U.S. intelligence | Breaking Cybersecurity News | The Hacker News

Privacy protection in the services we use on a daily basis has been a big topic of conversation following accusations that Google, Microsoft, Apple and other large tech companies were working with government agencies to provide user data. According to a new report by CNet , Google may introduce encryption for users' data generated on their Google Drive to protect its customers' privacy against attempts by the U.S. government to access the data. Why Encryption ?  Secure encryption of users' private files means that Google would not be able to divulge the contents of stored communications even if NSA submitted a legal order under the Foreign Intelligence Surveillance Act or if police obtained a search warrant for domestic law enforcement purposes. "Mechanisms like this could give people more confidence and allow them to start backing up potentially their whole device, " said Seth Schoen, Electronic Frontier Foundation. Many companies use SSL and HTTPS to ...

U.S. intelligence sources confirmed that, Official websites of Al-Qaida were knocked offline two weeks back and still down due to DDoS attack. According to source , " This is one of the longest disruptions the organization has experienced since it set up its online distribution system in 2006. Al-Qaida also was hit by a massive cyber attack in late 2008, from which the online network never recovered ." The websites are forced to offline, just before the release of a film titled as " Salil al-Sawarim 3 ", which is actually the propaganda video of Iraqi soldiers with dead insurgents by Al-Qaida. From last few months, online jihadists are discussing the release and had been sharing images and footage from the production. The cyber attack comes as the U.S. State Department, according to a senior official. The cyber attack on Al-Qaida network delayed the release of movie. According to another source, the last version " Salil As-Sawarim 2 " mov...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...