#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

spying | Breaking Cybersecurity News | The Hacker News

5-year-old Skype Backdoor Discovered — Mac OS X Users Urged to Update

5-year-old Skype Backdoor Discovered — Mac OS X Users Urged to Update

Dec 14, 2016
Those innocent-looking apps in your smartphone can secretly spy on your communications or could allow hackers to do so. Hard to believe, but it's true. Recently, Trustwave's SpiderLabs analysts discovered a hidden backdoor in Skype for Apple's macOS and Mac OS X operating systems that could be used to spy on users' communications without their knowledge. The backdoor actually resides in the desktop Application Programming Interface (API) that allows third-party plugins and apps to communicate with Microsoft-owned Skype — the popular video chat and messaging service. Appeared to have been around since at least 2010, the backdoor could allow any malicious third-party app to bypass authentication procedure and provide nearly complete access to Skype on Mac OS X. How an Attacker can Take Complete Control of Your Skype The malicious app could bypass authentication process if they "identified themselves as the program responsible for interfacing with th
Your Headphones Can Spy On You — Even If You Have Disabled Microphone

Your Headphones Can Spy On You — Even If You Have Disabled Microphone

Nov 23, 2016
Have you considered the possibility that someone could be watching you through your webcam? Or Listening to all your conversations through your laptop's microphone? Even a bit of thought about this probability could make you feel incredibly creepy. But most people think that they have a solution to these major issues i.e. simply covering their laptop's webcam and microphone with tape, just like Facebook CEO Mark Zuckerberg and FBI Director James Comey . But it's 2016, and a piece of tape won't help you, as a new experiment has proved that how easily hackers can turn your headphones into a microphone to spy on all your conversations in the background without your knowledge. A group of Israeli security researchers at Ben Gurion University have created a proof-of-concept code (malware) that converts typical headphones into microphones and then use them to record all your conversations in the room just like a fully-featured spying device. Speake(a)r Malware Weaponize
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
LinkedIn to get Banned in Russia for not Complying with Data Localization Law

LinkedIn to get Banned in Russia for not Complying with Data Localization Law

Oct 26, 2016
The world's largest online professional network LinkedIn could face a ban in Russia after the company has failed to comply with a Russian data localization law that compels companies to keep data on Russian users in their country. If you are not aware, LinkedIn is the only major social network which is not banned in China, because the company agreed to cooperate with the Chinese government and remove controversial content. However, LinkedIn could be the first social network in Russia to be blocked by the Russian state's federal media regulator, called Roskomnadzor, for not complying with the rules. In July 2014, the Russia approved amendments to the Russian Personal Data Law which came into force in 1st September 2015, under which foreign tech companies were required to store the personal data of its citizens within the country. However, Russia was not the first country to enforce such law on foreign tech companies. A few months ago, Iran also imposed new regulations
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Yahoo Built a Secret Tool to Scan Your Email Content for US Spy Agency

Yahoo Built a Secret Tool to Scan Your Email Content for US Spy Agency

Oct 04, 2016
Users are still dealing with the Yahoo's massive data breach that exposed over 1 Billion Yahoo accounts and there's another shocking news about the company that, I bet, will blow your mind. Yahoo might have provided your personal data to United States intelligence agency when required. Yahoo reportedly built a custom software programmed to secretly scan all of its users' emails for specific information provided by US intelligence officials, according to a report by Reuters . The tool was built in 2015 after company complied with a secret court order to scan hundreds of millions of Yahoo Mail account at the behest of either the NSA or the FBI, according to the report that cites three separate sources who are familiar with the matter. According to some experts, this is the first time when an American Internet company has agreed to such an extensive demand by a spy agency's demand by searching all incoming emails, examining stored emails or scanning a small number
WikiLeaks Promises to Publish Leaks on US Election, Arms Trade and Google

WikiLeaks Promises to Publish Leaks on US Election, Arms Trade and Google

Oct 04, 2016
Wikileaks completed its 10 years today, and within this timespan, the whistleblower site has published over 10 million documents, and there's more to come. In the name of celebration of its 10th Anniversary, Wikileaks promises to leak documents pertaining to Google, United States presidential election and more over the next ten weeks. Speaking by video link to an anniversary news conference at the Volksbuhne Theater in Berlin on Tuesday morning, WikiLeaks founder Julian Assange eagerly announced his plans to release a series of publications every week for the next 10 weeks. The upcoming leaks will include "significant material" related to Google, the US presidential election, military operations, arms trading and, the hot topic of past few years, mass surveillance. Assange also promised to publish all documents related to the US presidential race before the election day on November 8. "There is an enormous expectation in the United States," Assange said f
Cybersecurity Resources