Keeping your personal data safe doesn't have to be difficult—as long as you keep the sensitive stuff encrypted and under your control.

Phone companies are against an NSA advisory panel recommendation that would have them -- instead of the NSA -- store phone metadata for an extended time, reports The Washington Post. [Read more]
    

Whitehat hackers have shown that senstitive data can be sniffed easily from public Wi-Fi hotspots (White hat Wi-Fi hacking shows vulnerability of business data http://t.co/nAOYr4sTyA #innovation ...

Fredrick Almroth and Mathias Karlsson are the co-founders of Detectify. This post originally appeared on the Detectify blog. To stay on top on the latest security alerts, we often spend time on bug bounties and CTF’s.

Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.

The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.”

In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the “Expert System,” which is designed to operate “like the brain.” The system manages the applications and functions of the implants and “decides” what tools they need to best extract data from infected machines.

Click headline to read more--

Via Chuck Sherwood, Former Senior Associate, TeleDimensions, Inc

Canadian cyber-security experts from both the public and private sector descended upon Toronto today to take part in Technicity, an event co-hosted by IT World Canada and the City of Toronto.