Items tagged with Hacking

The same hacking group that claimed responsibility for ticking off every Pokemon Go player on the planet by overwhelming the game's servers with a DDoS attack last weekend is planning another attack. Poodle Corp, as the hacker group calls itself, issued a notice on Twitter that the next barrage on Pokemon Go's servers will take place August 1. Pokemon Go, for those of you who've taken residence under a rock, is a wildly popular mobile game that uses augmented reality. It's really a glorified scavenger hunt, tasking players with catching Pokemon characters by flinging Poke balls at them. The twist here is that the game uses your phone's built-in camera to see Pokemon characters in the real world,... Read more...
For a brief moment, Oculus CEO Brendan Iribe experienced a far less threatening version of what Captain Phillips went through when a Somalian pirate commandeered his ship and declared, "I'm the captain now." But instead of guns and a boat, Iribe seemingly lost control of his company when a hacker took control of his Twitter account and used it to announce a new boss."We here at Oculus are very excited to announce our new CEO, @Lid!," the Twitter post declared, followed by a smiling emoticon. To keep the ruse going, @Lid stated on his own Twitter account, "Lol just became CEO of this sh*t company, Oculus," with several emoji added because, well, that's how this generation communicates with one... Read more...
It seems impossible for the world to go a single week without a major security breach, so to fill the inevitable void this week is a hacker that goes by the name "thedarkoverlord," who claims to be in possession of a staggering 655,000 healthcare records. Of course, he is looking to sell them off. This latest records leak was first reported by Deep Dot Web, which has exclusive images to prove that the leak is real (one can be seen below). These images were not sourced by the website; rather, thedarkoverlord himself provided the images, probably as a way to build up some notoriety, and to flaunt the fact that the records are for sale to those who might be interested. The records the leaker is... Read more...
Has it been a long time since you've changed up your passwords? Now is a good time to think about doing so. A hacker or band of hackers obtained the login credentials of 45 million Internet users spread across 1,100 websites and communities, including many major and popular online destinations  such as Motorcycle.com, Mothering.com, and others. The folks at LeakedSource, a breach notification website, says VerticalScope and all of its domains were hacked in February of this year. It's not known how the attack was carried out, though LeakedSource surmises that VerticalScope stored too much data on interconnected servers—hacking into one server could have allowed the culprit(s) access to other... Read more...
Goodbye Chicago and hello San Francisco! The latter is the setting for Watch Dogs 2, the second installment in the hyper-connected third-person shooter from Ubisoft Montreal. Watch Dogs 2 features a new protagonist, Marcus Holloway, who's brilliant, young, and of course fully adept at hacking. After being accused of a crime he didn't commit, Holloway joins DedSec, a powerful group of like-mined hackers who collectively take on the challenge of fighting against a corrupt establishment and ultimately attempting to give control back to the people. In other words, Holloway is a hacktivist, but he's also a different sort of character than Aiden Pearce, the main character in the original Watch Dogs... Read more...
John McAfee, the antivirus pioneer who created the self-titled AV software that was eventually sold to Intel for $7.68 billion, tried shopping a story to the media that he and his merry band of hackers thwarted WhatsApp's encryption because of a major flaw in Android. The only problem is it didn't exactly happen that way.WhatsApp is an interesting target because it recently announced the addition of end-to-end encryption. It's also the most used messaging application in the world with over a billion users, so if there's a flaw in Android, the most popular mobile OS on the planet, that compromises the security and privacy of WhatsApp, then it's a big deal. But according to Gizmodo, all McAfee... Read more...
It's good computing practice to change your passwords every now and then, and also after a major hacking incident. The latter is why you should considering changing your Gmail or Yahoo password at your earliest convenience—over 272 million online accounts have been stolen and are being traded in Russia's underground market. Researchers from Hold Security told Reuters that it found a Russian hacker gloating in a web forum that he had stolen a larger number of online credentials. His cache of compromised accounts totaled 1.17 billion, though many of them were duplicates. After eliminating redundant entries, the security outfit counted 57 million Mail.ru accounts, just 7 million shy of the monthly... Read more...
Watch out, bug hunters, the scope of your competition is expanding to include younger hackers. Take Jani, a 10-year-old living in Finland who discovered a vulnerability in Instagram that allowed him to delete anyone's comments. He proved the flaw to Facebook and was awarded a cool $10,000 for his efforts.Jani isn't even old enough to use Instagram, but he didn't let that stop him from participating in Facebook's Bug Bounty program. Melanie Ensigtn, a security representative at Facebook, told The Washington Post that Jani's methods were completely ethical and void of any ulterior motives. He didn't even violate Instagram's terms of service, as the hack didn't require that he have an account. Had... Read more...
As we’ve seen in the San Bernardino iPhone case, the FBI is willing to go to extreme lengths to retrieve [potentially valuable] personal information for investigative purposes. When Apple wouldn’t comply with FBI requests to unlock the iPhone 5c in that case, the U.S. Justice Department filed a lawsuit. A day before the case was to go to trial, the lawsuit was unexpectedly pulled, as the FBI had found a way to break into the iPhone through the help of a third-party. In the future, the FBI might not have to go through so many hoops to crack large numbers of smartphones and PCs, as the U.S. Supreme Court signed off on new procedural rules that grant judges the ability to grant search warrants on... Read more...
In an attempt to kill Saddam Hussein and intimidate the enemy, United States military forces conducted a shock and awe campaign that saw a barrage of bombs dropped on Baghdad and other parts of Iraq over a decade ago. Fast forward to today and the U.S. is still dropping bombs on enemies, albeit instead of explosives they're now of cyber variety.It's not that the U.S. military lacks explosives, but the landscape is different now, and so is the target. The Islamic jihadist militant group known as ISIS conducts much of its effort online, and that's where they're perhaps most vulnerable. So in addition to using traditional weapons, the U.S. military's six-year-old Cyber Command is for the first time... Read more...
Security and related IT topics can be a little dry and tasteless at times, not to mention overly complex. There’s no question that, especially with the alarming rise of data breaches, advancing security innovation is vital to the future of technology, the enterprise and the Internet. But let’s face it, the rocket science behind security just isn’t that sexy—at least it wasn’t until we spoke to the team at ProtectWise. The company’s CEO, Scott Chasin, and CTO, Gene Stevens, both have roots going back to McAfee (sans bath salts), pre-Intel acquisition, with Chasin serving as CTO of McAfee up until the sale. The Denver Colorado security startup has raised $37 million in total VC from partners like... Read more...
Another day, another report of a security breach, this latest one affecting Wendy's, a nationwide chain of fast food restaurants. Wendy's has hired a security firm to help investigate claims that someone hacked its systems, a decision the chain made after being alerted to potential credit card fraud tracing back to some of the chain's locations. "We have received this month from our payment industry contacts reports of unusual activity involving payment cards at some of our restaurant locations," Wendy's spokesperson Bob Bertini told KrebsOnSecurity. "Reports indicate that fraudulent charges may have occurred elsewhere after the cards were legitimately used at some of our restaurants. We’ve hired... Read more...
Have you ever seen a dog chase its own tail? That pretty much describes what's going on at BBC News this morning. The site suffered a pretty large distributed denial of service (DDoS) attack earlier today, one that knocked out the company's entire network and iPlayer streaming service, causing grief for web visitors who grew impatient with how long it took to restore service. As for the image of a dog chasing its own tail, it's based on BBC's reporting of the situation. The site posted a statement on Twitter in the early morning hours saying it was "aware of a technical issue" affecting its website, but declined to elaborate. A BBC News journalist for the site's Technology section posted an article... Read more...
Want to feel like the ultimate hacker, like those in the 1995 cinema classic Hackers? Quick: find the nearest Linux PC, boot to the GRUB2 bootloader, and hit Backspace 28 - and only 28 - times. Yes, really. Hector Marco & Ismael Ripoll, who are researchers for the Cybersecurity Group at the Polytechnic University of Valencia, recently discovered a flaw within the GRUB2 bootloader software that gets triggered when the Backspace key is hit a very specific number of times. At 28 presses, a memory error gets triggered that lets someone access the entire PC via GRUB's rescue shell. From there, data could be copied to an external device, or deleted, if the attacker is malicious. GRUB's main job... Read more...
Late last month, toy maker VTech was hit with a debilitating attack that resulted in an incredible amount of customer data winding up in the wrong hands. Given VTech's abysmal security measures, it's hard to consider it being a "victim" in this attack. Rather, its millions of customers are the ones at risk. This morning, UK police issued a press release to say that they arrested someone who they believe was behind this attack. A name is not provided, but we are told it was a 21-year-old male from Bracknell, in southeast England. The official charges include using a computer to commit an offense, and gaining unauthorized access to data. The release reads: "We are still at the early stages of the... Read more...
In yet another security breach affecting the healthcare industry, personal information belonging to more than 10 million individuals may have been compromised by hackers, according to Excellus BlueCross BlueShield. The healthcare provider said it learned of the "sophisticated attack" on August 5, 2015. The insurer's own investigation revealed that the initial attack occurred on December 23, 2013. Excellus also notified the Federal Bureau of Investigation (FBI) and is working closely with Mandiant, an American cybersecurity firm owned by FireEye. Mandiant provides incident response and security assessment service to help organizations detect, prevent ,and respond to these kinds of cyberattacks.... Read more...
If we may impart some words of wisdom to our younger readers out there, it's to choose your role models carefully. It's a piece of advice that comes too late for half a dozen teenagers living in the U.K. who were arrested as part of a sting operation targeting users of hacking group Lizard Squad's Lizard Stresser tool. The Lizard Stresser tool is a piece of software that aids with Distributed Denial of Service (DDoS) attacks. These attacks typically consist of numerous infected systems pinging a single target with the intent of overwhelming the victim's server. Those arrested for using the tool range in age from 15 to 18 years old. They're suspected of using it to target several different organizations,... Read more...
Karma's a dirty little devil, a fact that as many as 37 million unfaithful online users may find that out the hard way. That's because the hackers who infiltrated Ashely Madison, a dating website for married folk to practice infidelity under the tagline "Life is short. Have an affair," published a cache of personal details about its members, including names, email addresses, phone numbers, and credit card information. In total, the data dump was 9.7 gigabytes in size. it was posted to the dark web using a Tor browser and what's called onion routing, which is encryption in the application layer of a communication protocol stack, nested like the layers of an onion. The hacking group taking credit... Read more...
There are a lot of positive uses for drones and other unmanned aircraft. Amazon envisions a day when packages will be dropped off on your doorstep courtesy of a drone, and Facebook wants to use them to bring wireless broadband to remote regions. Good stuff, though as it goes with just about all technology, somebody's going to find a nefarious use for it. In this case, there may be a day when drones are used to drop malware from the sky. The foundation is already being laid, though not specifically for that purpose. There's a company called Aerial Assault that modded a quadcopter with a Raspberry Pi computer running the Kali Linux penetration tester software. It's also equipped with alpha radio... Read more...
Remember when getting hacked meant loss of control of your PC and/or stolen data? It could be embarrassing, sure, and you could even be fired if a weak password contributed to the theft of sensitive company information. However, more recent hacks of shown a frightening trend towards causing physical harm. Earlier this month, security researchers demonstrated the ability to remotely hijack virtually all controls in a Jeep Cherokee, including steering and braking. And now we're finding out that hackers can disable or change the target of a computer-aided sniper rifle. Scary times we live in, folks. Security researchers Runa Sandvik and Michael Auger developed techniques to hack TrackingPoint's... Read more...
We reported earlier this week that a Jeep Cherokee could be remotely accessed and controlled, and I wouldn't blame anyone for being a skeptic. After all, what are the chances of someone remote being able to disable the transmission? Well, with Fiat Chrysler's response, I think that question has been answered. In a press statement issued today, the company has announced that it's recalling 1.4 million cars that are equipped with certain UConnect radios. Dodges, Jeeps, Rams, and Chrysler's are affected. Ultimately, it seems like this recall isn't going to be that painful for owners of the affected vehicles, as FCA US said a software update would be made available via a USB drive that plugs... Read more...
Is there anything scarier than the thought of a hacker remotely taking control of your vehicle's steering and braking functions as you barrel down the highway? Well sure, being eaten alive by flesh eating zombies like an episode of The Walking Dead would cause most people to soil their undergarments, but losing control of your vehicle certainly ranks right up there. And unlike the zombie scenario, these remote vehicle hacks are really happening. The newest threat is an exploit that exists in car infotainment systems that could allow an attacker to take complete control of a vehicle's brakes and other functions. It was discovered by NCC Group, a U.K.-based firm that demonstrated part of its scary... Read more...
First ... Prev 3 4 5 6 7 Next ... Last