#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

Webcam Hijacking | Breaking Cybersecurity News | The Hacker News

Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication

Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication
May 30, 2017
What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge? Sounds really scary! Isn't it? But this scenario is not only possible but is hell easy to accomplish. A UX design flaw in the Google's Chrome browser could allow malicious websites to record audio or video without alerting the user or giving any visual indication that the user is being spied on. AOL developer Ran Bar-Zik reported the vulnerability to Google on April 10, 2017, but the tech giant declined to consider this vulnerability a valid security issue, which means that there is no official patch on the way. How Browsers Works With Camera & Microphone Before jumping onto vulnerability details, you first need to know that web browser based audio-video communication relies on WebRTC (Web Real-Time Communications) protocol – a collection of communications protocols th

'Optic Nerve' - Dirty NSA hacked into Webcam of millions of Yahoo users for Private Images

'Optic Nerve' - Dirty NSA hacked into Webcam of millions of Yahoo users for Private Images
Feb 28, 2014
Once again, a new revelation showed the ugly side of the Government who are conducting Global Mass surveillance and previous documents leaked by the whistleblower Edward Snowden have defaced the US Intelligence Agency NSA , who were taking care of a number of projects like PRISM, XKeyscore, DROPOUTJEEP , and various others to carry out surveillance of millions of people. Now, it has been revealed that the US National Security Agency ( NSA ) helped its British counterpart, the Government Communications Headquarters ( GCHQ ), to allegedly capture and store nude images and others from webcam chats of millions of unsuspecting Yahoo users, The Guardian reported. Documents handed to the Guardian by the former NSA contractor Edward Snowden show that the GCHQ's worked with the US intelligence agency NSA on a joint project dubbed as ' Optic Nerve '. The project carried out a bulk surveillance program , under which they nabbed webcam images every five minutes from random Yahoo

Your MacBook Camera could Spy on You without lighting up the warning light

Your MacBook Camera could Spy on You without lighting up the warning light
Dec 20, 2013
If you own Apple's MacBook, you should cover up it's webcam, because there's a possibility someone could be watching you. Like most webcams, the MacBook also has a tiny green light lets you know that the webcam is active, but it's possible for malware to disable this important privacy feature on older Mac computers ( models released before 2008 ). Matthew Brocker and Stephen Checkoway , students from Johns Hopkins University created a proof-of-concept app called " iSeeYou " that confirmed that MacBook iSight webcams can spy on their users without the warning light being activated. A young man recently pleaded guilty in court to extortion after he performed a remote hack on Miss Teen USA's webcam to secretly collect nude photos. It was revealed through court papers that the FBI has the ability to do the same thing with a variety of current laptops including Apple products. To make it possible, they created a modified version of the iSight firmware and t

Webinar: How to streamline security reviews with Trust Center

cyber security
websiteVantaCompliance / Security Audit
Learn how Vanta Trust Center can help provide real-time evidence for passing controls and automate responses to security questionnaires.

Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks

Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks
May 20, 2024Software Security / Vulnerability
All developers want to create secure and dependable software. They should feel proud to release their code with the full confidence they did not introduce any weaknesses or anti-patterns into their applications. Unfortunately, developers are not writing their own code for the most part these days. 96% of all software contains some open-source components, and open-source components make up between  70% and 90% of any given piece of modern software . Unfortunately for our security-minded developers, most modern vulnerabilities come from those software components.  As new vulnerabilities emerge and are publicly reported as  Common Vulnerabilities and Exposures  (CVEs), security teams have little choice but to ask the developer to refactor the code to include different versions of the dependencies. Nobody is happy in this situation, as it blocks new features and can be maddening to roll back component versions and hope that nothing breaks. Developers need a way to  quickly  determine if

Google Chrome Inbuilt Flash player allows Webcam Hacking

Google Chrome Inbuilt Flash player allows Webcam Hacking
Jun 18, 2013
No longer limited to Hollywood movies about cybercrime, webcam hacking has stealthily and aggressively broken into average households  " I've heard a hacker could access my webcam and watch me in front of my computer. Could this really happen? " YES, other than using a Remote administration tools, it is also technically possible using new Flash based flaw in Google Chrome. According to a recent report by security researchers, there's a big problem in Google Chrome's integrated Flash player. The proof-of-concept posted by Egor Homakov. When the play button is pressed, the user is actually allowing for his/her webcam to grab video and audio from a compromised computer without getting the user's permission. " This works precisely like regular clickjacking - you click on a transparent flash object, it allows access to Camera/Audio channel. Voila, attacker sees and hears you, " Homakov warned.  These kinds of virtual hacks have been taking place for years.
Expert Insights
Cybersecurity Resources