#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security Posture Management

decrypting messages | Breaking Cybersecurity News | The Hacker News

Researchers Demonstrated How NSA Broke Trillions of Encrypted Connections

Researchers Demonstrated How NSA Broke Trillions of Encrypted Connections

Oct 12, 2016
In the year 2014, we came to know about the NSA's ability to break Trillions of encrypted connections by exploiting common implementations of the Diffie-Hellman key exchange algorithm – thanks to classified documents leaked by ex-NSA employee Edward Snowden. At that time, computer scientists and senior cryptographers had presented the most plausible theory: Only a few prime numbers were commonly used by 92 percent of the top 1 Million Alexa HTTPS domains that might have fit well within the NSA's $11 Billion-per-year budget dedicated to "groundbreaking cryptanalytic capabilities." And now, researchers from University of Pennsylvania, INRIA, CNRS and Université de Lorraine have practically proved how the NSA broke the most widespread encryption used on the Internet. Diffie-Hellman key exchange (DHE) algorithm is a standard means of exchanging cryptographic keys over untrusted channels, which allows protocols such as HTTPS, SSH, VPN, SMTPS and IPsec to negotia
Ultra-secure Blackphone Vulnerability lets Hackers Decrypt Texts

Ultra-secure Blackphone Vulnerability lets Hackers Decrypt Texts

Jan 28, 2015
The makers of ultra secure BlackPhone titled by Silent Circle as, " world's first Smartphone which places privacy and control directly in the hands of its users ," have recently fixed a critical vulnerability in the instant messaging application that allows hackers to run malicious code on the handsets. BlackPhone was also hacked last year at the BlackHat security conference , but the interesting factor about the recent hack was that the attackers only needed to send just a message on a targeted phone number in order to compromise the device. The vulnerability was first discovered and disclosed by Mark Dowd , a principal security researcher at the Australia-based consultancy firm Azimuth Security. Dowd discovered the issue late in 2014, but waited to disclose it until Blackphone got their patches and fixes in place. The flaw actually resides in Silent Text application — the secure text messaging application bundled with the BlackPhone handsets, which is al
cyber security

Cracking the Code to Vulnerability Management

websitewiz.ioVulnerability Management / Cloud Security
Vulnerability management in the cloud is no longer just about patches and fixes. In this latest report, the Wiz Security Research team put vulnerability management theory into practice using recently identified vulnerabilities as examples. Get the FREE report
This Free Solution Provides Essential Third-Party Risk Management for SaaS

This Free Solution Provides Essential Third-Party Risk Management for SaaS

Nov 30, 2023SaaS Security / Risk Management
Wing Security recently announced that basic third-party risk assessment is  now available as a free product . But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. In this article we will share 5 tips to manage the third-party risks associated with SaaS, but first...  What exactly is Third-Party Risk Management in SaaS? SaaS is rapidly growing, offering businesses convenience, swift implementations, and valuable opportunities. However, this growth introduces a security challenge where risks arise from the interconnected nature of SaaS supply chains. It is clear that before onboarding a new contractor or vendor, we need due diligence, security checks, and referrals. However, we now understand that in the SaaS domain, applications are, in fact, the go-to vendor of choice.  Let's explain: Any employee can very easily connect SaaS vendors to company data, granting them pe
Cybersecurity Resources