The US National Security Agency (NSA) shares vast amounts of communications data with the country’s government agencies using a search engine similar to Google.
NSA’s search tool, called ICREACH, makes “more than 850 billion records about phone calls, emails, cellphone locations and internet chats” available to nearly two dozen US government agencies, including the Federal Bureau of Investigation (FBI) and the Central Intelligence Agency (CIA), The Intercept reported on Tuesday citing classified documents leaked by NSA whistleblower Edward Snowden.
Read moreRussian hackers were able to get access to the accounts of many users. Alexander Grebenshikov and Leo Loktionov, information security specialists told about the presence of a dangerous gap in the Yo messenger.
Experts said that if you update the account login application, the system sends a confirmation code to the mobile number by default, without making sure that it really belongs to the owner of the account. Information security experts explained that on the Yo Password Reset page, one may write any user‘s name and get a link to change the password, by using and entering your own phone number. Alexander Grebenshikov noticed this kind of vulnerability, while Leo Loktionov found a way with the help of which one may get account using the panel of service creators.
Read moreThe FBI has issued a warning to police and other emergency response personnel about a lethal new tool which ‘malicious actors’ have been using to deadly effect against American government institutions – Google dorks.
The warning refers specifically to ‘Google dorks’ or “Google dorking” – ie the use of specialized search syntax, using terms such as “filetype:sql”. ‘Google dorks’ refers to search syntax which allow users to search within a specific website (using the term in:url) or for specific file types, and can thus be used to search databases. Such search terms are widely known, and legal – the warning alerts units who may not be aware of the technique to secure databases properly.
Read moreThe problem is that Trojan shows advertising to users and at the same time reads the information from the computer. Experts have found a new threat from Trojans, marked Trojan.Mayachok 18831, it extends with the help of e-mail sending.
After starting on the infected device, Trojan.Mayachok 18831 verifies presence of the duplicate at which identification ceases to function in system. Moreover, malware makes search of active anti-virus programs and sends found information to the server of malefactors. Then Trojan obtains data on the house folder of the Windows user, tries to read the configuration file which was created earlier. If the attempt isn’t successful, it will start using its own installations.
Read moreAccording to the experts, the devices retrieved messages and photos, even though the backup feature was off. Information security experts of many countries have criticized the Chinese telecommunication equipment suppliers for installing backdoors in their products, that’s why the Chinese company Xiaomi, which is engaged in production of smartphones, was sued.
In the judicial claim the Chinese manufacturer was accused of secretly taking users‘ personal information and then sending SMS, files from gallery, the list of contacts, IMEI, IMSI and so on to servers in Beijing. Besides, data were copied without owner‘s permission even thus the backup feature was disabled.
Read moreHaving pretended to be Gmail Account Services hackers send harmful emails to account owners.
According to the researches of the Chinese security software company, called Trend Micro, hackers have launched a campaign, which gives itself as Google‘s support service and is directed against users of Gmail service. Hackers work in such a way: the victim gets email allegedly from Gmail Account Services in which the owner of an account is informed on the unknown user authorization in his account with the help of unrecognizable device. The expert of the Trend Micro Company Jay Yaneza noted that the email can really be confused with the original notice of Gmail; however the knowing and attentive user will be able to find some differences.
Read moreAt this year's edition of the Black Hat security conference, a group of researchers has shown how extremely easy is to hack into the smart thermostats manufactured by Nest.
When Google acquired home automation company Nest earlier this year, many voiced their privacy concerns regarding the increased scope of Google's data mining via Nest's smart thermostats and smoke detectors. But the danger might be even more immediate, as a group of researchers have demonstrated at this year's edition of the Black Hat security conference. Independent researcher Daniel Buentello, and researechers Yier Jin and Grant Hernandez of the University of Central Florida, have discovered that the OS level security checks that should prevent the installation of malware on the device can be easily bypassed.
Read moreAt the MWC 2014, Silent Circle and Geeksphone corporations have demonstrated the most protected smartphones from wiretapping, called Blackphone. The first phones were sold in late June.
The super protected smartphone for $ 630, with fairly low characteristics for its price turned out to be unable to protect its owner from wiretapping. At the DEF CON 22 Hacking Conference on computer safety, called BlackHat that brings together a variety of people interested in information security, the participant of @TeamAndIRC Justin Case could gain root access and enable ADB on the device in 5 minutes after obtaining root on smartphone, one can install any software remotely.
Read moreThe newly launched torrent search engine BTindex crawls BitTorrent's DHT network for new files. It's a handy service, but one that comes with a controversial twist. In addition to listing hundreds of thousands of magnet links, it also exposes the IP-addresses of BitTorrent users to the rest of the world.
Unless BitTorrent users are taking steps to hide their identities through the use of a VPN, proxy, or seedbox, their downloading habits are available for almost anyone to snoop on. By design the BitTorrent protocol shares the location of any user in the swarm. After all, without knowing where to send the data nothing can be shared to begin with.
Read moreAccording to German researches of the SR Labs company, which works in the field of the information security, all devices that work through USB are poorly protected and dangerous.
Experts have found vulnerability which was invisible earlier in the USB standard. Everybody knows that viruses can be transferred through flash cards and it isn't very dangerous. Experts claim that the found vulnerability will allow malefactors to reach personal information of any device, which works through USB easily. In order to prove that vulnerability really exists, SR Lab Company specialists have developed the application that can be used to get full access to the computer disregarding all anti-virus decisions, which exist.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland