Items tagged with Hacking

Hacking happens all the time, and when it affects a large number of people, companies typically disclose the breach. Not always, of course, sometimes not even in a timely manner. As it pertains to Microsoft, something a little different occurred several years ago. Several former employees say a sophisticated hacking group busted into a secret internal database, which Microsoft never made public. Five ex-employees each told Rueters the same thing in separate interviews. All of them claim the breach happened in 2013, with Microsoft responding in private rather than disclosing the extent of the attack... Read more...
A security expert at Belgian university KU Leuven has discovered a major vulnerability in the Wi-Fi Protected Access II (WPA2) protocol that could a expose a user's wireless Internet traffic, including usernames and passwords that are entered into secure websites. The vulnerability affects most devices and several operating systems, including Android, iOS, Windows, Linux, and OpenBSD. "Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted," Marthy Vanhoef, a security expert at Belgian university KU Leuven, wrote in a detailed report... Read more...
Late last year a hack was perpetrated on what is called a "partner organization" that worked with the Australian Signals Directorate (ASD). The unnamed organization notified the ASD that it was hacked in November of 2016, and that outside parties gained access to its network. The small organization has only 50 employees and is a subcontractor to the Department of Defense, providing aerospace engineering assistance. The data that was stolen in the hack contained information that is protected under the International Traffic in Arms Regulations (ITAR) and included details on the F-35 Lightning II... Read more...
Do you know what hackers were doing around this time five years ago? They were breaking into a database at Disqus, the popular blog comment hosting service supported by scores of websites, in many cases in place of traditional web forums (remember those?). Disqus only found out about it this past Thursday and began alerting users a day later, rather than waiting like many companies often do. "On October 5th, we were alerted to a security breach that impacted a database from 2012. While we are still investigating the incident, we believe that it is best to share what we know now," Disqus stated... Read more...
The hype surrounding the upcoming Call of Duty: WWII is intriguing and very justified. Not much longer than a decade ago, it seemed the world was sick and tired of World War II-themed games, but thankfully, zombie games have since come to our rescue, cleansing our palettes. Today, WWII actually looks like it could give us a fresh experience, and create an interesting online battlefield. Unfortunately, "interesting" is proving true already, but not in a good way. Over the weekend, the beta for WWII went live, and almost immediately, complaints stemming from testers began to hit the web. In almost... Read more...
Equifax is still trying to dig its way out from under the bad press and an angry public after a hack of its database gave access to personal information on 143 million Americans. Equifax offered those affected by the security breach the ability to lock their credit reports to prevent the stolen information leaked in the hack from being used to open new credit in their names. However, things just keep going from bad to worse for Equifax (and everyone in general). Equifax used a PIN that "protected" each user's credit report to prevent the information from being used, but the PINs were reportedly... Read more...
If you thought putting Homer Simpson in charge of a nuclear power plant seemed like a scary proposition, well, you would be right. But sometimes truth is stranger (and in this case, scarier) than fiction. Such is the case with security outfit Symantec reporting that hackers have been targeting the energy sector in Europe and North America since at least 2011. And if that's not frightening enough, they have kicked up their efforts in the past couple of years and even managed to breach companies that manage nuclear facilities in the United States. The group behind these attacks is known as Dragonfly.... Read more...
Would you trust your life to a hacker? No, of course not, and neither does the US Food and Drug Administration. The FDA issued a recall of nearly half a million pacemakers after the organization discovered a vulnerability that makes several models susceptible to hacking. Once exploited, a hacker would be able to control the device's pacing and deplete the batteries. "Many medical devices - including St. Jude Medical's implantable cardiac pacemakers—contain configurable embedded computer systems that can be vulnerable to cybersecurity intrusions and exploits. As medical devices become increasingly... Read more...
Here we go again. WikiLeaks, the international non-profit whistleblower that publishes secret information to the web, has been dumping classified documents outlining various hacking tools and malware used by the United States Central Intelligence Agency. These documents are part of what WikiLeaks calls Vault 7, the latest of which contains information on the CIA's "CouchPotato" tool. According to WikiLeaks, CouchPotato is a remote tool for intercepting video streams as either an AVI video file or capturing still images of frames from the stream as JPEGs, presumably to save space. In the latter... Read more...
A team of scientists from the University of Washington have figured out how to infect a computer using malicious code inside DNA. This attack vector isn't aimed at your everyday PC sitting on your desk at home or in the office; this hack aims directly at the infrastructure around the DNA transcription and analysis industry. The team behind the hack was concerned about the security with that infrastructure after finding basic vulnerabilities in some of the open-source software used in labs that analyze DNA all around the world. While the basic issues with the software could be vulnerable... Read more...
For the past several months, WikiLeaks has been publishing information related to exploits and hacking tools that had been used by the United States government at some point. The project is known as Vault 7 and seems to contain mostly older exploits, though it is not clear if some of the malware has been updated for modern platforms. Not all of it is aimed at Windows. In fact, the latest documents reference macOS and Linux hacks that were part of the US Central Intelligence Agency's Imperial program.Image Source: Flickr (Tony Webster)The first of these is called Achilles. According to the documentation,... Read more...
Many technology companies have in place bug bounty programs that reward security researchers who submit discovered vulnerabilities in the products and services they offer. It is a win-win proposition in which technology companies are alerted to potentially crippling security holes, and hackers are compensated for their efforts. Apple is among the companies with a bug bounty program, though some researchers are choosing to hold onto discovered vulnerabilities, or worse yet, sell them on the underground market. Apple's is relatively new to the bug bounty scene. Ivan Krstic, head of Apple's security... Read more...
Most wireless routers are equipped with a series of LEDs to indicate things like network connectivity and activity, though if a router has been compromised with malware, those blinking lights could reveal more than the owner bargained for. Using specially crafted malware, an attacker could instruct those LEDs to transmit data in a binary format.Image Source: TP-Link The attack was outlined in a paper by a team of researches from the Cyber Security Research Center at the Ben-Gurion University of the Negev in Israel. It is the same team of security researchers that previously wrote about data exfiltration... Read more...
New and used games retailer GameStop has found itself in a bit of a rough patch these days. The company recently reported less-than-stellar fourth quarter results and is planning to close at least 150 brick-and-mortar locations, and perhaps as many as 225. That is on top of the store locations it closed just a few years ago. While it deals with ways to increase revenue and profits, it now finds itself investigating a potential security breach that may have compromised credit card and customer data. Security hound KrebsOnSecurity heard from two unnamed sources in the financial industry that they... Read more...
1 2 3 4 5 Next ... Last