NSA | Breaking Cybersecurity News | The Hacker News

The United States National Security Agency (NSA) has released a network security tool for Government and the private sectors to help secure their networks against cyber attacks. Dubbed Systems Integrity Management Platform (SIMP) , the tool is now publicly available on the popular source code sharing website GitHub . According to an official release from NSA, SIMP makes it easier for government organizations and the private sector to "fortify their networks against cyber threats." SIMP aims at providing a reasonable combination of security compliance and operational flexibility , keeping networked systems compliant with security standards and requirements. It is considered to be a critical part of a layered, "defence-in-depth" approach to information security. " By releasing SIMP, the agency seeks to reduce duplication of effort and promote greater collaboration within the community: The wheel would not have to be reinvented for every organiza

In wake of the latest revelations about the National Security Agency (NSA) global spying on country's leaders, France may decide to offer political asylum to whistleblowers Edward Snowden and Julian Assange , as a " symbolic gesture ." Former NSA contractor Edward Snowden , who is facing criminal espionage charges in the U.S., has remained in Russia for almost two years after exposing the United States government's worldwide surveillance programs and he awaits responses from two dozen countries where he'd like to live. WikiLeaks Founder Julian Assange has remained in the Ecuadorian embassy for three years in London to avoid extradition to Sweden, where Assange is facing sex crime allegations. French Justice Minister Christiane Taubira told French news channel BFMTV on Thursday that if France decides to offer both of them asylum, she would "absolutely not be surprised." Recent WikiLeaks report claimed that the United States had been spying on

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

Just the way you swipe your smartphone screen is enough for your smartphone to identify you. Yes, it's a Fact, not Fiction! The United States National Security Agency (NSA) has a new technology that can identify you from the way your finger swipe strokes and text on a smartphone screen, according to officials with Lockheed Martin who helped design the technology. John Mears , a senior fellow for Lockheed IT and Security Solutions, told NextGov that Lockheed Martin has been working with the agency to create a " secure gesture authentication as a technique for using smartphones, " and " they are actually able to use it. " Mandrake – New Smartphone-Swipe Recognition Technology This new smartphone-swipe recognition technology, dubbed " Mandrake ," remotely analyses the curve, unique speed and acceleration of a person's finger strokes across their device's touchscreen. " Nobody else has the same strokes, " Mears ex

US Court rules NSA Phone surveillance Program is illegal United States' National Security Agency (NSA) Spying program that systematically collects data about Millions of Americans' phone calls in bulk is illegal – Yes illegal. The NSA Phone surveillance program, first disclosed by the former NSA employee and whistleblower of global surveillance Edward Snowden , ruled illegal by a New York federal appeals court on Thursday, ordering lawmakers to either completely end or replace the program. Mass Collection of Metadata: Under this program, the U.S. agency has collected information about phone numbers called and how many times it has been called. However, no content of conversations has been recorded. The program also allegedly spied on European firms and among the individuals targeted was German Chancellor Angela Merkel . However, the Second U.S. Circuit Court of Appeals in New York issued a 97-page in-depth court ruling , in which all the three judges said

Edward Snowden is back with one of the biggest revelations about the government's widespread surveillance program. The US National Security Agency ( NSA ) and British counterpart Government Communications Headquarters ( GCHQ ) hacked into the networks of the world's biggest SIM card manufacturer, according to top-secret documents given to The Intercept by former NSA-contractor-turned-whistle blower, Edward Snowden . OPERATION DAPINO GAMMA The leaked documents suggests that in a joint operation, the NSA and the GCHQ formed the Mobile Handset Exploitation Team (MHET) in April 2010, and as the name suggests, the unit was built to target vulnerabilities in cellphone. Under an operation dubbed DAPINO GAMMA, the unit hacked into a Digital security company Gemalto , the largest SIM card manufacturer in the world, and stole SIM Card Encryption Keys that are used to protect the privacy of cellphone communications. Gemalto, a huge company that operates in 85 countr

The NSA and GCHQ have tracked and monitored the activities of independent and nation-state hackers, along with some of the foremost security researchers in order to gather information on targets and pilfer the stolen data from hackers' archives, top secret Snowden documents reveal. State-sponsored, individual Blackhat hackers and hacking groups target some or other organizations on an ongoing basis. So, by monitoring the work of 'freelance' and rival state hackers, the NSA and its allies get the stolen information, such as email accounts or chats owned by target of their interest, without doing much of hard work. HACKERS STOLE FROM TARGETS & AGENCIES STOLE FROM HACKERS According to the latest revealed documents provided by whistleblower Edward Snowden , the hacks and sophisticated breaches on the targets were carried out by the state-sponsored and freelance hackers, but the stolen data, referred to as 'take', was then pilfered by the agencies for

A number of western companies are doing big business in China, but now they may have to pay a huge value for to do so. China has introduced strict new banking cyber security regulations on western companies selling technology to Chinese banks. The Chinese government wants backdoors installed in all technologies that imports into the Middle Kingdom for the benefit of Chinese security services. The latest rules also state that western companies must hand over the Encryption Keys and secret source code as well. The requirements are so absurd that it would be impossible for companies like Apple to comply, which could harm American businesses. " The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of do

​Researchers have uncovered a new evidence that a powerful computer program discovered last year, called " Regin ", is "identical in functionality" to a piece of malware used by the National Security Agency  (NSA) and its Five Eyes allies . REGIN MALWARE "Regin" is a highly advanced, sophisticated piece of malware the researchers believe was developed by nation state to spy on a wide-range of international targets including governments, infrastructure operators and other high-profile individuals since at least 2008. Regin was first discovered in November 2014 by the researchers at antivirus software maker Symantec and was said to be more sophisticated than both Stuxnet and Duqu . The malware alleged to have been used against targets in Algeria, Afghanistan, Belgium, Brazil, Fiji, Germany, Iran, India, Indonesia, Kiribati, Malaysia, Pakistan, Russia and Syria, among others. The recent evidence comes from the journalists at Der Spiege

The latest document release by Edward Snowden revealed the industrial-scale cyber-espionage operation of China to learn the secrets of Australia's next front-line fighter aircraft – the US-built F-35 Joint Strike Fighter (JSF) . Chinese spies stole " many terabytes of data " about the design of Australia's Lockheed Martin F-35 Lightning II JSF, according to top secret documents disclosed by former US National Security Agency intelligence contractor Edward Snowden to German magazine Der Spiegel . Chinese spies allegedly stole as much as 50 terabytes of data, including the details of the fighter's radar systems, engine schematics, "aft deck heating contour maps," designs to cool exhaust gases and the method the jet uses to track targets. So far, the F-35 Lightning II JSF is the most expensive defence project in the US history. The fighter aircraft, manufactured by US-based Lockheed Martin, was developed at a cost of around $400 billion (£230 billion). Beijin

The terrible terrorist attacks in France forced the British Prime Minister David Cameron to consider banning the popular encrypted online messaging apps like Snapchat , CryptoCat ,  WhatsApp and Apple's iMessage unless the companies don't give the UK government backdoor access to their encrypted communications. Speaking at a public event in the UK this morning, Cameron said that if he wins the next election and re-elected, he would seek to ban the encrypted communication apps as part of his plans for new surveillance powers in the wake of the Charlie Hebdo shootings in Paris . The British Prime Minister said the Paris terror attacks, including the one last week on satirical newspaper Charlie Hebdo, outlined the need for greater access on the encrypted communications. In his remarks, the attacks were aimed at messaging apps that encrypt messages to secure users' communications. " The attacks in Paris demonstrated the scale of the threat that we face and th

Back in june this year, Google announced an alpha Google Chrome extension called " End-to-End " for sending and receiving emails securely, in wake of former NSA contractor Edward Snowden's revelations about the global surveillance conducted by the government law-enforcements. Finally, the company has announced that it made the source code for its End-to-End Chrome extension open source via GitHub . Google is developing a user-friendly tool for individuals to implement the tough encryption standard known as Pretty Good Privacy (PGP) in an attempt to fully encrypt people's Gmail messages that can't even be read by Google itself, nor anyone else other than the users exchanging the emails. PGP is an open source end-to-end encryption standard for almost 20 years, used to encrypt e-mail over the Internet providing cryptographic privacy and authentication for data communication, which makes it very difficult to break. But implementing PGP is too complicated for m

Tor has always been a tough target for law enforcement for years and FBI has spent millions of dollars to de-anonymize the identity of Tor users, but a latest research suggests that more than 81% of Tor clients can be "de-anonymised" by exploiting the traffic analysis software 'Netflow' technology that Cisco has built into its router protocols. NetFlow is a network protocol designed to collect and monitor network traffic. It exchanged data in network flows, which can correspond to TCP connections or other IP packets sharing common characteristics, such UDP packets sharing source and destination IP addresses, port numbers, and other information. The research was conducted for six years by professor Sambuddho Chakravarty , a former researcher at Columbia University's Network Security Lab and now researching Network Anonymity and Privacy at the Indraprastha Institute of Information Technology in Delhi. Chakravarty used a technique, in order to determine the Tor

Sometimes we wonder that how the National Security Agency ( NSA ) reached such a wide range of its Surveillance operation across the world – which you can measure from several secret documents released by the former NSA contractor Edward Snowden. This hell parameter of the NSA's operation was not reached by its agents sitting in the NSA headquarter in United States, but by its undercover agents working in foreign companies based in China, Germany, and South Korea to infiltrate and compromise foreign networks and devices, according to documents obtained by The Intercept . NSA INTERCEPTING FOREIGN NETWORKS AND DATA CENTRES The latest document from the Snowden's desk talks about a program called " physical subversion ," under which the NSA's undercover operatives were infiltrating foreign networks to acquire sensitive data and access to systems in the global communications industry and possibly even some American firms. The document describes the details regarding vario

Users might have praised the technology companies for efforts to encrypt their latest devices that would prevent law enforcement agencies' hands on users' private data, but the FBI is not at all happy with Apple and Google right now. The Federal Bureau of Investigation director, James Comey , said Thursday he was " very concerned " over Apple and Google using stronger or full encryption in their Smartphones and Tablets that makes it impossible for law enforcement to collar criminals. According to Comey, the Silicon Valley tech giants are "marketing something expressly to allow people to place themselves above the law." " There will come a day – well it comes every day in this business – when it will matter a great, great deal to the lives of people of all kinds that we be able to with judicial authorization gain access to a kidnapper's or a terrorist or a criminal's device, " Comey told reporters . " I just want to make sure we

The search engine giant Google will soon come up with its next version of Android operating system, dubbed as Android L , with full-disk encryption enabled by default, Google confirmed Thursday. This will be for the first time that Google's Android OS will be encrypting your information, preventing both hackers and law enforcement agencies from gaining access to users' personal and highly sensitive data on their devices running the Android operating system. While Android has been offering data encryption options for some Android devices since 2011. However the options are not enabled by default, so users have had to activate the functionality manually. But Android L will have new activation procedures that will encrypt data automatically. Although Google is yet to provide more details about Android L, which is set to be released next month. But the move by the web giant will surely provide an extra layer of security on the personal data that users typically have on t

The National Security Agency and its British counterpart, GCHQ , gained secret access to the German telecom companies' internal networks, including Deutsche Telekom and Netcologne, in an effort to " map the entire Internet — any device, anywhere, all the time. " As reported by German news publication Der Spiegel, citing the new set of leaked documents provided by former NSA contractor Edward Snowden, the five major intelligence agencies including NSA and GCHQ have been collaborating to get near-real-time visualization of the global internet as a part of NSA's ' Treasure Map ' surveillance program , also dubbed as "the Google Earth of the Internet." TREASURE MAP TRACKS YOU 'ANYWHERE AND ALL THE TIME' The data collected by the intelligence agencies doesn't just include information from large traffic channels, such as telecommunications cables. Rather, it also include information from every single device that is connected to the internet somewhere in the w

A notable number of cell phone towers around the United States are rogue that, according to latest report, could spoof legitimate towers and intercept calls. The research carried out by ESD America , a defense and law enforcement technology firm based in Las Vegas, shows that a rogue cell phone towers, also known as "interceptors", may process the call. ESD America, the company that makes the super-secure CryptoPhone, makes one of the oldest and most expensive high-security cell phones in the market. It provides equipment and training to more than 40 countries with a goal to provide technical security assistance to government and corporate clients across Asia. SEVERAL ROGUE CELL PHONE TOWERS DISCOVERED While field-testing its secure Android handset, the CryptoPhone 500 , the firm came across the existence of a series of fake base stations along the Eastern seaboard of the US. Les Goldsmith, the CEO of ESD America, told the US publication Popular Science tha