surveillance | Breaking Cybersecurity News | The Hacker News

Big and Good news for all of us. A federal court judge ' Richard J. Leon ' said that he believes, US National Security Agency's (NSA) controversial practice of routinely collecting the telephone records of millions of Americans likely violates the 4th Amendment and is unconstitutional, even though the FISA court approved it. Earlier in 2013, a conservative Legal Activist Larry Klayman filed a lawsuit against the US government, alleging that NSA's massive telephone surveillance program violates the " reasonable expectation of privacy, free speech and association, right to be free of unreasonable searches and seizures and due process rights. " NYTimes reported that last Monday in the decision, Judge has ordered [  Case:  Klayman v. Obama (13-851)  PDF File  ] the NSA to stop collecting U.S. Citizen's Telephone records, and to destroy the files it already holds. This was the first major court ruling about NSA' so-called metadata counter terrorism program after

During a CBS Interview show " 60 Minutes ", The National Security Agency (NSA) officials claimed that China has developed a BIOS based malware that can remotely destroy any computer. Obviously NSA is struggling to repair its image and in an effort to justify their extensive Surveillance programs, The NSA Director General Keith Alexander and Information Assurance Director Debora Plunkett made a number of claims. During that interview NSA officials said that they had foiled a malware attack that could have taken down the U.S. economy. " One of our analysts actually saw that the nation state had the intention to develop and to deliver, to actually use this capability to destroy computers ," Plunkett said. They have mentioned that this malware was distributed via social engineering and targeted emails, although the NSA director mentioned that their researchers worked with computer manufacturers and able to close the respective vulnerability . " This is t

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC,  70% of successful breaches start at the endpoint . Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams needing to protect more endpoints—and more kinds of endpoints—than ever before, that perimeter has become more challenging to defend. You need to improve your endpoint security, but where do you start? That's where this guide comes in.  We've curated the top 10 must-know endpoint security tips that every IT and security professional should have in their arsenal. From identifying entry points to implementing EDR solutions, we'll dive into the insights you need to defend your endpoints with confidence.  1. Know Thy Endpoints: Identifying and Understanding Your Entry Points Understanding your network's

Google has found that the French government agency using unauthorized digital certificates  for some of its own domains to perform man-in-the-middle attacks on a private network. Google security engineer Adam Langley described the incident as a "S erious Security breach ", which was discovered in early December. Rogue digital certificates that had been issued by French certificate authority ANSSI, who closely work with the French Defense agency. "In response, we updated Chrome's certificate revocation metadata immediately to block that intermediate CA, and then alerted ANSSI and other browser vendors. Our actions addressed the immediate problem for our users" Google has immediately blocked the misused intermediate certificate and updated Chrome's certificate revocation list to block all dodgy certificates issued by the French authority. In a statement, ANSSI said that the intermediate CA certificate was used to inspect encrypted traffic with the user's knowledge on a p

The NSA has the ability to trace " anyone, anywhere, anytime ". In September we reported that how NSA and GCHQ planted malware via LinkedIn and Slashdot traffic to hack largest telecom company Belgacom's Engineers. Yesterday, a  Dutch newspaper has   published a new secret NSA document provided by former intelligence employee  Edward Snowden . According to the newly exposed slide, NSA has infected more than 50,000 computer networks worldwide with software designed to steal sensitive information i.e. Malware . The slide from the NSA's 2012 management presentation, shows a world map with more than 50,000 targeted locations, uses a procedure called ' Computer Network Exploitation ' (CNE) that can secretly install malware in computer systems. The malware can be controlled remotely and be turned on and off at will. From the NSA website we found that, CNE includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enem

Edward Snowden , a former contractor at America's National Security Agency (NSA) , has rocked the intelligence world by leaking secret documents which reveal the previously unknown extent of global spying. But looks like the NSA isn't the only one using dirty digital tricks to hack its targets. Back in September, it was reported that the UK's equivalent of the NSA, GCHQ had hacked Belgacom , a leading telecommunications provider in Belgium. Some New analysis of the Snowden papers by German magazine Der Spiegel shows that British intelligence agency GCHQ created fake LinkedIn and Slashdot pages to spy on computers of  Belgacom  network engineers. Communications networks are particularly valuable to spies, because they allow instant access to individual users. Belgacom provides internet access to dozens of key EU institutions based in its capital city Brussels and its global roaming exchange is a hub for connections between various international mobile network

On Tuesday, the Washington Post revealed a few more NSA slides released by Edward Snowden, which revealed that the spy agency NSA was infiltrating the private data links between Google and Yahoo data centers as part of a program called MUSCULAR . Chairman and former CEO of Google Eric Schmidt says the company's executives are shocked by allegations that the National Security Agency has been collecting data from the search engine's servers. " It's really outrageous that the NSA was looking between the Google data centers, if that's true ," he said. Overnight, Two Google's Security engineers -  Mike Hearn and   Brandon Downey expressed reasonable anger about the news on Google+, said " Fuck these guys ", where these represent NSA and GCHQ. I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces. Fuck You to the people who made these slides. I am not American, I am a Brit, but i

The use of mobile devices in government environments concerns the secret service of any states, cyber espionage more often exploits the mobile platforms. Mobile devices are reason of great concern for governments, they have a great computational capability, huge memories to store our personal data, GPS to follow our movements and are equipped with a camera and microphone to increase our experience in mobility. The advent of monitoring apps like Mobistealth has already brought the possibility of using the aforementioned features to keep tabs on a target device irrespective of the geographic distance to light. However, it has also raised red flags over the possibility of exploitation of such features by attackers for cyber espionage . The problem is well known to governments that are adopting necessary countermeasures especially following the recent revelations about the U.S. Surveillance program . The UK Government has decided to ban iPads from the Cabinet over foreign e

Yesterday I learned about  ' Dark Mail Alliance ', where  Lavabit , reportedly an email provider for NSA leaker Edward Snowden and Silent Circle comes together to create a surveillance-proof email technology. Ladar Levison at Lavabit and Silent Circle CEO Mike Janke, Founders of two e-mail services that recently shut down amid government efforts to nab encryption keys, as well as the larger revelations regarding the NSA's surveillance efforts. The newly developed technology has been designed to look just like ordinary email, with an interface that includes all the usual folders i.e. inbox, sent mail, and drafts. But where it differs is that it applies peer-to-peer encryption not only to the body of the digital missive, but also to its metadata (To:, From: and Subject fields) that third parties are most likely to collect. The encryption, based on a Silent Circle instant messaging protocol called SCIMP and the secret keys generated to encrypt the communic

Your LinkedIn profile is your digital resume. Yesterday, LinkedIn launched a new app for for iOS devices called Intro ' LinkedIn Intro '. With this feature an email on your iPhone will display a picture of the sender, with useful profile info from LinkedIn. Basically, to use the service, a LinkedIn user must route all of their emails (any provider i.e. Hotmail, Gmail, Yahoo, etc.) through LinkedIn's 'Intro' servers, which will inject fancy business centric HTML profile right in your emails, as shown. But this also means that LinkedIn is now able to read the complete content of your emails and also can store the passwords to users' external email accounts. The feature is enough to destroy the security and privacy of your mails. Another point to be noted that, Apple does not provide any APIs or frameworks for developers that would allow this kind of modification of its interface. Instead, LinkedIn is acting as a ' man in the middle ' by inter

In August the New Zealand has passed a bill that radically expands the powers of  The Government Communications Security Bureau ( GCSB ), an intelligence agency of the New Zealand government, equivalent of the National Security Agency ( NSA ). The bill demands the companies and other network operators like Facebook, Microsoft, Google and Yahoo must allow New Zealand spy agencies a certain path to monitor user communications, but it will also violate the rights of New Zealand citizens. Today afternoon the controversial of Telecommunications ( Interception Capability and Security) Bill made progress in the House in its Second Reading. A number of minor changes were made in select committee. Labour Leader David Cunliffe said his party continued to strongly oppose the legislation as it did not provide protection for the privacy of communications from spying by the state. In a supplementary order paper to the Telecommunications Bill , Amy Adams is proposing to dump Clau

The Foreign Intelligence Surveillance Court has once again has renewed the permission to the U.S. government for a controversial program to collect the telephony metadata from American phone companies. The News that the NSA collects bulk phone call metadata including phone numbers, call times and duration from Verizon and other backbone providers initially leaked out in June by Edward Snowden . It's pointed out that FISA court orders are usually issued to track a specific person. It's rare to see the government collecting information on every single person. The government filed an application with the FISC seeking renewal of the authority to collect telephony metadata in bulk, which expired on Friday. The Office of the Director of National Intelligence has published a press release and the Court has renewed that authority. The program does not allow the government to listen in on anyone's phone calls , and the information acquired does not include the content

The world of mobile search is about to get a bit more anonymous. Thanks to the fears over government surveillance and corporate tracking, Anonymous Search Engine DuckDuckGo continues to break its own search records. DuckDuckGo Search & Stories - Android app deliver the same functionality as traditional services such as Google but with the added promise that your IP address and identity will not be recorded.  In June, Anonymous search engine  DuckDuckGo  had launched its app for  iOS  and Android and during recent update, DuckDuckGo's application for Android also integrated the Tor support. " Privacy is perhaps more important on mobile than on the web, and we haven't had many private alternatives ," DuckDuckGo founder Gabriel Weinberg said. To enable Tor with DuckDuckGo android app, user need to Check " Enable Tor " from setting. It will prompt the user to install about application to anonymize the Mobile data communication. As a search

On Wednesday, Chief of National Security Agency (NSA) , General Keith Alexander defended US surveillance programs as part of a Noble Mission to protect the nation. He said that the collection of bulk phone records by U.S. Intelligence agencies are essential to preventing terrorist attacks. He referenced the criticism thrown at the intelligence services in late 2001 for not connecting the dots that led up to the Sept. 11 attacks. " We need our nation to understand why we need these tools, and what those tools mean for civil liberties and privacy and what they mean to defend this country, " General Keith Alexander said during a keynote speech at the Billington Cyber Security Summit in Washington. In recent months NSA has been targeted for severe criticism from privacy advocates, members of Congress and foreign allies of America, whose citizens may have been targets of this surveillance. Alexander pleaded for support of NSA programs during his speech at the conference

Last week Apple releases the iPhone 5S  with Touch ID , a fingerprint-scanning feature, promoted by the company as " Your fingerprint is one of the best passwords in the world ". Just after the launch of iOS7 , Hackers around the world come up with a series of security issues and privacy concerns. One of the most embarrassing hack released yesterday, when a group of German Hackers fooled the iPhone 's biometric fingerprint security by just using a high resolution photo of someone's fingerprint. Now, We all are aware about many secret surveillance projects of NSA like PRISM , where U.S. government is collecting data from these Internet companies including - Apple. Apple claimed that, iPhone will never upload fingerprints to their server, but can we believe them anymore ? It is already proven that, During Surveillance operations and for Backup purpose, Smartphone applications can upload anything from your device to their online servers without any

Belgacom , the largest telecommunications company in Belgium today announced that their IT Systems were hacked and infected with an unknown Malware . In order to eliminate that virus effectively, they clean up the entire system. The company also highlights that they have no indication of any impact on their telecommunication services, customer and employee data. According to the complexity of the malware, it appears to be the work of a state-sponsored entity. Belgacom which handles some of the undersea cables that carry voice and data traffic around the world, so the NSA or Britain's GCHQ could be behind the intrusion. That traffic would be a likely target for an attacker. The attack reportedly affected a few dozen machines on Belgacom's network, including some servers and the intrusion had been active for as long as two years by the time the Belgian company discovered it. Hacked data might help intelligence agencies to gather data on communications coming from the li

" The truth is coming, and it cannot be stopped ", Edward Snowden.  The National Security Agency isn't just snooping into phone and online communications. It also appears to be keeping a close eye on credit card transactions. New reports published by Der Spiegel exposed that The National Security Agency (NSA) is widely monitoring SWIFT bank transactions, International Credit Card Payments and banking, attained by watching printer traffic from numerous banks. According to the information acquired by former NSA contractor Edward Snowden , Show that in 2011, the NSA possessed 180 million records and spying is conducted by a branch called " Follow the Money. That data then moved to their own   ' Tracfin ' financial databank to track money flows. NSA targets the transactions of various banks via large credit card companies like VISA by doing surveillance in Europe, Middle East and Africa. Some 84 percent of the data are from credit card transactions

It's been nearly three months since Edward Snowden started telling the world about the National Security Agency's mass surveillance of global communications. After the last week report that the National Security Agency has leveraged its cooperative relationships with specific industry partners to insert vulnerabilities into Internet security products. Bitcoin , a virtual currency, a peer-to-peer electronic cash system, which is generated on a logarithmic scale by dedicated miners who run software that generate the complex hash codes which make up a Bitcoin.  The integrity of Bitcoin depends on a hash function called SHA-256 , which was designed by the NSA and published by the National Institute for Standards and Technology (NIST). Is it hard to believe that could the intelligence community have a secret exploit for Bitcoin? While there is no evidence yet to support the speculation. " If you assume that the NSA did something to SHA-256, which no outside resea

As we reported yesterday that, your Smartphone is a goldmine for the US National Security Agency (NSA), they have the full access to your Data available on your Smartphones including Android , iPhone and Blackberry. But among other Smartphones,  iPhone apparently is the most popular with the National Security Agency. Another NSA presentation leaked by NSA whistle-blower Edward Snowden and published by German paper Der Spiegel , describing Steve Jobs as the real Big Brother and iPhone buyers as the "zombies" . By cracking mobile operating systems and eavesdropping on mobile communications, the data obtained in this way includes contacts, call lists, SMS traffic, notes and location information. " Such as a iPhone picture of a foreign government official who took selfies while watching TV, and a picture of an unknown man, apparently an Afghani fighter, in the mountains of Afghanistan. And remember the iPhone's location bug? That enabled tracking of people over exten

Earlier reports based on Snowden 's documents revealed the existence of the NSA's PRISM program , and indicate that the National Security Agency spied on Brazilians. On other End, President Obama said that the Syrian government used chemical weapons on its citizens and The United States may have to take military action against Syria. Against same issues, yesterday various pages on  NASA 's website were hacked by a Brazilian Hacker named " #BMPoC " and the visitors to the pages were first greeted with a pop-up window which reads "DO NOT ATTACK THE SYRIAN " followed by another reading " U.S. SPY STOP THE BRAZIL " before the deface page appears. The complete deface message on the page was: Stop spying on us. The Brazilian population do not support your attitude! The Illuminati is now visibly acting! Obama heartless! Inhumane! You have no family? The point in the entire global population is supporting you. NOBODY! We do not want

National Security Agency (NSA)  has the capability to access a broad range of data on most Smartphones out there, including iPhone, BlackBerry, and Android devices, according to the  documents provided by former US intelligence contractor Edward Snowden to the  German news agency Der Spiegel report. A 2009 NSA document states that it can " see and read SMS traffic ". This data includes Contact, call lists, SMS traffic, notes and location data about where a user has been, the NSA has set up teams to specialize in cracking each operating system. The leaked information also revealed that the NSA has organized a working group for each operating system. The documents also state the NSA has successfully accessed BlackBerry email data, a system previously thought to be very secure. Recently, two Guardian reporters , the Newspaper primarily responsible with leaking NSA documents, discovered a mystery app on their iPhones . It has no title, no identifying image,