encrypt your phone

Ever wondered how much your smartphone can say about you? From your online social habits to personal and financial information are all stored in that tiny device of yours. People use smartphones all the time especially Android phones and roam around public places with public Wi-Fi accessibility. That is where snoopers and cyber criminals come into action and forcefully access your smartphones by using different tactics to steal your sensitive information for their benefits. Therefore, using the best VPN for Android has become a necessity to secure your smartphone all the time. Virtual Private Network – VPN for Android has grown popularity as a securityRead More →

hemisphere

The Drug Enforcement Agency is being sued by Electronic Frontier Foundation (EFF) as part of Freedom of Information Act (FOIA) requisition. EFF is accusing the DEA of withholding confidential documents in a court case that would reveal the details about the government’s another surveillance program called as Hemisphere. Aaron Mackey, the legal fellow at the EFF, responded that the DEA has failed to comply with its FOIA obligations to make public the relevant details regarding the Hemisphere program. EFF believes that DEA has improperly withheld these records. EFF also said that it has discovered new documents as part of its FOIA lawsuit which exhibits aRead More →

rule 41

The FBI and other security agencies can now search computers with a single search warrant because of a controversial Rule 41 that came into effect last Thursday. The expanded search authorization, known as ‘Rule 41,’ makes it easy for the FBI to breach computers legally during investigations. Until now, the law enforcement agencies could only search computers within the district where the warrant is issued, typically within the state. The legal operation of government hacking attempts in the past has been a contentious topic, such as ‘playpen‘ investigation in which government placed tracker programs in suspects’ computers allege to involve in pedophilia across the country.Read More →

nsa

CAMBRIDGE, Ma. – Cambridge Cyber Summit by MIT – The NSA came out in support of encryption. But the stand was quickly challenged by the privacy advocates, who criticized the NSA agency for having a different definition of the word “encryption” than the rest. The NSA general counsel, Glenn Gerstell, said in a statement that the agency “believes in strong encryption” while talking to the “Privacy vs. Security: Beyond the Zero-Sum Game” panel. Executive Director of Electronic Frontier Foundation (EFF), Cindy Cohn, an attendee of the panel took an aggressive stand and told the NSA that when speaking of the term encryption, it should useRead More →

dailymotion

Dailymotion video-sharing website has suffered a massive data breach, exposing 85 million accounts of users. Dailymotion video-sharing website launched in 2005 and is considered to be the 113th most-visited website across the world. According to the data breach notification LeakedSource, the website confirmed to have received a database of 87.6 million user accounts with unique email addresses. The database includes email addresses, usernames and more than 18 million of the records includes password hashes. The passwords were encrypted with Bcrypt hashing algorithm, with ten rounds of rekeying and considered as secure and hard to crack. Bcrypt hashing is a cryptographic algorithm which makes the hashingRead More →

work-731198_1280

A zero-day exploit in the FireFox browser is in the wild that is used by hackers to de-anonymize people who are using Tor by executing malicious code on the victim’s machine. However, the overall internet users using FireFox browser are vulnerable to this zero-day exploit. The vulnerability was first identified on Tor’s official blog; the post pointed out that a Javascript exploit that actively uses the Tor Browser and unmasks the users. “This is a Javascript exploit actively used against TorBrowser NOW. It consists of one HTML and one CSS file, both pasted below and also de-obscured. The exact functionality is unknown, but it’s gettingRead More →

San Francisco Municipal Railway

San Francisco Municipal Railway computer systems hacked in a Ransomware attack and the authorities had to give away free rides all day long to its customers, on Saturday last week. The San Francisco Municipal Transporation Agency (SFMTA) gave free service on its Metro light-rail all day long, on Saturday, after an apparent ransomware hack of the agency’s computer systems. Pink ‘out of service’ notification showed on ticket machines at Powell Street station, where operators taped paper signs which read ‘Metro Free.’ San Francisco Municipal Railway (MUNI) spokesperson confirmed the news of the hack and administration had to shut down their systems and “opened the fare gatesRead More →

facebook spam campaign

Hackers are now leveraging Facebook Messenger’s trust to spread locky-ransomware via SVG images in a Facebook spam campaign. The ongoing Facebook spam campaign is the culprit behind the spreading of malware downloader by taking advantage of ‘seem to be’ harmless SVG image file to infect the masses. The Facebook spam campaign was first spotted by the researcher Peter Kruse and malware expert Bart Blaze. On his blog post, Bart Blaze wrote, “Earlier today, a friend of mine notified me of something strange going on with his Facebook account; a message containing only an image (a .svg file in reality) had been sent automatically, effectively bypassingRead More →

investigatory powers bill

United Kingdom – House of Lords has passed Investigatory Powers Bill (IPB), which is being called as ‘most extreme’ surveillance law in the history. Coming true as the repercussion of the Edward Snowden revelations. The Investigatory Powers Bill (IP Bill) consolidates many of the powers that intelligence agencies and law enforcements can use to collect communications and its data into a single piece of legislation. Despite the provisions and recommendations of Electronic Frontier Foundation (EFF) and Don’t Spy On Us (DSOU), and other Joint Committees of Intelligence and Security Committee (ISC) and Science and Technology Committee, the changes are not addressed in the Investigatory Powers Bill. ThisRead More →

security-breach

Since last week the 17 years old security pentester has been in headlines for his activities of ‘raising security awareness’ among the government and educational organizations after they neglected his reports of such flaws, and the efforts seem to paid off for the duo ‘Kapustkiy’ and ‘Kasimierz.’ While giving an interview to the SecurityAffairs, the young pentester said he has ambitions to work in the Cyber Security industry. Last week, Kapustkiy breached the Paraguay Embassy of Taiwan exploiting same SQLi injection flaw to demonstrate inadequate security in Asia. While searching for simple SQLi flaws, the pentester found and breached two subdomains of the University ofRead More →