The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Google being one of the top web based service provider, has huge number of Internet users availing the free and paid services for their day-to-day personal and/or professional needs. Many of them have configured their mobile phone number for their account password recovery options. Certainly, when comes the mobility, many of these users prefer Google's android based smart phones and tablets to access these services anytime, anywhere. In case of issues in accessing GMAIL services, user is been provided with the option to reset the account password by simply asking Google to send a verification code on the pre-registered mobile number. On the other hand, Android (mobile operating system from Google) based devices are bundled with security features to keep the privacy of user data/information intact. The user can opt to set the security level from none to Password (High), this ensures that, to access the mobile device and information within it, the user needs to pass through ...

Privacy protection in the services we use on a daily basis has been a big topic of conversation following accusations that Google, Microsoft, Apple and other large tech companies were working with government agencies to provide user data. According to a new report by CNet , Google may introduce encryption for users' data generated on their Google Drive to protect its customers' privacy against attempts by the U.S. government to access the data. Why Encryption ?  Secure encryption of users' private files means that Google would not be able to divulge the contents of stored communications even if NSA submitted a legal order under the Foreign Intelligence Surveillance Act or if police obtained a search warrant for domestic law enforcement purposes. "Mechanisms like this could give people more confidence and allow them to start backing up potentially their whole device, " said Seth Schoen, Electronic Frontier Foundation. Many companies use SSL and HTTPS to ...

Anonymous hackers claimed yesterday that they have broken into a server used by the Federal Emergency Management Agency (FEMA) and leaked the database  ( password : fema ) includes - names, addresses and other information of FEMA contractors, private defense contractors, federal agents and local authorities. Hack was performed in response to Homeland Security training exercises that centered on a fictional version of the hacker collective.FEMA, under the Department of Homeland Security, conducts an National Level Exercise (NLE) each year. " This is a message from some of us, to FEMA, to various world governments and to their complicit corporate lackeys who dwell in the shadows as well as to the 2.5 billion regular people who use the internet and have found that their right to privacy has been utterly destroyed. " hackers said. The dump contains a table of user IDs and MD5 hashes of corresponding passwords and leaked mailing addresses connected to some of the ...

Tumblr posted a blog post Tuesday night warning users to change their passwords and released a very important security update for iOS users after identifying a breach that compromised their passwords. It seems that, under certain circumstances, the prior versions of the iPhone and iPad apps would allow an individual with malicious intent to sniff or intercept passwords as they are in transit across a local network. The problem arose because the iPad and iPhone apps fail to log users in through a secure server.  The vulnerability does not seem to have affected Tumblr's Android app. The company urged users to download the latest version of the Tumblr app, which is available in the Apple iTunes Store. The company did not provide further details on the breach. It's also good practice to use different passwords across different services by using an app like 1Password or LastPass. It doesn't appear that any passwords got in the hands of malicious individuals, t...

Recent disclosures by whistleblower Edward Snowden claiming that internet traffic is being intercepted and used by the Americans in their war on terror, force to re-think about the user's privacy and online anonymity. It has been relatively common knowledge for years that wherever we go on the web, we leave clear tracks, so it shouldn't really have come as much of a surprise to discover this has been going on. The best thing you can do to stay anonymous online is to hide your IP address . If someone knows your IP address, it is the easiest way to trace your online activity back to you and they can easily determine the geographic location of the server that hosts that address and get a rough idea of where you're located. TOR is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Browsing with TOR is a lot like simultaneously using hundreds of different proxies that are randomized periodically. ...

TrueCaller, a popular app built by a Swedish company and world's largest collaborative phone directory compromised by Syrian Electronic Army hackers. Truecaller was running an outdated version (3.5.1) of blogging software WordPress for its web interface and there are millions of Phonebook records available in their database that were reportedly stolen by hackers, as claimed on their twitter account. Syrian Electronic Army also claimed that the database contains million of access codes of Facebook, Twitter, Linkedin, Gmail Accounts of different users, that can be used to post update from compromised Accounts. In total, the hackers claimed to downloaded more than 7 databases fro Truecaller server of 450GB in size. At the time of reporting this news, Truecaller website is still under maintenance and index page saying, " We are doing some upgrades. Thank you for your patience ." SEA also posted a database screenshot on twitter, showing the phonebook l...