The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

According to a new report revealed by NSA leaker Edward Snowden , The National Security Agency has a secret program that allows it to see just about everything a person does on the Internet.  An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.  An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen. XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst. The Guardian has published several NSA training slides from the program: The NSA documents show that as of 2008, the X-Keyscore platform was used to nab 300 alleged terrorists around the world. Another

According to a new report, the world's biggest personal computer maker, Chinese firm Lenovo Group Limited has reportedly been banned from supplying equipment for  networks of the intelligence and defense services of Australia, the United States, Britain, Canada and New Zealand, due to hacking concerns. Sources from intelligence and defense entities in the UK and Australia have confirmed the ban introduced in the mid-2000s after intensive laboratory testing of its equipment. In 2006 it was disclosed that the US State Department had decided not to use 16,000 new Lenovo computers on classified networks because of security concerns. Serious backdoor vulnerabilities in hardware and firmware were apparently discovered during the tests which could allow attackers to remotely access devices without the knowledge of the owner. Lenovo, headquartered in Beijing, acquired IBM's personal computer business in 2005, after which IBM continued to sell servers and mainframes that we

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Soon in December this year, India's new surveillance program - Centralized Monitoring System (CMS) will be able to analyze all telecommunications and Internet communications in India by the government and its agencies.  This means that everything we say or text over the phone, write, post or browse over the Internet will be centrally monitored by Indian authorities. Law enforcement and government agencies intercept, monitor, and analyze communications in order to uncover leads and build the evidence needed to neutralize terrorism and crime. Few days back, BlackBerry has given the necessary permissions for the Indian government to intercept messages sent from BlackBerry devices . According to latest reports - Verint Systems , Israel's cyber intelligence solutions provider , are soon to get a contract from the Indian government to track encrypted communication services such as Gmail, Yahoo . mail, BlackBerry services, Skype and so on. " Verint's leade

Last week, we exclusively reported that the popular messenger Viber was hacked by the Syrian Electronic Army, and Support page was defaced with the message, " The Israeli-based - Viber is spying and tracking you. " Today we found that Viber's Apple App Store description has been defaced as well. The new modified description read " We created this app to spy on you, PLEASE DOWNLOAD IT! ", It's not clear at this point if this new hack is also performed by  Syrian Electronic Army or not, but it is possible that the hackers have gained access to the other various developer-facing functions. Viber later responded after a previous attack that one of its employee's fell victim to a phishing attach and attackers could gain access to a customer support panel and support administration system, insisting that no sensitive user data was exposed. Last week, SEA was able to access the Popular messaging app Tango's website and also a World's biggest

Computer geeks already knew it was possible to hack into a car's computerized systems and finally, two U.S. hackers - Charlie Miller and Chris Valasek, sponsored by the Pentagon's research facility DARPA recently demonstrated just how easy it is for malicious hackers to physically hijack a modern car using a laptop. Feeling exiting ... ? You should worry too..It's all very concerning. Because you may never drive your car again after you see how a couple of government funded tech guys were able to hack into, and take control of car's steering, dashboard, and even its brakes. Forget hacking accounts, computers or mobile devices, this new threat to our vehicles is thanks to the evolution of electronic control units being installed in most new cars. Charlie Miller , a security engineer at Twitter, and Chris Valasek, the Director of Security Intelligence at IOActive received an $80,000 grant from the US government in order to research these new vulnerabilities .