email data | Breaking Cybersecurity News | The Hacker News

Users are still dealing with the Yahoo's massive data breach that exposed over 1 Billion Yahoo accounts and there's another shocking news about the company that, I bet, will blow your mind. Yahoo might have provided your personal data to United States intelligence agency when required. Yahoo reportedly built a custom software programmed to secretly scan all of its users' emails for specific information provided by US intelligence officials, according to a report by Reuters . The tool was built in 2015 after company complied with a secret court order to scan hundreds of millions of Yahoo Mail account at the behest of either the NSA or the FBI, according to the report that cites three separate sources who are familiar with the matter. According to some experts, this is the first time when an American Internet company has agreed to such an extensive demand by a spy agency's demand by searching all incoming emails, examining stored emails or scanning a small number

According to secret documents obtained by the Guardian , Obama administration permitted the National Security Agency to surveillance the Emails and  Internet metadata  of all Americans. This secret warrant less surveillance program, collectively known by the NSA code name Stellar Wind , was launched in the end of 2001, to handover the data to the United States government.  Program was officially authorized after the September 11, 2001 terrorist attacks by President George W. Bush and continued under President Barack Obama through 2011. A federal judge at the Fisa court approved this bulk collection order for internet metadata, in every 90 days.  Documents also exposed that all communications with at least one communicant outside the United States or for which no communicant was known to be a citizen of the United States, was recorded by surveillance program . Metadata also details the internet protocol addresses (IP) used by people inside the United States when sen

Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily turn malicious through developer actions or attacks on legitimate extensions. Recent incidents like  DataSpii  and the  Nigelthorn  malware attack have exposed the extent of damage that malicious extensions can inflict. In both cases, users innocently installed extensions that compromised their privacy and security. The underlying issue lies in the permissions granted to extensions. These permissions, often excessive and lacking granularity, allow attackers to exploit them. What can organizations do to protect themselves from the risks of browser extensions without barring them from use altogether (an act that would be nearly impossible to enforce)?  A new report by LayerX, "Unveiling the