Items tagged with Hack

Last year was a big year for hacks of high profile services like Facebook. In late 2018, Facebook announced that a hack had occurred that left the private messages of 81,000 accounts up for sale. Now, photography website 500px has announced that it was hacked last year and that at least some data on all of its users was stolen in the hack. 500px says that on February 8, 2019, its engineering team became aware of a potential security issue that affected some user profile data. The company says that it launched a "comprehensive review" of its systems to try and understand the nature and scope of the hack; the investigation involved a third-party expert and coordination with law enforcement... Read more...
The Sony PlayStation Classic has been selling well since it debuted thus month, and we have already seen the device gutted to find it runs a quad-core ARM processor and has 16GB of storage inside. More recently we learned that the PS Classic has a secret emulation menu, but you need the right USB keyboard to access it. Now word has surfaced that the device has some serious flaws in its security that made the console easy for hackers to crack to run additional games off a USB drive. The blunder Sony made with securing the console was found by console hackers when dumping the PS Classic system code onto an external machine. What they found was that Sony hid the key needed to decrypt the... Read more...
A group of hackers claims to have a service that will allow anyone willing to spend $250 to send out a "marketing" campaign that can reach "every single printer in the world." The people are offering to sell advertisers a spot in "the most viral ad campaign in history" according to the advertisement for the service. Security experts the world over have had concerns about the security of Internet of Things (IoT) devices and the security of web-connected printers specifically. HP has in the past offered $10,000 in bug bounty money to get white hat hackers to find bugs in its printers. We also talked in depth about some of the security hazards that the IoT posed last year. Hackers have taken advantage... Read more...
Facebook is the most popular social network out there, and seemingly the one with the most privacy issues. Last month a data breach impacted as many as 90 million user accounts with Facebook eventually claiming about 30 million accounts had been affected. Another security breach was announced in September with that breach affecting over 50 million users; a tool was offered to allow Facebook users to determine if their account was hacked. A new report has now surfaced that claims the private messages from 81,000 hacked Facebook accounts are for sale. Word of the hack surfaced from the perpetrators with BBC reporting that the BBC Russian Service was told by the hackers that they had details from... Read more...
Even though Newegg is one of the most popular destinations for enthusiasts looking to score the latest and greatest hardware for the gaming rigs, the retail giant is not immune to the nefarious actions of the hacker community. To that end, Newegg's website was hacked, and the parties responsible were able to inject 15 lines of credit card skimming code into the retailer's payments page. That code hid there, undetected, from August 14 through September 18 meaning if you made a purchase there between those dates, you need to be concerned. News of the attack comes from Yonathan Klijnsma, a threat researcher from RiskIQ. The injected code was able to steal credit card data from customers and sent... Read more...
Macs used to have a persona of "no viruses or hacks" with many feeling like the MacBook and other Apple computers were more secure and therefore better than Windows counterparts. This was a long-running argument in PC enthusiast circles and despite ample evidence that Macs are vulnerable to attacks, some still feel that the Mac is immune to most of the hazards posed to a Windows user. Apple's latest 2018 MacBook models certainly aren’t immune from significant issues and flaws right out of the box. The high-end Core i9 version was hampered by thermal throttling out of the box that Apple blamed on a flaw in macOS, and a patch was later issued. Researchers at the Black Hat security conference... Read more...
Reddit has announced that it suffered a security breach between June 14 and June 18 of this year. The website learned of the hack on June 19 and says that an attacker was able to compromise the accounts of a few Reddit employees along with Reddit's cloud and source code hosting providers. The main attack was apparently via an SMS intercept, as Reddit was using two-factor authentication. The site notes that the attacker didn’t gain write access to its systems and had read-only access to some systems that contained backup data, source code, and other logs. After the attack, additional steps were taken to lock down the compromised data, and reddit says that it rotated all production secrets... Read more...
Bug Bounty programs are very common today with most of the big tech firms hosing them. The goal is to get hackers to report any bugs they find for a payday rather than turning to the black market to sell their hacks. HP has announced a new Bug Bounty program to lure researchers in to hack its printer software. The program offers up to $10,000 to hackers who can find these vulnerabilities. HP’s opened its Bug Bounty program in May and had 34 security researchers signed up at the start. One of those researchers was already paid out $10,000 for what was identified as a serious flaw with HP's printers. HP has a wealth of product outside of printers, but says that it chose the printer arm for... Read more...
The gang from Failoverflow guaranteed that the Nintendo Switch would be hacked to run all sorts of content not originally targeted for Nintendo's latest console, once the elite hacker group figured out how to get Linux to run on the device. That hack takes advantage of an unpatchable exploit as it turns out. And now, fans of retro GameCube games can now run some titles on their Switch using an emulator and Linux. The hack was shown off by a YouTube user called Mizumi using a Dolphin GameCube emulator program running on Lakka. Lakka is a Linux distribution specifically made for game consoles that happens to look a lot like the PS4 interface. The front-end for the emulator is called... Read more...
A new attack that takes advantage of flaws that are inherent to LTE technology has surfaced called aLTEr. The exploit was discovered by an international team of security researchers and is able to redirect users to hostile websites. The exploit works in part by taking advantage of the fact that there is no integrity checking built into the lower layers of LTE. That lack of integrity checking allows nefarious hackers to use DNS packets directing traffic to website addresses to steer user requests to malicious DNS servers. Attackers could then take the user to whatever website the attacker wants. These websites could be used to launch attacks of other types on unsuspecting LTE users. A passive... Read more...
Malware is a huge problem for computer users today as the threat posed by malicious software continues to increase. A new botnet was recently detected in a live environment for an unnamed client of Deep Instinct, a security firm. The security firm says that the botnet, dubbed Mylobot, uses three different layers of evasion techniques. The evasion techniques that the botnet uses contact command and control servers that download the final payload, Deep Instinct says that the combination and complexity of the evasion techniques that the botnet deploys have never been seen in the wild before. Mylobot also uses several malicious techniques including anti-VM, anti-sandbox, anti-debugging, wrapping... Read more...
Things aren't exactly rosy in the cryptocurrency world; particularly when it comes to Bitcoin. Over the weekend, South Korean cryptocurrency exchange Coinrail confirmed that it had been hacked. The site says that it was the victim of a "cyber intrusion" and that roughly 30 percent of the coins trades on the exchange were stolen. Coinrail said the remaining 70 percent of coins were safeguarded and have been moved to a "cold wallet". At this moment, it is believed that hackers got away with 40 billion won in Bitcoin, which amounts to $37.2 million.  Not surprisingly, this latest hack sent the price of Bitcoin tumbling, even though such hacks have become commonplace in the cryptocurrency realm.... Read more...
For the privileged Americans that can get fiber internet to their home with blazing fast upload/download speeds, there might be more to worry about than blowing through their data allotment in a couple days. Reports are surfacing that various GPON home routers have flaws that could allow nefarious hackers to bypass all authentication on the devices. The method of bypassing authentication is as simple as attaching an image suffix to the URL of a GPON HTTP server. VpnMentor says that after the initial authentication is bypassed, a command injection vulnerability (CVE-2018-10562) to run commands on the device can be executed. These two critical vulnerabilities, when combined, can allow complete... Read more...
Under Armor is a big name in the athletic clothing world. In addition to clothing, the company also has an app that is meant to allow people to track their food intake and nutrition to help get fit (and stay) fit. The app is very popular with users on iOS and Android, but it has suffered a major data breach. Under Armour has notified users that the MyFitnessPal app team became aware that an unauthorized third party had acquired data associated with user accounts for the app and website. That unauthorized access happened in late February 2018 and Under Armor states "The company quickly took steps to determine the nature and scope of the issue and to alert the MyFitnessPal community of the... Read more...
1 2 3 4 5 Next ... Last