Items tagged with Hack

As we discovered late last week, Lenovo has been serving up some tainted Superfish via its consumer PCs. Once Lenovo was called out for its heinous actions, the company offered an apology and vowed to remove Superfish from shipping systems (it provided removal instructions and later an automatic removal tool for machines already affected by Superfish). However, the apology apparently wasn’t enough as Lenovo is already facing a lawsuit stemming from Superfish. Now it looks a though hacker group Lizard Squad is retaliating in its own, childish way. At around 4 PM EST, Lenovo.com was showing a slideshow of what appears to be rebellious teenagers as the song... Read more...
The war of words between the United States and North Korea is escalating. Following the Sony breach that took place in late November (all because of a comedy film called The Interview), the FBI and the Obama Administration pointed fingers at North Korea for orchestrating the attack. North Korea has claimed innocence throughout the aftermath, but indicated in early December that it condoned the “righteous deed.” The Obama administration stated that it would “respond proportionately” to the hack, and not long after, North Korea was the on the receiving end of an “unprecedented” Internet takedown which sent the country even further into the stone ages — if only for a few hours.The U.S. didn't claim... Read more...
If you mess with the bull, you’ll get the horns. Sony became the victim of a massive cyberattack that took place in late November. But not only was Sony a victim, but numerous Sony employees were caught up in the mess when sensitive personal information like social security numbers were leaked onto the internet. After the hack came threats against Sony employees and their families, followed by terrorist threats against movie theaters that dared to show the film, “The Interview,” which resulted in major cinema chains withdrawing their support for the film. Without backing from big names like Regal Entertainment and Cinemark, Sony announced that it would not release the movie."Hey guys, can someone... Read more...
It's been a busy year for hackers, who collectively have been infiltrating various retail chains at a fierce pace. That includes office supply chain Staples, which on Friday revealed that around 1.6 million payment cards may have been affected by a recent "security incident" in which hackers deployed malware to a "small percentage" of point-of-sale systems. How small? Staples said the malware affected 115 of its more than 1,400 U.S. retail stores. The revelation into the number of potentially affected customers is an update to an incident that occurred back in September. Staples said it took immediate action to rid its systems of the malware and beef up its security, though the... Read more...
Sony was rocked by a massive ransomware attack in late November, and is still reeling from the effects. Most recently, Sony employees have been on the receiving end of threatening emails from the perpetrators of the hack: Guardians of Peace (#GOP). Now we’re beginning to learn a bit more about the hack courtesy of Mandiant, the cybersecurity firm brought in for digital forensics analysis. While the investigation is still ongoing, email correspondence from Mandiant founder Kevin Mandia and Sony Entertainment CEO Michael Lynton has been provided to Variety. Lynton sent out an email to employees on Saturday discussing the attack, but couldn’t give much solace to the 3,800 employees that had their... Read more...
It appears that Sony has become the victim of a massive ransomware hack which has resulted in the company shutting down. An unnamed source spoke to Business 2 Community claiming that the company shut down after its computers in New York and around the nation were infiltrated. The source, according to the website, is an ex-employee of Sony Pictures who has a friend that still works for the company. According to the source’s friend, allegedly, every computer in Sony’s New York Office, and every Sony Pictures’ office across the nation, bears an image from the hacker with the headline “Hacked By #GOP” which is then followed by a warning.  The hacker, or group, claims to have obtained corporate... Read more...
Here's a story that just keeps getting stranger. Lizard Group, a hacker group that claimed responsibility for Sony's PSN downtime over the weekend, has created a stir that'll no doubt have the FBI involved. As if claiming that it took PSN down wasn't enough, it tweeted earlier today to American Airlines that it had been "receiving reports" that a plane carrying Sony Online Entertainment (SOE) president John Smedley also had explosives onboard. Importantly, the group did not claim that it had anything to do with said explosives, only that it knew of them onboard. Twitter threats are taken just as seriously as those via phone or any other means of communication, and the flight was diverted to Arizona... Read more...
A weakness has been identified that could exist in Android, Windows, and iOS devices that can be used to obtain personal information. Discovered by a team of researchers, the vulnerability revolves around multiple applications running on a shared infrastructure that can be exploited. According to their research, they were able to test a method, on an Android phone, that was successful between 82 percent and 92 percent of the time for six of the seven apps that were tested. The apps with such high percentages were Gmail (92 percent), H&R Block (92 percent), Newegg (86 percent), WebMD (85 percent), CHASE Bank (83 percent), and Hotels.com (83 percent). The final app tested belonged to Amazon,... Read more...
There are data breaches and then there are data breaches. The Target breach, for example, was (and continues to be) a total disaster for the company with millions affected. Other hacks are made better or worse by a given company’s attitude and response. Spotify has apparently experienced some sort of breach of its own, but if you’re going to get hacked, this is a best case scenario. A total of one user has been affected according to a post by Spotify CTO Oskar Stål, but even so, the company is hitting the big red button just to be safe. “We’ve become aware of some unauthorized access to our systems and internal company data and we wanted to let you know the steps... Read more...
AOL has experienced a nasty security breach that exposed a great deal of user information, and the company says that it was the work of criminal hackers, as opposed to some kind of glitch or oversight. “AOL is investigating a security incident that involved unauthorized access to AOL's network and systems. AOL is working with best-in-class external forensic experts and federal authorities to investigate this serious criminal activity,” wrote the AOL Mail Team in a blog post. AOL first noticed that there was a problem when users began seeing an increase in spam in the form of spoofed emails. The mail team has determined that email and postal addresses, contacts, and encrypted passwords... Read more...
Facebook has endeavored to make coding a more efficient process by developing a coding language called Hack. Facebook has been using Hack internally for quite some time, and now the company is open sourcing the tool for anyone to use. “Hack is a programming language for HHVM that interoperates seamlessly with PHP,” reads the “Hack Lang” website. “Hack reconciles the fast development cycle of PHP with the discipline provided by static typing, while adding many features commonly found in other modern programming languages.” The problem that Facebook addressed with Hack is the problem of the slower pace of static code typing and the lesser accuracy of dynamic... Read more...
The good news for Target and its customers is that the retailer’s robust IT system detected the massive holiday season hack that affected tens of millions of accounts before it ever happened. The bad news is that Target failed to act on that detection, and the rest is history. According to Bloomberg, Target’s security tools detected the malware used in the hack as early as November 30th, and the thieves weren’t able to remove any data until December 2nd, which means that there were a couple of days wherein the threat couild have been mitigated. Bloomberg asserts that it was human error that led to the hack from there: Once the malware was flagged, the alert was forwarded to... Read more...
This weekend, Dropbox experienced an outage that lasted far too long. A wing of hacker collective Anonymous claimed credit for the outage, saying it performed a database hack, which turned out to be a hoax. However, the group maintained that it did hit Dropbox with a DDoS attack, which was timed to coincide with the site’s scheduled maintenance. Dropbox has strongly denied the hack, but it hasn’t said anything about the claim of a DDoS attack, which seems odd. The company has talked around it by carefully describing the post-mortem. “On Friday at 5:30 PM PT, we had a planned maintenance scheduled to upgrade the OS on some of our machines. During this process, the upgrade script... Read more...
For a moment there, it appeared as though popular cloud storage service Dropbox had been hacked, with the user database accessed and user emails being exposed. Two loosely affiliated wings of hacker collective Anonymous, AnonOpsKorea and The 1775 Sec, claimed credit, but the whole thing was just a hoax timed to coincide with scheduled Dropbox site maintenance. Credit: TechCrunch The two groups both claimed that they compromised the Dropbox website Friday evening and accessed the site’s database, but shortly thereafter Wesley McGrew of McGrew Security noted in a tweet that the emails in the supposed database leak matched something that’s been posted on Pastebin for over a month. In... Read more...
When the hackers roll to Vegas, you know a good amount of exploits are going to surface. Defcon was on point this week in the Nevada desert, and here's yet another exploit that has piqued our interest. Researchers have discovered that the Windows 8 Secure Boot mechanism can be circumvented on PCs built by certain manufacturers. Why? Oversights in how those particular vendors implemented the Unified Extensible Firmware Interface (UEFI) specification. Andrew Furtak, Oleksandr Bazhaniuk and Yuriy Bulygin were on hand to showcase their findings. Thankfully, due to the nature of the event, none of the specifics are shown; instead, companies are alerted so that fixes can be put in place before ill-willed... Read more...
The Internet is an amazing place. But, increasingly, it's a place filled with peril and pitfalls, particularly if you're hosting something of value. International cybercrime has found itself in the spotlight of late, and now Microsoft is making a concerted effort to help curb it. Microsoft has just announced that it is working lockstep with leaders in the financial services industry, including the Financial Services – Information Sharing and Analysis Center (FS-ISAC), NACHA – The Electronic Payments Association, the American Bankers Association (ABA) – Agari, and other technology industry partners, as well as the Federal Bureau of Investigation. Why? Glad you asked. It has successfully... Read more...
There sure has been a lot of hacking going on in recent weeks. Even major news outlets like The New York Times have joined the U.S. government in suspecting the Chinese military of attempting to solicit digital information, and this week, Facebook announced that it too has been the target of an attack. In a post erected to the company's Security portal, it confessed that while it invests heavily in protecting users and proactively preventing such attacks, one managed to slip by last month. In Jan. 2013, Facebook Security noticed that its systems had been targeted in a sophisticated attack. Reportedly, it occurred when a handful of employees visited a mobile developer website that was compromised.... Read more...
Concerned that hacking is on the rise? You've every right to be worried. Following recent reports from The Wall Street Journal and The New York Times surrounding intrusion from outside forces into their news systems and e-mail databases, Twitter has now affirmed a security puncture of its own. The company released a blog post noting that it "detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data." In that discovery process, Twitter found one live attack and neutralized it, but some damage was already done. The investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses,... Read more...
Where there are systems for financial transactions, there will always be opportunities to skirt those systems, and that holds true for NFC transactions, too. Researchers have already demonstrated a hack for Android NFC that lets them refill fare card balances for transit systems, including subways, in two states. The key to the hack is UltraReset, which was developed by researchers Corey Benninger and Max Sobell at Intrepidus Group. The researchers used the app to successfully refill balances on fare cards in New Jersey and San Francisco, using the app on Android phones that have NFC capabilities. Using a legitimate transit card, they simply stored the balance via the app, used up the... Read more...
As we reported on Tuesday, GoDaddy suffered a major outage that left thousands, and potentially millions of customers with downed websites and services. While a supposed member of the Anonymous collective took credit for an attack, GoDaddy has since concluded that no hack or distributed denial of service attack took place. Instead, the company has posted on its site that the cause of the issue was a router that somehow had its data tables corrupted. Many have remained skeptical about this claim, however, as for a single router being able to take out all of GoDaddy seems unlikely. All hosts have, or should have, excellent redundancy in place. GoDaddy's outage didn't last mere minutes, but hours.... Read more...
Did you know that it's now possible to run Android 4.0 on your Nokia N9? It's true. While the N9 and the Lumia 800 use the same amazing Nokia hardware, neither of those runs Android. Nokia made a decision long ago to use MeeGo on their last great in-house smartphone (the N9), while shifting to Windows Phone shortly after on the Lumia 800. But what if you want Nokia hardware with Google software? Tough luck, right? Wrong. There's now a way to dual-boot your N9, with Android 4.0 being the secondary operating system. The procedure is complex, yes, but not impossible. And thankfully for you, there's a wonderful how-to guide online to show you each and every step. Give the Via link a look if you're... Read more...
If you've ever hacked or considered hacking your Android device, you're probably familiar with CyanogenMod. Although there are plenty of custom Android ROMs out there, CyanogenMod is one of the most well-known.  In fact, CyanogenMod just passed 1 million active users. CyanogenMod was created by Steve “Cyanogen” Kondik. Given the success of CyanogenMod, it should be no surprise that the project is continuing to evolve and grow into new areas. Koushik Dutta, one of the CyanogenMod team members, would like to see an App Store for root apps and apps that are "getting shut down for no good reason." The idea seems pretty handy from a user perspective, and as Dutta points out, could... Read more...
First ... Prev 3 4 5 6 7 Next ... Last