Items tagged with Hackers
Hackers do not need to bust open a Drama Llama Piñata to get the best loot in Fortnite. Epic Games recently patched a vulnerability that would have granted hackers access to users’ accounts. Nefarious parties would have been able to acquire users’ in-game currency and the last four digits of their credit card. The vulnerability was discovered by Israeli cyber security company Check Point this past November. Epic Games quickly and quietly fixed the issue. They recently remarked, “We thank Check Point for bringing this to our attention. As always, we encourage players to...
Read more...
The USB Implementers Forum (USB-IF) has announced a new authentication standard that can be implemented for USB-C devices and complimenting chargers. USB-C Authentication, as it’s called, uses 128-bit “cryptographic-based authentication” to help mitigate potential security intrusions from USB thumb drives and chargers that could be used to deliver malicious payloads/firmware. The USB-IF says that with its new authentication protocol, the host device would be able to in effect enter in a secure “handshake” with another USB-C device, confirming its identify. At the moment...
Read more...
We have all seen it on Facebook -- one of your friends “shares” a link to a new shake that will help you lose ten pounds in two days or a code to get suspiciously discounted Ray-Bans. Thankfully, most of these posts are obviously spam. Unfortunately, hackers are finding more ways to post annoying and potentially dangerous content. One researcher recently discovered a proof-of-concept Facebook worm that posts unwanted spam links. A Polish security researcher, who goes by the pseudonym “Lasq”, was the first to find the issue. He noted that a number of his Facebook friends...
Read more...
Two-factor authentication (2FA) is usually touted as an effective layer of security for online account. Many people have recently learned the hard way that this method may not be as helpful as it seems. Hackers have targeted nearly 1,000 Google and Yahoo accounts by bypassing two-factor authentication. Amnesty International, a non-profit group, recently published a report that documented the phishing attacks. The attacks have specifically targeted journalists and activists in the Middle East and North Africa in 2017 and 2018. Amnesty International believes that the hackers are based in Persian...
Read more...
A group of hackers claims to have a service that will allow anyone willing to spend $250 to send out a "marketing" campaign that can reach "every single printer in the world." The people are offering to sell advertisers a spot in "the most viral ad campaign in history" according to the advertisement for the service. Security experts the world over have had concerns about the security of Internet of Things (IoT) devices and the security of web-connected printers specifically. HP has in the past offered $10,000 in bug bounty money to get white hat hackers to find bugs in its printers. We also talked...
Read more...
Hackers employed by the Chinese government have purportedly stolen 614GB of sensitive data from a United States Navy contractor. The data potentially includes plans for a supersonic anti-ship missile and other information related to naval warfare. According to a report by The Washington Post, the breaches occurred in January and February of 2018. The Chinese hackers compromised a contractor who had been hired by the Naval Undersea Warfare Center. The Rhode Island-based military organization focuses on researching and developing submarines and naval weapons. Navy officials have not publicly identified...
Read more...
ATMs can be a blessing and a curse to financial institutions. On the one hand, they can process financial transactions quickly, allowing the machines to serve more people over a span of time than a human teller. However, ATMs are often the target of hackers, many using skimmers to obtain debit card numbers for later nefarious spending sprees. Now, the Secret Service is warning that an existing type of ATM attack, jackpotting, is finally beginning to make its way to the United States. Jackpotting has been prevalent at banking institutions across Europe and Asia, but not so much in the U.S. It involves...
Read more...
With the booming value of cryptocurrency, many hackers and nefarious actors are rolling out schemes to unwittingly trick regular web users into mining for them. The latest scheme to dupe people into mining cryptocurrency is taking advantage of Facebook Messenger via some slick malware. The malware being distributed via Messenger is mining Monero, an alternative to the wildly valuable and volatile Bitcoin. Security researchers from Trend Micro are calling the malware Digmine and are saying that it could also help perpetrators to take over a Facebook account. The Digmine malware is disguised...
Read more...
Until recently, a bug on a T-Mobile website gave hackers access to personal details relating to wireless subscriber accounts. What's really surprising about this particular attack vector is that hackers only needed a T-Mobile customer's phone number to gain access to private account details. Karan Saini, a researcher from Secure7, first discovered and reported on the exploit noting that a script could be run to siphon data including email addresses, customer names, billing account numbers and even a phone's ISMI number. Because of the nature of the exploit, all of T-Mobile's 76 million customers...
Read more...
Star Fox 2 Immediately Ripped From Nintendo's Just Launched SNES Classic And Already For Sale Online
There are certainly lots of retro gamers out there who are interested in the SNES Classic Edition that launched this week. We've already outlined everywhere you can get an SNES Classic Edition, but they are almost certainly not in stock any where right about now. One of the greatest features of the little retro console is that it packs in 21 of the coolest retro games you can get your mitts on and one of those is a game that fans wanted for years, but never Nintendo launched - Star Fox 2. Star Fox 2 was developed to a complete game and then never launched. However, Nintendo saw fit to put...
Read more...
Equifax may be now getting its public lashings for a cybersecurity breach that resulted in personal information of 143 million Americans being exposed to hackers, but it appears that the Securities and Exchange Commission (SEC) has a few skeletons in its closet as well. The regulatory agencies announced late last night that its EDGAR database was hacked last year. At the time, the SEC did not make any public disclosures regarding the hack, which took advantage of a vulnerability in the EDGAR test filing system. However, once it discovered the intrusion, it quickly patched it and went about its...
Read more...
Gaming is meant to be fun, but it just can't be all of the time. That's because players of online games have to be constantly aware of looming threats. Yet another new case of an attack, involving a game called ROBLOX, highlights the fact that it's not just the game itself that is at risk sometimes, but the tools surrounding it. Despite the fact that ROBLOX mimics Minecraft in that its an open-world sandbox game, it actually came out years before Mojang released even an alpha. Today, the game enjoys an impressive 12 million monthly users, many of whom use the ultra-successful platform Discord to...
Read more...
Election hacking is a real concern these days, and Microsoft recently helped cripple Russian hacking group called "Fancy Bear" after the group pulled off the DNC hack last year. A group of hackers at DEF CON 2017 had a bunch of voting machines to play with and they found some exploits that could allow potential tampering with the voting system. Word from the hackers looking for exploits is that it took less than 90 minutes for the first cracks on the "secure" voting hardware to turn up. According to participants in the so-called Voting Village, the security on the machines was low and...
Read more...
Sometimes it feels as though nothing is safe from the prying eyes (and digital crowbars) of dedicated hackers. Single sign-on provider OneLogin has found this out the hard way, as its systems were breached this week, potentially exposing customer data."We detected unauthorized access to OneLogin data in our US data region," OneLogin disclosed in a blog posting this week. "We have since blocked this unauthorized access, reported the matter to law enforcement, and are working with an independent security firm to determine how the unauthorized access happened and verify the extent of the impact of...
Read more...
