#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

spying | Breaking Cybersecurity News | The Hacker News

Breaking: Edward Snowden Joins Twitter & Only Follows ‘NSA’

Breaking: Edward Snowden Joins Twitter & Only Follows 'NSA'

Sep 29, 2015
Whistleblower Edward Snowden just joined Twitter, and his first tweet seems to be directed at the US National Security Agency (NSA) . Yes, the world's most popular whistleblower and data privacy advocate has finally joined Twitter just two hours ago, and his first tweet came, " Can you hear me now? " Snowden has gained more than 260,000 followers in just less than two hours, but he is currently following only one account: @NSAGov , the official Twitter account for the National Security Agency. Twitter has verified Snowden's Twitter account ( @Snowden ), and his Twitter bio provides a short summary of his prolonged situation. Snowden's Twitter bio reads, "I used to work for the government. Now I work for the public. Director at @FreedomofPress." Snowden is listed as director of Freedom of the Press, a foundation dedicated to ensuring transparency in journalism in adverse situations. The former NSA contractor Edward Snowden sought asylum in
Microsoft Responds To Windows 10 Spying Concerns, But It will Still Collect Your Data

Microsoft Responds To Windows 10 Spying Concerns, But It will Still Collect Your Data

Sep 29, 2015
After a number of controversial data mining features and privacy invasions within Microsoft's newest operating system, Microsoft finally broke the ice, almost two months since the launch of Windows 10. Microsoft has finally responded to the growing privacy concerns around its new operating system to regain the trust of the users who are concerned about their online privacy related to Windows 10. In a blog post published Monday, Windows chief Terry Myerson describes three ways in which Windows 10 collects and uses its users data – although he did admit that the OS does regularly phone home by default. 1. Data used for Safety and Reliability Data This data includes anonymous device ID, device type and crash logs. It does not contain any content or files from your computer that directly identifies you. What else? Myerson claims that everything Microsoft collects is " encrypted in transit to [its] servers and then stored in secure facilities. " The
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Russian Hackers Hijack Satellite To Steal Data from Thousands of Hacked Computers

Russian Hackers Hijack Satellite To Steal Data from Thousands of Hacked Computers

Sep 10, 2015
A group of Russian hackers, most notably the Turla APT (Advanced Persistent Threat) is hijacking commercial satellites to hide command-and-control operations, a security firm said today. Turla APT group, which was named after its notorious software Epic Turla , is abusing satellite-based Internet connections in order to: Siphon sensitive data from government, military, diplomatic, research and educational organisations in the United States and Europe. Hide their command-and-control servers from law enforcement agencies. Despite some of its operations were uncovered last year, Turla APT group has been active for close to a decade, while remaining invisible by cleverly hiding from law enforcement agencies and security firms. Now, security researchers from Moscow-based cyber security firm Kaspersky Lab claim to have identified the way Turla APT group succeeded in hiding itself. The researchers said the group disguised itself by using commercial satellite Internet
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Tip — Installing Windows 10‬? Fix 35+ Privacy Issues With Just One Click

Tip — Installing Windows 10‬? Fix 35+ Privacy Issues With Just One Click

Aug 06, 2015
So you finally upgraded your system to Windows 10 and became one those 70 Million users. No doubt, Windows 10 is the Windows best version released by Microsoft, but you need to know that it does not offer much privacy by default. Windows 10 is making many headlines these days, even it made me to write two detailed articles about Windows 10's most controversial options, i.e. Windows Wi-Fi sense and Windows 10 stealing users' Bandwidth to deliver updates. I noticed over 35 more privacy issues that come enabled by default in Windows 10, which has permission to send your vast amount of data back to Microsoft. While Installation, a click through " Express Settings " allows Windows 10 operating system to gather up your contacts, text and touch input, calendar details, and a lot more, including: Location Data Biometrics and Handwriting data Advertisement and its Tracking Code Apps access to your personal information Windows Defender and Sample subm
How Google Is Tracking Your Movie and Event Activities

How Google Is Tracking Your Movie and Event Activities

Jun 23, 2015
No doubt, You must be aware that Google tracks you, but what you probably did not realize is how precisely and till what extent it tracks you. Well, Google knows which movies I watched where, when, at what time and with how many of my friends , and knows it so well — even my eyebrows raised slightly in surprise! Yes, you heard right. If you are using your Gmail account like I do, receiving all movie booking and tickets, Google can easily track your movie flavors and frequent hangout places without access to GPS. GOOGLE READ MY EMAILS FOR EVENT INFORMATION I was feeling bored last night, so I decided to watch a movie and moved towards Google to search newly released films. As I googled " Movies 2015 "... Holy Crap! What I saw on the monitor was unbelievable. In Google search results, I was able to see the list of all my past movie booking event activities and even my future bookings ( shown below ), and it was so, so accurate. If you have Google acc
Drones Spying on Cell Phone Users for Advertisers

Drones Spying on Cell Phone Users for Advertisers

Mar 05, 2015
Do you know, apart from United States National Security Agency (NSA) , Federal Bureau of Investigation (FBI) and law enforcement, a few advertising companies are also monitoring unsuspecting users' cell phone data with the help of the unmanned aerial vehicles (UAVS) called Drones. Yes it's True! A Singapore-based advertising firm AdNear , which described itself as "the leading location intelligence platform," is using a number of small drones flying around the San Fernando Valley in Los Angeles since early February in order to track Wi-Fi and cellular transmission signals. ADNEAR DRONES TRACKS YOU EVERYWHERE The drones have ability to sniff out device' cellular or wireless Internet signals, which is then identify by device ID. Using this gathered information, the drones track each and every movements and behaviors of individual users. Generally, the reason behind spying on people's cell phone signals is the company's interest to deliver hyper-targe
China Demands Tech Companies to give them Backdoor and Encryption Keys

China Demands Tech Companies to give them Backdoor and Encryption Keys

Feb 03, 2015
A number of western companies are doing big business in China, but now they may have to pay a huge value for to do so. China has introduced strict new banking cyber security regulations on western companies selling technology to Chinese banks. The Chinese government wants backdoors installed in all technologies that imports into the Middle Kingdom for the benefit of Chinese security services. The latest rules also state that western companies must hand over the Encryption Keys and secret source code as well. The requirements are so absurd that it would be impossible for companies like Apple to comply, which could harm American businesses. " The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of do
Hackers Can Read Your Private SMS and Listen to Phone Calls

Hackers Can Read Your Private SMS and Listen to Phone Calls

Dec 19, 2014
Security researchers have discovered a massive security flaw that could let hackers and cybercriminals listen to private phone calls and read text messages on a potentially vast scale – no matter if the cellular networks use the latest and most advanced encryption available. The critical flaw lies in the global telecom network known as Signal System 7 that powers multiple phone carriers across the world, including AT&T and Verizon , to route calls, texts and other services to each other. The vulnerability has been discovered by the German researchers who will present their findings at a hacker conference in Hamburg later this month. "Experts say it's increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world's billions of cellular customers," said The Washington Post, which first uncovered flaws in the system earlier this year. NUMBER OF SECURITY FLAWS IN SS7 SS7 or
Google Releases Chrome Extension for End-To-End Email Encryption

Google Releases Chrome Extension for End-To-End Email Encryption

Dec 18, 2014
Back in june this year, Google announced an alpha Google Chrome extension called " End-to-End " for sending and receiving emails securely, in wake of former NSA contractor Edward Snowden's revelations about the global surveillance conducted by the government law-enforcements. Finally, the company has announced that it made the source code for its End-to-End Chrome extension open source via GitHub . Google is developing a user-friendly tool for individuals to implement the tough encryption standard known as Pretty Good Privacy (PGP) in an attempt to fully encrypt people's Gmail messages that can't even be read by Google itself, nor anyone else other than the users exchanging the emails. PGP is an open source end-to-end encryption standard for almost 20 years, used to encrypt e-mail over the Internet providing cryptographic privacy and authentication for data communication, which makes it very difficult to break. But implementing PGP is too complicated for m
Sony Xperia Devices Secretly Sending User Data to Servers in China

Sony Xperia Devices Secretly Sending User Data to Servers in China

Oct 29, 2014
If you own a Sony smartphone either the Android 4.4.2 or 4.4.4 KitKat firmware then inadvertently you may be transmitting your data back to the servers in China, even if you haven't installed any application. Quite surprising but it's true. I know many of you haven't expected such practices from a Japanese company, but reports popping up at several forums suggest that some new Sony Xperia handsets seem to contain the Baidu spyware . MYSTERIOUS BAIDU SPYWARE About a month ago, a group of community users of Sony smartphone detected the presence of a strange folder, named " Baidu ", mysteriously appeared from among those present in various versions of Android for these handsets. The creepy part is that the folder is created automatically without the owners permission and there is no way of deleting it. Even if someone tries to remove it, it instantly reappears as well as unticking the folder from device administrator equally seems to do nothing, neither does starting t
Verizon Wireless Injects Identifiers to Track Mobile Customers’ Online Activities

Verizon Wireless Injects Identifiers to Track Mobile Customers' Online Activities

Oct 27, 2014
The Nation's largest telecom operator ' Verizon Wireless ' is tracking its customers' mobile internet traffic by adding a token to Web requests traveling over its network, in order to facilitate targeted advertising even if a user has opted out of their Customer Proprietary Network Information (CPNI) options. The Precision Market Insights division of Verizon is collecting users' data from more than two years with the launch of the Unique Identifier Token Header (UIDH) under its Relevant Mobile Advertising program. The company also expanded its program to cover all Verizon Wireless subscribers. UIDH TRACKS CUSTOMERS' EVERY MOVE ON WEB When consumers visit certain websites or mobile apps, The Verizon network is adding cookie-like X-UIDH header tokens to Web requests traveling over its network with a unique value/identifier for every particular mobile device. This Verizon's solution is called the PrecisionID , which is being used to create a d
Core Secrets — NSA Used ‘Undercover Agents’ In Foreign Companies

Core Secrets — NSA Used 'Undercover Agents' In Foreign Companies

Oct 12, 2014
Sometimes we wonder that how the National Security Agency ( NSA ) reached such a wide range of its Surveillance operation across the world – which you can measure from several secret documents released by the former NSA contractor Edward Snowden. This hell parameter of the NSA's operation was not reached by its agents sitting in the NSA headquarter in United States, but by its undercover agents working in foreign companies based in China, Germany, and South Korea to infiltrate and compromise foreign networks and devices, according to documents obtained by The Intercept . NSA INTERCEPTING FOREIGN NETWORKS AND DATA CENTRES The latest document from the Snowden's desk talks about a program called " physical subversion ," under which the NSA's undercover operatives were infiltrating foreign networks to acquire sensitive data and access to systems in the global communications industry and possibly even some American firms. The document describes the details regarding vario
'Google Is Worse Than the NSA' — Rupert Murdoch

'Google Is Worse Than the NSA' — Rupert Murdoch

Aug 18, 2014
The United States National Intelligence Agency ( NSA ) or the largest Internet giant Google - According to you, which one is the worse? NSA? But, according to the popular Media tycoon Rupert Murdoch ( @rupertmurdoch ), Google is worse than the NSA. Murdoch, founder of global media holding company News Corporation - the world's second-largest media conglomerate, currently lives in Australia and is once more making the sort of news he'd prefer to be remembered for. The 83-year old tweeted on Sunday, in which he labeled Google worse than the National Security Agency (NSA). The missive was as follows: " NSA privacy invasion bad, but nothing compared to Google. " NSA privacy invasion bad, but nothing compared to Google. — Rupert Murdoch (@rupertmurdoch) August 17, 2014 In past, Murdoch accused Google of stealing the content of his newspapers (yet never putting in place a robots.txt file that would prevent search engines crawling it) and has always criticis
Worldview-3 — Satellite That Could Allow Google and U.S Government to See Your Face from Space

Worldview-3 — Satellite That Could Allow Google and U.S Government to See Your Face from Space

Aug 13, 2014
Majority of my articles are related to government spying, privacy and security issues of your online stuffs and also measures that you can adopt in protecting yourself from being spied on. But, your all efforts will soon be of no use - someone is about to secretly track your every footstep. Google will soon get an eye in the space that will be enough powerful to see your face, thanks to the new satellite, WorldView-3 satellite, which is scheduled to launch later today (11:30 a.m. PST) from California's Vandenberg Air Force Base atop an Atlas 5 rocket by Lockheed Martin Commercial Launch Services, according to Motherboard . DIGITAL EYE IN SPACE WorldView-3 satellite is developed by a US-based company DigitalGlobe , one of the world's leading global content providers of high-resolution earth imagery, supplying most online mapping services to the US government and NASA. The satellite contains : Exelis-built 1.1 meter aperture telescope  Primary visible/SWIR sensor B
Company That Sells 'FinFisher' Spying Tool Got Hacked, 40GB Data Leaked

Company That Sells 'FinFisher' Spying Tool Got Hacked, 40GB Data Leaked

Aug 07, 2014
FinFisher spyware, a spyware application used by government and law enforcement agencies for the purpose of surveillance, appears to have been hacked earlier this week and a string of files has been dumped on the Internet. The highly secret surveillance software called " FinFisher " sold by British company Gamma International can secretly monitors computers by turning ON webcams, recording everything the user types with a keylogger, and intercepting Skype calls, copying files, and much more. A hacker has claimed on Reddit and Twitter that they'd infiltrated the network of one of the world's top surveillance & motoring technology company Gamma International, creator of FinFisher spyware, and has exposed 40GB of internal data detailing the operations and effectiveness of the FinFisher suite of surveillance platforms. The leaked information was published both on a parody Gamma Group Twitter account ( @GammaGroupPR ) and Reditt by the hacker that began publishi
Breaking - Edward Snowden Get 3 More Years In Russia

Breaking - Edward Snowden Get 3 More Years In Russia

Aug 07, 2014
The individual responsible for one of the most significant leaks in US political history is Edward Snowden, a 31-year-old global surveillance whistleblower and former U.S. intelligence contractor, who has received a three- year residence permit from Russia, his lawyer announced on Today. " On the first of August he received a three-year residence permit, " lawyer Anatoly Kucherena told RT . He had not asked for political asylum, his lawyer added. The former NSA contractor has not apply for Russian citizenship for now, as he will be able to apply for the Russian citizenship in five years. " A foreign citizen, who got a residence permit, will certainly be able to apply for citizenship, " Kucherena said. " He will be able to travel freely within the country and go abroad. He'll be able to stay abroad for not longer than three months ," Kucherena said. Snowden is responsible for handing over material from one of the world's most secretive organisations the NSA. The
NSA Employees Routinely Pass Around Intercepted Photos

NSA Employees Routinely Pass Around Intercepted Photos

Jul 18, 2014
The 31-year-old former US National Security Agency (NSA) contractor Edward Snowden has warned that during surveillance, among other things, NSA system administrators also intercepted and routinely passed the photos of people in "sexually compromising" situations among other NSA employees. In a video interview, NSA whistleblower speaks with the Guardian editor-in-chief Alan Rusbridger and reporter Ewen MacAskill in Moscow, which was then published by the Guardian on Thursday. WOOOH!! ATTRACTIVE NUDIE PICS - PASS IT ON TO BILL TOO " You've got young enlisted guys, 18 to 22 years old. They've suddenly been thrust into a position of extraordinary responsibility where they now have access to all of your private records, " he said in the video interview. " During the course of their daily work they stumble upon something that is completely unrelated to their work in any sort of necessary sense – for example, an intimate photo of someone o
Cybersecurity Resources