Items tagged with Hacking

Security firm Cellebrite made headlines earlier this year when its services were employed by the FBI to help break into the phone of the San Bernardino shooter. Cellebrite recently invited a bunch of UK press to an event to show off what it's capable of.Equipped with an outdated smartphone, BBC reporter Rory Cellan-Jones went off for a half an hour, password-protected the device, and took pictures -- basically using the phone normally. You can see where this is going. Despite the password, Cellebrite plugged the phone into a bulky tablet, and after a few taps, the phone's security was disabled. From that point on, the phone was completely accessible, so any photos that the journalist would... Read more...
Yahoo is the latest major US corporation dealing with the fallout of a data breach that happened two years ago. Some might say that Yahoo's heartburn is well-deserved, though, as the company could have handled things better back in the day, which would have led to a better outcome right now. As we covered on Thursday, Yahoo suffered a major breach back in 2014 that resulted in some 500 million user accounts having their information compromised. However, it's only just recently that users have learned of this, so that's the first major criticism of Yahoo but it goes deeper. Yahoo has said that the attack was caused by a "state-sponsored actor", which means the company could have exercised... Read more...
Yahoo is getting ready to disclose a data breach that exposed account details for at least 200 million users. While nothing is yet official on Yahoo's part, the forthcoming disclosure is likely related to a security breach earlier this summer that Yahoo previously said it was investigating. Since then, a cybercriminal who goes by the name "Peace" has been selling the data on the dark web for $1,800.Peace, who has been linked to other high profile security breaches, claims the data includes usernames, passwords that are easy to decrypt, and personally information such as birth dates, email addresses, and more. Yahoo said back in August that it was "aware of the claim" but stopped short of confirming... Read more...
Two 18-year-olds from Israel find themselves in hot water with the United States Federal Bureau of Investigation (FBI) for their alleged roles in running a lucrative attack service called vDOS. They're said to have earned over $600,000 in the past two years by helping customers coordinate over 150,000 Distributed Denial of Service (DDoS) attacks.Israeli authorities arrested the two teenagers, Itay Huri and Yarden Bidani, on Thursday as part of an investigation by the FBI. They were questioned and released the next day for what amounts to around $10,000 bond each. Authorities also seized their passports and placed them on house arrest—they've been ordered not to use the Internet or any kind of... Read more...
You might think that logging out of your PC before leaving it unattended for a short time is relatively safe, but you'd be wrong. A security engineer at R5 Industries demonstrated how incredibly easy it is to swipe the login credentials of a locked Mac or Windows PC using just a $50 USB device that's available to anyone and everyone online. His name is Rob Fuller and he has an extensive history in information security. He's helped design and build cyber defenses for the U.S. Marine Corps and Pentagon, has worked with Fortune 50 companies to tighten their online defenses, and even served as a technical advisor for HBO's original comedy Silicon Valley. You might also recognize him as the host of... Read more...
In the world of pornography, Brazzers is about as de facto a name as it gets. Even if you don't indulge in what the adult entertainment offers, Brazzers is a recognizable name thanks to the fact that it's become its own meme. But it's hard to tell, just how big is Brazzers? Well, as we now learn, it's big enough to have attracted a staggering 800,000 people to its Web forum. We probably don't need to tell you that traditional forums are less popular than ever, so to have that kind of count in 2016 is quite something. Sadly, we find this out because of yet another breach, with all 800,000 accounts having been leaked. The information included involves email addresses, usernames, and most baffling,... Read more...
More details about a previously disclosed security breach at cloud storage provider Dropbox have come to light. The hack itself is old news—it occurred back in 2012—but what's new is how many users were affected by it. Hackers made off with details belonging to north of 68 million Dropbox users, prompting a mass password reset. The folks at Motherboard got their mitts on a sample of files containing email addresses and hashed passwords of users affected by the Dropbox hack. The information is contained in four files totaling about 5GB, with details of 68,680,741 accounts. Apparently a senior Dropbox employee confirmed with  the site that the info is real. It's a bit sobering to see so many... Read more...
Russian hackers are thought to be targeting reporters and major news outlets, including The New York Times, which confirmed that its Moscow bureau was the target of an attempted cyberattack this month. The news agency hasn't found any evidence to suggest that the hackers were successful in their attempt, though an investigation is ongoing. "We are constantly monitoring our systems with the latest available intelligence and tools," said Eileen Murphy, a spokeswoman for The Times. "We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised."There seems to be some conflicting information and a bit of veiled contention... Read more...
A hacking group that calls itself Shadow Brokers claims to have stolen sophisticated surveillance tools previously used by a group of high-tech hackers with ties to the U.S. National Security Agency (NSA). The group announced plans to auction off the tools, though security experts aren't sure if what they have is the real deal or if this is an elaborate hoax.In a post that's since been removed on Tumblr, the hacking group said it's in possession of cyber weapons made by the creators of Duqu, Flame, and Stuxnet and that this cache of tools is even more dangerous. Stuxnet is still considered one of the most advanced computer worms ever built. It's widely credited to the United States and Israel... Read more...
Let's face it, for the most part, air travel can be a hassle. Long security lines, having to walk what feels like 10 miles to make a connection, and the lugging around of our belongings while we deal with all of it can be a drain. It's for that reason that airline lounges can be a wonderful place to decompress - to get away from the noise of the airport to sit in a comfier chair and with faster Internet and some snacks. With all the hassle of the airport, these lounges can help lessen the pain. Of course, airline lounges are also rather exclusive. Unless you fly a lot and become an elite member of an airline program, you'll be shelling out good money to grant yourself access - often $50... Read more...
The same hacking group that claimed responsibility for ticking off every Pokemon Go player on the planet by overwhelming the game's servers with a DDoS attack last weekend is planning another attack. Poodle Corp, as the hacker group calls itself, issued a notice on Twitter that the next barrage on Pokemon Go's servers will take place August 1. Pokemon Go, for those of you who've taken residence under a rock, is a wildly popular mobile game that uses augmented reality. It's really a glorified scavenger hunt, tasking players with catching Pokemon characters by flinging Poke balls at them. The twist here is that the game uses your phone's built-in camera to see Pokemon characters in the real world,... Read more...
For a brief moment, Oculus CEO Brendan Iribe experienced a far less threatening version of what Captain Phillips went through when a Somalian pirate commandeered his ship and declared, "I'm the captain now." But instead of guns and a boat, Iribe seemingly lost control of his company when a hacker took control of his Twitter account and used it to announce a new boss."We here at Oculus are very excited to announce our new CEO, @Lid!," the Twitter post declared, followed by a smiling emoticon. To keep the ruse going, @Lid stated on his own Twitter account, "Lol just became CEO of this sh*t company, Oculus," with several emoji added because, well, that's how this generation communicates with one... Read more...
It seems impossible for the world to go a single week without a major security breach, so to fill the inevitable void this week is a hacker that goes by the name "thedarkoverlord," who claims to be in possession of a staggering 655,000 healthcare records. Of course, he is looking to sell them off. This latest records leak was first reported by Deep Dot Web, which has exclusive images to prove that the leak is real (one can be seen below). These images were not sourced by the website; rather, thedarkoverlord himself provided the images, probably as a way to build up some notoriety, and to flaunt the fact that the records are for sale to those who might be interested. The records the leaker is... Read more...
Has it been a long time since you've changed up your passwords? Now is a good time to think about doing so. A hacker or band of hackers obtained the login credentials of 45 million Internet users spread across 1,100 websites and communities, including many major and popular online destinations  such as Motorcycle.com, Mothering.com, and others. The folks at LeakedSource, a breach notification website, says VerticalScope and all of its domains were hacked in February of this year. It's not known how the attack was carried out, though LeakedSource surmises that VerticalScope stored too much data on interconnected servers—hacking into one server could have allowed the culprit(s) access to other... Read more...
Goodbye Chicago and hello San Francisco! The latter is the setting for Watch Dogs 2, the second installment in the hyper-connected third-person shooter from Ubisoft Montreal. Watch Dogs 2 features a new protagonist, Marcus Holloway, who's brilliant, young, and of course fully adept at hacking. After being accused of a crime he didn't commit, Holloway joins DedSec, a powerful group of like-mined hackers who collectively take on the challenge of fighting against a corrupt establishment and ultimately attempting to give control back to the people. In other words, Holloway is a hacktivist, but he's also a different sort of character than Aiden Pearce, the main character in the original Watch Dogs... Read more...
John McAfee, the antivirus pioneer who created the self-titled AV software that was eventually sold to Intel for $7.68 billion, tried shopping a story to the media that he and his merry band of hackers thwarted WhatsApp's encryption because of a major flaw in Android. The only problem is it didn't exactly happen that way.WhatsApp is an interesting target because it recently announced the addition of end-to-end encryption. It's also the most used messaging application in the world with over a billion users, so if there's a flaw in Android, the most popular mobile OS on the planet, that compromises the security and privacy of WhatsApp, then it's a big deal. But according to Gizmodo, all McAfee... Read more...
It's good computing practice to change your passwords every now and then, and also after a major hacking incident. The latter is why you should considering changing your Gmail or Yahoo password at your earliest convenience—over 272 million online accounts have been stolen and are being traded in Russia's underground market. Researchers from Hold Security told Reuters that it found a Russian hacker gloating in a web forum that he had stolen a larger number of online credentials. His cache of compromised accounts totaled 1.17 billion, though many of them were duplicates. After eliminating redundant entries, the security outfit counted 57 million Mail.ru accounts, just 7 million shy of the monthly... Read more...
Watch out, bug hunters, the scope of your competition is expanding to include younger hackers. Take Jani, a 10-year-old living in Finland who discovered a vulnerability in Instagram that allowed him to delete anyone's comments. He proved the flaw to Facebook and was awarded a cool $10,000 for his efforts.Jani isn't even old enough to use Instagram, but he didn't let that stop him from participating in Facebook's Bug Bounty program. Melanie Ensigtn, a security representative at Facebook, told The Washington Post that Jani's methods were completely ethical and void of any ulterior motives. He didn't even violate Instagram's terms of service, as the hack didn't require that he have an account. Had... Read more...
As we’ve seen in the San Bernardino iPhone case, the FBI is willing to go to extreme lengths to retrieve [potentially valuable] personal information for investigative purposes. When Apple wouldn’t comply with FBI requests to unlock the iPhone 5c in that case, the U.S. Justice Department filed a lawsuit. A day before the case was to go to trial, the lawsuit was unexpectedly pulled, as the FBI had found a way to break into the iPhone through the help of a third-party. In the future, the FBI might not have to go through so many hoops to crack large numbers of smartphones and PCs, as the U.S. Supreme Court signed off on new procedural rules that grant judges the ability to grant search warrants on... Read more...
In an attempt to kill Saddam Hussein and intimidate the enemy, United States military forces conducted a shock and awe campaign that saw a barrage of bombs dropped on Baghdad and other parts of Iraq over a decade ago. Fast forward to today and the U.S. is still dropping bombs on enemies, albeit instead of explosives they're now of cyber variety.It's not that the U.S. military lacks explosives, but the landscape is different now, and so is the target. The Islamic jihadist militant group known as ISIS conducts much of its effort online, and that's where they're perhaps most vulnerable. So in addition to using traditional weapons, the U.S. military's six-year-old Cyber Command is for the first time... Read more...
Security and related IT topics can be a little dry and tasteless at times, not to mention overly complex. There’s no question that, especially with the alarming rise of data breaches, advancing security innovation is vital to the future of technology, the enterprise and the Internet. But let’s face it, the rocket science behind security just isn’t that sexy—at least it wasn’t until we spoke to the team at ProtectWise. The company’s CEO, Scott Chasin, and CTO, Gene Stevens, both have roots going back to McAfee (sans bath salts), pre-Intel acquisition, with Chasin serving as CTO of McAfee up until the sale. The Denver Colorado security startup has raised $37 million in total VC from partners like... Read more...
Another day, another report of a security breach, this latest one affecting Wendy's, a nationwide chain of fast food restaurants. Wendy's has hired a security firm to help investigate claims that someone hacked its systems, a decision the chain made after being alerted to potential credit card fraud tracing back to some of the chain's locations. "We have received this month from our payment industry contacts reports of unusual activity involving payment cards at some of our restaurant locations," Wendy's spokesperson Bob Bertini told KrebsOnSecurity. "Reports indicate that fraudulent charges may have occurred elsewhere after the cards were legitimately used at some of our restaurants. We’ve hired... Read more...
First ... Prev 2 3 4 5 6 Next ... Last