Items tagged with Hack
It would seem like common sense if you are among the people attending a hacking conference to secure your devices against attacks. After all, you and your tech gear are walking into the proverbial lion's den. If you were ever going to have your fitness tracker, smartphone, laptop, or other tech device hacked, DEFCON is where it will likely happen. Security Boulevard has issued some steps that attendees to the conference will want to follow to protect their devices before turning up at the convention, but the same steps could be used for protecting your devices every day. Some suggest using burner mobile phones or laptops, but there are other things that attendees can do to prepare themselves...
Read more...
Researchers from Check Point Software Technologies Ltd. have discovered a flaw in one of the most widely deployed pieces of software in the world, which also happens to be the backend for the contacts list on Apple devices like the iPhone and iPad. The software resource that Check Point found the flaw in is called SQLite, a database engine that is used in computer operating systems, desktops, mobile phones, and lots more. SQLite is used in Windows, MacOS, iOS, Google Chrome, and Android, among many others. The fact that the SQLite database engine is so widely deployed has made it a rich target for would-be hackers. Hackers could exploit SQLite and gain administrative control of an iPhone,...
Read more...
There are plenty of vulnerabilities in the biometrics that are commonly used for unlocking devices today, including fingerprint readers and Apple's Face ID. Researchers at the Black Hat USA 2019 conference this week demonstrated a new attack that allowed them to bypass a victim's Face ID and login to the user's phone. However, the method that the hackers had to use is a little disturbing, as they had to use an unconscious victim and place a pair of modified glasses on their face. To pull off the hack, the researchers placed tape carefully over the lenses of a pair of glasses and then put the glasses on the victim's face to show how Face ID could be bypassed in this specific scenario. The exploit...
Read more...
Hacks are happening all the time with some giving information on user accounts like the Flipboard hack we talked about recently. Other hacks are much grander in scale, like the attack against the city of Baltimore that resulted in most of the cities systems being locked out. Another significant hack has happened, and this one is a hack of a hotel management company that backs some of the largest hotel chains in the world. The hotel management company in question is Pyramid Hotel Group, and it manages many Marriott locations. The company had a server that left an unsecured database containing security logs that could give nefarious types an idea about cybersecurity weaknesses of the hotels. The...
Read more...
Flipboard is a news aggregator app, and the company has announced that it fell victim to hacks. The hacks potentially exposed user account information and left that information where it could be copied for nine months. The exposed user details included Flipboard user names, encrypted passwords, and email addresses. Flipboard was clear that no social security numbers, credit card details, or other financial data was lost in the breach because the app doesn't collect any of that information. The company published a FAQ about the hack that noted as a precaution it has reset all user passwords, despite the fact that passwords stored in the database hackers had access to were cryptographically protected....
Read more...
If you try to market a product as “unhackable,” it stands to reason that someone is going to attempt to hack your device to knock you down a peg or two. That is exactly what happened with eyeDisk, which was first brought to light last year with a successful Kickstarter campaign. eyeDisk was able to raise over $21,000 from nearly 250 backers and began shipping the thumb drive in 32GB and 128GB capacities earlier this year. The device uses a combination of AES-256 encryption and iris recognition to lock down the device and keep it safe from harm's way. In fact, eyeDisk was billed as "the world’s first USB flash drive that uses iris recognition technology for unbeatable data security."...
Read more...
In the web browser world, Google Chrome is tops and is offered on multiple platforms including Windows 10, macOS, Linus, iOS and Android. however, web developer named Jim Fisher has found an exploit that nefarious developers can use to trick Chrome on Android users into thinking they are on a legitimate website. Fisher shows on his blog how a website can replace the Chrome for Android address bar and tabs UI using a few tricks. All Chrome for Android users know that when you scroll down a page using the browser, the top of the UI with your address bar and tabs are hidden from view. Fisher found that the scrolling of the page could be "jailed" so when the user scrolls back up the page, the...
Read more...
Yes A lot of gamers were hoping that Nintendo would be rolling out some new Switch hardware at E3 2019 as rumors had suggested. Sadly, Nintendo has now confirmed that there will be no new hardware at that event. However, something else interesting about the Switch has surfaced recently that allows gamers to get more performance out of the existing Switch hardware. With the Switch being a hybrid system, game designers have to design games around docked and undocked performance modes. Inside the Switch is an NVIDIA Tegra processor that changes its clock speed depending on if the Switch is in docked or undocked mode. Hackers have found a way to gain access to change the clock speed of the Tegra...
Read more...
It turns out that a security breach affecting some users of Microsoft's Outlook.com, Hotmail.com, and MSN.com webmail services is worse than originally thought. In an email that was previously sent to users, Microsoft said a hacker managed to swipe a support agent's login credentials, potentially exposing email addresses, subject lines, and other information, but not the actual contents of any emails. As Maury Povich would say, 'That was a lie'. More accurately, that is not the full story. As far as we know, Microsoft did not actually lie to the users who received that specific email, in which the company admitted that email addresses, folder names, subject lines, and email recipient addresses...
Read more...
As if Microsoft’s Skype security exploit back in February wasn’t alarming enough, users of the company’s Outlook.com, MSN.com and Hotmail.com webmail services may have something to worry about now as well. Microsoft has confirmed to a number of sources, and according to users on reddit with specific documentation, that hackers compromised the company’s support portal, gaining access to email accounts on its Outlook service. The email sent out to users by Microsoft notes email addresses, folder names, subject lines of emails and email recipient addresses may have been exposed, but likely not the content of the emails themselves. The Microsoft Privacy Communication team’s...
Read more...
Last year was a big year for hacks of high profile services like Facebook. In late 2018, Facebook announced that a hack had occurred that left the private messages of 81,000 accounts up for sale. Now, photography website 500px has announced that it was hacked last year and that at least some data on all of its users was stolen in the hack. 500px says that on February 8, 2019, its engineering team became aware of a potential security issue that affected some user profile data. The company says that it launched a "comprehensive review" of its systems to try and understand the nature and scope of the hack; the investigation involved a third-party expert and coordination with law enforcement...
Read more...
The Sony PlayStation Classic has been selling well since it debuted thus month, and we have already seen the device gutted to find it runs a quad-core ARM processor and has 16GB of storage inside. More recently we learned that the PS Classic has a secret emulation menu, but you need the right USB keyboard to access it. Now word has surfaced that the device has some serious flaws in its security that made the console easy for hackers to crack to run additional games off a USB drive. The blunder Sony made with securing the console was found by console hackers when dumping the PS Classic system code onto an external machine. What they found was that Sony hid the key needed to decrypt the...
Read more...
A group of hackers claims to have a service that will allow anyone willing to spend $250 to send out a "marketing" campaign that can reach "every single printer in the world." The people are offering to sell advertisers a spot in "the most viral ad campaign in history" according to the advertisement for the service. Security experts the world over have had concerns about the security of Internet of Things (IoT) devices and the security of web-connected printers specifically. HP has in the past offered $10,000 in bug bounty money to get white hat hackers to find bugs in its printers. We also talked in depth about some of the security hazards that the IoT posed last year. Hackers have taken advantage...
Read more...
Facebook is the most popular social network out there, and seemingly the one with the most privacy issues. Last month a data breach impacted as many as 90 million user accounts with Facebook eventually claiming about 30 million accounts had been affected. Another security breach was announced in September with that breach affecting over 50 million users; a tool was offered to allow Facebook users to determine if their account was hacked. A new report has now surfaced that claims the private messages from 81,000 hacked Facebook accounts are for sale. Word of the hack surfaced from the perpetrators with BBC reporting that the BBC Russian Service was told by the hackers that they had details from...
Read more...
