The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A Senior cryptography expert has claimed multiple issues with PGP email encryption - an open source end-to-end encryption  to secure email. Before continuing, I would like to clarify that covering this topic doesn't mean you should stop using PGP encryption , instead we are bringing to you what Security researcher has argued about its fundamental implications.  PGP or Pretty Good Privacy , a program written in 1991, uses symmetric public key cryptography and hashing that allow both Privacy and Security , as well as Authenticity . Privacy and Security ensure users to exchange messages securely and Authenticity proves the origin of those messages. But PGP is a complicated multi-step process, which requires users to keep track of the public keys of other users in order to communicate. Despite clumsiness of the PGP implementation, the popular Internet giants such as Google and Yahoo! have looked forward to integrate it into their popular email services. A respected research profes

Microsoft on Friday quietly urged its users to uninstall the most recent round of security updates, after reports emerged that it crippled their computers with the infamous " Blue Screens of Death " (BSoD), which is really a matter of shame for one of the largest technology giants. Microsoft released security updates on its August Patch Tuesday that addressed privilege escalation vulnerabilities but an apparent font cache clearing issue caused Windows boxes to turn the colour of the screen to Blue. The tech giant forced to make this decision after hundreds of complaints, regarding the infamous Blue Screen of Death error, were sent to the company. This was not the only update to be made last week. The offending Microsoft patch identified as MS 14-045 , one of the nine updates which fixes three security issues including one in the Windows kernel - the heart of the operating system - can cause system crashes forcing users to reboot it. Soon after the initial release o

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

The United States National Intelligence Agency ( NSA ) or the largest Internet giant Google - According to you, which one is the worse? NSA? But, according to the popular Media tycoon Rupert Murdoch ( @rupertmurdoch ), Google is worse than the NSA. Murdoch, founder of global media holding company News Corporation - the world's second-largest media conglomerate, currently lives in Australia and is once more making the sort of news he'd prefer to be remembered for. The 83-year old tweeted on Sunday, in which he labeled Google worse than the National Security Agency (NSA). The missive was as follows: " NSA privacy invasion bad, but nothing compared to Google. " NSA privacy invasion bad, but nothing compared to Google. — Rupert Murdoch (@rupertmurdoch) August 17, 2014 In past, Murdoch accused Google of stealing the content of his newspapers (yet never putting in place a robots.txt file that would prevent search engines crawling it) and has always criticis

Albertson's and SuperValu - Two nation's most popular supermarket store chains announced last weekend that a data breach may have revealed the credit and debit card information of their customers at a number of grocery store locations in more than 18 states. Minnesota-based Supervalu announced that an unknown number of its customers who used their payment cards in around 180 stores between June 22 and July 17 may have had payment card data compromised by attackers who gained access to the Supervalu computer network that processes card transactions. The affected information may includes names, payment card numbers, expiration dates, and other numerical information from cards used at POS devices. " The Company has not determined that any such cardholder data was in fact stolen by the intruder, and it has no evidence of any misuse of any such data, but is making this announcement out of an abundance of caution ," SuperValu said in a statement . The massive da

After the allegations that the U.S. National Security Agency ( NSA ) not only conducted mass surveillance on German citizens, but also spied on German Chancellor Angela Merkel's own personal mobile phone for years, surveillance has become a big issue for Germany. So big, that Germany itself started spying on U.S. According to the reports came from the German media on Friday, the German foreign intelligence agency known as Bundesnachrichtendienst (BND) hacked into at least one call during Hillary Clinton's time in office as US Secretary of State. However, the time and location have not been disclosed, but Clinton's phone calls were interrupted during her phone conversations, according to the joint investigation done by German newspaper Süddeutsche Zeitung and German regional public broadcasters NDR and WDR. Although, after the story broke, some sources from the German government have denied the allegations of Clinton's phone calls interception and said that t

Fiverr.com, a global online marketplace which provides a platform for people to sell their services for five dollars per job, is vulnerable to a critical web application vulnerability that puts its millions of users at risk. Fiverr recently raised $30 million in a third round of institutional funding to continue supporting the new version of its marketplace, but the company ignored the advance warning of the critical bug reported responsibly by a vulnerability hunter and fails to patch up their website before his public release. There are endless numbers of people providing services on Fiverr website, such as graphic design, language translation, illustration, blogging and a lot more that start from just $5 but can go much higher, depending on complexity, seller rating, and type of work. According to a security researcher Mohamed Abdelbaset, an Information Security Evangelist from Egypt, told The Hacker News that Fiverr website is vulnerable to CSRF (Cross-site reque

Scammers spare no incident to target as many victims as possible, and this time they are exploiting the tragic death of comic actor Robin Williams by offering the fake Facebook videos proclaiming a Goodbye video message that Williams made before his death. According to Symantec, this fake Facebook post, which you may see on your walls shared by your Facebook friends, was created by scammers looking to profit on the actor's death. The bogus post claims to be a Goodbye video of Robin Williams making his last phone call before committing suicide earlier this week. Scammers and cyber criminals often use major headline news stories to lure in victims. You may fall victim to this video as the news claims to have come from the most popular and reputed BBC News website. " There is no video. Users that click on the link to the supposed video are taken to a fake BBC News website. As with many social scams, users are required to perform actions before they can view the content. In t

Have you ever used Shodan search engine? A publicly available service crawls the Internet looking for connected devices and list their open ports, services running, system information etc. Shodan search engine is majorly used by Hackers, developers, students and anyone else with a sense of curiosity to find Internet-facing vulnerable systems with open ports and insecure mechanisms for authentication and authorization i.e. Servers, Internet-Connected Cameras, Traffic Lights, And SCADA Systems. According to latest revelation from the whistleblower Edward Snowden , British spy agency GCHQ – counterpart of NSA – apparently uses their own port scanning service to target internet-connected systems in at least 27 countries, in an attempt to potentially exploit them. In top-secret documents published by Heise on Friday, the Port-scan is a part of the "Hacienda" program which scans for open ports on all public-facing servers to find out vulnerable applications running on the

Members of the international hacker collective Anonymous have claimed they have identified the Ferguson , Missouri law enforcement officer involved in the fatal shooting of Michael Brown , an unarmed teenager killed on Saturday, which sparked days of protest and raised racial tensions. The hacktivist collective said Wednesday in a tweet that it was holding back the name of police officer until it confirmed the name of the police officer with a second source before releasing it publicly. " We have the name of the shooter, " the Anonymous group member  tweeted under the Twitter name Operation Ferguson . " We just can't verify. We need to either talk to witnesses or get a second leak source. " Michael Brown , 18-year-old, was shot multiple times by a local police officer on Saturday, which happened around 1:40 p.m. Brown's body was then left on the sidewalk for hours. He was killed following an alleged altercation with the Ferguson police. Since t

Before proceeding towards the story, let's first go back two years to figure out what was wrong when Syria was completely blackout - sudden disconnect from the Internet - which lasted for the period of three days in 2012. Is that the Syrian government behind the blackout ? The outage took place during a period of intense fighting in the country's still-ongoing civil war. So, it was supposed that may it be the government's fault. But, the Syrian Minister of Information said that the government didn't disable the Internet, instead the outage was caused by a cable being cut by some terrorists. When investigated, it was unlikely to be the case. So, Who was actually behind Syria Blackout ? NSA? Yup! It was the same NSA who was behind a number of major happenings. National Security Agency ( NSA ) – the God-like powered agency that had ruled over the privacy of the entire world from countries to individuals, the one with master access to read anyone's data, intruded into larg