Privacy | Breaking Cybersecurity News | The Hacker News

Privacy is "workings of your mind". We share our personal moments captured in images, credit card details, thoughts that are personal or professional with a person or a certain group at different instances of time and want it to be safe and secure. We use an electronic gadget to share something trusting blindly the service provider company which may have to obey some unveiled laws of that country to which it belong and our data might be at risk. The surveillance programs can force these companies to store the information and share it with the Government and can even sniff all the data passing through the channels i.e. Wire or Air, and hence compromise our privacy. Though surveillance programs were in existence before Snowden's leaks, but after the revelation of NSA's surveillance programs, we need to think twice when it comes to our privacy. 28% of all Internet users, i.e. 415 Million people say that they use some sort of privacy tool for their Internet browsing sessio

The Senate Judiciary Committee Chairman ' Patrick Leahy ' reintroduced a revamped version of the " Personal Data Privacy and Security Act " for tough criminal penalties for hackers, that he originally authored in 2005. During last Christmas Holidays, a massive data breach had occurred at the shopping giant  Target,  involving hack of 40 million credit & debit cards, used to pay for purchases at its 1500 stores nationwide in the U.S. Reason: "Target Data Breach? Seriously"?  In a statement, as published below, the Senator wrote: "The recent data breach at Target involving the debit and credit card data of as many as 40 million customers during the Christmas holidays is a reminder that developing a comprehensive national strategy to protect data privacy and cybersecurity remains one of the most challenging and important issues facing our Nation" It seems that the  TARGET Breach  was scheduled, as the best opportunity to ramp up the cyber secu

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, they often use commonly available tools and exploit multiple vulnerability points. By simulating a real-world network attack, security teams can test their detection systems, ensure they have multiple choke points in place, and demonstrate the value of networking security to leadership. In this article, we demonstrate a real-life attack that could easily occur in many systems. The attack simulation was developed based on the MITRE ATT&CK framework, Atomic Red Team,  Cato Networks ' experience in the field, and public threat intel. In the end, we explain why a holistic secur

Now that we have enough details about how the NSA's Surveillance program, running for a long time against almost each country of this planet.  Hundreds of top-secret NSA documents provided by whistleblower Edward Snowden already exposed that Spying projects like PRISM and MUSCULAR are tapping directly into Google and Yahoo internal networks to access our Emails. NSA's tactics are even capable to defeat the SSL encryption, so unsecured email can easily be monitored and even altered as it travels through the Internet. One major point on which all of us are worrying is about the privacy of communication among each other and If you're looking for a little personal privacy in your communications you will need to encrypt your messages. To avoid privacy breaches; rather I should say to make it more difficult for the NSA or British GCHQ surveillance program to read our communication, we should use PGP encryption (Pretty Good Privacy). Why we should Encrypt ou

After being an owner of Smartphones, now it's your turn to own a Smart Car. Wouldn't it sound great if you could use your favorite mobile apps on Car's dashboard display? Yes! You heard right.. Google has tied-up with several Auto manufacturers with the goal to bring Android to Cars with built-in controls and hardware by the end of this year. Google has announced at the CES technology trade show in Las Vegas, the Open Automotive Alliance (OAA) will achieve this with their partners i.e. General Motors, Honda, Audi, Hyundai and chipmaker Nvidia. This new project is designed to accelerate innovation in the Automotive sector, with the customized version of most popular mobile platform 'Android' for Cars, that will bring Google Places, Maps, Voice, Earth and developer support to cars. " This open development model and common platform will allow automakers to more easily bring cutting-edge technology to their drivers, and create new opportunities for developers to delive

Think twice before using some words like ' Bomb ', ' Attack ', ' Blast ' or ' kill ' in your Facebook status update, tweets or emails, because this may flag you as a potential terrorist under a surveillance project of Indian Security agencies. This Indian Internet surveillance project named as NETRA ( Network Traffic Analysis) ,   capable of detecting and capture any dubious voice traffic passing through software such as Skype or Google Talk, according to  the Economic Times . In Hindi, NETRA means " eye " and this project is an Indian version of PRISM i.e. A spying project by US National Security Agency (NSA), that also allows the government to monitor the Internet and telephone records of citizens. Reportedly, NETRA is under testing right now by the Indian Intelligence Bureau and Cabinet Secretariat and after on success will be deployed by all Indian National security agencies. Centre for Artificial Intelligence and Robotics (CAIR), a lab under Defence Research and D

Happy 2014.. We are back with first hacking story of the year - SKYPE " Stop Spying " . Yes Skype Got hacked last night by an infamous hacker group called the Syrian Electronic Army , a group that supports Syria's president and typically they publish pro-Syrian government messages, but its first time they are taking about PRIVACY . Syrian Hackers posted some messages on Skype's Twitter account i.e. " Stop Spying on People! via Syrian Electronic Army ," Next tweet reads, " Don't use Microsoft emails (hotmail, outlook), They are monitoring your accounts and selling it to the governments. " Syrian Electronic Army hackers also compromised Skype's Facebook page and a company blog hosted on Skype's website. A blog post published on the official Skype blog featured the headline, " Hacked by Syrian Electronic Army.. Stop Spying! ", which now has been deleted by Microsoft. Now it appeared that Skype regained the access to their accounts and dele

Big and Good news for all of us. A federal court judge ' Richard J. Leon ' said that he believes, US National Security Agency's (NSA) controversial practice of routinely collecting the telephone records of millions of Americans likely violates the 4th Amendment and is unconstitutional, even though the FISA court approved it. Earlier in 2013, a conservative Legal Activist Larry Klayman filed a lawsuit against the US government, alleging that NSA's massive telephone surveillance program violates the " reasonable expectation of privacy, free speech and association, right to be free of unreasonable searches and seizures and due process rights. " NYTimes reported that last Monday in the decision, Judge has ordered [  Case:  Klayman v. Obama (13-851)  PDF File  ] the NSA to stop collecting U.S. Citizen's Telephone records, and to destroy the files it already holds. This was the first major court ruling about NSA' so-called metadata counter terrorism program after

NSS Labs issued the report titled " The Known Unknowns " to explain the dynamics behind the market of zero-day exploits. Last week I discussed about the necessity to define a model for " cyber conflict " to qualify the principal issues related to the use of cyber tools and cyber weapons in an Information Warfare context, today I decided to give more info to the readers on cyber arsenals of governments. Governments consider the use of cyber weapons as a coadiuvant to conventional weapons, these malicious application could be used for sabotage or for cyber espionage, they could be used to hit a specifically designed software (e.g. SCADA within a critical infrastructure ) or they could be used for large scale operations infecting thousand of machines exploiting zero-day in common application ( e.g. Java platform, Adobe software ). The zero-day flaw are the most important component for the design of an efficient cyber weapon, governments have recently created dedic

Believe it or not, but the National Security Agency (NSA) is gathering nearly 5 billion records a day on mobile phone locations around the world. Snowden released documents that show that the NSA is tracking cell phone locations the world over as well as map the relationships of the mobile phone user and of course the purpose of this program is to identify terrorists and their networks overseas.  " Sophisticated mathematical techniques enable NSA analysts to map cell phone owners' relationships by correlating their patterns of movement over time with thousands or millions of other phone users who cross their paths. " The Washington Post wrote. According to the WP, the NSA's tracking tool is known as CO-TRAVELER , that tracks the locations of cell phones abroad as well as domestic cell phones that place calls abroad and capable of tracking cell phones even when they're not being used. ' U.S. Officials said the programs that collect and analyze location data are

Users in Iran call Internet as " Filternet ", because of the heavily censored Internet access they have. Million Iranians used VPN servers to access the outside world. In October, 2013 Jack Dorsey, the co-founder of Twitter asked Iranian President, ' Are citizens of Iran able to read your tweets? ' In Reply Mr. The President said that he will work to make sure Iranians have access to information globally in what appears to be a reference to reducing online censorship. Just after promising to support Internet Freedom, the Iran Government has banned yet another web application called -  Cryptocat , a tool that allows for secure and encrypted chat. The app is well known for bringing encrypted communications to the masses, popular with human rights activists and journalists around the world. According to ' Blockediniran.com ', Cryptocat website and the associated private chat service were inaccessible to our users in Iran. Currently since Monday.  ' It cu

Facebook is one of the most powerful and reliable social networking website. It allows users to interact with other users after being friends with one another. Facebook allows users to make the friend list public or private. If it is made private, your friend list won't appear on your publicly viewable profile. Irene Abezgauz , a security researcher from the Quotium Seeker Research Center has found a vulnerability in Facebook  website that allows anyone to see a users' friends list, even when the user has set that information to private. v The exploit is carried out by abusing the ' People You May Know ' feature on Facebook , which suggests new friends to users. It suggests friends to you based on mutual connections and other criteria such as work or education information. This Hack is really very simple! All a hacker would have to do would be to create a fake Facebook profile and then send a friend request to their target. Even if the targeted user ne

Now your TV is also watching you, and is smart enough to spy on you. A UK blogger, developer and Linux enthusiast, known only as  DoctorBeet  has discovered that LG's smart TVs are sending personal information back to the company's servers about what channels you watch and viewing habits. Actually, LG conducts the data collection for its Smart Ad function, which advertisers can use to see when it is best to target their products at the most suitable audience. LG Smart Ad analyses users favorite programs, online behavior, search keywords and other information to offer relevant ads to target audiences. For example, LG Smart Ad can feature sharp suits to men, or alluring cosmetics and fragrances for women. After inspecting the outgoing traffic from his smart TV, DoctorBeet noticed that a unique device ID, along with the TV channel name was being transmitted each time he changed channels. His investigation also indicated that the TVs uploaded information about th

On Tuesday, the Washington Post revealed a few more NSA slides released by Edward Snowden, which revealed that the spy agency NSA was infiltrating the private data links between Google and Yahoo data centers as part of a program called MUSCULAR . Chairman and former CEO of Google Eric Schmidt says the company's executives are shocked by allegations that the National Security Agency has been collecting data from the search engine's servers. " It's really outrageous that the NSA was looking between the Google data centers, if that's true ," he said. Overnight, Two Google's Security engineers -  Mike Hearn and   Brandon Downey expressed reasonable anger about the news on Google+, said " Fuck these guys ", where these represent NSA and GCHQ. I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces. Fuck You to the people who made these slides. I am not American, I am a Brit, but i

The use of mobile devices in government environments concerns the secret service of any states, cyber espionage more often exploits the mobile platforms. Mobile devices are reason of great concern for governments, they have a great computational capability, huge memories to store our personal data, GPS to follow our movements and are equipped with a camera and microphone to increase our experience in mobility. The advent of monitoring apps like Mobistealth has already brought the possibility of using the aforementioned features to keep tabs on a target device irrespective of the geographic distance to light. However, it has also raised red flags over the possibility of exploitation of such features by attackers for cyber espionage . The problem is well known to governments that are adopting necessary countermeasures especially following the recent revelations about the U.S. Surveillance program . The UK Government has decided to ban iPads from the Cabinet over foreign e

Yesterday I learned about  ' Dark Mail Alliance ', where  Lavabit , reportedly an email provider for NSA leaker Edward Snowden and Silent Circle comes together to create a surveillance-proof email technology. Ladar Levison at Lavabit and Silent Circle CEO Mike Janke, Founders of two e-mail services that recently shut down amid government efforts to nab encryption keys, as well as the larger revelations regarding the NSA's surveillance efforts. The newly developed technology has been designed to look just like ordinary email, with an interface that includes all the usual folders i.e. inbox, sent mail, and drafts. But where it differs is that it applies peer-to-peer encryption not only to the body of the digital missive, but also to its metadata (To:, From: and Subject fields) that third parties are most likely to collect. The encryption, based on a Silent Circle instant messaging protocol called SCIMP and the secret keys generated to encrypt the communic