Items tagged with Hacker
To nobody's real surprise, the jailbreak community upon learning that the Apple Watch was freewheelin' it on wrists everywhere without a browser onboard set out to fill that gap. And in somewhat short order the celebrated Comex — the developer behind JailBreakMe, and a former Apple intern — has weighed in first, posting a video to Twitter over the weekend that features an Apple Watch running a Google web page via a web browser. Comex's video makes a good case for why Apple hasn't (yet) included a version of its Safari browser in Watch OS, illustrating the need to scroll over and across vast screen real estate — relatively speaking, of course...
Read more...
Here's a story that just keeps getting stranger. Lizard Group, a hacker group that claimed responsibility for Sony's PSN downtime over the weekend, has created a stir that'll no doubt have the FBI involved. As if claiming that it took PSN down wasn't enough, it tweeted earlier today to American Airlines that it had been "receiving reports" that a plane carrying Sony Online Entertainment (SOE) president John Smedley also had explosives onboard. Importantly, the group did not claim that it had anything to do with said explosives, only that it knew of them onboard. Twitter threats are taken just as seriously as those via phone or any other means of communication, and the flight was diverted to Arizona...
Read more...
It’s great that there are folks out there who look for exploits and vulnerabilities and then let companies know about them before ne’er-do-wells have a chance to perform malicious actions, but one hacker made himself something of a nuisance early this week by doing just that. According to CNN Money, Turkish hacker Ibrahim Balic was testing a vulnerability he discovered on Google’s Developer Console when he crashed Google Play. Developers were unable to post new apps and updates. The crash occurred on Sunday and extended into Monday. After Google fixed the problem, Balic tested the vulnerability again--and crashed Google Play again. He told CNN Money that he expected the exploit...
Read more...
We've all fantasized at one point or another of standing in front of an ATM as it mistakenly shoots out cash, showering us in money. Famed computer hacker Barnaby Jack actually made it happen in 2010 during a demonstration at the Black Hat conference. Called "jackpotting," he demonstrated the vulnerability on two separate ATMs on stage, both spewing out cash at a rapid clip. It's what he'll perhaps be best remembered for, though Jack's contributions went beyond helping ATM makers secure their money dispensing boxes. More recently, he discovered vulnerabilities in medical devices, such as pacemakers and insulin pumps, and was scheduled to give a presentation at Black Hat next week on how it's...
Read more...
Pretty much everything that connects to the Internet is hackable--the exciting but vulnerable “Internet of Things”--but if we’re lucky, security researchers discover most of the vulnerabilities and exploits and help manufacturers patch them before cybercriminals make hay with them. Such is the case with Google Glass and Lookout Mobile Security. The Lookout Mobile Security folks identified a vulnerability in Google Glass wherein they could use a malicious QR code to hack the spectacles. Basically, as Google Glass “looked around” and took photographs, it scanned a QR code; however, that QR code was malicious and forced Google Glass to connect to a nearby WiFi hotspot...
Read more...
Two security researchers from iSEC, Tom Ritter and Doug DePerry, have demonstrated the ability to hack into Verizon Wireless’ femtocells and spy on Verizon users with a simple wireless antenna. They say that they can intercept people’s phone calls, text messages, picture messages, and even data. The team used a software vulnerability in the femtocells (which are readily available from Verizon) to perform the hack, although they have opted not to reveal how exactly how they did to prevent others from exploiting the same vulnerability. However, they will demonstrate the process at the Black Hat conference and Def Con conference in Las Vegas soon. For its part, Verizon says...
Read more...
Ubisoft announced that it was hacked, and some user account information including usernames, passwords (even encrypted ones), and email addresses were compromised. “We recently found that one of our Web sites was exploited to gain unauthorized access to some of our online systems,” wrote the company in a blog post. “We instantly took steps to close off this access, to begin a thorough investigation with relevant authorities, internal and external security experts, and to start restoring the integrity of any compromised systems.” The company’s Uplay service was not hacked; rather, the attack targeted some if its online systems. Ubisoft says that despite the information...
Read more...
The Internet is an amazing place. But, increasingly, it's a place filled with peril and pitfalls, particularly if you're hosting something of value. International cybercrime has found itself in the spotlight of late, and now Microsoft is making a concerted effort to help curb it. Microsoft has just announced that it is working lockstep with leaders in the financial services industry, including the Financial Services – Information Sharing and Analysis Center (FS-ISAC), NACHA – The Electronic Payments Association, the American Bankers Association (ABA) – Agari, and other technology industry partners, as well as the Federal Bureau of Investigation. Why? Glad you asked. It has successfully...
Read more...
Speaking of Google Glass and hacking, the new $1,500 spectacles, which are as yet only available to a select group of “Explorers”, have already been hacked. Tweets from Liam McLoughlin (also known as Hexxeh), who works for Google on the Chrome side of things indicate that he found a way to do it, and although he doesn’t say for sure that he rooted the specs yet for fear of breaking them. He did, however, tweet that he found a debug mode that seems to give him ADB access, and a reboot-loader offers a way to root the device through fastboot OEM unlock. Jay Freeman (@saurik) doesn’t think that the fastboot OEM unlock necessarily offers root access, but he’s definitely...
Read more...
Here’s one more thing you can fret about: Security evaluator ISE has discovered that a number of popular SOHO routers and WiFi access points are vulnerable to hacking. The firm calls the vulnerability a “critical security” problem, which is to say that a remote hacker could take over a router and change configuration settings or a local hacker could also skip the authentication process, and in both cases, the hacker would be able view and even change traffic on the network. The firm looked at 13 different off-the-shelf devices to evaluate them for security vulnerabilities. What they found is startling. “Our research indicates that a moderately skilled adversary with LAN...
Read more...
Yikes. In the past few months, the threat of hacks originating from high-up sources in China has gone from essentially nothing to nearly weekly. Regardless of whether nefarious Internet acts were coming from China in the past, it has only recently become a mainstream issue. With the U.S. and Chinese governments trading blows and exchanging blame, a new Forbes report suggests that Chinese government hackers could be responsible for spreading Android malware. It sounds like something that could only happen in an HBO plot, but it's seemingly realm. A report released Monday by the Citizen Lab, shows that "Tibetan activists are being targeted with sophisticated malware designed to infect Android phones,...
Read more...
In the immortal words of radiohead: “You do it to yourself...and that’s why it really hurts.” Security company Bit9 is surely feeling those words after being hacked late last week when attackers targeted computers within Bit9’s own network that weren’t protected by Bit9’s own software. In the aftermath, Bit9 CEO Patrick Morley wrote in a blog post: Due to an operational oversight within Bit9, we failed to install our own product on a handful of computers within our network. As a result, a malicious third party was able to illegally gain temporary access to one of our digital code-signing certificates that they then used to illegitimately sign malware. Ouch,...
Read more...
If you ever wondered what would happen if you started hacking the United States at large, here's a clue. A new report has stated that President Obama's administration is mulling "more assertive" action against China in order to put up an offensive attack against "a persistent cyber-espionage campaign it believes Chinese hackers are waging against U.S. companies and government agencies." What started out as reports that China may have hacked into a few U.S.-based news systems has spiraled completely out of control, and now there's something of a cold war brewing between the two nations when it comes to digital transmissions. The FBI was already looking into the reports from the WSJ and NYT, but...
Read more...
On Monday around mid-morning, a lone hacker claiming association to hacker collective Anonymous attacked GoDaddy.com, taking down many of the personal and small business websites that GoDaddy hosts. GoDaddy posted some vague Tweets throughout the day, assuring its customers that it was aware of and working on the problem, and the following was posted on the official company website: At 10:25 am PT, GoDaddy.com and associated customer services experienced intermittent outages. Services began to be restored for the bulk of affected customers at 2:43 pm PT. At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised. We will provide...
Read more...
