#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

PRISM | Breaking Cybersecurity News | The Hacker News

iPhone 5s Users Fooled By Apple, NSA and A Fake middle finger

iPhone 5s Users Fooled By Apple, NSA and A Fake middle finger
Sep 24, 2013
Last week Apple releases the iPhone 5S  with Touch ID , a fingerprint-scanning feature, promoted by the company as " Your fingerprint is one of the best passwords in the world ". Just after the launch of iOS7 , Hackers around the world come up with a series of security issues and privacy concerns. One of the most embarrassing hack released yesterday, when a group of German Hackers fooled the iPhone 's biometric fingerprint security by just using a high resolution photo of someone's fingerprint. Now, We all are aware about many secret surveillance projects of NSA like PRISM , where U.S. government is collecting data from these Internet companies including - Apple. Apple claimed that, iPhone will never upload fingerprints to their server, but can we believe them anymore ? It is already proven that, During Surveillance operations and for Backup purpose, Smartphone applications can upload anything from your device to their online servers without any

U.S. Government asked Linus Torvalds to insert Backdoor Into Linux

U.S. Government asked Linus Torvalds to insert Backdoor Into Linux
Sep 19, 2013
At the Linuxcon conference in New Orleans today, Linus Torvalds and the other top Linux developers, talked to the Linux faithful about Linux, Microsoft, and other issues. During a question-and-answer ‪session ‬at ‪the LinuxCon,  Linux Torvalds admitted to questions from the audience th at the  U .S. Government   approached him to put a backdoor into his open-source operating system. Torvalds responded "no" while shaking his head "yes," as the audience broke into spontaneous laughter. Then someone asked if Linus would be interested in becoming Microsoft's CEO, which was answered with a big smile and because he is fully satisfied with the development of Linux and his life. He noted that when he started Linux 22 years ago, the hardware was very different than it is today. He expects that 20 years from now the hardware will change even more. " Linux usage keeps changing. Linux today is very different from even ten years ago ," Torvalds ad

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

Bitcoins - Secured by NSA designed Encryption or Backdoored ?

Bitcoins - Secured by NSA designed Encryption or Backdoored ?
Sep 13, 2013
It's been nearly three months since Edward Snowden started telling the world about the National Security Agency's mass surveillance of global communications. After the last week report that the National Security Agency has leveraged its cooperative relationships with specific industry partners to insert vulnerabilities into Internet security products. Bitcoin , a virtual currency, a peer-to-peer electronic cash system, which is generated on a logarithmic scale by dedicated miners who run software that generate the complex hash codes which make up a Bitcoin.  The integrity of Bitcoin depends on a hash function called SHA-256 , which was designed by the NSA and published by the National Institute for Standards and Technology (NIST). Is it hard to believe that could the intelligence community have a secret exploit for Bitcoin? While there is no evidence yet to support the speculation. " If you assume that the NSA did something to SHA-256, which no outside resea

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

NSA: Steve Jobs is the real Big Brother and iPhone buyers are zombies

NSA: Steve Jobs is the real Big Brother and iPhone buyers are zombies
Sep 10, 2013
As we reported yesterday that, your Smartphone is a goldmine for the US National Security Agency (NSA), they have the full access to your Data available on your Smartphones including Android , iPhone and Blackberry. But among other Smartphones,  iPhone apparently is the most popular with the National Security Agency. Another NSA presentation leaked by NSA whistle-blower Edward Snowden and published by German paper Der Spiegel , describing Steve Jobs as the real Big Brother and iPhone buyers as the "zombies" . By cracking mobile operating systems and eavesdropping on mobile communications, the data obtained in this way includes contacts, call lists, SMS traffic, notes and location information. " Such as a iPhone picture of a foreign government official who took selfies while watching TV, and a picture of an unknown man, apparently an Afghani fighter, in the mountains of Afghanistan. And remember the iPhone's location bug? That enabled tracking of people over exten

NSA can access your data on Smartphones including iPhone, BlackBerry and Android devices

NSA can access your data on Smartphones including iPhone, BlackBerry and Android devices
Sep 08, 2013
National Security Agency (NSA)  has the capability to access a broad range of data on most Smartphones out there, including iPhone, BlackBerry, and Android devices, according to the  documents provided by former US intelligence contractor Edward Snowden to the  German news agency Der Spiegel report. A 2009 NSA document states that it can " see and read SMS traffic ". This data includes Contact, call lists, SMS traffic, notes and location data about where a user has been, the NSA has set up teams to specialize in cracking each operating system. The leaked information also revealed that the NSA has organized a working group for each operating system. The documents also state the NSA has successfully accessed BlackBerry email data, a system previously thought to be very secure. Recently, two Guardian reporters , the Newspaper primarily responsible with leaking NSA documents, discovered a mystery app on their iPhones . It has no title, no identifying image,

Tor Anonymizing network overload caused by Mevade Botnet

Tor Anonymizing network overload caused by Mevade Botnet
Sep 08, 2013
Recently, Tor Project Director - Roger Dingledine described a sudden increase in Tor users on the Tor Network after the events related to disclosure of the PRISM surveillance program, Since August 19, 2013, there has been an impressive growth in the number of Tor users. At first, No one knew who or what is responsible for this spontaneous growth of Tor users, but Security researchers at Fox-IT firm found evidence that the spike in Tor traffic is caused by a Mevade Botnet, that hides its Command-and-Control server in the anonymizing network. The security firm documented the presence of the Mevade malware architecture based on the anonymizing network, " The malware uses a command and control connectivity via Tor .Onion links using HTTP. While some bots continue to operate using the standard HTTP connectivity, some versions of the malware use a peer-to-peer network to communicate (KAD based). " " Typically, it is fairly clear what the purpose of malw

Can we Trust Google ? Company Speeding up Strong Encryption Program in response to NSA surveillance

Can we Trust Google ? Company Speeding up Strong Encryption Program in response to NSA surveillance
Sep 07, 2013
Trust is something that's earned, not given. We trusted tech companies with our data because they promised to keep it secure. That trust was called into question after former NSA contractor Edward Snowden revealed that NSA is snooping on us with the help of same tech companies. Today Google announced that they have accelerated their efforts towards encrypting the information that has been flowing through its data centers across the world to thwart snooping by NSA and intelligence agencies, but do can you Trust Google and Other Internet Companies now ? " It's an arms race ," Eric Grosse, Google's vice president for security engineering, tells WP . " We see these government agencies as among the most skilled players in this game. " Google officials declined to provide details on the cost of its new encryption efforts, the numbers of data centers involved, or the exact technology used. According to the report, encrypted information would

NSA misused PRISM - Spied on Al Jazeera, bugged UN headquarters and used for personal spying

NSA misused PRISM - Spied on Al Jazeera, bugged UN headquarters and used for personal spying
Aug 31, 2013
Before NSA said that they has zero tolerance for willful violations of the agency's authorities, but NSA had violated privacy rules on thousands of occasions. According to documents seen by SPIEGEL, Arab news broadcaster Al Jazeera was spied on by the National Security Agency. The US intelligence agency hacked into Al Jazeera's internal communications system. The NSA said these selected targets had high potential as sources of intelligence. These Documents were provided by the former NSA contractor and whistleblower Edward Snowden . Also NSA was cracking the airline reservation services for Russian airline Aeroflot, accessing " Al Jazeera broadcasting internal communication " was listed as a notable success and the encrypted information was forwarded to the responsible NSA departments for further analysis. Also, The National Security Agency (NSA) has admitted some of their officers misused the agency's massive spying powers to keep tabs on their love

Anonymity Tool Tor gains more than 1.2 Million new users since NSA PRISM scandal

Anonymity Tool Tor gains more than 1.2 Million new users since NSA PRISM scandal
Aug 31, 2013
Since Snowden came forward with details about the NSA's PRISM program in June, web users concerned about online privacy are increasingly turning toward privacy tools to protect their online data. U.S. Government project PRISM allows the government to tap phone calls, email, and web browsing of any citizen without a warrant. New metrics from The Tor Project show that, the usage of Tor Browser is increasing day by day due to the fact that internet users are getting more and more inclined in keeping their online activity isolated from internet surveillance programs like US Prism. Tor was launched in 2004 and developed by the U.S. Navy, is used by governments, activists, journalists and dissidents to conceal their online activities from prying eyes. The TOR online anonymity service has exploded since early June, up more than 100 percent, from just over 500,000 global users to more than 1.2 million. Of those 600,000 new users, roughly ten percent are from the

Fear of NSA PRISM : Indian Government may ban US email services for official communication

Fear of NSA PRISM : Indian Government may ban US email services for official communication
Aug 30, 2013
The Indian Government is planning to ban the use of US based email services like Gmail for official communications to increase the security of confidential government information. The recent disconcerting reports that that India was being spied upon by American intelligence agencies has opened an all new chapter in the cyber security space. As leaked by former US National Security Agency contractor Edward Snowden, that NSA involved in widespread spying and surveillance activities across the globe. The Government plans to send a formal notification to about 500,000 employees across the country, asking them to stick to the official email service provided by India's National Informatics Centre, Time of India Reported. The fact that several government officers in top positions use their Gmail IDs for official communications i.e. Several senior government officials in India, including ministers of state for communications & IT Milind Deora and Kruparani Killi, have t

National Security threats to be detailed at 'The Hackers Conference' 2013 | #THC2013

National Security threats to be detailed at 'The Hackers Conference' 2013 | #THC2013
Aug 17, 2013
The recent "disconcerting" reports that India was being spied upon by American intelligence agencies has opened an all new chapter in the cyber security space. The revelation that the Indian embassy in the US was among the list of 38 diplomatic missions which were being spied upon by American intelligence agencies, as per the latest top secret US National Security Agency documents leaked by the whistleblower Edward Snowden has raised questions like How much of liberty should the cyber space grant to maintain national security and at what cost?  So far, legality is the main rationale US officials have used to defend the government's PRISM spying program. It's all perfectly legal, approved by govt. and the courts, but a more potent argument might be just because something is legal doesn't necessarily make it a good thing. In the context of the recent findings and the debate that it has just drawn, The Hackers Conference 2013 will raise important questions on the th

Encrypted Email Service 'Lavabit' abruptly shut down under U.S. Government Pressure

Encrypted Email Service 'Lavabit' abruptly shut down under U.S. Government Pressure
Aug 09, 2013
Texas-based Encrypted Email Service ' Lavabit ' abruptly shut down for reasons linked to National Security Agency whistleblower Edward Snowden .  The Feds want to Lavabit demanding access to Ed Snowden's email. Lavabit refused! Snowden was using the Lavabit service while holed-up in the Moscow airport. Lavabit was a dedicated email service that offered subscribers " the freedom of running your own email server without the hassle or expense ." Lavabit was launched in 2004 and most recently handled service for upwards of 60,000 individuals at a rate of around 200,000 emails a day. The owner of Lavabit announced  " I have been forced to make a difficult decision: to become complicit in crimes against the American people, or walk away from nearly 10 years of hard work by shutting down Lavabit, " letter posted on the Lavabit website . " This experience has taught me one very important lesson: without congressional action or a str

FISA Court renews NSA surveillance programs exposed by Snowden

FISA Court renews NSA surveillance programs exposed by Snowden
Jul 20, 2013
The secret Foreign Intelligence Surveillance Court (FISA) gave the green light to the Obama administration by r enewing the government's authority Friday to continue the collection of millions of Americans' telephone records. The order by the Foreign Intelligence Surveillance Court has been in place for years but must be renewed every three months and this month it was  expired on July 19.  The Obama administration maintains Congress shouldn't be surprised by the programs. NSA surveillance programs were  exposed in the month of June,  by former National Security Agency contractor Edward Snowden .  He has been charged with espionage and remains in diplomatic limbo at the Moscow airport after seeking temporary asylum. President Barack Obama says the government is not listening in on calls, and  Intelligence officials say they have helped disrupt dozens of terrorist attacks, and target only foreign suspects outside the United States while taking close care

Edward Snowden files has blueprint of NSA surveillance programs

Edward Snowden files has blueprint of NSA surveillance programs
Jul 15, 2013
Edward Snowden has enough information to cause more damage to the US government in a minute alone than anyone else has ever had in the history of the United States, but he has insisted that they not be made public, including  the blueprints of NSA surveillance program . Glenn Greenwald, the Guardian journalist, who was the first to report on classified documents leaked by Edward Snowden, says the former National Security Agency contractor has what amounts to an " instruction manual for how the NSA is built. " The documents " would allow somebody who read them to know exactly how the NSA does what it does, which would in turn allow them to evade that surveillance or replicate it ," Greenwald said.  " In order to take documents with him that proved that what he was saying was true he had to take ones that included very sensitive, detailed blueprints of how the NSA does what they do. " Greenwald said that Snowden is planning more stories on domestic spying

Australia's Telstra Wiretapping undersea cables from past 12 years for FBI

Australia’s Telstra Wiretapping undersea cables from past 12 years for FBI
Jul 13, 2013
According to a secret agreement it signed in 2001 with the FBI and US Department of Justice - Telstra, Australia's largest phone company is storing huge volumes of electronic communications it carried between Asia and the US for potential surveillance by US intelligence agencies. The contract was prompted by Telstra's undersea telecommunications joint venture called Reach . Undersea cabling " physically located in the United States, from which Electronic Surveillance can be conducted pursuant to Lawful US Process. " The document also specifies the facility should be run exclusively by US staff.  The document was signed by Douglas Gration, a barrister who was then Telstra's company secretary and official liaison for law enforcement and national security agencies. The venture also guaranteed it would be able to provide U.S. authorities with copies of stored data, call logs, subscriber information, and billing data, according to the document. Those were to be stor

Edward Snowden made public appearance at Moscow's Sheremetyevo Airport

Edward Snowden made public appearance at Moscow's Sheremetyevo Airport
Jul 13, 2013
Whistleblower Edward Snowden made a public appearance yesterday at a Moscow airport, beside a staff member of the Wikileaks organization, met with representatives of a half-dozen or so human rights groups. Snowden has not been seen in public and was stuck in the transit area of Moscow's Sheremetyevo Airport since arriving there on June 23 from Hong Kong . A 30 second video posted on youtube, which did not name the source for this clip. Notable because no press were permitted inside, and no video was allowed. Snowden said that he wants asylum in Russia before moving on to Latin America and assailing U.S. surveillance programs as illegal and immoral, but Immigration officials in Russia say they've not received any application from Edward Snowden . As Snowden explained it Friday, he disputes the notion that his actions are doing damage to the United States. As a result, Putin's condition doesn't apply. Snowden said that he has received offers of asylum

BlackBerry allows Indian government to Intercept emails and Chats

BlackBerry allows Indian government to Intercept emails and Chats
Jul 13, 2013
In 2010 the Indian authorities threatened to shut down BlackBerry's infrastructure unless it agreed to comply with lawful access requirements providing the government a way to intercept messages in order to prevent terrorist attacks. The long time dispute between the Indian government and BlackBerry over monitoring, tracking and interception is now resolved. Blackberry is ready to provide the Indian authorities with a way to lawful intercept consumers' messages sent and received on its platform including mails and peripherals, chats and browsing history on BlackBerry devices. But BlackBerry Enterprise Server has been left out of the interception solution which means corporate emails won't be under scrutiny. According to an internal document of the Department of Telecommunications (DoT), nine out of 10 telecom networks offering Blackberry services were in the process of making it possible for authorities to carry out intercepts. Blackberry train 5

Microsoft handed over encrypted messages key and Skype calls access to NSA

Microsoft handed over encrypted messages key and Skype calls access to NSA
Jul 11, 2013
New top secret documents provided by Edward Snowden exposed that Microsoft worked hand-in-hand with the United States government and handed the NSA access to encrypted messages and built a series of backdoors into Outlook.com, Skype, and SkyDrive to ease difficulties in accessing online communications. Over the last three years, Microsoft has reportedly assisted the FBI and NSA in encryption bypassing its products' encryption that would otherwise prevent the interception of web chats, emails, and user data. The documents obtained by The Guardian show that: Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal; The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail; The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users world

Snowden Confirms Stuxnet Malware developed by NSA and Israel Together

Snowden Confirms Stuxnet Malware developed by NSA and Israel Together
Jul 08, 2013
In an interview with Germany's Der Spiegel Magazine, American whistleblower Edward Snowden has Confirmed that Stuxnet Malware was developed by NSA and Israel Together. Stuxnet made international headlines in 2010 for specifically target a uranium enrichment facility in Natanz, Iran. Stuxnet was designed to make the centrifuges spin out of control and cause physical damage to the plant in Natanz. Stuxnet temporarily disabled 1,000 centrifuges that the Iranians were using to enrich uranium. Asked whether the NSA collaborates with Israel, Snowden said: " Yes, all the time. The NSA has a large section for that, called the FAD - Foreign Affairs Directorate. "  " The NSA and Israel wrote Stuxnet together, " Snowden said when asked if the NSA had any involvement in the Stuxnet program. Last year an even more complex computer virus called Flame was discovered and while initially it was not linked to Stuxnet, further investigation by Kaspersky Labs identified a
Cybersecurity Resources