Items tagged with Hacking

An Israeli company that managed to hack WhatsApp earlier this year is now claiming it has developed new software that can stealthily swipe cloud data from Amazon, Apple, Facebook, Google, and Microsoft. It can even bypass two-factor authentication and warning emails on target devices. Developed by NSO Group, the software is called Pegasus. Apparently it has been used for several years by various governments and spy agencies to gather data from smartphones, presumably from people of interest for one reason or another. The latest iteration, however, extends past smartphones and can pluck data from the cloud. People who are supposedly familiar with NSO Group's sales pitch told Financial Times that... Read more...
It appears that no one is safe from the hacking capabilities of Israeli security firm Cellebrite. Cellebrite is well-known in law enforcement circles for its lineup of hardware devices that are able to use brute force methods to hack smartphones and tablets. The company recently announced that it has the capability to "perform a full file system extraction on any iOS device" with its latest Universal Forensic Extraction Device (UFED). This newest product, dubbed UFED Premium, can chew through any and all passcodes on an iOS device to unlock them. What's even more critical, which Apple has attempted to thwart in the past with USB Restricted Mode, is that UFED Premium can perform... Read more...
Biometric security measures are improving all the time, though they are not infallible. This is demonstrated on the recently launched OnePlus 7 Pro. It has a fingerprint sensor that is embedded in the full-front display, and with a little bit of glue and a few minutes of time, it can be easily thwarted. Well, sort of. The process itself is rather simple. It basically entails creating a rudimentary mold of a fingerprint using aluminum foil, a dab of hot glue, and a little bit of Elmer's glue. It's a cheap hack, in other words, albeit an effective one on the OnePlus 7 Pro. Incidentally, the same method was proven to work on the previous generation OnePlus 6T. YouTube channel Max Tech demonstrated... Read more...
Tesla builds one of the most tech-infused cars on the roads today. Not only are Tesla vehicles packed with features but they also offer over-the-air updates with new features, fixes and optimizations. Tesla was able to get the price of the Model 3 down to the long-anticipated $35,000 late last month, but a team of security researchers have taken advantage of the open nature of the Tesla Model 3 and were able to hack the car on the last day of the Pwn2Own 2019 hacking contest that was held in Vancouver, Canada. The team that successfully hacked the Model 3 was called Fluoroacetate and includes two members, Amat Cama, and Richard Zhu. The duo was able to hack the Tesla via its integrated browser... Read more...
Citrix Systems said it is cooperating with the Federal Bureau of Investigation (FBI) to investigate a major data breach by international cyber criminals into the company's internal network. Based on what Citrix knows so far, the hackers may have accessed and downloaded business documents, though the full extent is not yet known. "In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information," Citrix said in a statement. Resecurity, a provider of cybersecurity and intelligence solutions, alerted the FBI in December of the data breach at Citrix. According to Resecurity, an Iranian-linked... Read more...
We have all heard of the dark web: a lawless digital world, uncharted and unstructured, full of data -- much of it illegally acquired and illegally for sale -- that cannot be viewed without special tools: proxy servers, TOR browsers, and the like. It's a murky and mysterious place, a place where much information resides, but is difficult to unearth for the uninitiated. Until now. Canada's Echosec Systems Ltd. recently released Beacon, a security tool that's designed to shed some light on the dark web.  Karl Swannie is the CEO of Echosec, the company behind Beacon. "Beacon is a dark web search engine that allows users to search anonymously, without the need for a TOR browser," says Echosec... Read more...
Traditional passwords have started to yield ground to biometric security options, like fingerprint scanning and even retina scans. Going even deeper (literally), there's yet another method that involves authenticating a person's identity by scanning his or her veins. It sounds secure, except that researchers have already found a way to thwart it using wax. The process of authenticating a user's veins involves scanning the shape, size, and position of veins that are underneath a person's hand, and then comparing the scan with a record that is already on file. It's believed that German's Federal Intelligence Agency (Bundesnachrichtendienst, or BND) employs this type of security. In theory, it should... Read more...
In what could pass for a scene in a movie, a hacker managed to breach a school district's database and steal 10 years worth of personal data belonging to half a million students and staff. Only this wasn't a movie, it happened in real life. Had it been a movie, the hacker would likely have been revealed to be a student or former employee. It's not clear who the actual culprit is, though, only that it was a pretty serious security breach. The mystery hacker infiltrated the San Diego Unified School District, which contained a wealth of personal data—first and last names, dates of birth, mailing addresses, home addresses, telephone numbers, and in some cases, social security numbers and/or... Read more...
In a groundbreaking move, the Library of Congress and US Copyright Office have proposed new rules that will give consumers the ability to legally hack the DRM of electronic devices to repair or maintain those devices. The devices these proposed rules would cover and legalize the hacking of include smartphones, voice assistants, tractors, cars, smart home appliances, and other devices. These proposed rules will be a major win for the right to repair movement. Devices that can be legally hacked would have to be "lawfully acquired" meaning that the proposed rules wouldn't make it legal to hack the DRM of stolen devices. Rules would also stipulate that the hacking of DRM is legal only for "maintenance"... Read more...
Implanted ID devices certainly aren’t new; they have been used to help lost pets return home for many years now. These little chips are embedded under the skin of the dog or cat, and if picked up by animal control, the chip can be scanned, and the pets returned home. They are rather like tags that can’t be lost and both the injection and presence of the device under the skin goes unnoticed by most animals. These implanted chips are now going mainstream for people, according to a man called Patrick Kramer of Digiwell, who has implanted about 2,000 similar chips into humans but this is also just part of an overall trend in human augmentation. These implants inside people aren’t... Read more...
Let's start with the good news. Cryptocurrency mining on GPUs has waned considerably, and the shortage of graphics cards that made it nearly impossible to score a mid-range or high-end GPU at or near MSRP is over (for the most part). Are you ready for the bad news? Be that as it may, cryptocurrency mining hacks are on the rise, and a leaked tool by the US National Security Agency (NSA) may be partially to blame. That's the takeaway from a new report by Cyber Threat Alliance (CTA), a cybersecurity association with some major names among its members, including Cisco, Juniper Networks, McAfee, Sophos, Symantec, and others. The tool in question is "EternalBlue," developed by the NSA and leaked last... Read more...
There is a rash of complaints on Twitter over a recent Instagram hack that has left numerous users unable to access their accounts. Preliminary data suggests that the shenanigans originate from Russia, though nothing has been confirmed. Instagram is investigation the issue, and in the meantime, it has some advice for users. "If you received an email from us notifying you of a change in your email address, and you did not initiate this change— please click the link marked ‘revert this change’ in the email, and then change your password," Instagram advised in blog post. My instagram has been hacked! User name, password and email all been changed from some email address in Russia.... Read more...
If your laptop contains sensitive data, it is best not to leave it unattended. That is sound advice even it does not have any work secrets or other potentially compromising data, and you want to avoid falling prey to malware. In case you need a reason why, a security firm recently posted a video showing how quickly a hacker with physical access to someone's laptop can install malicious firmware onto the device. These types of security intrusions are called "evil maid" attacks, named after the scenario of someone breaking into a hotel room to physically access a target's notebook. Normally only the hotel's maid would go in and out of the hotel room, hence the clever "evil maid" designation. Of... Read more...
Every so often, WikiLeaks publishes top-secret documents outlining various hacking tools and malware used by the United States Central Intelligence Agency (CIA). Most of the documents we have seen are presumably outdated, but for obvious reasons, the CIA would still like to keep them under lock and key. The agency would also like to arrest the person responsible for providing the documents to Wikileaks, and has identified a possible suspect. That person is Joshua Adam Schulte, a former employee of a CIA group tasked with programming code to spy on foreign threats, The Washington Post reports. Federal prosecutors identified Schulte as a suspect during a hearing in January, noting that he provided... Read more...
1 2 3 4 5 Next ... Last