You are here


Subscribe to THN feed THN
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Updated: 1 hour 51 min ago

8 Popular Courses to Learn Ethical Hacking – 2018 Bundle

Fri, 19/10/2018 - 10:12
Update (Oct 2018) — Over 30,000 students from all around the world have joined this training program so far. Due to the growing number of threats in the computer world, ethical hackers have become the most important player for not only governments but also private companies and IT firms in order to safeguard their systems and networks from hackers trying to infiltrate them. By 2020,

Critical Flaws Found in Amazon FreeRTOS IoT Operating System

Fri, 19/10/2018 - 05:35
A security researcher has discovered several critical vulnerabilities in one of the most popular embedded real-time operating systems—called FreeRTOS—and its other variants, exposing a wide range of IoT devices and critical infrastructure systems to hackers. What is FreeRTOS (Amazon, WHIS OpenRTOS, SafeRTOS)? FreeRTOS is a leading open source real-time operating system (RTOS) for embedded

Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info

Wed, 17/10/2018 - 15:16
Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to steal login credentials and other private information for users' accounts. The affected information included users email addresses, protected (hashed and salted) account passwords, self-reported location (a feature no longer available), previously used email

LuminosityLink Hacking Tool Author Gets 30-Months Prison Sentence

Wed, 17/10/2018 - 11:18
A 21-year-old Kentucky man who previously pleaded guilty to developing, marketing, and selling an infamous remote access trojan (RAT) called LuminosityLink has now been sentenced to 30 months in prison. According to a press release published Monday by U.S. Attorney’s Office, Colton Grubbs, who used online moniker 'KFC Watermelon,' was pleaded guilty for three counts--unlawfully accessing

LibSSH Flaw Allows Hackers to Take Over Servers Without Password

Wed, 17/10/2018 - 07:39
A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password. The security vulnerability, tracked as CVE-2018-10933, is an authentication-bypass issue that was introduced in

Google Will Charge Android Phone Makers to Use Its Apps In Europe

Wed, 17/10/2018 - 06:08
Would you prefer purchasing an Android device that doesn't have any apps or services from Google? No Google Maps, No Gmail, No YouTube! And NOT even the Google Play Store—from where you could have installed any Android apps you want Because if you live in Europe, from now on, you have to spend some extra cash on a smartphone with built-in Google services, which were otherwise until now

New iPhone Bug Gives Anyone Access to Your Private Photos

Tue, 16/10/2018 - 04:54
A security enthusiast who discovered a passcode bypass vulnerability in Apple's iOS 12 late last month has now dropped another passcode bypass bug that works on the latest iOS 12.0.1 that was released last week. Jose Rodriguez, a Spanish amateur security researcher, discovered a bug in iOS 12 in late September that allows attackers with physical access to your iPhone to access your contacts

Chrome, Firefox, Edge and Safari Plans to Disable TLS 1.0 and 1.1 in 2020

Mon, 15/10/2018 - 15:43
All major web browsers, including Google Chrome, Apple Safari, Microsoft Edge, Internet Explorer, and Mozilla Firefox, altogether today announced to soon remove support for TLS 1.0 (20-year-old) and TLS 1.1 (12-year-old) communication encryption protocols. Developed initially as Secure Sockets Layer (SSL) protocol, Transport Layer Security (TLS) is an updated cryptographic protocol used to

Google to Encrypt Android Cloud Backups With Your Lock Screen Password

Mon, 15/10/2018 - 06:20
In an effort to secure users' data while maintaining privacy, Google has announced a new security measure for Android Backup Service that now encrypts all your backup data stored on its cloud servers in a way that even the company can't read it. Google allows Android users to automatically backup their essential app data and settings to their Google account, allowing them to simply restore it

30 Million Facebook Accounts Were Hacked: Check If You're One of Them

Sat, 13/10/2018 - 07:24
Late last month Facebook announced its worst-ever security breach that allowed an unknown group of hackers to steal secret access tokens for millions of accounts by taking advantage of a flaw in the 'View As' feature. At the time of the initial disclosure, Facebook estimated that the number of users affected by the breach could have been around 50 million, though a new update published today by

Fortnite for Android Released, But Make Sure You Don't Download Malware

Fri, 12/10/2018 - 09:11
Yes, it is official. The massively popular battle royale video game from Epic Games, Fortnite: Battle Royale is finally available for Android devices. Epic announced Thursday that the Android version of Fortnite is now available for everyone to download for free, so you no longer require an invite to play the most popular battle royale game on your phone. Epic Games have provided a list of

Google Adds Control-Flow Integrity to Beef up Android Kernel Security

Fri, 12/10/2018 - 06:07
Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities. In code reuse attacks, attackers exploit memory corruption bugs (buffer overflows, type confusion, or integer overflows) to take over code pointers stored

French Dark-Web Drug Dealer Sentenced to 20 Years in US Prison

Thu, 11/10/2018 - 06:19
A dark web drugs kingpin who was arrested last year when he arrived in the United States to compete in the World Beard and Mustache Championships has now been sentenced to 20 years in prison. On Tuesday, U.S. District Judge Robert N. Scola sentenced 36-year-old French national Gal Vallerius, aka "OxyMonster," after pleading guilty to conspiracy to possess with the intent to distribute

Just Answering A Video Call Could Compromise Your WhatsApp Account

Wed, 10/10/2018 - 04:43
What if just receiving a video call on WhatsApp could hack your smartphone? This sounds filmy, but Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just by video calling you over the messaging app. The vulnerability is a memory heap overflow issue

Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities

Tue, 09/10/2018 - 15:40
Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities in its products. This month's security updates address security vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server. Out of 49 flaws

Adobe Releases Security Patch Updates for 11 Vulnerabilities

Tue, 09/10/2018 - 14:43
Adobe has released its monthly security updates to address a total of 11 vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite, of which four are rated critical and rest 7 are important in severity. Adobe has also released updated versions for Flash Player, but surprisingly this month the software received no security patch update. Also, none of the

From Now On, Only Default Android Apps Can Access Call Log and SMS Data

Tue, 09/10/2018 - 05:37
A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident. Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app. The changes are part of

Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

Mon, 08/10/2018 - 16:31
Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their

New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

Mon, 08/10/2018 - 12:34
A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year. The vulnerability, identified as CVE-2018-14847, was initially rated

How to Start a Career in Cybersecurity: All You Need to Know

Mon, 08/10/2018 - 10:01
Cybersecurity is one of the most dynamic and exciting fields in tech, combining cutting-edge information technology with crime fighting. It’s also an industry in serious need of qualified professionals. Estimates show that there are over one million unfilled cybersecurity jobs. The U.S. Bureau of Labor Statistics projects that employment of information security analysts will grow 28 percent