Items tagged with Hacking

Make no mistake, if the apocalypse comes to be, we are all going to be left in a cutthroat world where anything goes. Fallout 76 plays on that theme, to an extent, though an annoying hack is taking things to the extreme and ruining the game on PC. The hack allows players to steal items from another person's inventory, including weapons and armor. This is not done through person-to-person trading, but is accomplished by way of a remote hack. What's particularly frustrating is it only requires the hacker to be in the vicinity of another player. As long as the victim can be seen on screen, that person can be stripped of their items (save for caps, scrip, access to various locations, and stash box/scrap... Read more...
A company that develops digital forensics tools for businesses and law enforcement specialists has found a way to hack into locked Apple iPhone devices running the latest version of iOS. The method is said to work on most iPhone models, from the iPhone 5s through the iPhone X, and is effective on iOS 12 through iOS 13.3. The company is called Elcomsoft, and the newly expanded ability comes by way of an update to its iOS Forensic Toolkit. Specifically, the update allows the software to extract select keychain records in the BFU (Before First Unlock). That means it can pluck sensitive data from affected iPhone devices that have been powered off or rebooted, without having to enter in a passcode.... Read more...
We already know about that hackers are able to steal credit and debit card details at gas pumps by using skimmers, which are devices that slip over the payment slot and, for the most part, look legitimate (they're found on ATMs as well). However, skimmers are not the only threats. Visa's Payment Fraud Disruption (PFD) division warns that cybercriminals are targeting gas station point of sale (POS) systems in North America. This is a concerning threat, because even though skimmers look like they are part of the pump, there are subtle ways to detect that something is amiss. When a hacker infiltrates a computer network, however, customers are left to the security of the company being attacked. In... Read more...
Several white hat hackers in China spent the weekend infiltrating some of the top web browsers and other applications, as part of the Tianfu Cup. Similar to Pwn2Own, hackers attempt to exploit various software in ways that have not been discovered before, with prizes and bragging rights on the line (as well as better security for us all). The rules between Tianfu Cup and Pwn2Own are pretty much the same. During the two-day event, hackers racked up points by exposing zero-day vulnerabilities in Microsoft's Edge, Apple's Safari, and Google's Chrome browsers, as well as other applications. Here's how it broke down on the first day of the competition... Microsoft Edge (old version, not Chromium):... Read more...
In most instances, if someone gains unauthorized access to your bank account, it is not a good thing. The best case scenario is your bank flags and blocks suspicious transactions and transfers. Or is that the best possible outcome? For Tim Cameron, a 30-year-old UK resident who lost his wallet, having his bank account subsequently hacked was a clever and kind gesture by the person who found it. How can that be? This was not a typical hack in any sense of the word. The good Samaritan who found the wallet made a series of unauthorized £0.01 deposits into Cameron's account, each with a message attached. Deposits at Cameron's bank can contain up to 18 characters, and the person who found the... Read more...
At the CS3sthlm security conference in Stockholm, Sweden later this month, security researcher Monta Elkins, the "Hacker-in-Chief" at FoxGuard Solutions, will demonstrate a proof-of-concept hardware hack involving spy chips implanted onto enterprise IT equipment, with a budget of less than $200. The idea of implanting spy chips onto hardware is not new. Back in 2018, an explosive Bloomberg Businessweek article claimed Chinese spies had installed malicious microchips the size of a grain of rice on Supermicro hardware at the supply chain level, creating a "stealth doorway into any network that included the altered machines." This was concerning because (A) of how difficult it would be to detect... Read more...
The 2020 United States presidential election is over a year away, but there have already been several cyberattack attempts against presidential campaigns. Microsoft recently reported that a hacker group attacked nearly 250 accounts related to campaign workers, government officials, and reporters. The affected users have been notified and Microsoft has published information about the attack as a warning for others. The Microsoft Threat Intelligence Center (MSTIC) noted that an Iranian hacker group referred to as “Phosphorus” attempted to identify the owners of more than 2,700 accounts. The hackers then attacked 241 of these accounts and successfully compromised four of them. The accounts... Read more...
An Israeli company that managed to hack WhatsApp earlier this year is now claiming it has developed new software that can stealthily swipe cloud data from Amazon, Apple, Facebook, Google, and Microsoft. It can even bypass two-factor authentication and warning emails on target devices. Developed by NSO Group, the software is called Pegasus. Apparently it has been used for several years by various governments and spy agencies to gather data from smartphones, presumably from people of interest for one reason or another. The latest iteration, however, extends past smartphones and can pluck data from the cloud. People who are supposedly familiar with NSO Group's sales pitch told Financial Times that... Read more...
It appears that no one is safe from the hacking capabilities of Israeli security firm Cellebrite. Cellebrite is well-known in law enforcement circles for its lineup of hardware devices that are able to use brute force methods to hack smartphones and tablets. The company recently announced that it has the capability to "perform a full file system extraction on any iOS device" with its latest Universal Forensic Extraction Device (UFED). This newest product, dubbed UFED Premium, can chew through any and all passcodes on an iOS device to unlock them. What's even more critical, which Apple has attempted to thwart in the past with USB Restricted Mode, is that UFED Premium can perform... Read more...
Biometric security measures are improving all the time, though they are not infallible. This is demonstrated on the recently launched OnePlus 7 Pro. It has a fingerprint sensor that is embedded in the full-front display, and with a little bit of glue and a few minutes of time, it can be easily thwarted. Well, sort of. The process itself is rather simple. It basically entails creating a rudimentary mold of a fingerprint using aluminum foil, a dab of hot glue, and a little bit of Elmer's glue. It's a cheap hack, in other words, albeit an effective one on the OnePlus 7 Pro. Incidentally, the same method was proven to work on the previous generation OnePlus 6T. YouTube channel Max Tech demonstrated... Read more...
Tesla builds one of the most tech-infused cars on the roads today. Not only are Tesla vehicles packed with features but they also offer over-the-air updates with new features, fixes and optimizations. Tesla was able to get the price of the Model 3 down to the long-anticipated $35,000 late last month, but a team of security researchers have taken advantage of the open nature of the Tesla Model 3 and were able to hack the car on the last day of the Pwn2Own 2019 hacking contest that was held in Vancouver, Canada. The team that successfully hacked the Model 3 was called Fluoroacetate and includes two members, Amat Cama, and Richard Zhu. The duo was able to hack the Tesla via its integrated browser... Read more...
Citrix Systems said it is cooperating with the Federal Bureau of Investigation (FBI) to investigate a major data breach by international cyber criminals into the company's internal network. Based on what Citrix knows so far, the hackers may have accessed and downloaded business documents, though the full extent is not yet known. "In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information," Citrix said in a statement. Resecurity, a provider of cybersecurity and intelligence solutions, alerted the FBI in December of the data breach at Citrix. According to Resecurity, an Iranian-linked... Read more...
We have all heard of the dark web: a lawless digital world, uncharted and unstructured, full of data -- much of it illegally acquired and illegally for sale -- that cannot be viewed without special tools: proxy servers, TOR browsers, and the like. It's a murky and mysterious place, a place where much information resides, but is difficult to unearth for the uninitiated. Until now. Canada's Echosec Systems Ltd. recently released Beacon, a security tool that's designed to shed some light on the dark web.  Karl Swannie is the CEO of Echosec, the company behind Beacon. "Beacon is a dark web search engine that allows users to search anonymously, without the need for a TOR browser," says Echosec... Read more...
Traditional passwords have started to yield ground to biometric security options, like fingerprint scanning and even retina scans. Going even deeper (literally), there's yet another method that involves authenticating a person's identity by scanning his or her veins. It sounds secure, except that researchers have already found a way to thwart it using wax. The process of authenticating a user's veins involves scanning the shape, size, and position of veins that are underneath a person's hand, and then comparing the scan with a record that is already on file. It's believed that German's Federal Intelligence Agency (Bundesnachrichtendienst, or BND) employs this type of security. In theory, it should... Read more...
1 2 3 4 5 Next ... Last