The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Last Friday at the 50th Munich Security Conference , Microsoft announced to launch ' Transparency centers ' around the World, where government customers will be able to verify the source code of Microsoft's products and can confirm that there are no backdoors. The recent chain of scandals over US global snooping has seriously damaged the trust in U.S. Government and top U.S. Tech companies, that could cost them billions of dollars over the next several years if international clients take their business elsewhere. German Chancellor Angela Merkel , whose private mobile phone was also allegedly bugged by the NSA , warned earlier that U.S. Spying operations are unacceptable. In an effort to re-gain the trust of its customers and Governments around the world, Microsoft has announced that it will expand encryption across its services, reinforce legal protections for customers' data and will also enhance the transparency of its software code. Encryption proced

Smartphones are powerful and popular, with more than thousands of new mobile apps hitting the market everyday. Apps and mobile devices often rely on consumers' data, including private information, photos, and location, that can be vulnerable to data breaches, surveillance and real-world thieves. When developing a mobile application, developer has to fulfill high security requirements, established for apps that deal with confidential data of the users. If you are a developer then responsibilities for providing security to the users is very high in comparison to functionality you are going to feed into the app. e.g. A vulnerability found in Starbucks' iOS app could have caused a massive financial data loss. It is always important for all app developers to have enough knowledge about major Mobile platform Security threats and its countermeasures. Today we would like to introduce open source ' Damn Vulnerable IOS App (DVIA) ' developed by Prateek Gianchan

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

A pro-hacker group, aligned with president Bashar al-Assad, very well known as Syrian Electronic Army (SEA) has again gained the media attention by adding the popular sites, i.e. eBay UK and PayPal UK to its victim list. After targeting websites of various media agencies, government organizations and big enterprises, including the latest defaced CNN and Microsoft, today they targeted and defaced the official websites of UK's Ebay ( ebay.co.uk ) and PayPal ( paypal.co.uk ). The group also left a deface page along with a message on the hacked PayPal UK site: " Hacked by Syrian Electronic Army! Fuck the United States Government. " It is clear that the attack on PayPal could put millions of peoples' bank information at risk, but the group said that the attack is not to target account information of people instead was ' Purely a Hacktivist Operation ' with the reason behind is the discrimination of Syrian citizens by PayPal company. " For denying Syrian citizens

Turn your face in any direction, someone is always trying to spy on you; doesn't matter who and what you are? Just yesterday we reported that Communications Security Establishment Canada (CSEC) in Canada and NSA are together, running a spying program called ' game-changer '. It was revealed that the agencies are tracking all the travelers who passed through the airport terminal, and could be tracked throughout the country by referencing it with the intercepted information from Wi-Fi in cafes, libraries and other public places. Today XDA Senior Recognized Developer ' Chainfire ' has released a new Android app called Pry-Fi , that allow a user to disable Wi-Fi completely, including the background network scanning.  Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. ' Retailers, crooks, the government, and other

It is very clear that when we talk about Intelligence and Surveillance, the first name comes to our mind is the U.S National Security Agency (NSA) and, the second is Gen. Keith Alexander , the Director of NSA..GEEK behind the massive surveillance Programs. Many documents revealed by the former NSA's contractor Edward Snowden exposed the extend level of worldwide spying scandals projected by U.S Government in the supervision of Gen. Keith Alexander. The Obama Administration has confirmed that they are replacing Gen. Keith Alexander and giving the command of NSA in the hand of a military officer, rather than a civilian who is experienced in Cryptography and Electronic Eavesdropping . Michael S. Rogers , presently the U.S Navy's Cyber Security Chief, will be the new Director of the National Security Agency (NSA) and head of the US military cyber command. He has been involved in cyberdefense and offense policy issues as head of the Fleet Cyber Command. Neither Ro

A team of Researchers at Rutgers University has developed an Android application which will notify you every time, whenever an app installed on your Smartphone accesses the GPS functionality. Smartphone is a multipurpose device, having features of both a mobile phone and a computer, allowing us to talk, text, access personal and official e-mail, browse the Internet, make purchases, manage bank accounts, and take pictures. Smartphone also help you to find the way to your destination using GPS (Global Positioning System) technology. Unlike many of our computers, our Smartphones are always with us and many of us rarely turn them off, that means your Smartphone even can be abused to track your real time location on the map. There are many legitimate applications which need your location in order to function properly and to enhance the app features, for example- Zomato app can give the list of all restaurants near you, WeChat like social messaging apps allows you to get