" series, Wikileaks — the popular whistle-blowing platform — has just released another batch of classified documents focused on exploits and hacking techniques the Central Intelligence Agency (CIA) designed to target Apple MacOS and iOS devices. Dubbed "Dark Matter," the leak uncovers macOS vulnerabilities and attack vectors developed by a special division of the CIA
Russian Hacker Pleads Guilty to Developing and Distributing Citadel Trojan
March 23rd, 2017, 06:21 AM
A Russian man accused of developing and distributing the Citadel Banking Trojan, which infected nearly 11 Million computers globally and caused over $500 Million in losses, has finally pleaded guilty to charges of computer fraud. Mark Vartanyan, 29, who was very well known as "Kolypto," pleaded guilty in an Atlanta courtroom on Monday to charges related to computer fraud and is now
Hackers Using Fake Cellphone Towers to Spread Android Banking Trojan
March 22nd, 2017, 06:21 AM
Chinese Hackers have taken Smishing attack to the next level, using rogue cell phone towers to distribute Android banking malware via spoofed SMS messages. SMiShing — phishing attacks sent via SMS — is a type of attack wherein fraudsters use number spoofing attack to send convincing bogus messages to trick mobile users into downloading a malware app onto their smartphones or lures victims
Hackers Threaten to Remotely Wipe 300 Million iPhones Unless Apple Pays Ransom
March 22nd, 2017, 06:21 AM
If you use iCloud to sync your Apple devices, your private data may be at risk of getting exposed or deleted by April 7th. It has been found that a mischievous group of hackers claiming to have access to over 300 million iCloud accounts is threatening Apple to remotely wipe data from those millions of Apple devices unless Apple pays it $75,000 in crypto-currency or $100,000 worth of iTunes
It's Fappening Again! Private Photos of Emma Watson and Others Leaked Online
March 22nd, 2017, 06:21 AM
Are you clicking nude selfies? That is fine and not any criminal act, but this act can land you in trouble — here's how! Almost three years after a wave of private photographs of celebrities leaked online, "The Fappening 2.0" appears to be underway with the circulation of alleged naked pictures of female celebrities, including Emma Watson and Amanda Seyfried on Reddit and 4chan. Back in 2014,
Searching for Leaked Celebrity Photos? Don't Blindly Click that Fappening Link!
March 22nd, 2017, 06:21 AM
Are you curiously googling or searching torrents for nude photos or videos of Emma Watson, Amanda Seyfried, Rose McGowan, or any other celebrities leaked in The Fappenning 2.0? If yes, then beware, you should not click any link promising Fappenning celebrity photos. Cybercriminals often take advantage of news headlines in order to trap victims and trick them into following links that may lead
Unpatchable 'DoubleAgent' Attack Can Hijack All Windows Versions — Even Your Antivirus!
March 22nd, 2017, 06:21 AM
A team of security researchers from Cybellum, an Israeli zero-day prevention firm, has discovered a new Windows vulnerability that could allow hackers to take full control of your computer. Dubbed DoubleAgent, the new injecting code technique works on all versions of Microsoft Windows operating systems, starting from Windows XP to the latest release of Windows 10. What's worse? DoubleAgent
Hacker Reveals Easiest Way to Hijack Privileged Windows User Session Without Password
March 20th, 2017, 06:21 AM
You may be aware of the fact that a local Windows user with system rights and permissions can reset the password for other users, but did you know that a local user can also hijack other users' session, including domain admin/system user, without knowing their passwords? Alexander Korznikov, an Israeli security researcher, has recently demonstrated that a local privileged user can even hijack
Microsoft Started Blocking Windows 7/8.1 Updates For PCs Running New Processors
March 20th, 2017, 06:21 AM
You might have heard the latest news about Microsoft blocking new security patches and updates for Windows 7 and Windows 8.1 users running the latest processors from Intel, AMD, Qualcomm, and others. Don't panic, this new policy doesn't mean that all Windows 7 and 8.1 users will not be able to receive latest updates in general because Microsoft has promised to support Windows 7 until 2020,
Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models
March 20th, 2017, 06:21 AM
Cisco is warning of a new critical zero-day IOS / IOS XE vulnerability that affects more than 300 of its switch models. The company identified this highest level of vulnerability in its product while analyzing "Vault 7" — a roughly 8,761 documents and files leaked by Wikileaks last week, claiming to detail hacking tools and tactics of the Central Intelligence Agency (CIA). The vulnerability
WikiLeaks Won't Disclose CIA Exploits To Companies Until Certain Demands Are Met
March 18th, 2017, 06:21 AM
It's been over a week since Wikileaks promised to hand over more information on hacking tools and tactics of the Central Intelligence Agency (CIA) to the affected tech companies, following a leak of a roughly 8,761 documents that Wikileaks claimed belonged to CIA hacking units. "We have decided to work with them, to give them some exclusive access to some of the technical details we have, so
Sony Is Working On Mobile-to-Mobile Wireless Charging Technology
March 17th, 2017, 06:21 AM
So you are in a party with your friends, and your phone is running low on battery. Oops! The ideal solution is to charge your phone using a charger or a power bank, but not everyone carries power banks or chargers with them all the time, especially in a party. What if you can charge your phone wirelessly using another phone when it runs out of battery? Isn't that great? Well, thanks to Sony,
Linux Kernel Gets Patch For Years-Old Serious Vulnerability
March 16th, 2017, 06:21 AM
Another dangerous vulnerability has been discovered in Linux kernel that dates back to 2009 and affects a large number of Linux distros, including Red Hat, Debian, Fedora, OpenSUSE, and Ubuntu. The latest Linux kernel flaw (CVE-2017-2636), which existed in the Linux kernel for the past seven years, allows a local unprivileged user to gain root privileges on affected systems or cause a denial
Yahoo! Hack! How It Took Just One-Click to Execute Biggest Data Breach in History
March 16th, 2017, 06:21 AM
In the digital world, it just takes one click to get the keys to the kingdom. Do you know spear-phishing was the only secret weapon behind the biggest data breach in the history? It’s true, as one of the Yahoo employees fell victim to a simple phishing attack and clicked one wrong link that let the hackers gain a foothold in the company's internal networks. You may be familiar with phishing
US Charges Two Russian Spies & Two Hackers For Hacking 500 Million Yahoo Accounts
March 15th, 2017, 06:21 AM
The 2014 Yahoo hack disclosed late last year that compromised over 500 million Yahoo user accounts was believed to be carried out by a state-sponsored hacking group. Now, two Russian intelligence officers and two criminal hackers have been charged by the US government in connection with the 2014 Yahoo hack that compromised about 500 million Yahoo user accounts, the Department of Justice