The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Apple is serious this time to enhance its iPhone security that even it can not hack. To achieve this the company has hired one of the key developers of Signal — World's most secure, open source and encrypted messaging app. Frederic Jacobs, who worked to develop Signal, announced today that he is joining Apple this summer to work as an intern in its CoreOS security team. "I'm delighted to announce that I accepted an offer to be working with the CoreOS security team at Apple this summer," Jacobs tweeted Thursday. Signal app is widely popular among the high-profile privacy advocates, security researchers, journalists and whistleblowers for its clean and open source code, and even the NSA whistleblower Edward Snowden uses it every day. Signal messages are end-to-end encrypted, which means only the sender and the intended recipient can read the messages. Although Apple's iMessage is also end-to-end encrypted, it is not open source. Apple to bu

Amid an ongoing dispute with the United States government over a court order to unlock iPhone 5C of one of the San Bernardino shooters Syed Farook… ...Apple started working on implementing stronger security measures "even it can't hack" to achieve un-hackability in its future iPhones. The Federal Bureau of Investigation (FBI) is deliberately forcing Apple to create a special, backdoored version of iOS that could let them brute force the passcode on Farook's iPhone without erasing data. However, the FBI approached the company to unlock the shooter's iPhone 5C in various ways like: Create a backdoor to shooter's iPhone. Disable the Auto-destruct feature after numerous tries. Increase the brute force time to try out all combinations. Minimize the time of waiting for a window after each try. ..and much more Apple is still fighting the battle even after the clear refusal to the court that it will not provide any backdoor access to the a

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Everything is now crystal clear: The security researchers from Carnegie Mellon University (CMU) were hired by the federal officials to discover a technique that could help the FBI Unmask Tor users and Reveal their IP addresses as part of a criminal investigation. Yes, a federal judge in Washington has recently confirmed that the computer scientists at CMU's Software Engineering Institute (SEI) were indeed behind a hack of the TOR project in 2014, according to court documents [ PDF ] filed Tuesday. In November 2015, The Hacker News reported that Tor Project Director Roger Dingledine accused the Federal Bureau of Investigation (FBI) of paying the CMU, at least, $1 Million for providing information that led to the criminal suspects identification on the Dark Web . After this news had broken, the FBI denied the claims , saying "The allegation that we paid [CMU] $1 Million to hack into TOR is inaccurate."  Meanwhile, the CMU also published a press

Currently, Asus is undergoing through a troublesome situation after a lawsuit had been filed by the US Federal Trade Commission (FTC) regarding its Router Insecurity. On Tuesday, FTC settled charges with Asus, where the hardware manufacturing company agrees to: Undergo Independent Security Audits Once in 2 years, for the Next 2 Decades . This action had been taken as the result of security negligence in Asus Wireless Routers that put the home and corporate networks of hundreds of thousands of consumers at risk. If Asus is found to violate the agreement, the company could end up paying a civil penalty of up to $16,000 for each violation. Asus Router Security Blunders Since Asus markets its products under the label of Secure and Intelligent routers through its website, following flaws would splash its level of security and intelligence. 1. Default Username & Password: ADMIN In 2014, a serious security issue had been brought to the public regarding

Until now, the FBI is asking for Apple's help in unlocking the iPhone belonging to one of the terrorists in the San Bernardino shootings that killed 14 and injured 24 in December. However, in addition to iPhone 5C belonged to San Bernardino shooter Syed Farook, the U.S. Justice Department is looking at court orders forcing Apple to help officials unlock at least 12 iPhones. Citing sources, the Wall Street Journal reported that the federal authorities want to extract data from iPhones seized in a variety of criminal investigations are involved in undisclosed cases where prosecutors are compelling Apple to help them bypass iPhone's lockscreen. Although more details of these cases are not yet publicly disclosed, these dozen or so cases are all distinct from San Bernardino shooter's case and involve many iPhones using an older iOS version that has fewer security barriers to bypass. Also Read:    Police Reset Shooter's Apple ID that leaves iPhone Data U