The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

We are living in an era of Mass Surveillance,  conducted by the Government Agencies like the NSA and GCHQ, and we ourselves gave them an open invitation as we all have sensors in our pockets that track us everywhere we go i.e. Smartphone. Encryption and security are more important today than any other time in our history. So, the best proactive way to keep your tracks clear is - Always use only trusted privacy tools and services . The same folks behind the Anonymity Tool, Tor Browser Bundle is currently working on a new Privacy tool called ' Tor Instant Messaging Bundle ' (TIMB), that will help you with encrypted communication to keep your online conversations private. The Tor is the free software that lets users browse the Internet anonymously and mostly used by activists, journalists and to conceal their online activities from prying eyes. Tor Instant Messaging Bundle, or TIMB is a real time anonymous chat system, that will simply route all of your chat dat

Once again, a new revelation showed the ugly side of the Government who are conducting Global Mass surveillance and previous documents leaked by the whistleblower Edward Snowden have defaced the US Intelligence Agency NSA , who were taking care of a number of projects like PRISM, XKeyscore, DROPOUTJEEP , and various others to carry out surveillance of millions of people. Now, it has been revealed that the US National Security Agency ( NSA ) helped its British counterpart, the Government Communications Headquarters ( GCHQ ), to allegedly capture and store nude images and others from webcam chats of millions of unsuspecting Yahoo users, The Guardian reported. Documents handed to the Guardian by the former NSA contractor Edward Snowden show that the GCHQ's worked with the US intelligence agency NSA on a joint project dubbed as ' Optic Nerve '. The project carried out a bulk surveillance program , under which they nabbed webcam images every five minutes from random Yahoo

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

If you are reading this THN Article, then you are the one of those lucky guys who has access to the Internet, but everyone is not as lucky as you. On this planet, about 40% of the population is still not having an access to the Internet services. So, there is good news for all those who are still deprived of Internet services - Free Global WiFi Internet Access called ' Project Outernet '. A Non-profit organization ' Media Development Investment Fund (MIDF) ' based in New York has taken this initiative, regardless of the geographical location, the Outernet will broadcast free, bypassing filtering or other means of censorship and universal Internet all over the globe from high in orbit. A few hundred of  Low-cost mini satellites ( cubesats ) will be sent into the space to create a constellation in the low earth orbit. To widen the range of service area, these Cubesats will utilize universally accepted standard protocols like DVB, Digital Radio Mondiale and  User

Looking for a Secure Smartphone? World's biggest Aerospace company - Boeing is finally close to the launch of its high-security Android Smartphone, called " Boeing Black (H8V-BLK1) ", primarily designed for secure communication between Governmental agencies and their contractors. Encrypted email, Secure Instant Messaging and Other privacy services and tools are booming in the wake of the National Security Agency's recently revealed surveillance programs. Encryption isn't meant to keep hackers out, but when it's designed and implemented correctly, it alters the way messages look. Boeing is the company which is already providing secure communications for US Government officials, including the president. Don't mess with it, It can  Self-Destruct:  Boeing Black Smartphone can Self-Destruct  if it is tampered with, destroying all the data on it. The device is delivered in complete sealed form, any attempt to open the seal of the device will destruct the operati

Your Financial Credentials are on SALE on the Underground Black Market without your Knowledge… sounds like a nightmare, but it's TRUE. Cyber security firm, Hold Security, said it has traced over 360 million stolen account credentials that are available for Sale on Hacker's black market websites over past three weeks. The credentials include usernames, email addresses, and passwords that are in unencrypted in most cases, according to the report released on Tuesday. It is not known till now from where these credentials exactly were stolen, but the security researchers estimated that these credentials are a result of multiple breaches. Since the banking credentials are one of the most ' valuable bounties ' for the cyber criminals, and the ways to steal these credentials can be directly from the companies and from the services in which users entrust data as well. According to Hold Security, in addition to the sale of 360 million credentials, the cyber criminals are  s

Today, when we come across various malware, exploit kits and botnets that are in the wild, we think about an effective Antivirus solution or a Security Patch, but the most effective solution is always " The arrest of malware authors and culprits who are involved in the development of Malware. " Tilon has been an active malware family that was spotted first time in 2012, was specially designed to filch money from online bank accounts, that earlier various researchers found to be the new version of Silon , is none other than the SpyEye2 banking Trojan , according to researchers at security firm  Delft Fox-IT . Tilon  a.k.a  SpyEye2 is the sophisticated version of SpyEye Trojan . Majority functional part of the malware is same as of the SpyEye banking Trojan that was developed by a 24-year-old Russian hacker ' Aleksandr Andreevich Panin ' or also known as  Gribodemon , who was arrested in July 2013. ' SpyEye ', infected more than 1.4 million Computers

Do you know, A Computer viruses could go Airborne over WiFi networks? Security researchers at the University of Liverpool  in Britain have demonstrated a WiFi virus that can spread between computer networks just like the ' common cold ' spreads between Humans. They have created a proof-of-concept which can infect the entire wireless network instead of a single computer at a time,  that replaces the firmware of the vulnerable Access Point (AP) with a virus-loaded version, and then propagates itself to the next victim on the WiFi network . The  WiFi  based virus named as ' Chameleon ', that can self-propagate over WiFi networks from access point to access point,  but  doesn't affect the working of the Wireless Access Point. This Virus is able to identify WiFi access points that are not protected by encryption and passwords, according to the research paper . It can badly hit less-protected open access WiFi networks available in coffee shops or airp

Yet another Apple vulnerability has been exposed by security researchers, that can be exploited to track your finger's every action on iOS Devices i.e. iPhone , iPad etc. The exploit reportedly targets a flaw in iOS multitasking capabilities to capture user inputs, according to Security researchers at  FireEye . They found a way to bypass the Apple's app review process effectively and created a proof-of-concept Monitoring app for non-jailbroken iOS 7.0.x devices. The " monitoring " app, that runs in the background of the iPhone is a Keylogger Trojan which could allow hackers to monitor user's activities on the mobile device, including - touches on the screen, home button press, volume button press and TouchID press , and send all collected events to any remote server. According to researchers, their proof-of-concept app works on versions 7.0.4, 7.0.5, 7.0.6, and 6.1.x. " Based on the findings, potential attackers can either use phishing to mislead the vi

Just two days before Apple has disclosed a critical Security flaw in the SSL implementation on the iOS software that would allow man-in-the-middle attacks to intercept the SSL data by spoofing SSL servers. Dubbed as CVE-2014-1266 , the so-called ' goto  fail; ' vulnerability in which the secure transport failed to validate the authenticity of the connection has left millions of Apple users vulnerable to Hackers and Spy Agencies, especially like the NSA . Last Friday, Apple had also released updated version iOS 7.0.6 to patch the vulnerability, which was first discovered in Apple's iOS Devices, but later company had acknowledged its presence in Mac OSX also, that could allow hackers to intercept email and other communications that are meant to be encrypted in iPhone, iPad and Mac computer. Affected versions include iOS up to version 7.0.5 and OS X before 10.9.2. Security Researchers confirmed , ' Nearly all encrypted traffic, including usernames, passwords, and

Are you the one of the Digital Currency Holder? PONY is after You.  A Group of cyber criminals has used hundreds of thousands of infected computers of the digital currency holders to filch approximately $220,000 worth of Bitcoins and other virtual currencies. The researchers at the security firm, Trustwave have uncovered the Bitcoin Heist that was accomplished by the computers infected with a new class of malware that has been dubbed as ' Pony ', a very powerful type of Spying Keylogger Malware with very dangerous features that was last time found two months ago. Pony, for those who have not yet heard about it, is a bot controller much like any other, with the capability to capture all kinds of confidential information and access passwords. It contains a control panel, user management, logging features, a database to manage all the data and, of course, the statistics. It can see the passwords and login credentials of infected users when they access applications and