Items tagged with Hack

What is a hacker to do?  The general computer using population is becoming more educated about security, and modern browsers are taking the bite out of phishing scams.  Why not kill 2 birds with one stone and find a way to infect legitimate sites?That is exactly what hackers are now doing, with alarming success.  Thus far estimates range from the high 200 thousands to half a million infected websites, most of which seem to be legitimate:"On Wednesday, several security companies, including San Diego-based Websense Inc., said large numbers of legitimate sites, including ones with URLs belong to the U.N., had been hacked and were serving up malware.  Those latest compromises were only the most recent... Read more...
If you’ve played games online, we’re sure by now that you’ve seen somebody go off on a tirade after being fragged one too many times. Sometimes this is a result of poor skills, other times it may be the result of cheaters flooding an enemy’s network in a sort of mini-DDoS attack. Often threats of real life repercussions just seem childish, and often add a comical element to the whole situation.What happens when you try it on a technician working for the company the handles your ISP’s network and customer service? One youngster decided to find out and for some reason the tier 2.5 tech at Convergsys decided to post his retaliation on the internet for all to see:I proceeded to input his ip address... Read more...
With the recent sub-2 minute hack of the Air via a Safari exploit, a running string of iPhone hacks, and numerous people finding ways to put OS X on PCs they built themselves, you'd think Apple would have learned not to make security claims.  Of course, if you thought that you don't know a whole lot about Steve Jobs, who has been using every chance he's gotten to tout the new iPhone 2.0's unhackability.Where there's a will, there's a way.Not even 24 hours after the release of the latest update for the iPhone firmware 1.2.0 (or 2.0, as The Steve calls it,) they sent us this picture showing that they have pwned it again, getting it to work completely unlocked, and run all applications. As... Read more...
And people wonder why we sometimes look askance at the future of the human race.Internet griefers descended on an epilepsy support message board last weekend and used JavaScript code and flashing computer animation to trigger migraine headaches and seizures in some users.The nonprofit Epilepsy Foundation, which runs the forum, briefly closed the site Sunday to purge the offending messages and to boost security."We are seeing people affected," says Ken Lowenberg, senior director of web and print publishing at the Epilepsy Foundation. "It's fortunately only a handful. It's possible that people are just not reporting yet -- people affected by it may not be coming back to the forum so fast." The... Read more...
Nothing is so humorous as when the web site of a security vendor gets hacked. OK, OK, it was hilarious when the RIAA site was hacked, too. And I'll admit: it's probably not as funny if it's your security vendor.A Trend Micro spokesman confirmed that the company's site had been hacked Thursday, saying that the attack took place earlier in the week. "A portion of our site -- some pages were attacked," said Mike Sweeny, a Trend Micro spokesman. "We took the pages down overnight Tuesday night -- and took corrective action."On Thursday security vendor McAfee reported that more than 20,000 Web pages have been affected by the attack. The pages are infected with malicious code that tries to install password-stealing... Read more...
A report, to be presented at a California computer-security conference in May, suggests that pacemakers and defibrillators may be targets for hacking.Millions of Americans have pacemakers, which keeps hearts beating regularly, or an implanted defibrillator, which can restart stopped hearts with an electric jolt. After implanting a defibrillator under a patient's skin, a doctor uses a special device, about the size of a breadbox, to tell the defibrillator what to do -- for example, to instruct it to keep the heart beating at a certain rate or deliver a test jolt.The devices, called programmers, communicate with a defibrillator using radio waves. To prevent tampering, only physicians are allowed... Read more...
Microsoft's made no secret of the fact that a patch for Vista - sans the SP1 update - will disable the OEM BIOS Hack and Grace Time Hack some use to get around activation.  Naturally, SP1 will do so as well, but if you try to get around it, you can only avoid it if you disable / hide the update.The release of Windows Vista Service Pack 1 not only heralded a long-awaited update of the operating system, it also meant the end of two common Windows Vista anti-activation exploits - the Grace Timer exploit and the Paradox OEM BIOS activation crack. But those who think they can escape by not updating to Service Pack 1 would be sadly mistaken.That's because Microsoft has surreptitiously released... Read more...
Seventeen people ranging in age from seventeen to twenty-six have been rounded up by police in raids carried out in a dozen towns across Quebec. They're charged with participating in an international computer hacking ring. The hosers.Police raiding parties also sealed and carted away dozens of hard drives and other computer components from the homes of each of the suspects.This hardware is believed to contain the smoking guns -- a bonanza of incriminating data to document the alleged ring, said SQ Capt. Frederick Gaudreau, lead investigator."This is a new form of organized crime," he proclaimed to reporters summoned to SQ headquarters in Montreal.Savvy youngsters who've grown up with computers... Read more...
Besides ironic, what other words might come to mind over this, eh?The download section of AvSoft's S-cop Web site hosts the malicious code, according to Roger Thompson, chief research officer with security vendor AVG. "They let one of their pages get hit by an iFrame injection," he said. "It shows that anyone can be a victim.... It's hard to protect Web servers properly."The technique used on the site has been seen in thousands of similar hacks over the past few months. The attackers open an invisible iFrame Window within the victim's browser, which redirects the client to another server. That server, in turn, launches attack code that attempts to install malicious software on the victim's computer.The... Read more...
It's a weekend, and a holiday weekend to boot, so the site might stay this way for some time. Someone apparently used SQL injection to wipe, and we do mean wipe, the RIAA's website clean of content.Apparently the RIAA is so busy suing consumers that they forgot to hire a decent programmer. With a simple SQL injection, all their propaganda has been successfully wiped from the site.It started out on the social news website Reddit, where a link to a really slow SQL query was posted. While the Reddit users were trying to kill the RIAA server, someone allegedly decided to up the ante and wipe the site’s entire database.Anyone have a backup?... Read more...
There are those who still love the Amiga and the AmigaOS, and they've gone and hacked an OLPC to run it!Cloanto Italia srl, Amiga software developers since 1986, were excited to preview details of Amiga Forever 2008 running without modifications on a One Laptop per Child XO laptop.Ironic: the doomed yet still beloved AmigaOS and the not-doing-so-well but too-early-to-call-doomed OLPC.... Read more...
Could anything else possibly fit the word "ironic" better than this?Part of security software vendor CA's Web site was hacked earlier this week and was redirecting visitors to a malicious Web site hosted in China.Although the problem now appears to have been corrected, cached versions of some pages in the press section of CA.com show that earlier this week the site had been redirecting visitors to the uc8010.com domain, which has been serving malicious software since late December, according to Marcus Sachs, director of the SANS Internet Storm Center.No comment from CA in the story, so it's unknown if they were using their own products to protect the site or not.... Read more...
"Can't we all just get along?" as that pundit of peace, Rodney King, once said. Friday the official Blu-ray Disc Association (BDA) website was hacked, such that users were redirected to the HD-DVD Promotion Group's site, thelookandsoundofperfect.com.Beginning at around 4pm ET Friday, and continuing intermittently into the afternoon, visitors to the blu-raydisc.com web site were instead sent to the HD DVD camp's lookandsoundofperfect.com web site.At press time, no one had claimed responsibility for the apparent hack, and there was no official response from either the BDA or the HD DVD Promotions Group.Now, don't assume anything about this being the work of the HD-DVD camp; most likely it was an... Read more...
According to research provided by the security firm Securina, Mac OS X has approximately 10 times the number of critical vulnerabilities of Windows XP and Vista combined.  We'll let the numbers speak for themselves:“While Mac OS X had 234 highly critical vulnerabilities reported in 2007, Vista and XP combined had 23, Ou wrote."This shows that Apple had more than five times the number of flaws per month than Windows XP and Vista in 2007, and most of these flaws are serious," wrote Ou. "Clearly this goes against conventional wisdom."Macs have traditionally been viewed as suffering from fewer vulnerabilities than Windows.”Of course the number of flaws isn't the only important metric... Read more...
iPods, iPhones; those are hacker targets, not (generally) in malicious ways, but to extend functionality or remove (ahem) roadblocks.  Now the Zune has had one of its roadblocks bypassed.One of the early complaints about the WiFi sharing ability on the Zune was the rule that limits playback to 3 days or 3 plays on shared tracks. The Zune team eliminated the 3 day rule but left the 3 play rule intact with the latest firmware update. Many musicians who record their own music in the garage would prefer to share it free of this 3 play DRM restriction. Now there is an easy way to do it.During hands on tests performed here at Zune Scene, music files tagged as "podcast" in the genre field have... Read more...
On the same day he met with President Bush because of his Nobel Prize win, Al Gore got the bad news that spammers had subjected his blog to some invisible hacking.However, looking at it, a user couldn’t see a difference — unless they looked at the source code. Obviously hackers got in through a hole and hacked the source. But invisible, what good is it? Well, for one thing, hidden like that, it’ll take some time for people to catch it (hello, Webmaster, that hack is still there!). But the important thing for the hackers is that a search engine like Google will pick up the links as they crawl the site. And, since Gore’s site has such a high PageRank, Google will rank the links higher.It pays to... Read more...
Part of jobsearch giant Monster.com was yanked off the Internet for a short period on Monday after it was discovered that hackers had managed to redirect some Monster users to servers where they were exposed to an exploit that collected sensitive personal data from them.The iFrame attack marred employment listings offered by some of the world's biggest companies, including Best Buy, Toyota Financial and Eddie Bauer, Thompson said. People who visited those listings were redirected to a server that hosted the exploits. The malicious javascript was encrypted, making it hard to know exactly how it behaved.Monster.com has since scrubbed its pages clean of the offending code and restored the pages... Read more...
Call it "Hot Coffee" take two, for Take Two games.  You may recall the "Hot Coffee" mod that exposed, er. sexual content in Grand Theft Auto: San Andreas?  This isn't quite as successful, but some of the AO content that was hidden rather than removed from Manhunt 2 has been unlocked.In "Manhunt 2," the player takes the role of a man who escapes from an insane asylum and goes on a killing spree.Take-Two edited parts of the game, including blurring some of the most gruesome killing scenes, to get the less restrictive rating.Hackers defeated that blurring on the version of the game for Sony Corp.'s PlayStation Portable. The game is also available for the PlayStation 2 and Nintendo Wii... Read more...
How many times have you forgotten to lock your car, or a door? While that's bad enough, what about essentially leaving a back door open for hackers, by "forgetting" about an old administrative system?A hacker infiltrated an eBay server and disabled accounts of several members on Friday. Representatives of eBay say that the hacker used vestigial components of an old eBay administrative system that has long been unused. The code exploited by the hacker has since been taken down, and eBay claims that no financial information was exposed. An individual who identifies himself as Vladuz has taken responsibility for the hack. Many believe that Vladuz was behind a massive disclosure of user information... Read more...
Microsoft and Toshiba today announced the formation of a consortium to hype advanced HD DVD interactive technology.  They mentioned "interactivity and interoperability" and  said they'd "maximize consumer satisfaction," among other things. Long story short: They want to sell you things while you're watching movies. Major Hollywood studios such as Paramount Pictures, Universal Studios and Warner Bros. as well as DreamWorks Animation SKG will join the consortium, which will be established by the end of the year, a Toshiba spokeswoman told Dow Jones Newswires. Technology that will be introduced, for instance, will enable users watching HD DVD movies to purchase goods used by the actors... Read more...
As if the potential danger to the hardware (and occasionally the owner/hacker) isn't enough to make people shy away from an 'unlocked' iPhone, it seems that the phones are possibly becoming blacklisted.If this turns out to be the case across the board, owners of 'unlocked' iPhones shouldn't be expecting replacements, repairs, or possibly even connections to other services.  What can owners of hacked iPhones do?  Complaining loudly and often might work for some:“Only after asking for the manager and having several conversations with her, did they finally allow me to return it, but charged me a 10% restocking fee…Pretty Scary! Didn’t Steve and Woz get their start in college by selling a device... Read more...
A web site belonging to the Republican Party for the 1st Congressional Disctrict of Wisconsin has been hacked, and was spreading a variant of the Storm Trojan virus for an undisclosed length of time before it was finally rectified.  While the fact that one of the two primary parties has had a web site hacked is nothing new, the fact that the Storm Trojan is infecting web sites is:“This is the first time that Storm has taken to the Web for its victims, said Dan Hubbard, head of research at San Diego-based Websense Inc. "The big news is that Storm has added infecting sites to its arsenal," said Hubbard.Storm debuted in January but only cracked the top malware lists early this summer, and has become... Read more...
First ... Prev 4 5 6 7 8 Next