#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Encryption tool | Breaking Cybersecurity News | The Hacker News

Hackers Reveal How Code Injection Attack Works in Signal Messaging App

Hackers Reveal How Code Injection Attack Works in Signal Messaging App

May 14, 2018
After the revelation of the eFail attack details, it's time to reveal how the recently reported code injection vulnerability in the popular end-to-end encrypted Signal messaging app works. As we reported last weekend, Signal has patched its messaging app for Windows and Linux that suffered a code injection vulnerability discovered and reported by a team of white-hat hackers from Argentina. The vulnerability could have been exploited by remote attackers to inject a malicious payload inside the Signal desktop app running on the recipients' system just by sending them a specially crafted link—without requiring any user interaction. According to a blog post published today, the vulnerability was accidentally discovered while researchers–Iván Ariel Barrera Oro, Alfredo Ortega and Juliano Rizzo–were chatting on Signal messenger and one of them shared a link of a vulnerable site with an XSS payload in its URL. However, the XSS payload unexpectedly got executed on the Sig
Privatoria — Protect Your Privacy Online with Fast and Encrypted VPN Service

Privatoria — Protect Your Privacy Online with Fast and Encrypted VPN Service

Nov 04, 2016
Today, most of you surf the web unaware of the fact that websites collect your data and track your locations and makes millions by sharing your search histories, location data, and buying habits with advertisers and marketers. And if this isn't enough, there are hackers and cyber criminals out there who have the ability to easily steal your sensitive and personal data from the ill-equipped websites. In short, the bitter truth is that you have no or very little online privacy. To resolve this issue, you need a Virtual Private Network (VPN). If you are worried about online Privacy and have not thought about using a VPN, it might be time to get one. But, the question is: What are the best anonymous VPN services? Unfortunately, not all VPNs are as anonymous as they claim to be. Some VPN services keep extensive logs of their users' browsing activities, including IP-addresses for weeks, which nullify the point of using a VPN for privacy. Want Privacy While You Surf
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software

Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software

Oct 11, 2016
Over the past few years, Internet users globally have grown increasingly aware of online privacy and security issues due to mass monitoring and surveillance by government agencies, making them adopt encryption software and services. But it turns out that hackers are taking advantage of this opportunity by creating and distributing fake versions of encryption tools in order to infect as many victims as possible. Kaspersky Lab has revealed an advanced persistent threat (APT) group, nicknamed StrongPity , which has put a lot of efforts in targeting users of software designed for encrypting data and communications. The StrongPity APT group has been using watering-hole attacks, infected installers, and malware for many years to target users of encryption software by compromising legitimate sites or setting up their own malicious copycat sites. Watering hole attacks are designed to lure specific groups of users to their interest-based sites that typically house malicious files or
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Encryption Software VeraCrypt 1.12 Adds New PIM Feature To Boost Password Security

Encryption Software VeraCrypt 1.12 Adds New PIM Feature To Boost Password Security

Aug 11, 2015
Encrypting your sensitive data is important. As you may know, CIA... C onfidentiality I ntegrity A vailability ...are the essential elements of Information Security. There are a number of tools and methods available out there, but not all encryption tools are same. We are now living in an era where everyone is watching everyone else, and now you need to pay extra attention before choosing any tool. VeraCrypt , a TrueCrypt alternative, is an open source file encryption software designed to protect your online privacy. VeraCrypt enters the market within months after TrueCrypt died , almost similar to it, but with enhancements to further secure your data. A week ago, latest version VeraCrypt 1.12 released with a new feature called PIM, which stands for " Personal Iterations Multiplier ". PIM (Personal Iterations Multiplier) is a new parameter introduced in VeraCrypt 1.12 to secure your data. PIM is basically a secret numerical value that
Cybersecurity Resources