Hackers interrupt Eurovision webcast in Israel with missile attack alert

The targeted broadcaster is blaming hackers from Hamas for the attack.
The official website of Israeli Public Broadcasting Corporation (KAN) telecasting webcast of Eurovision 2019 event in Tel Aviv was briefly hacked and defaced by unknown hackers on Tuesday 14th.

The hackers left a deface page along with a two minutes video message interrupting the ongoing broadcast with content against Israel. One of the messages also displayed fake missile attack alert triggering panic among viewers.

Hackers Breach Stack Overflow Q&A Site, Some Users' Data Exposed

Note: We have updated this story to reflect new information after Stack Overflow changed its original announcement and shared more details on the security incident.

Stack Overflow, one of the largest question and answer site for programmers, revealed today that unknown hackers managed to exploit a bug in its development tier and then almost a week after they gained unauthorized access to its production version.

Founded by Jeff Atwood and Joel Spolsky in 2008, Stack Overflow is the flagship site of the Stack Exchange Network. With 10 million registered users and over 50 million unique visitors every month, Stack Overflow is very popular among professional and enthusiast programmers.

WikiLeaks' Julian Assange Sentenced to 50 Weeks in UK Jail

WikiLeaks founder Julian Assange has been sentenced to 50 weeks—for almost a year—in prison by a London court for breaching his bail conditions in 2012 and taking refuge in the Ecuadorian embassy for nearly 7 years.

The 47-year-old Assange was arrested last month by London's Metropolitan Police Service after the Ecuadorian government suddenly withdrew his political asylum.

Within hours of his arrest, Assange was convicted at Westminster Magistrates' Court of skipping bail in June 2012 after an extradition order to Sweden over claims of sexual assault and rape allegations made by two women.

Although Sweden dropped its preliminary investigation into the rape accusation against Julian Assange in 2017, Assange chose not to leave the Ecuadorian Embassy due to fears of extradition to the United States.

Hacker Breaks Into French Government's New Secure Messaging App

A white-hat hacker found a way to get into the French government's newly launched, secure encrypted messaging app that otherwise can only be accessed by officials and politicians with email accounts associated with the government identities.

Dubbed "Tchap," the end-to-end encrypted, open source messaging app has been created by the French government with an aim to keep their officials, parliamentarians and ministers data on servers inside the country over concerns that foreign agencies could use other services to spy on their communications.

The Tchap app is built using the Riot client, an open source instant messaging software that implements self-hostable Matrix protocol for end-to-end encrypted communication.

Yes, it's the same "Riot and Matrix" that was in the news earlier this week after an unknown hacker breaks into its servers and successfully stole unencrypted private messages, password hashes, access tokens, and GPG keys the project maintainers used for signing packages.

Apache Tomcat Patches Important Remote Code Execution Flaw

The Apache Software Foundation (ASF) has released new versions of its Tomcat application server to address an important security vulnerability that could allow a remote attacker to execute malicious code and take control of an affected server.

Developed by ASF, Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications such as Java Servlet, JavaServer Pages (JSP), Expression Language, and WebSocket to provide a "pure Java" HTTP web server environment for Java concept to run in.

The remote code execution vulnerability (CVE-2019-0232) resides in the Common Gateway Interface (CGI) Servlet when running on Windows with enableCmdLineArguments enabled and occurs due to a bug in the way the Java Runtime Environment (JRE) passes command line arguments to Windows.

Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password

Breaking — It has been close to just one year since the launch of next-generation Wi-Fi security standard WPA3 and researchers have unveiled several serious vulnerabilities in the wireless security protocol that could allow attackers to recover the password of the Wi-Fi network.

WPA, or Wi-Fi Protected Access, is a standard designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and is intended to prevent hackers from eavesdropping on your wireless data.

The Wi-Fi Protected Access III (WPA3) protocol was launched in an attempt to address technical shortcomings of the WPA2 protocol from the ground, which has long been considered to be insecure and found vulnerable to KRACK (Key Reinstallation Attack).

G Suite admins can now disallow SMS and voice authentication

Users of Google’s cloud-based suite of productivity apps may find when logging in that their usual two-factor authentication options (2FA, or 2-step verification, as Google calls it) have disappeared.

If G Suite users have previously been logging in with SMS or voice call verifications, they could now be asked to authenticate using another method such as Google’s Prompt system or a security token based on the FIDO/2.0 standards.

Hopefully, this won’t come as a surprise to users because their G Suite admins will have mentioned this change in their 2FA options to users in advance.