The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Your driver's license photo could be scarier than it actually looks — Well, here's why: With the help of state driver's license data, U.S. law enforcement agencies have created a huge a face-recognition database of more than 117 Million American adults that are regularly scanned in the course of police investigations. What's even worse? Most of those people who are scanned by police without prior knowledge are law-abiding citizens. According to a 150-page study published Tuesday by the Center for Privacy & Technology at the Georgetown University, ID photographs of more than 117 Million adult US citizens — that's about half of the US population — are now part of the " Perpetual Line-up ," which can be searched using facial-recognition software. In the past few years, Facial Recognition technology has improved enormously. Even big technology companies like Facebook have developed so powerful facial recognition software that they can even ide

When Hillary Clinton's private email server was hacked earlier this year, she was criticized for her bad security practices that exposed top secret documents stored in emails on that private server. The FBI called her behavior 'extremely careless.' Republican presidential candidate Donald Trump and his supporters are continuously criticizing Clinton's use of a private email server. And here's what Trump lectured in a debate about cybersecurity: "The security aspect of cyber is very, very tough. And maybe it's hardly doable. But I will say, we are not doing the job we should be doing. But that's true throughout our whole governmental society. We have so many things that we have to do better, Lester, and certainly, cyber is one of them." Forget Clinton; Trump has so worryingly insecure internet setup that anyone with little knowledge of computers can expose almost everything about Trump and his campaign. Security researcher Kevin Beaumont,

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Don't believe everything you read on Facebook. Despite so many awareness about Facebook hoaxes, online users fall for them and make them viral. One such viral post is circulating on Facebook that suggests everything that you have ever posted on the social media platform will become public tomorrow. Don't worry — it's a hoax. Yes, it's still a hoax. The latest Facebook privacy hoax message looks like this: Deadline tomorrow !!! Everything you've ever posted becomes public from tomorrow. Even messages that have been deleted or the photos not allowed. It costs nothing for a simple copy and paste, better safe than sorry. Channel 13 News talked about the change in Facebook's privacy policy. I do not give Facebook or any entities associated with Facebook permission to use my pictures, information, messages or posts, both past, and future. With this statement, I give notice to Facebook it is strictly forbidden to disclose, copy, distribute, or take any oth

After TrueCrypt mysteriously discontinued its service, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, as well as privacy conscious people. First of all, there is no such thing as a perfect, bug-free software. Even the most rigorously tested software, like the ones that operate SCADA Systems, medical devices, and aviation software, have flaws. Vulnerabilities are an unfortunate reality for every software product, but there is always space for improvements. Due to the enormous popularity of VeraCrypt, security researchers from the OSTIF (The Open Source Technology Improvement Fund) agreed to audit VeraCrypt independently and hired researchers from QuarksLab in August to lead the audit. And it seems like VeraCrypt is not exactly flawless either. Now after one month of the audit, researchers have discovered a number of security issues, including 8 critical, 3 medium, and 15 low-severity vulnerabilities in the popular

Early Monday, Whistleblowing site WikiLeaks tweeted that the internet connection of its co-founder, Julian Assange, was intentionally cut down , for which it blamed an unidentified " state party ." But most surprisingly, it was Ecuador who was behind the act. WikiLeaks has confirmed that its founder Julian Assange 's Internet access was cut down in its London embassy by the government of Ecuador on Saturday. The move was in response to the organization's publication of another batch of leaked emails related to US presidential candidate Hillary Clinton. "We can confirm Ecuador cut off Assange's internet access Saturday, 5 pm GMT, shortly after [the] publication of Clinton's Goldman Sachs [speeches]," WikiLeaks tweeted . Assange has been living in Ecuador's London embassy since June 2012, when he was granted asylum by the Ecuador government after a British court ordered his extradition to Sweden to face questioning on a rape allegation.

Don't worry — Julian Assange is alive and kicking! But his Internet connection is dead. Earlier today, Wikileaks tweeted that its co-founder, Julian Assange, had his internet connection intentionally cut by an unidentified " state party ." The non-profit organization said it had " activated appropriate contingency plans ," giving no further explanation. The tweet came after Wikileaks posted a series of three cryptic tweets , each containing a 64-character code. In no time, the tweets sparked bizarre rumors that Julian Assange has died. The tweets referenced Ecuador, Secretary of State John Kerry and the United Kingdom's Foreign Commonwealth Office. What exactly are those Mysterious Wikileaks Tweets? Some users on Twitter, Reddit, and various discussion forums speculated that the tweets in question were the result of a " dead man's switch " that has been triggered in the event of Julian Assange's untimely death. Users on Twitter a

The UK's Signals Intelligence and Cyber Security agency GCHQ has launched its first ever puzzle book, challenging researchers and cryptographers to crack codes for charity. Dubbed " The GCHQ Puzzle Book ," the book features more than 140 pages of codes, puzzles, and challenges created by expert code breakers at the British intelligence agency. Ranging from easy to complex, the GCHQ challenges include ciphers and tests of numeracy and literacy, substitution codes, along with picture and music challenges. Writing in the GCHQ Puzzle Book's introduction, here's what GCHQ Director, Robert Hannigan says: "For nearly one hundred years, the men and women of GCHQ, both civilian and military, have been solving problems. They have done so in pursuit of our mission to keep the United Kingdom safe. GCHQ has a proud history of valuing and supporting individuals who think differently; without them, we would be of little value to the country. Not all are geniuses