You are here

THN

Subscribe to THN feed THN
The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts.
Updated: 1 hour 53 min ago

How to Secure Your Mid-Size Organization From the Next Cyber Attack

Tue, 15/01/2019 - 09:51
If you are responsible for the cybersecurity of a medium-sized company, you may assume your organization is too small to be targeted. Well, think again. While the major headlines tend to focus on large enterprises getting breached – such as Sony, Equifax, or Target the actual reality is that small and mid-sized companies are experiencing similar threats. According to Verizon’s 2018 Data

Unpatched vCard Flaw Could Let Attackers Hack Your Windows PCs

Tue, 15/01/2019 - 08:08
A zero-day vulnerability has been discovered and reported in the Microsoft's Windows operating system that, under a certain scenario, could allow a remote attacker to execute arbitrary code on Windows machine. Discovered by security researcher John Page (@hyp3rlinx), the vulnerability was reported to the Microsoft security team through Trend Micro's Zero Day Initiative (ZDI) Program over 6

Police Can't Force You To Unlock Your Phone Using Face or Fingerprint Scan

Tue, 15/01/2019 - 06:17
Can feds force you to unlock your iPhone or Android phone? ..."NO" A Northern California judge has ruled that federal authorities can't force you to unlock your smartphone using your fingerprints or other biometric features such as facial recognition—even with a warrant. The ruling came in the case of two unspecified suspects allegedly using Facebook Messenger to threaten a man with the

Does WhatsApp Has A Privacy Bug That Could Expose Your Messages?

Fri, 11/01/2019 - 15:32
In-short conclusion—Whatsapp service or its 45-days deletion policy doesn't seem to have a bug. For detailed logical explanation, please read below. An Amazon employee earlier today tweeted details about an incident that many suggests could be a sign of a huge privacy bug in the most popular end-to-end encrypted Whatsapp messaging app that could expose some of your secret messages under

DDoSing Hospital Networks Landed This Hacktivist in Jail for Over 10 Years

Fri, 11/01/2019 - 07:43
A simple DDoS attack could land you in jail for 10 years or even more. A Massachusetts man has been sentenced to over 10 years in prison for launching DDoS attacks against the computer network of two healthcare organizations in 2014 to protest the treatment of a teenager at the centers. Beyond serving 121 months in prison, Martin Gottesfeld, 34, was also ordered by U.S. District Judge

PyLocky Ransomware Decryption Tool Released — Unlock Files For Free

Fri, 11/01/2019 - 05:11
If your computer has been infected with PyLocky Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files—your search might end here. Security researcher Mike Bautista at Cisco's Talos cyber intelligence unit have released a free decryption tool that makes it possible for victims infected with the PyLocky ransomware to unlock their encrypted files

Over 202 Million Chinese Job Seekers' Details Exposed On the Internet

Thu, 10/01/2019 - 13:31
Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week. The unprotected 854.8 gigabytes of the database was stored in an instance of MongoDB, a NoSQL high performance and cross-platform document-oriented database, hosted by an

New Systemd Privilege Escalation Flaws Affect Most Linux Distributions

Thu, 10/01/2019 - 10:18
Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. The vulnerabilities, assigned as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, actually resides in the "systemd-journald" service

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Thu, 10/01/2019 - 09:08
Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks. Safe Links has been included by Microsoft in Office 365 as part of its ATP (Advanced Threat Protection

Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security

Thu, 10/01/2019 - 06:39
Almost every activity on the Internet starts with a DNS query, a key function of the Internet that works as an Internet's directory where your device looks up for the server IP addresses after you enter a human-readable web address (e.g., thehackernews.com). Since DNS queries are sent in clear text over UDP or TCP without encryption, the information can reveal not only what websites an

Turns Out Kaspersky Labs Helped FBI Catch Alleged NSA Leaker

Thu, 10/01/2019 - 05:04
Remember "The Shadow Brokers" and the arrest of a former NSA contractor accused of stealing 50 Terabytes of top secret documents from the intelligence agency? It turns out that, Kaspersky Lab, which has been banned in US government computers over spying fears, was the one who tipped off the U.S. government and helped the FBI catch NSA contractor Harold T. Martin III, unnamed sources familiar

German Police Seek Help In Finding Parcel Bomber With MAC Address

Wed, 09/01/2019 - 13:40
German police are seeking your help in gathering information related to a MAC address that could lead to the cell phone device used by a DHL blackmailer who last year parceled out bombs at different addresses in Brandenburg and Berlin. Between November 2017 and April 2018, someone used German parcel delivery service DHL to sent out several so-called improvised explosive devices (IEDs) in

Get 10 Popular Books To Learn Advanced Hacking [2018 Bundle]

Wed, 09/01/2019 - 08:42
It should come as no surprise that cybersecurity is one of the most important and lucrative fields in the world right now, and it’s becoming more important every day—thanks to a growing number of cyber attacks that are targeting everything from individuals and startups to Fortune 500 companies and entire government agencies. So it should also come as no surprise that demand for talented and

Google Removes 85 Adware Apps That Infect 9 Million Android Users

Wed, 09/01/2019 - 08:10
Google has removed 85 apps from its Play Store after finding out that they were pushing aggressive, full-screen adware to Android users. With the rise in the mobile market, Adware has become one of the most prevalent mobile threats in the world. Adware has traditionally been used to aggressively push ads like banners or pop-ups on mobile screens to make money for its makers. The now-removed

Microsoft Patch Tuesday — January 2019 Security Updates Released

Wed, 09/01/2019 - 05:33
Microsoft has issued its first Patch Tuesday for this year to address 49 CVE-listed security vulnerabilities in its Windows operating systems and other products, 7 of which are rated critical, 40 important and 2 moderate in severity. Just one of the security vulnerabilities patched by the tech giant this month has been reported as being publicly known at the time of release, and none are

New KickAss Torrents (KAT) ~ 2019 Best Torrent Sites (Working)

Wed, 09/01/2019 - 04:20
Good news, the new Kickass Torrents site is back. Back in July 2017, popular BitTorrent site Kickass Torrents (KAT cr) was taken down by the United States authorities. The peer to peer file sharing site became the world's biggest piracy hub after The Pirate Bay went offline. Now shortly after law enforcement shut down the original KAT site, a group of devoted site staffers launched the

20-Year-Old Man Arrested For Carrying Out Germany's Biggest Data Leak

Tue, 08/01/2019 - 15:06
German federal police have arrested a 20-year-old local student for stealing and publishing a massive trove of personal data of hundreds of politicians, journalists and other public figures last month. The young man, whose identity has not been revealed by the police, was arrested after police raided his parent's house in west-central German State of Hesse on Sunday and recovered a computer

Zerodium Offers to Buy Zero-Day Exploits at Higher Prices Than Ever

Tue, 08/01/2019 - 10:00
Well, there's some good news for hackers and vulnerability hunters, though terrible news for tech manufacturers! Exploit vendor Zerodium is now willing to offer significantly higher payouts for full, working zero-day exploits that allow stealing of data from WhatsApp, iMessage and other online chat applications. Zerodium—a startup by the infamous French-based company Vupen that buys and sells

Ethereum Classic (ETC) Hit by Double-Spend Attack Worth $1.1 Million

Tue, 08/01/2019 - 09:27
Popular cryptocurrency exchange Coinbase has suspended all transactions of Ethereum Classic (ETC)—the original unforked version of the Ethereum network—on their trading platforms, other products and services after detecting a potential attack on the cryptocurrency network that let someone spend the same digital coins twice. Why is this attack concerning? The heist resulted in the loss of $1.1

NSA to release its GHIDRA reverse engineering tool for free

Mon, 07/01/2019 - 07:37
The United States' National Security Agency (NSA) is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by WikiLeaks in CIA Vault 7 leaks, but the tool once again came to light after Senior NSA Adviser

Pages