#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Viber adds End-to-End Encryption and PIN protected Hidden Chats features

Viber adds End-to-End Encryption and PIN protected Hidden Chats features

Apr 19, 2016
In Brief Viber, the popular mobile messaging app announced Tuesday that it has added full end-to-end encryption for video, voice and text message services for its millions of users. Here, the end-to-end encryption means only you and the person you are communicating with can read the content, and nobody in between, not even the company and if court orders company to provide user data, they will get only the heaps of encrypted data. Viber is the latest messaging platform to join WhatsApp , Telegram , and Apple iMessage , who strengthened their default privacy features in recent times. Founded in 2010 and acquired by Japanese e-commerce titan Rakuten for $900 Million in 2014, Viber is currently being used by more than 700 Million users globally across Android, iOS, Windows Phone, and desktop, the company claimed in a blog post published today. The move comes just a couple of weeks after Facebook-owned Whatsapp messaging app implemented full end-to-end encryption by default
MIT builds Artificial Intelligence system that can detect 85% of Cyber Attacks

MIT builds Artificial Intelligence system that can detect 85% of Cyber Attacks

Apr 19, 2016
In Brief What if we could Predict when a cyber attack is going to occur before it actually happens and prevent it? Isn't it revolutionary idea for Internet Security? Security researchers at MIT have developed a new Artificial Intelligence-based cyber security platform, called ' AI2 ,' which has the ability to predict, detect, and stop 85% of Cyber Attacks with high accuracy. Cyber security is a major challenge in today's world, as government agencies, corporations and individuals have increasingly become victims of cyber attacks that are so rapidly finding new ways to threaten the Internet that it's hard for good guys to keep up with them. A group of researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) are working with machine-learning startup PatternEx to develop a line of defense against such cyber threats. The team has already  developed an Artificial Intelligence system that can detect 85 percent of attacks by
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Google makes it mandatory for Chrome Apps to tell Users what Data they collect

Google makes it mandatory for Chrome Apps to tell Users what Data they collect

Apr 19, 2016
In Brief Chrome apps and extensions make things easier, but they can also do terrible things like spy on web users and collect their personal data. But, now Google has updated its browser's User Data Policy requiring all Chrome extension and app developers to disclose what data they collect. Furthermore, developers are prohibited from collecting unnecessary browsing data and must also use encryption when handling sensitive information from users. Around 40 percent of all Google Chrome users have some kind of browser extensions, plugins or add-ons installed, but how safe are they? The company plans to enforce developers starting this summer, to "ensure transparent use of the data in a way that is consistent with the wishes and expectations of users." Google is making its Chrome Web Store safer for its users by forcing developers to disclose how they handle customers' data. Google's new User Data Policy will now force app developers, who use the Chrome We
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Hackers can spy on your calls and track location, using just your phone number

Hackers can spy on your calls and track location, using just your phone number

Apr 19, 2016
In Brief The famous '60 Minutes' television show shocked some viewers Sunday evening when a team of German hackers demonstrated how they spied on an iPhone used by U.S. Congressman, then recorded his phone calls and tracked his movement through Los Angeles. Hackers leverage a security flaw in SS7 (Signalling System Seven) protocol that allows hackers to track phone locations, listen in on calls and text messages. The global telecom network SS7 is still vulnerable to several security flaws that could let hackers and spy agencies listen to personal phone calls and intercept SMSes on a potentially massive scale, despite the most advanced encryption used by cellular networks. All one need is the target's phone number to track him/her anywhere on the planet and even eavesdrop on the conversations. SS7 or Signalling System Number 7 is a telephony signaling protocol used by more than 800 telecommunication operators around the world to exchange information with one
Canadian Police obtained Master Key to Crack BlackBerry Messenger Encryption

Canadian Police obtained Master Key to Crack BlackBerry Messenger Encryption

Apr 15, 2016
BlackBerry has long been known for its stance on mobile security, as it was the first mobile phone maker to provide end-to-end encryption. But a new report revealed that the company has provided a master backdoor to law enforcement in its secure devices since 2010. The Royal Canadian Mounted Police (RCMP) have been in possession of a global decryption key for BlackBerry phones since 2010, according to a new report from Vice News published yesterday. The report suggests that the Canadian police used the master key to intercept and decrypt over 1 Million messages sent using its own encrypted and allegedly secure BlackBerry Messenger ( BBM ) service in a criminal investigation over the course of 2 years. Single Encryption Key to Protect All Customers The issue with Blackberry's security mechanism is that the company uses a single global encryption key to protect all its regular customers, though the corporate BlackBerry phones use their own encryption keys generated
Report: Nothing useful found on San Bernardino Shooter's iPhone

Report: Nothing useful found on San Bernardino Shooter's iPhone

Apr 15, 2016
The San Bernardino terrorist's iPhone that the Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) said was critical in their investigation has absolutely nothing useful on it , at least so far. Yes, the same iPhone that was subject of so much attention from the past few months. Here's a brief look at what happened in recent months over the iPhone: The DoJ and Apple were engaged in a legal battle over a court order that was forcing Apple to help the FBI access data on a locked iPhone tied to Syed Farook. Farook was one of two terrorists involved in the San Bernardino shooting incident last year that left 14 people dead. The FBI desperately wanted access to that locked iPhone , not because it was expecting any case-breaking evidence on Farook's work-issued iPhone, but it was just trying to gather all available information, leaving no stone unturned. When Apple refused to comply with the court order, the FBI found an altern
Cybersecurity Resources