Edward Snowden | Breaking Cybersecurity News | The Hacker News

So far we have heard that using privacy tools by every individual and offering encrypted communication by every company is the only solution to Mass Surveillance conducted by the government and law enforcement authorities. But, Germany says the only solution to guard against surveillance is - Stop using Computers!! Ohh Please!! Is it a joke? No, it does not mean that they are going to completely throw out all of their computer systems, but rather they would use it preposterous. A year ago, when it came to light that German Chancellor Angela Merkel's own personal mobile phone had been spied by the U.S. National Security Agency (NSA) for years, Surveillance has become a big issue for Germany. Such a big that prominent politicians are seriously considering using manual typewriters for sensitive documents instead of computers. The head of the Germany's NSA Inquiry Committee, Patrick Sensburg said in an interview with the Morgenmagazin TV show on Monday night, th...

If anybody says that NSA is watching you, nobody surprises. But, a large scale investigation published by Washington Post indicates that the scope of surveillance carried out by US National Security Agency was massive even than the expectation of you and me. Just because you are an ordinary person doesn't mean that you are safe, as 90 percent of messages intercepted by the NSA were not foreign targets but ordinary users , like you and me, from the United States and abroad. Interestingly, your all those " startingly intimate " data and personal photographs had been left in plain view on NSA databases for someone else, according to a new report in The Washington Post published Sunday detailing a four-month review of about 160,000 intercepted e-mail and text message conversations involving 11,000 online accounts provided by former NSA contractor Edward Snowden . The National Security Agency has gathered nearly half of the files which contains names, email addresses or other details be...

We all are aware of the National Security Agency's (NSA) mass surveillance program to track non-Americans. Thanks to former NSA contractor Edward Snowden, who provided confidential documents about the widely spread surveillance programs conducted by the government intelligence agency such as NSA and GCHQ. A recent story about NSA surveillance broke when a German public broadcaster ARD published that the Agency is using its surveillance program XKeyScore to target users who use encryption and traffic anonymizing software, including Tor Network for anonymous Web browsing and Linux-based Tails operating system in an effort to keep tracks of people outside the US. XKeyScore is a powerful NSA surveillance program that collects and sorts intercepted data, which came to limelight in documents leaked by former NSA contractor Edward Snowden last summer, but the greater detail in an investigation conducted by American security expert and Tor Project member Jacob Appelbaum , Aaron Gibsom, and...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Just a few hours ago, the Official website of the  Tails Operating System  has been hacked and it appears that a self-proclaimed 17-year old hacker breached and defaced it. Tails is a Linux-based highly secure Operating System, specially designed and optimized to preserve users' anonymity and privacy. Hacker, who named himself " Sum guy ", managed to access the website as administrator and edited the homepage content with the following message: You has been haxoredeszed by sum dumb 17 year old by accident... Sorry about that please forgive me! I accidentally logged myself in as someone important and changed the site, not knowing that what I was changing would save! So sorry about that... I hope you have a backup, Oh and btw I love your OS! Yours sincerely, Sum guy And before I leave, Hi ed... and zoin Defaced Link:  https://tails.boum.org/index.en.html . However, all other pages on the Tails website are working just fine, but at this moment ...

Privacy of Internet users is dead somewhere as the Intelligence agencies can watch our every move, hear our every conversation and read our every email and find out anything related to our personal and private life.  Last year, Edward Snowden revealed about the mass surveillance carried out by NSA and other countries intelligence agencies on every citizen of their country. The US Government has allotted a large share of its ' Black Budget ' for secret surveillance programs and to make this happen, NSA has used a number of unethical ways and labelled as legal solutions, harvesting hundreds of millions of Metadata from emails, web activity, chats, social networks, and everything else around the world. The revelations encouraged Internet users think about their privacy and digital rights, and the time came when different organisations started several campaigns to block mass surveillance and fight back against the U.S. National Security Agency ( NSA ). RESET YOU...

Two weeks ago, it was revealed that NSA has been reportedly intercepting and accessing routers , servers, and other computer networking hardware to plant data gathering " backdoors " and other spywares before they were exported and delivered to the international customers.  Now, the journalist Glenn Greenwald is set to publish a list of names of those U.S citizens who have been illegally spied on by the NSA. Glenn Greenwald is the journalist from the Guardian newspaper who helped former National Security Agency contractor Edward Snowden reveal confidential documents about the widely spread surveillance programs conducted by the government intelligence agency such as NSA and GCHQ. Greenwald is promoting his latest forthcoming book, " No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State " that underlines the interest of NSA in conducting massive Internet surveillance program. He said the about to release list will be the biggest revelation out of the...

The Edward Snowden revelations triggered a large-scale movement worldwide towards deploying encryption across the Internet for secure services, which is something the government agencies like NSA and GCHQ have targeted repeatedly, as exemplified by abruptly shutting down Lavabit , a Texas-based Encrypted Email Service. In response, a group of young developers at the European Organization for Nuclear Research (CERN) has launched a new email service which offers end-to-end encryption and securing communications that could put an end to government snooping and will keep away our personal data from prying eyes. PROTONMAIL - AN END-to-END ENCRYPTED EMAIL This new encrypted email service, called ProtonMail is a super-secure email service created in collaboration with the scientists from Harvard, the Massachusetts Institute of Technology and the European research lab CERN. ProtonMail offers a user-friendly experience with full "end-to-end" encryption . It encrypts the data on the browser...

The US Intelligence Agency, NSA has been reportedly intercepting and accessing routers, servers, and other computer networking hardware to plant data gathering " backdoors " and other spywares before they are exported and delivered to the international customers, reported by the Guardian. Yesterday in a published excerpt of his forthcoming book, " No Place to Hide ", Journalist Glenn Greenwald underlines the interest of National Security Agency in planting backdoors in U.S. suppliers' routers and other networking devices in order to carry out its massive surveillance program. " A June 2010 report from the head of the NSA's Access and Target Development department is shockingly explicit ," Greenwald said. " The NSA routinely receives — or intercepts — routers, servers and other computer network devices being exported from the US before they are delivered. " While US government is always prohibiting the purchase of Huawei products due to suspected...

Edward Snowden 's leaks last year questioned the integrity of several big and reputed companies such as Apple, Google and Microsoft that were found in relation with the NSA in its surveillance programs.  Thereafter they maintained distance with the Agency and claimed to be unaware of such government spying activities. Now, email exchanges between Google executives Sergey Brin and Eric Schmidt and former NSA director Gen. Keith Alexander , obtained through the Freedom of Information Act that in real do not reveal anything ridiculously outrageous but suggest that the tech companies behind the services you use are very closely in relationship with the NSA and have worked with them over the years. The series of emails obtained by Al Jazeera clearly indicate that the relationship between Google and the National Security Agency (NSA) was far cozier than anyone thought. This revelation questions not only the reputation of the largest Internet giant, but also the privac...

The National Institute of Standards and Technology (NIST) has announced to abandon the controversial  Dual Elliptic Curve Deterministic  Random Bit Generator,  better known as  Dual_EC_DRBG in the wake of allegations that the National Security Agency. Back in December, Edward Snowden leaks revealed that RSA received $10 million bribe from NSA under a secret contract to implement their flawed cryptographic algorithm Dual_EC_DRBG in its bSafe Security tool as the default protocol in its products for keeping Encryption Weak . In response to the accusations on NSA and RSA, and despite RSA denied all the accusations. without wasting time NIST issued an announcement recommending against using Dual_EC_DRBG and abandon the cryptographic algorithm from its revised guidance provided in the Recommendation for Random Number Generation Using Deterministic Random Bit Generators ( NIST Special Publication 800-90A, Rev.1 ). But it didn't remove it from its rand...

On Saturday, the Senior Administration Officials cast light on the subject of Internet Security and said President Obama has clearly decided that whenever the U.S. Intelligence agency like NSA discovers major vulnerabilities, in most of the situations the agency should reveal them rather than exploiting for national purpose, according to The New York Times . OBAMA's POLICY WITH LOOPHOLE FOR NSA Yet, there is an exception to the above statement, as Mr. President carved a detailed exception to the policy " Unless there is a clear national security or law enforcement need, " which means that the policy creates a loophole for the spying agencies like NSA to sustain their surveillance programs by exploiting security vulnerabilities to create Cyber Weapons. After three-month review of recommendations [ PDF-file ], the Final Report of the Review Group on Intelligence and Communications Technologies was submitted to Mr. Obama on last December, out of which one of the recommendation on pa...

Heartbleed has left a worst impression worldwide affecting millions of websites and is also supposed to put millions of Smartphones and tablets users at a great risk. Heartbleed is a critical bug ( CVE-2014-0160 ) in the popular OpenSSL cryptographic software library, that actually resides in the OpenSSL's implementation of the TLS/DTLS heartbeat extension, which allows attackers to read portions of the affected server's memory, potentially revealing users data such as usernames, passwords, and credit card numbers, that the server did not intend to reveal. OpenSSL is a widely-used cryptographic library which implements the SSL and TLS protocol and protects communications on the Internet, and mostly every websites use either SSL or TLS, even the Apache web server that powers almost half of the websites over internet utilizes OpenSSL. But to assume that the users using desktop browsers to visit websites are vulnerable to the Heartbleed bug, will be wrong. Despite 40...

The Bloomberg claimed that the U.S. National Security Agency (NSA) knew about the most critical Heartbleed flaw and has been using it on a regular basis to gather " critical intelligence " and sensitive information for at least past two years and decided to keep the bug secret, citing two sources ' familiar with the matter '. In response to the above report, NSA has issued a ' 94 character' statement today denying the claims that it has known about the Heartbleed bug since two years and that it has been using it silently for the purpose of surveillance. " NSA was not aware of the recently identified Heartbleed vulnerability until it was made public ," the U.S. intelligence agency said on its Twitter feed . Heartbleed is one of the biggest Internet vulnerabilities in recent history that left large number of cryptographic keys and private data such as usernames, passwords, and credit card numbers, from the most important sites and services on the Int...

We have already read so many articles on Heartbleed, one of the biggest iNternet threat that recently came across by a team of security engineers at Codenomicon , while improving the SafeGuard feature in Codenomicon's Defensics security testing tools.  The story has taken every media attention across the World, as the bug opened doors for the cyber criminals to extract sensitive data from the server's memory and almost every major site have been affected by it. UNINTENTIONAL  BIRTH OF HEARTBLEED More than two years ago, German programmer Robin Seggelmann introduced a new feature called " Heartbeat " in the most secured open source encryption protocol, OpenSSL , which is used by several social networks, search engines, banks and other websites to enable secure connections while transmitting data. But introducing heartbeat feature cost him dearly, as here the most critical bug resides. Dr. Seggelmann allegedly was just trying to improve OpenSSL and wo...

The respected encryption and network security company RSA Security (now a division of EMC), whose respect was already on stack after revelation by former NSA contractor Edward Snowden  revealed that the NSA created a flawed random number generation system ( Dual_EC_DRBG ), Dual Elliptic Curve, which the most trusted security provider company RSA used in its Bsafe security tool.  Until then RSA wasn't able to come up from this aspersion, a new document by Snowden revealed that RSA received $10 million from NSA for keeping Encryption Weak. Researchers from Johns Hopkins , the University of Wisconsin , the University of Illinois  have claimed that the RSA adopted one more NSA recommended tool called Extended Random extension  for secure websites, which actually helps NSA to crack a version of the Dual Elliptic Curve software tens of thousands of times faster,  Reuters reported. Dual Elliptic Curve Deterministic Random Bit Generator ( D...

The US Government was publicly accusing Chinese electronics manufacturer Huawei of espionage from the past few years. Ironically, it has now been revealed that the  National Security Agency conducted a major offensive cyber operations against the  Chinese government and networking company Huawei,  in early 2009. According to reports based on classified documents leaked by Edward Snowden   and viewed by The Times and Der Spiegel , NSA has infiltrated servers in the headquarters of Chinese telecommunications and hacked into the email servers of Huawei five years ago. Code-named as " Operation Shotgiant " was conducted with the involvement of the CIA, White House intelligence coordinator and the FBI; aimed to find a link between  Huawei  and China's People's Liberation Army. NSA accessed the emails of many Huawei employees' for this purpose. NSA STOLE SOURCE CODES NSA also aimed to conduct surveillance through computer ...

Another leak from  Edward Snowden files, but this time not about the NSA, rather the documents revealed that France's central intelligence agency, the DGSE has complete and unconditional  access to all of  telecom giant  Orange's data, not just metadata . Yes! It is the same  Orange company who threatened to sue the NSA for hacking into the underwater cable that it jointly owns with 15 other companies. According to the French paper Le Monde -- Orange, the leading telecom company in France with more than 26 million customers worldwide cooperated allegedly illegally for years with France's main intelligence agency. DGSE and Agents with military clearance have been working with Orange for at least 30 years. France has a PRISM like surveillance  program to target phone communications, emails and data from tech companies like Google, Facebook, Apple, Microsoft and Yahoo. Furthermore, DGSE is also sharing this data with foreign ...

Mark Zuckerberg is continually denying working with the NSA or any other Government Intelligence Agency in serving out data they gathered through extended surveillance, and even he expressed his indignation over the damage the Government is creating for all, on the phone call to the US President Obama . " I've called President Obama to express my frustration over the damage the government is creating for all of our future ," he said in a blog post. Facebook - HTTPS Now, just yesterday morning, Facebook's Chief Security Officer Joe Sullivan sat down whiteboard session on social networks in Silicon Valley headquarters for providing information on the company's security policy diving. The session was conducted after a recent report revealed by The Intercept , suggested the National Security Agency (NSA) may have masqueraded as the social network to infect a number of target's computers, according to Edward Snowden documents. He said, " no one co...