#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

message hack | Breaking Cybersecurity News | The Hacker News

Category — message hack
Your GPS Location and Calls Can be Spied Using Network Vulnerability

Your GPS Location and Calls Can be Spied Using Network Vulnerability

Aug 20, 2015
Yes, you heard it right. It's the dirty truth that's featuring what is being called the largest privacy breach ever. Billions of cell phone users are at risk of a vulnerability in the SS7 inter-carrier network that allows hackers and spies agencies to track locations and intercept all voice calls from anywhere in the world. This is something we already know from the last year's Snowden leaks that explained the National Security Agency (NSA) capabilities to gather nearly 5 Billion records a day on mobile phone locations around the world. But, it's worse than we have thought. The famous Australian TV programme " 60 Minutes " demonstrated that it is possible for anyone to track cell phone location and intercept calls and text messages. This time, not due to a security vulnerability in the phone's operating system, but due to a serious flaw in the very system our cell phones use to communicate with each other around the world – The globa
NSA admits to collect 200 Million text messages per day under Project DISHFIRE

NSA admits to collect 200 Million text messages per day under Project DISHFIRE

Jan 17, 2014
After the exposure of various surveillance programs, including PRISM, XKeyscore, MUSCULAR, DROPOUTJEEP in recent revelation, NSA has come up as the only ' Government that Actually Listen '. Another day and here comes another revelation - According to the The Guardian , National Security Agency (NSA) has collected almost 200 million text messages per day from across the globe and is using them to extract data including location, contact networks and even credit card details. The two names that come in the limelight are,  DISHFIRE  that collects " pretty much everything it can "and PREFER  that conducted automated analysis of the untargeted communications. The program was designed to collect the text messages automatically from various service providers, to pull the details of financial transactions, roaming charges, delayed flights, missed calls and scheduled alerts, address book contacts, credit cards, bank accounts and visited locations. Now If I am not wrong the word ' Untarge
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on their interac
Hackers turn Verizon signal booster into a mobile hacking machine

Hackers turn Verizon signal booster into a mobile hacking machine

Jul 15, 2013
A group of  hackers from security firm iSEC found a way to tap right into verizon wireless cell phones using a signal-boosting devices made by Samsung for Verizon and cost about $250. They hack Verizon's signal-boosting devices, known as femtocells or network extenders, which anyone can buy online, and turned it into a cell phone tower small enough to fit inside a backpack capable of capturing and intercepting all calls, text messages and data sent by mobile devices within range. " This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people, " said Tom Ritter, a senior consultant, iSEC. They declined to disclose how they had modified the software on the device and but they plan to give more elaborate demonstrations in various hacking conferences this year. Verizon Wireless already released a Linux software update in March to fix the flaw that prevents its network extenders
cyber security

DevOps Security Best Practices

websiteWizDevOps / Secure Coding
Develop securely from code to cloud with this DevOps Security Cheat Sheet from Wiz. Take a deep dive into secure coding, infrastructure security, and vigilant monitoring and response.
Expert Insights / Articles Videos
Cybersecurity Resources