The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

In an interview to be published in this week's of NSA whistleblower Edward Snowden said the US National Security Agency  works closely with Germany and other Western states. The interview was conducted by US cryptography expert Jacob Appelbaum and documentary filmmaker Laura Poitras using encrypted emails shortly before Snowden became known globally for his whistleblowing. Snowden said an NSA department known as the Foreign Affairs Directorate coordinated work with foreign secret services. NSA provides analysis tools for data passing through Germany from regions such as the Middle East. " The partnerships are organized so that authorities in other countries can 'insulate their political leaders from the backlash' if it becomes public 'how grievously they're violating global privacy ,' he said. Germans are particularly sensitive about eavesdropping because of the intrusive surveillance in the communist German Democratic Republic (GDR) a

US intelligence whistleblower Edward Snowden managed to stay out of sight for two weeks since arriving from Hong Kong on June 23, amid rising hopes he may finally be able to leave Russia after being offered asylum by Venezuela. Many travelers, journalists and Agents are trying to spot him, who are waiting in the interconnected transit area between terminals D, E and F, a maze of corridors, lounges, fast food restaurants and duty free shops of Moscow's Sheremetyevo international airport. Russia already refuses USA request of Snowden extradition, by saying that he is in transit area where passengers stay between flights is neutral territory and he will be on Russian soil only if he goes through passport control. Snowden may have been kept in a secret area, perhaps underground, or moved around from day to day to avoid detection. Venezuela's leftist President Nicolas Maduro offered to grant " humanitarian asylum ". The invitations came as Snowden sent

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

A hidden microphone was found in Ecuador's embassy in London, where WikiLeaks founder Julian Assange is sheltering from extradition to Sweden, The Ecuadorean Foreign Minister Ricardo Patino claimed. The microphone was found in the office of the ambassador Ana Alban and was discovered last month during his visit to Britain to discuss issues surrounding Julian Assange. At a press conference in Quito, the foreign minister of Ecuador, held up a photo of a " spy microphone " that was found on June 14 inside a small white box that was placed in an electrical outlet behind a bookshelf. However, the purpose of the bug, according to Patino, was not to track the WikiLeaks founder directly, but rather listen to the conversations of ambassador Ana Alban. He told reporters: " We have reason to believe that the bugging was carried out by The Surveillance Group Limited, one of the largest private investigation and covert surveillance companies in the United Kin

Members of Iceland's Pirate Party  have introduced a proposal in Parliament that would grant immediate citizenship to National Security Agency Whistleblower Edward Snowden . The government is however not keen on helping Snowden. The bill to grant Snowden citizenship received limited support Thursday. Six members of minority parties were in favor out of Parliament's 63 members . Ogmundur Jonasson, Icelandic MP for the Left-Green Movement, said at parliament this morning that US authorities violated the Icelandic constitution when they spied on Icelandic citizens.  He referred to the 71st article of the constitution which states: " It is not allowed to search a person, his house or personal effects, unless according to a court order or a special legal basis. The same thing applies to research on documents and mail deliveries, phone calls and other telecommunications.. ." Snowden is believed to be stuck in a Moscow airport transit area, seeking asylum

Q-CERT team found a critical vulnerability that allows the attacker to bypass the two-factor authentication in the most popular file sharing service ' DropBox '. Two Factor Authentication is an extra layer of security that is known as " multi factor authentication " that requires not only a password and username but also a unique code that only user can get via SMS or Call. Zouheir Abdallah demonstrated , if an attacker already knows the username and password of the victim's Dropbox account, which is protected by two-factor authentication, it is still possible to hack that Dropbox account using following explained technique. DropBox does not verify the authenticity of the email addresses used to Sign up a new account, so to exploit this flaw hacker just need to create a new fake account similar to the target's account and append a dot (.) anywhere in the email address. In Next step, enable 2-factor authentication for the fake account, and save the emerg

South Korea 's Ministry of National Defense is banning its employees from using the  smart phones inside of the ministry's building in a bid to prevent military data leaks. At present, the only way to ensure sensitive corporate and Defense data is not lost is to provide employees with devices owned and controlled by the enterprise. Staffers will still be allowed to make phone calls or use text messaging services and also visitors will also be required to leave their smartphones at the entrance, officials said Wednesday. Defense ministry employees will be required to install a smart phone application which deactivates major smart phone functions like computing, Internet connectivity and the camera. Employees will be allowed to answer and make phone calls and use text messaging services and the plan will kick in on July 15.

The US isn't the only western country with an Digital eye i.e PRISM like  surveillance program , designed to monitor internet and phone communications . French is leading member at European Parliament and they voted to launch an in-depth inquiry against the US's based PRISM surveillance project. The fact that the French DGSE is itself engaged in similar program should make for some awkward proceedings as that inquiry gets underway. France's General Directorate for External Security has a PRISM like system that intercept and processes the metadata for billions and billions of communications, including internet messaging, phone calls , SMS and even faxes. The one difference being that PRISM was used to spy on international targets whereas the DGSE were only keeping a watch on the French. According to French newspaper, Le Monde - program goal is ostensibly to track the behavior of terrorist cells, but the Directorate allegedly shares the anonymized informa

Almost all Android handsets are  vulnerable to a  flaw that could allow hackers to seize control of a device to make calls, send texts, or build a mobile botnet , has been uncovered by Bluebox Security .i.e almost 900 million Android devices globally. Or simply, The Flaw allow hackers to modify any legitimate and digitally signed application in order to transform it into a Trojan program that can be used to steal data or take control of the OS. When an application is installed and a sandbox is created for it, Android records the application's digital signature and all subsequent updates for that application need to match its signature in order to verify that they came from the same author and anything without the signature certificate won't install or run on a user's device. The vulnerability has existed since at least Android 1.6, which means that it potentially affects any Android device released during the last four years.  Samsung 's flagship Galaxy S4 has a

Edward Snowden , a former NSA systems analyst, have revealed the NSA's sweeping data collection of U.S. phone records and some Internet traffic and the programs target foreigners and terrorist suspects mostly overseas. According to the Constitution of all countries, capturing and reading emails or text messages without privileges is illegal . Several Asian and European countries is worried about the US spying. Today a Germany's top security official has warned, " If you are worried about the US spying on you, you need to stop using Google and Facebook. " Internet users who fear their data is being intercepted by U.S. intelligence agencies such as the National Security Agency's should stay away from American websites run through American servers, Interior Minister Hans-Peter Friedrich said. " If these reports are true, it's disgusting. The United States would be better off monitoring its secret services rather than its allies. " Head of t

The recent exposes and revelations by Edward Snowden about the Top Secret Internet Snooping program currently run by US National Security Agency (NSA) have shocked the world. The extent of snooping is even more shocking and what has just stunned the world is the sheer name of top Internet companies who had shared data of all their users and not to forget except Microsoft, all of them namely Google, Facebook, and Apple have longed established themselves as the outright defenders of free speech and Right to Privacy . Many of them are funders and donors of Electronic frontier foundation in US. The recently formed renowned organization defending right to privacy and free speech on Internet . Though much is being written about the extent of snooping, leaked Memos, Obama's Admissions, NSA's careful acceptance of the snooping Program but What bothers me is the stand of Indian Government in this mess. We are reportedly 5th most spied country by US NSA under this program and

A Russian immigration source informed that the US intelligence agency whistleblower Edward Snowden has applied for political asylum in Russia. Few days back, Russian president Vladimir Putin has said Russia would never hand over Mr Snowden over to the United States but that if Snowden wants to stay in Russia he " must stop his work aimed at harming our American partners. " He initially fled from Hawaii to Hong Kong and then to Russia . The US has annulled his passport, and Ecuador, where he had hoped to get asylum, has been coy over offering him shelter. Sarah Harrison is an employee of anti-secrecy group WikiLeaks , who accompanied Mr Snowden on his trip from Hong Kong. " Snowden is not a Russian agent ", Putin said on Monday, and that Russian intelligence services were not working with the fugitive American, who is believed to remain in the transit area at a Moscow airport eight days after arriving from Hong Kong. Speaking at a news confe

A recently discovered new form of Android malware called  USB Cleaver  can not only infect your smartphone, but also targets your PC to steal sensitive information from it. A hacking tool discovered by analysts at F-Secure, which is capable of stealing information from a connected Windows machine. USBCleaver seems to be designed to facilitate a targeted attack by gathering details that would be helpful in a later infiltration attempt. To use the application, hacker must install an application called USB Cleaver on his Android device. Once executed, the app downloads a ZIP file from a remote server and then unzips the downloaded file to the following location: /mnt/sdcard/usbcleaver/system folder. Tools is design to steal information like  Browser passwords (Firefox, Chrome and IE), PC's Wi-Fi password, The PC's network information etc. When the device is then plugged into a PC, /mnt/sdcard is mounted and, if autorun is enabled, go.bat and the payload