The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

"VERA is a Visualizing Executables for Reversing and Analysis tool. It is a tool for reverse engineering Windows executables. It is used in conjunction with the Ether framework to generate visualizations to help with the RE process." This is the official change log: Added processing of trace files without having to use gengraph via new wizard Better handling of low memory situations Major code cleanup, refactoring, and new buzzwordy sounding tasks Added a toolbar, because everyone loves those Added IDA integration and IDA Pro module Fixed a bug involving parsing of non-traditional Ether trace files Now should support larger and more complicated graphs Author getting paid to write and support VERA. This new version contains a bunch of new features and API improvements. The two biggest updates are the addition of the trace file parsing and analysis inside of the GUI. This alleviates the need for the gengraph.exe program. The next big feature is the integration with IDA Pro. Cu...

Has anyone you know ever lost control of an email account and inadvertently sent spam—or worse—to their friends and family? There are plenty of examples (like the classic  "Mugged in London" scam ) that demonstrate why it's important to take steps to help secure your activities online. Your Gmail account, your photos, your private documents—if you reuse the same password on multiple sites and one of those sites gets hacked, or your password is conned out of you directly through a phishing scam, it can be used to access some of your most closely-held information. Most of us are used to entrusting our information to a password, but we know that some of you are looking for something stronger. As we announced to our Google Apps customers  a few months ago , we've developed an advanced opt-in security feature called  2-step verification that makes your Google Account significantly more secure by helping to verify that you're the real owner of your account. Now it...

Free cellphone encryption is coming to Android users in Egypt courtesy of San Francisco software maker Whisper Systems. Until now, Redphone and TextSecure, voice- and text-encryption apps respectively, have generally been available in the US only. Whisper Systems has been working on making the packages available internationally. With cellphone communication playing a vital role in the more than two weeks of protests in Cairo and Alexandria, the company decided to jump-start a version for Egyptians, said principal Moxie Marlinspike. "Given the events in Egypt, we've stepped up our efforts to incorporate international support, and are almost ready to do our first international release by deploying RedPhone and TextSecure (which is also unavailable there) into Egypt," he wrote in an email. Marlinspike is no stranger to government surveillance. While returning from a trip overseas, US feds recently confiscated his handset and laptop. TextSecure uses strong encryption to make text ...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

The Egyptian government shut down most of its country's internet not by phoning ISPs one at a time, but by simply throwing a switch in a crucial data center in Cairo. That according to a February presentation to the Department of Homeland Security's Infosec Technology Transition Council. The presentation — made by Bill Woodcock, research director of the Packet Clearing House — argues that the Egyptian Communications Ministry acted quite responsibly in the procedure it used to cut ties from the net, after the shutdown was ordered by Egypt's much-feared intelligence service. "Most of the outage was effected through a breaker flipped in the Ramses exchange, and the rest was phone calls and arm-twisting," the presentation says. 'Ramses exchange' refers to a central building in Cairo where Egyptian ISPs meet to trade traffic and connect outside of the country, a facility known as an Internet Exchange Point. The report's timeline also contradicts many observers' guesses that a smal...

Anonymous Response to Egyptian President Mubarak 's Second Speech ! Mr. Mubarak Billions of people around the world have naively held their hopes high only to watch in dismay while one single stubborn man once again highjacked the lives of millions.- The blood of the fallen in the struggle for freedom will not be crushed by your blind disregard for those clamouring for you to relinquish your desperate hold on power. Your abuses must end, now, and with them your pathetically transparent attempt to retain control through your henchmen, professional torturer, Mr Suleiman.- Your fractured, failed, despotic regime cannot be tolerated a minute longer. The people have spoken, in their millions. Your refusal to acknlowledge this fact and depart with dignity has shown us your delusion . You are aware of this, and so are we.- The Egyptian people are an inspiration for all living under a dictatorship. They will no longer stand by and listen to you speak on their behalf. They will be ...