#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

metadata | Breaking Cybersecurity News | The Hacker News

Category — metadata
Security Risks of FTP and Benefits of Managed File Transfer

Security Risks of FTP and Benefits of Managed File Transfer

Dec 10, 2013
File transfer services such as FTP or HTTP has been the most common way of file transfer for business requirements. Typically what a file transfer means is that a file transfer protocol such as FTP or HTTP is used to send the stream of bits stored as a single unit in a file system including file name, file size, timestamp and other metadata from one host to another host over a TCP-based network such as the Internet. But this process is not foolproof. FTP, by itself, is not a secure file transfer protocol and it has a lot of security vulnerabilities. It's a known fact that FTP doesn't provide any encryption for data transfer. Most of the times, the requirement in any business is pretty simple: to transfer files between two endpoints in different locations, and the parties involved do not think much about how secure the file transfer process is going to be. Using FTP for official file transfer can leave your data transmission exposed to many security attacks: FTP Bounce Attack Gener
'Dark Mail Alliance', Future of surveillance proof email technology

'Dark Mail Alliance', Future of surveillance proof email technology

Oct 31, 2013
Yesterday I learned about  ' Dark Mail Alliance ', where  Lavabit , reportedly an email provider for NSA leaker Edward Snowden and Silent Circle comes together to create a surveillance-proof email technology. Ladar Levison at Lavabit and Silent Circle CEO Mike Janke, Founders of two e-mail services that recently shut down amid government efforts to nab encryption keys, as well as the larger revelations regarding the NSA's surveillance efforts. The newly developed technology has been designed to look just like ordinary email, with an interface that includes all the usual folders i.e. inbox, sent mail, and drafts. But where it differs is that it applies peer-to-peer encryption not only to the body of the digital missive, but also to its metadata (To:, From: and Subject fields) that third parties are most likely to collect. The encryption, based on a Silent Circle instant messaging protocol called SCIMP and the secret keys generated to encrypt the communic
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

Oct 01, 2024Generative AI / Data Protection
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security concerns, many have been forced to choose between unrestricted GenAI usage to banning it altogether. A new e-guide by LayerX titled 5 Actionable Measures to Prevent Data Leakage Through Generative AI Tools is designed to help organizations navigate the challenges of GenAI usage in the workplace. The guide offers practical steps for security managers to protect sensitive corporate data while still reaping the productivity benefits of GenAI tools like ChatGPT. This approach is intended to allow companies to strike the right balance between innovation and security. Why Worry About ChatGPT? The e
FISC Court renews the Permission to collect Telephony Metadata again

FISC Court renews the Permission to collect Telephony Metadata again

Oct 14, 2013
The Foreign Intelligence Surveillance Court has once again has renewed the permission to the U.S. government for a controversial program to collect the telephony metadata from American phone companies. The News that the NSA collects bulk phone call metadata including phone numbers, call times and duration from Verizon and other backbone providers initially leaked out in June by Edward Snowden . It's pointed out that FISA court orders are usually issued to track a specific person. It's rare to see the government collecting information on every single person. The government filed an application with the FISC seeking renewal of the authority to collect telephony metadata in bulk, which expired on Friday. The Office of the Director of National Intelligence has published a press release and the Court has renewed that authority. The program does not allow the government to listen in on anyone's phone calls , and the information acquired does not include the content
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Stellar Wind Surveillance program under Obama administration

Stellar Wind Surveillance program under Obama administration

Jun 27, 2013
According to secret documents obtained by the Guardian , Obama administration permitted the National Security Agency to surveillance the Emails and  Internet metadata  of all Americans. This secret warrant less surveillance program, collectively known by the NSA code name Stellar Wind , was launched in the end of 2001, to handover the data to the United States government.  Program was officially authorized after the September 11, 2001 terrorist attacks by President George W. Bush and continued under President Barack Obama through 2011. A federal judge at the Fisa court approved this bulk collection order for internet metadata, in every 90 days.  Documents also exposed that all communications with at least one communicant outside the United States or for which no communicant was known to be a citizen of the United States, was recorded by surveillance program . Metadata also details the internet protocol addresses (IP) used by people inside the United States when sen
Defence develop Software that can track people on Social media

Defence develop Software that can track people on Social media

Feb 12, 2013
A multinational security firm ' Raytheon ' has secretly developed software called ' RIOT ', capable of tracking people's movements and predicting future Behavior by mining data from social networking websites. The multi billion dollar company, didn't want its concept video revealed, but the Guardian posted it anyway. Raytheon has not yet sold RIOT to any clients but has been shared with the US government as part of a joint research project to develop a Big Data system capable of surveilling large parts of the population. The software can also pull metadata from pictures taken to pinpoint a user's location when the picture was taken. From this and other location data taken from applications i.e Foursquare, the software can predict future movements of users. The video shows how Riot works on a sample Raytheon staff member, tracking his regular visits to Washington Nationals Park and a local gym. RIOT creates unique profiles from publicly available data, inclu
Expert Insights / Articles Videos
Cybersecurity Resources