The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Back in November, Mozilla teamed-up with Tor Project under a new initiative called Polaris , in order to help reduce finite number of Tor connections occurring at the same time by adding high-capacity Tor middle relays to the Tor network , and now the company is ready with its first Tor Middle relays. The Firefox maker has given the Tor network a high-capacity middle relays with the launch of 12 relays , all located in the United States, that will help distribute user traffic; the Tor browser is a great way to keep prying eyes from tracking you. Mozilla is one of the most trusted companies on the internet, particularly when it comes to user privacy. The partnership of Mozilla and Tor aimed at providing more privacy features to Firefox browser, and increased Tor network support. The Polaris Privacy Initiative was an effort of Mozilla, the Tor Project and the Center of Democracy and Technology — an advocacy group for digital rights, in order to help build more privacy

The makers of ultra secure BlackPhone titled by Silent Circle as, " world's first Smartphone which places privacy and control directly in the hands of its users ," have recently fixed a critical vulnerability in the instant messaging application that allows hackers to run malicious code on the handsets. BlackPhone was also hacked last year at the BlackHat security conference , but the interesting factor about the recent hack was that the attackers only needed to send just a message on a targeted phone number in order to compromise the device. The vulnerability was first discovered and disclosed by Mark Dowd , a principal security researcher at the Australia-based consultancy firm Azimuth Security. Dowd discovered the issue late in 2014, but waited to disclose it until Blackphone got their patches and fixes in place. The flaw actually resides in Silent Text application — the secure text messaging application bundled with the BlackPhone handsets, which is al

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

​Researchers have uncovered a new evidence that a powerful computer program discovered last year, called " Regin ", is "identical in functionality" to a piece of malware used by the National Security Agency  (NSA) and its Five Eyes allies . REGIN MALWARE "Regin" is a highly advanced, sophisticated piece of malware the researchers believe was developed by nation state to spy on a wide-range of international targets including governments, infrastructure operators and other high-profile individuals since at least 2008. Regin was first discovered in November 2014 by the researchers at antivirus software maker Symantec and was said to be more sophisticated than both Stuxnet and Duqu . The malware alleged to have been used against targets in Algeria, Afghanistan, Belgium, Brazil, Fiji, Germany, Iran, India, Indonesia, Kiribati, Malaysia, Pakistan, Russia and Syria, among others. The recent evidence comes from the journalists at Der Spiege

A highly critical vulnerability has been unearthed in the GNU C Library (glibc) , a widely used component of most Linux distributions, that could allow attackers to execute malicious code on servers and remotely gain control of Linux machines. The vulnerability, dubbed " GHOST " and assigned CVE-2015-0235 , was discovered and disclosed by the security researchers from Redwood Shores, California-based security firm Qualys on Tuesday. CRITICAL AS HEARTBLEED AND SHELLSHOCK GHOST is considered to be critical because hackers could exploit it to silently gain complete control of a targeted Linux system without having any prior knowledge of system credentials (i.e. administrative passwords). Also Read:  Top Best Password Managers . The flaw represents an immense Internet threat, in some ways similar to the Heartbleed ,   Shellshock   and Poodle   bugs that came to light last year. WHY GHOST ? The vulnerability in the GNU C Library (glibc) is dubbed GHOST b

The very popular Pop star Taylor Swift became the latest celebrity to have their social media accounts hacked on Tuesday. The 25-year-old " Shake It Off " singer, who has the fourth-most popular Twitter account with 51.4 million followers, appeared to be asking her millions of followers to follow @veriuser and @lizzard. Swift confirmed that her Twitter and Instagram accounts were hacked on Tuesday afternoon, and also that the rogue posts were quickly removed from the social media websites. " My Twitter got hacked but don't worry, Twitter is deleting the hacker tweets and locking my account until they can figure out how this happened and get me new passwords ," said a statement posted on Swift's personal Tumblr page. The accounts were taken for just 15 minutes, but when it belongs to Taylor Swift, that makes it a big hit. At the time, a Tweet went out from @TaylorSwift13 to her millions of fans, saying, " go follow my boy, @lizzard :) " Yes Li