#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

GCHQ | Breaking Cybersecurity News | The Hacker News

'Chaos Computer Club' filed criminal complaint against German government Over Mass Spying

'Chaos Computer Club' filed criminal complaint against German government Over Mass Spying
Feb 03, 2014
After the revelation of former NSA contractor Edward Snowden , we all very well knew the impact of it on the world, but nobody would have estimated that the impact will be so worst. The revelation, not only defaced NSA, but also its counterpart GCHQ , and various other governments which were serving them in the world's spying scandal. Now, after various allegations on NSA , Chaos Computer Club (CCC) , one of the oldest and Europe's largest association of hackers, along with the International League for Human Rights (ILMR), has filed a criminal complaint with the Federal Prosecutor General's office on Monday. The Chaos Computer club accuses the German government of capitulating to UK, US and other government intelligence agencies and their communications surveillance whims. In a press release they said: " We accuse US, British and German secret agents, their supervisors, the German Minister of the Interior as well as the German Chancellor of illegal and prohibi

NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile
Feb 03, 2014
Cryptographer Professor Jean-Jacques Quisquater has become the part of a targeted attack by the US National Security Agency (NSA) and its British counterpart GCHQ, first reported on Saturday morning by De Standaard . A few months back in September 2013 it was revealed that, Belgacom , the largest telecommunications company in Belgium was hacked and number of employees on Belgacom's network, including their servers were compromised. Later in November 2013 , it was revealed that the NSA and GCHQ were behind the infiltration of the company's computers, according to the document provided by the former NSA contractor Edward Snowden . The document detailed that the British intelligence agency GCHQ created fake ' LinkedIn ' and ' Slashdot ' pages to spy on computers of Belgacom network engineers. They used a method called " quantum insert ", to redirect employees to fake websites that contained malware using Man in the middle attack to a spoofed server ( codenamed "

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

Angry Birds and other Mobile Gaming apps leaking your private information to NSA

Angry Birds and other Mobile Gaming apps leaking your private information to NSA
Jan 28, 2014
Are you fond of playing games on your Smartphone like Angry Birds or Subway Surfer ?? You should now stop wasting your time, because NSA is utilizing your gaming energy in the best possible way. According to the latest documents leaked by former U.S. Government contractor Edward Snowden , Some of the world's most popular Smartphone applications are telling British (GCHQ) and American intelligence agencies ( NSA ) everything about you. NSA is tapping communication across the Internet of all " leaky " apps ( Unencrypted app, without SSL connection ) to peek into the tremendous amounts of very personal data, including your age, location, sex and even sexual preferences. This is really unacceptable! The Guardian claims that the NSA and its UK counterpart GCHQ have been developing capabilities to take advantage of these 'leaky' apps, collecting most sensitive information such as sexual orientation and " even sends specific sexual preferences such a

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

NSA admits to collect 200 Million text messages per day under Project DISHFIRE

NSA admits to collect 200 Million text messages per day under Project DISHFIRE
Jan 17, 2014
After the exposure of various surveillance programs, including PRISM, XKeyscore, MUSCULAR, DROPOUTJEEP in recent revelation, NSA has come up as the only ' Government that Actually Listen '. Another day and here comes another revelation - According to the The Guardian , National Security Agency (NSA) has collected almost 200 million text messages per day from across the globe and is using them to extract data including location, contact networks and even credit card details. The two names that come in the limelight are,  DISHFIRE  that collects " pretty much everything it can "and PREFER  that conducted automated analysis of the untargeted communications. The program was designed to collect the text messages automatically from various service providers, to pull the details of financial transactions, roaming charges, delayed flights, missed calls and scheduled alerts, address book contacts, credit cards, bank accounts and visited locations. Now If I am not wrong the word ' Untarge

Snowden reveals, GCHQ planted malware via LinkedIn and Slashdot traffic to hack Belgacom Engineers

Snowden reveals, GCHQ planted malware via LinkedIn and Slashdot traffic to hack Belgacom Engineers
Nov 11, 2013
Edward Snowden , a former contractor at America's National Security Agency (NSA) , has rocked the intelligence world by leaking secret documents which reveal the previously unknown extent of global spying. But looks like the NSA isn't the only one using dirty digital tricks to hack its targets. Back in September, it was reported that the UK's equivalent of the NSA, GCHQ had hacked Belgacom , a leading telecommunications provider in Belgium. Some New analysis of the Snowden papers by German magazine Der Spiegel shows that British intelligence agency GCHQ created fake LinkedIn and Slashdot pages to spy on computers of  Belgacom  network engineers. Communications networks are particularly valuable to spies, because they allow instant access to individual users. Belgacom provides internet access to dozens of key EU institutions based in its capital city Brussels and its global roaming exchange is a hub for connections between various international mobile network

Google engineers over surveillance scandal: 'Fuck you NSA'

Google engineers over surveillance scandal: 'Fuck you NSA'
Nov 06, 2013
On Tuesday, the Washington Post revealed a few more NSA slides released by Edward Snowden, which revealed that the spy agency NSA was infiltrating the private data links between Google and Yahoo data centers as part of a program called MUSCULAR . Chairman and former CEO of Google Eric Schmidt says the company's executives are shocked by allegations that the National Security Agency has been collecting data from the search engine's servers. " It's really outrageous that the NSA was looking between the Google data centers, if that's true ," he said. Overnight, Two Google's Security engineers -  Mike Hearn and   Brandon Downey expressed reasonable anger about the news on Google+, said " Fuck these guys ", where these represent NSA and GCHQ. I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces. Fuck You to the people who made these slides. I am not American, I am a Brit, but i

NSA using Browser Cookies to track Tor Users

NSA using Browser Cookies to track Tor Users
Oct 05, 2013
Yesterday a new classified NSA document was leaked by Edward Snowden - titled ' Tor Stinks ' in which ideas were being kicked around for identifying Tor users or degrading the user experience to dissuade people from using the Tor browser. The NSA had a very hard time while tracking down all Tor  users and monitoring their traffic, especially since Tor servers are all over the world, but they make tracking easier by adopting  the following techniques: By running their own hostile Tor nodes Using zero-day vulnerability of Firefox browser By tracking user' browser Cookies Tor access node tracking is not new and the Document says that both the NSA and GCHQ run Tor nodes themselves. In order to trace traffic back to a particular Tor user the NSA needs to know the ' entry, relay and exit ' nodes in the anonymizer cloud between the user and the destination website. So for tracking purpose they used self-hosted nodes, that is able to trace a very small number of To

Belgium's largest Telcom 'Belgacom' hacked; NSA could be behind the Attack

Belgium’s largest Telcom 'Belgacom' hacked; NSA could be behind the Attack
Sep 16, 2013
Belgacom , the largest telecommunications company in Belgium today announced that their IT Systems were hacked and infected with an unknown Malware . In order to eliminate that virus effectively, they clean up the entire system. The company also highlights that they have no indication of any impact on their telecommunication services, customer and employee data. According to the complexity of the malware, it appears to be the work of a state-sponsored entity. Belgacom which handles some of the undersea cables that carry voice and data traffic around the world, so the NSA or Britain's GCHQ could be behind the intrusion. That traffic would be a likely target for an attacker. The attack reportedly affected a few dozen machines on Belgacom's network, including some servers and the intrusion had been active for as long as two years by the time the Belgian company discovered it. Hacked data might help intelligence agencies to gather data on communications coming from the li

Snowden : Seven Private Telecom Companies giving unlimited access to British spy agency

Snowden : Seven Private Telecom Companies giving unlimited access to British spy agency
Aug 02, 2013
The latest release from Edward Snowden shows that the Vodafone, BT, Verizon and some other total seven Private Telecom Companies have been secretly collaborating with the British spy agency, GCHQ and giving unlimited access to the details of phone calls, emails and Facebook entries. Another leak claimed that The US government has paid at least £100m to the UK spy agency GCH Q over the last three years to secure access to and influence over Britain's intelligence gathering programs. One of the PowerPoint presentations, dating 2009, mentions British Telecom, Verizon, Vodafone, Level 3, Global Crossing, Interoute and Viatel, and Sueddeutsche Zeitung calls them key partners of GCHQ. Snowden left the Moscow airport in a taxi, although his intended destination was not clear. The US said it was extremely disappointed by Russia's decision. According to Snowden, when handing over these documents, " It's not just a US problem " and he stated that, in fact, GCHQ is

British spy agency has secret access to Global Internet and telephones

British spy agency has secret access to Global Internet and telephones
Jun 25, 2013
The Britain's spy agency GCHQ is running an online eavesdropping operation that has gained secret access to more than 200 optical fiber cables carrying global Internet traffic and telephone calls. The existence of the program has been disclosed in documents shown to the Guardian by the NSA whistleblower Edward Snowden as part of his attempt to expose what he has called the largest program of suspicion less surveillance in human history. Dubbed as , Operation Tempora has been running for around 18 months and allows GCHQ to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days. GCHQ is also sharing this sensitive personal information with its American partner, the National Security Agency (NSA). The paper said GCHQ is tapping 200 internet links in total, each with a data rate of 10Gbps, with the agency having the technical capacity to concurrently analyze 46 of these 200 streams of data at a time. That access could

UK Intelligence recruiting brilliant minds for eavesdropping social networks

UK Intelligence recruiting brilliant minds for eavesdropping social networks
Nov 02, 2012
Government eavesdropping and security agency GCHQ is developing new tools to sift through them for nuggets of useful data from Facebook, Twitter, LinkedIn, Google+, Pinterest. All of these are the source of valuable intelligence that the UK's intelligence agencies want to know about. During a visit to Bletchley Park, UK foreign secretary William Hague launched a 'spy drive' to recruit staff for GCHQ and other intelligence agencies, a National Cipher Challenge for schools, and a £480,000 grant to the home of WW2 code-breaking. " The work involves devising algorithms, testing them and general problem solving in the broad field of language and text processing. This pioneering research work is open to specialist in mathematical/statistics, computational linguists (eg speech recognition and/or language processing) and language engineering ." Job Description explains . " Using data-mining techniques, you will help us to find meaningful patterns and relationships in large
Cybersecurity Resources