What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-11-02 03:21:37 | Multiple Critical Remotely Exploitable Flaws Discovered in Memcached Caching System (lien direct) | Hey Webmasters, are you using Memcached to boost the performance of your website?
Beware! It might be vulnerable to remote hackers.
Three critical Remote Code Execution vulnerabilities have been reported in Memcached by security researcher Aleksandar Nikolich at Cisco Talos Group that expose major websites, including Facebook, Twitter, YouTube, Reddit, to hackers.
Memcached is a fabulous
|
APT 19 | ||
|
2016-11-02 01:36:10 | Microsoft Says Russian Hackers Using Unpatched Windows Bug Disclosed by Google (lien direct) | Google's Threat Analysis Group publically disclosed on Monday a critical zero-day vulnerability in most versions of Windows just 10 days after privately disclosed both zero days to Microsoft and Adobe.
While Adobe rushed an emergency patch for its Flash Player software on October 26, Microsoft had yet to release a fix.
Microsoft criticized Google's move, saying that the public disclosure of
|
|||
|
2016-11-01 23:52:03 | Simplifying SSH keys and SSL Certs Management across the Enterprise using Key Manager Plus (lien direct) | With rapidly growing web-based services and widely expanding locations, organizations are using more and more SSL certificates as well as SSH keys than ever.
From authentication, confidentiality, and integrity to preventing the organization from industrial espionage, SSL certificates play an important role.
Managing SSL certificates across networks to ensure protection and prevent
|
|||
|
2016-11-01 04:53:54 | The Hacker News (THN) Celebrates 6th Anniversary Today (lien direct) | Can you believe that it's been 6 years since we first launched The Hacker News?
Yes, The Hacker News is celebrating its sixth anniversary today on 1st November.
We started this site on this same day back in 2010 with the purpose of providing a dedicated platform to deliver latest infosec news and threat updates for Hackers, Security researchers, technologists, and nerds.
Times flies when
|
|||
|
2016-11-01 02:30:35 | New IoT Botnet Malware Discovered; Infecting More Devices Worldwide (lien direct) | The whole world is still dealing with the Mirai IoT Botnet that caused vast internet outage last Friday by launching massive distributed denial of service (DDoS) attacks against the DNS provider Dyn, and researchers have found another nasty IoT botnet.
Security researchers at MalwareMustDie have discovered a new malware family designed to turn Linux-based insecure Internet of Things (IoT)
|
|||
|
2016-11-01 00:19:03 | Google discloses Critical Windows Zero-Day that makes all Windows Users Vulnerable (lien direct) | Google has once again publicly disclosed a zero-day vulnerability in current versions of Windows operating system before Microsoft has a patch ready.
Yes, the critical zero-day is unpatched and is being used by attackers in the wild.
Google made the public disclosure of the vulnerability just 10 days after privately reporting the issue to Microsoft, giving the chocolate factory little time
|
|||
|
2016-10-31 10:46:53 | Shadow Brokers reveals list of Servers Hacked by the NSA (lien direct) | The hacker group calling itself the Shadow Brokers, who previously claimed to have leaked a portion of the NSA's hacking tools and exploits, is back with a Bang!
The Shadow Brokers published more files today, and this time the group dumped a list of foreign servers allegedly compromised by the NSA-linked hacking unit, Equation Group, in various countries to expand its espionage operations.
|
|||
|
2016-10-31 09:27:23 | WiGig - New Ultra-Fast Wi-Fi Standard Ready to Boost Your Internet Speed in 2017 (lien direct) | Get ready for faster Internet because the WiFi you know today is about to change and get much, much faster.
The WiFi Alliance, a self-described "worldwide network of companies that brings you Wi-Fi," has finally certified "WiGig," an ultra-fast, short-range wireless network technology that will nearly double Wi-Fi's current top speed.
As many as 180 Million devices, including routers,
|
|||
|
2016-10-29 11:08:59 | Teenage Hacker Arrested For Disrupting 911 Service With DDoS Attack (lien direct) | Just last month, researchers explained how an attacker can knock the 911 service offline in an entire state by launching automated Distributed Denial of Service (DDoS) attacks using a botnet of just 6000 smartphones.
But, doing so, in reality, could not only land public in danger but the attacker as well.
The same happened to an 18-year-old teen from Arizona, who was arrested this week
|
|||
|
2016-10-29 00:40:57 | Mirai Botnet Itself is Flawed; Hacking Back IoTs Could Mitigate DDoS Attacks (lien direct) | The infamous botnet that was used in the recent massive distributed denial of service (DDoS) attacks against the popular DNS provider Dyn, causing vast internet outage on last Friday, itself is flawed.
Yes, Mirai malware, which has already enslaved millions of Internet of Things (IoT) devices across 164 countries, contains several vulnerabilities that might be used against it in order to
|
|||
|
2016-10-28 06:21:25 | New Privacy Rules require ISPs to must Ask you before Sharing your Sensitive Data (lien direct) | Good News for privacy concerned people! Now, your online data will not be marketed for business; at least by your Internet Service Providers (ISPs).
Yes, it's time for your ISPs to ask your permission in order to share your sensitive data for marketing or advertisement purposes, the FCC rules.
On Thursday, the United States Federal Communications Commission (FCC) has imposed new privacy
|
|||
|
2016-10-28 02:48:30 | This Code Injection Technique can Potentially Attack All Versions of Windows (lien direct) | Guess what? If you own a Windows PC, which is fully-patched, attackers can still hack your computer.
Isn't that scary? Well, definitely for most of you.
Security researchers have discovered a new technique that could allow attackers to inject malicious code on every version of Microsoft's Windows operating system, even Windows 10, in a manner that no existing anti-malware tools can detect,
|
|||
|
2016-10-28 00:00:55 | \'Celebgate\' Hacker Gets 18 Months in Prison for Hacking Celebrity Nude Photos (lien direct) | The hacker who stole nude photographs of female celebrities two years ago in a massive data breach - famous as "The Fappening" or "Celebgate" scandal - has finally been sentenced to 18 months in federal prison, authorities said on Thursday.
36-year-old Lancaster, Pennsylvania man Ryan Collins was arrested in March and charged with hacking into "at least 50 iCloud accounts and 72 Gmail
|
|||
|
2016-10-27 11:03:20 | You Can Hijack Nearly Any Drone Mid-flight Using This Tiny Gadget (lien direct) | Now you can hijack nearly any drone mid-flight just by using a tiny gadget.
Security researcher Jonathan Andersson has devised a small hardware, dubbed Icarus, that can hijack a variety of popular drones mid-flight, allowing attackers to lock the owner out and give them complete control over the device.
Andersson, who is the manager of Trend Micro's TippingPoint DVLab division, demonstrated
|
|||
|
2016-10-27 04:23:10 | Chinese Hackers won $215,000 for Hacking iPhone and Google Nexus at Mobile Pwn2Own (lien direct) | The Tencent Keen Security Lab Team from China has won a total prize money of $215,000 in the 2016 Mobile Pwn2Own contest run by Trend Micro's Zero Day Initiative (ZDI) in Tokyo, Japan.
Despite the implementation of high-security measures in current devices, the famous Chinese hackers crew has successfully hacked both Apple's iPhone 6S as well as Google's Nexus 6P phones.
Hacking iPhone 6S
|
|||
|
2016-10-27 00:59:06 | Friday\'s Massive DDoS Attack Came from Just 100,000 Hacked IoT Devices (lien direct) | Guess how many devices participated in last Friday's massive DDoS attack against DNS provider Dyn that caused vast internet outage?
Just 100,000 devices.
I did not miss any zeros.
Dyn disclosed on Wednesday that a botnet of an estimated 100,000 internet-connected devices was hijacked to flood its systems with unwanted requests and close down the Internet for millions of users.
|
|||
|
2016-10-26 10:49:50 | LinkedIn to get Banned in Russia for not Complying with Data Localization Law (lien direct) | The world's largest online professional network LinkedIn could face a ban in Russia after the company has failed to comply with a Russian data localization law that compels companies to keep data on Russian users in their country.
If you are not aware, LinkedIn is the only major social network which is not banned in China, because the company agreed to cooperate with the Chinese government
|
|||
|
2016-10-26 07:40:34 | The Hacker News launches Online Deals Store – Get Best Deals & Offers (lien direct) | Hey readers, guess what?
The Hacker News (THN) is about to complete its 6 years as a leading Information Security Channel – attracting over 9 Million readers worldwide – and a trusted source for Hacking, Cyber Security and Infosec News for the enthusiasts, technologists & nerds.
In the special occasion of this year's Anniversary, The Hacker News is excited to announce the launch of its THN
|
Guideline | ||
|
2016-10-26 01:16:36 | Hacking Firmware from Mobile Phone Hacking Company Leaked Online (lien direct) | The Israeli firm Cellebrite, which provides digital forensics tools and software to help law enforcement access mobile phones in investigations, has had its firmware and software leaked online.
Yes, you heard that right. Cellebrite's most sensitive in-house capabilities have been made public by one of its products' resellers, who is now distributing copies of Cellebrite's firmware and
|
|||
|
2016-10-25 07:50:16 | Joomla Joomla! Two Critical Flaws Discovered - Update to Protect Your Site (lien direct) | Joomla – the world's second popular open source Content Management System (CMS) software packages, has just released the latest version of its CMS, which includes patches for two critical security vulnerabilities and a bug fix.
The two critical flaws, both exist in the Joomla Core functionalities, include Account Creation Vulnerability (CVE-2016-8870) and Elevated Privileges
|
|||
|
2016-10-25 02:32:03 | WhatsApp Video Calling is Now Available for Android – Download Beta Version Now! (lien direct) | WhatsApp is, no doubt, the largest end-to-end encrypted messaging network that allows over billion of its users to send messages, photos, videos, voice messages, documents, and calls that are secure from falling into the wrong hands.
And now it seems like WhatsApp is rolling out a much-awaited feature for the new beta versions of its Android app: Video Calling.
New beta version 2.16.318 of
|
|||
|
2016-10-25 02:11:54 | Warning! Your iPhone Can Get Hacked Just by Opening a JPEG Image, PDF or Font File (lien direct) | What's worse than knowing that innocent looking JPEGs, PDFs and font files can hijack your iPhone, iPad, and iPod.
Yes, attackers can take over your vulnerable Apple's iOS device remotely – all they have to do is trick you to view a maliciously-crafted JPEG graphic or PDF file through a website or an email, which could allow them to execute malicious code on your system.
That's a terrible
|
|||
|
2016-10-24 08:45:40 | Chinese Electronics Firm to Recall its Smart Cameras recently used to Take Down Internet (lien direct) | You might be surprised to know that your security cameras, Internet-connected toasters and refrigerators may have inadvertently participated in the massive cyber attack that broke a large portion of the Internet on Friday.
That's due to massive Distributed Denial of Service (DDoS) attacks against Dyn, a major domain name system (DNS) provider that many sites and services use as their upstream
|
|||
|
2016-10-24 04:48:26 | Russian Hacker Behind LinkedIn Breach also Charged with Hacking Dropbox and Formspring (lien direct) | The alleged Russian hacker, who was arrested by the FBI in collaboration with the Czech police, was believed to be the one responsible for massive 2012 data breach at LinkedIn, according to a statement released by LinkedIn.
Now, United States authorities have officially indicted Yevgeniy Aleksandrovich Nikulin, 29-years-old Russian national, for hacking not just LinkedIn, but also the online
|
|||
|
2016-10-24 03:57:01 | New Drammer Android Hack lets any App take Full control of your Phone (lien direct) | Earlier last year, security researchers from Google's Project Zero outlined a way to hijack the computers running Linux by abusing a design flaw in the memory and gaining higher kernel privileges on the system.
Now, the same previously found designing weakness has been exploited to gain unfettered "root" access to millions of Android smartphones, allowing potentially anyone to take control of
|
|||
|
2016-10-22 01:13:01 | An Army of Million Hacked IoT Devices Almost Broke the Internet Today (lien direct) | A massive Distributed Denial of Service (DDoS) attack against Dyn, a major domain name system (DNS) provider, broke large portions of the Internet on Friday, causing a significant outage to a ton of websites and services, including Twitter, GitHub, PayPal, Amazon, Reddit, Netflix, and Spotify.
But how the attack happened? What's the cause behind the attack?
Exact details of the attack remain
|
|||
|
2016-10-21 06:56:56 | Massive DDoS Attack Against Dyn DNS Causes Major Outages to Popular Sites (lien direct) | Cyber attacks are getting evil and worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one such attacks that cause a massive damage to any service.
Recently, the Internet witnessed a record-breaking largest DDoS attack of over 1 Tbps against France-based hosting provider OVH, and now the latest victim of the attack is none other than Dyn DNS
|
|||
|
2016-10-21 03:02:28 | Dirty COW - Critical Linux Kernel Flaw Being Exploited in the Wild (lien direct) | A nine-year-old critical vulnerability has been discovered in virtually all versions of the Linux operating system and is actively being exploited in the wild.
Dubbed "Dirty COW," the Linux kernel security flaw (CVE-2016-5195) is a mere privilege-escalation vulnerability, but researchers are taking it extremely seriously due to many reasons.
First, it's very easy to develop exploits that
|
|||
|
2016-10-21 00:56:02 | Ex-NSA Contractor Stole 50 TB of Classified Data; Includes Top-Secret Hacking Tools (lien direct) | Almost two months ago, the FBI quietly arrested NSA contractor Harold Thomas Martin III for stealing an enormous number of top secret documents from the intelligence agency.
Now, according to a court document filed Thursday, the FBI seized at least 50 terabytes of data from 51-year-old Martin that he siphoned from government computers over two decades.
The stolen data that are at least 500
|
|||
|
2016-10-20 11:24:47 | Over 43 Million Weebly Accounts Hacked; Foursquare Also Hit By Data Breach (lien direct) | 2016 is the year of data breaches that has made almost every major companies victims to the cyber attacks, resulting in compromise of over billion of online users accounts.
Weebly and Foursquare are the latest victims of the massive data breach, joining the list of "Mega-Breaches" revealed in recent months, including LinkedIn, MySpace, VK.com, Tumblr, Dropbox, and the biggest one -- Yahoo.
|
Yahoo | ||
|
2016-10-20 09:33:37 | MBRFilter - Open Source Tool to Protect Against \'Master Boot Record\' Malware (lien direct) | Ransomware threat has risen exponentially so much that ransomware authors have started abusing the MBR in their attacks to lock down your entire computer instead of just encrypting your important files on hard drive.
Talos team at Cisco Systems has released a free, open-source tool that protects the master boot record (MBR) sector of computers from modification by bootkits, ransomware, and
|
|||
|
2016-10-20 07:33:54 | Massive ATM Hack Hits 3.2 Million Indian Debit Cards - Change Your PIN Now! (lien direct) | India is undergoing the biggest data breaches to date with as many as 3.2 Million debit card details reportedly stolen from multiple banks and financial platforms.
The massive financial breach has hit India's biggest banks including State Bank of India (SBI), HDFC Bank, Yes Bank, ICICI Bank and Axis, and customers are advised to change their ATM PIN immediately.
Hackers allegedly used
|
|||
|
2016-10-19 11:51:39 | Breaking - Russian Hacker Responsible for LinkedIn Data Breach Arrested by FBI (lien direct) | The alleged Russian hacker arrested by the FBI in collaboration with the Czech police is none other than the hacker who was allegedly responsible for massive 2012 data breach at LinkedIn, which affected nearly 117 Million user accounts.
Yevgeniy N, 29-year-old Russian hacker was arrested in Prague on October 5 suspected of participating in conducting cyber-attacks against the United States,
|
|||
|
2016-10-19 10:52:05 | Russian Hacker who was wanted by FBI arrested in Prague (lien direct) | Czech police, in cooperation with the FBI, has arrested a Russian citizen in Prague suspected of participating in conducting cyber-attacks against the United States.
Czech police announced the arrest on its official website Tuesday evening, without giving any further details about the man and for what he is wanted for.
Alleged Russian Hacker, whose name has not yet been disclosed, was
|
|||
|
2016-10-19 03:28:11 | Police Scan 117 Million Driving Licence Photos for Face Recognition Database (lien direct) | Your driver's license photo could be scarier than it actually looks - Well, here's why:
With the help of state driver's license data, U.S. law enforcement agencies have created a huge a face-recognition database of more than 117 Million American adults that are regularly scanned in the course of police investigations.
What's even worse? Most of those people who are scanned by police without
|
|||
|
2016-10-18 11:12:48 | Donald Trump\'s Email Servers are Horribly Insecure - Researcher Reveals (lien direct) | When Hillary Clinton's private email server was hacked earlier this year, she was criticized for her bad security practices that exposed top secret documents stored in emails on that private server. The FBI called her behavior 'extremely careless.'
Republican presidential candidate Donald Trump and his supporters are continuously criticizing Clinton's use of a private email server. And here's
|
|||
|
2016-10-18 10:01:40 | Facebook is Going to make all your Private Photos Public Tomorrow - It\'s a Hoax! (lien direct) | Don't believe everything you read on Facebook.
Despite so many awareness about Facebook hoaxes, online users fall for them and make them viral.
One such viral post is circulating on Facebook that suggests everything that you have ever posted on the social media platform will become public tomorrow.
Don't worry - it's a hoax. Yes, it's still a hoax.
The latest Facebook
|
|||
|
2016-10-18 05:01:50 | VeraCrypt Audit Reveals Critical Security Flaws - Update Now (lien direct) | After TrueCrypt mysteriously discontinued its service, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, as well as privacy conscious people.
First of all, there is no such thing as a perfect, bug-free software.
Even the most rigorously tested software, like the ones that operate SCADA Systems, medical devices, and aviation software, have
|
|||
|
2016-10-18 01:55:26 | WikiLeaks Confirms Ecuador Cut Julian Assange\'s Internet Access After Clinton Leak (lien direct) | Early Monday, Whistleblowing site WikiLeaks tweeted that the internet connection of its co-founder, Julian Assange, was intentionally cut down, for which it blamed an unidentified "state party."
But most surprisingly, it was Ecuador who was behind the act.
WikiLeaks has confirmed that its founder Julian Assange's Internet access was cut down in its London embassy by the government of Ecuador
|
|||
|
2016-10-17 11:14:47 | Julian Assange is not Dead, but his Internet Connection is Cut by \'State Party\' (lien direct) | Don't worry - Julian Assange is alive and kicking! But his Internet connection is dead.
Earlier today, Wikileaks tweeted that its co-founder, Julian Assange, had his internet connection intentionally cut by an unidentified "state party."
The non-profit organization said it had "activated appropriate contingency plans," giving no further explanation.
The tweet came after Wikileaks posted a
|
|||
|
2016-10-15 05:47:39 | Crack for Charity - GCHQ launches \'Puzzle Book\' Challenge for Cryptographers (lien direct) | The UK's Signals Intelligence and Cyber Security agency GCHQ has launched its first ever puzzle book, challenging researchers and cryptographers to crack codes for charity.
Dubbed "The GCHQ Puzzle Book," the book features more than 140 pages of codes, puzzles, and challenges created by expert code breakers at the British intelligence agency.
Ranging from easy to complex, the
|
|||
|
2016-10-15 05:15:03 | FBI is Investigating Theft of $1.3 Million in Bitcoin from a Massachusetts Man (lien direct) | Over two months ago, the world's third largest Bitcoin Exchange Bitfinex lost around $72 Million worth of Bitcoins in a major hack.
Shortly after the company encountered a $72,000,000 Bitcoin theft, an unnamed Bitfinex user from Cambridge, Massachusetts, filed a police report in September, alleging that $1.3 Million of funds were stolen from his account.
Since then the Cambridge police have
|
|||
|
2016-10-15 00:31:13 | Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card (lien direct) | While some payment card companies like Mastercard have switched to selfies as an alternative to passwords when verifying IDs for online payments, hackers have already started taking advantage of this new security verification methods.
Researchers have discovered a new Android banking Trojan that masquerades primarily as a video plugin, like Adobe Flash Player, pornographic app, or video codec
|
|||
|
2016-10-14 01:00:39 | 12-Year-Old SSH Bug Exposes More than 2 Million IoT Devices (lien direct) | Are your internet-connected devices spying on you? Perhaps.
We already know that the Internet of Thing (IoT) devices are so badly insecure that hackers are adding them to their botnet network for launching Distributed Denial of Service (DDoS) attacks against target services.
But, these connected devices are not just limited to conduct DDoS attacks; they have far more potential to harm you.
|
|||
|
2016-10-13 01:53:14 | Classified U.S. Defense Network Outage Hits Air Force\'s Secret Drone Operations (lien direct) | U.S. drones are again in news for killing innocent people.
The Air Force is investigating the connection between the failure of its classified network, dubbed SIPRNet, at Creech Air Force Base and a series of high-profile airstrikes that went terribly wrong in September this year.
Creech Air Force Base is a secret facility outside Las Vegas, where military and Air Force pilots sitting in
|
|||
|
2016-10-12 10:32:28 | BlockChain.info Domain Hijacked; Site Goes Down; 8 Million Bitcoin Wallets Inaccessible (lien direct) | UPDATE: The site is back and working. Blockchain team released a statement via Twitter, which has been added at the end of this article.
If you are fascinated with the idea of digital currency, then you might have heard about BlockChain.Info.
It's Down!
Yes, Blockchain.info, the world's most popular Bitcoin wallet and Block Explorer service, has been down from last few hours, and it's
|
|||
|
2016-10-12 05:13:26 | Researchers Demonstrated How NSA Broke Trillions of Encrypted Connections (lien direct) | In the year 2014, we came to know about the NSA's ability to break Trillions of encrypted connections by exploiting common implementations of the Diffie-Hellman key exchange algorithm – thanks to classified documents leaked by ex-NSA employee Edward Snowden.
At that time, computer scientists and senior cryptographers had presented the most plausible theory: Only a few prime numbers were
|
|||
|
2016-10-12 02:55:13 | Facebook, Twitter and Instagram Share Data with Location-based Social Media Surveillance Startup (lien direct) | Facebook, Instagram, Twitter, VK, Google's Picasa and Youtube were handing over user data access to a Chicago-based Startup - the developer of a social media monitoring tool - which then sold this data to law enforcement agencies for surveillance purposes, the ACLU disclosed Tuesday.
Government records obtained by the American Civil Liberties Union (ACLU) revealed that the big technology
|
|||
|
2016-10-12 00:41:05 | Microsoft Patches 5 Zero-Day Vulnerabilities Being Exploited in the Wild (lien direct) | Microsoft has released its monthly Patch Tuesday update including a total of 10 security bulletin, and you are required to apply the whole package of patches altogether, whether you like it or not.
That's because the company is kicking off a controversial new all-or-nothing patch model this month by packaging all security updates into a single payload, removing your ability to pick and choose
|
|||
|
2016-10-11 04:24:24 | Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software (lien direct) | Over the past few years, Internet users globally have grown increasingly aware of online privacy and security issues due to mass monitoring and surveillance by government agencies, making them adopt encryption software and services.
But it turns out that hackers are taking advantage of this opportunity by creating and distributing fake versions of encryption tools in order to infect as many
|
To see everything:
