The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Explosive revelations of massive surveillance programs conducted by government agencies by the former contractor Edward Snowden triggered new debate about the security and privacy of each individual who is connected somehow to the Internet and after the Snowden's disclosures they think that by adopting encrypted communications, i.e. SSL enabled websites, over the Internet, they'll be secure. People do care of their privacy and many have already changed some of their online habits, like by using HTTPS instead of HTTP while they are surfing the Internet. However, HTTPS may be secured to run an online store or the eCommerce Web site, but it fails as a privacy tool. The US researchers have found a traffic analysis of ten widely used HTTPS-secured Web sites " exposing personal details, including medical conditions, financial and legal affairs and sexual orientation. " The UC Berkeley researchers Brad Miller, A. D. Joseph and J. D. Tygar and Intel Labs' researchers, Li

Android platform is becoming vulnerable day by day and hackers always try to manipulate android by applying novel techniques. In this regard, Symantec researchers have found a new android malware toolkit named " Dendroid ". Previously Symantec found an Android Remote admin tool named AndroRAT is believed to be the first malware APK binder. However, Dendroid runs on HTTP with many malicious features. Dendroid toolkit is able to generate a malicious apk file that offers amazing features like: Can delete call logs Open web pages Dial any number Record calls SMS intercepting Upload images, video Open an application Able to perform DoS attack Can change the command and control server The author of Dendroid also offers 24/7 customer support for this RAT and Android users can buy this toolkit at $300 by paying Bitcoin , Lifecoin. Experts at Symantec said that Dendroid has some connection with the previous AndroRAT toolkit . Dendroid being an HTTP RAT offers PHP

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

The Continuous Growth of spyware, their existence, and the criminals who produce & spread them are increasing tremendously. It's difficult to recognize spyware as it is becoming more complex and sophisticated with time, so is spreading most rapidly as an Internet threat. Recently, The security researchers have unearthed a very complex and sophisticated piece of malware that was designed to steal confidential data and has ability able to capture network traffic. The Researchers at the German security company G Data Software , refer the malware as Uroburos , named after an ancient symbol depicting a serpent or dragon eating its own tail, and in correspondence with a string ( Ur0bUr()sGotyOu# ) lurking deep in the malware's code.  The researchers claimed that the malware may have been active for as long as three years before being discovered and appears to have been created by Russian developers. Uroburos is a rootkit designed to steal data from secure facilit

Cryptocat , an open source encrypted web-based chat client, is now available for iOS Devices from the  Apple's App store , which was initially rejected by the Apple last December. It is not clear why it was rejected previously, but the good news is that, now ' Cryptocat ' is available for all iOS Devices. So far Cryptocat was only available for Linux and Mac OS X, and as an extension for web browsers Mozilla Firefox, Google Chrome 3, Apple Safari and Opera . Cryptocat has become quite popular in the wake of the NSA Controversy, because of its end-to-end encryption that doesn't allow anyone in the middle to read your messages. Cryptocat for iPhone uses the OTR protocol for private conversations, a cryptographic protocol for secure instant messaging, and perfect forward secrecy, a system that constantly generates new user keys. So, snoops cannot decrypt older messages. It doesn't require any username or account rather just one time nickname makes the

With revelations of NSA spying and some of the most jaw-dropping surveillance leaks, many people feel unencrypted and central-server service is bad in most of the cases, but end-to-end encryption can be used to reduce this problem. Worldwide Government surveillance raises privacy concerns and acquisition of WhatsApp by Facebook also made us think about the security concern with chat applications as well; though it was not so secure previously. People who care about having their SMS and Instant messages protected from prying eyes, now they can use end-to-end encrypted services, like  TextSecure .  It is a free Android-based messaging app, completly open-source , easy to use and designed with privacy in mind. Encrypting the stored data on the servers is as important as transferring data over an encrypted connection, but the most important factor of the encryption is that ' who has the decryption key '. If the company has the keys, then Government could snoop through your fi