Articles about Hacking

Implanted brain stimulation devices are used by scientists to explore how memories are created in the brain. New research shows that vulnerabilities mean they could be be targeted in future to steal personal information, alter or erase memories or cause physical harm.

Sound like science fiction? Researchers from Kaspersky Lab and the University of Oxford Functional Neurosurgery Group have used practical and theoretical analysis to explore the very real vulnerabilities that could exist in implanted devices used for deep brain stimulation.

Continue reading →

We often hear the term 'ethical hacker', but what exactly does this involve and is it something you can actually make a career out of?

We spoke to Jim O'Gorman president of online penetration testing training provider Offensive Security to find out what being an ethical hacker is all about and what skills you need if you want to become one.

Continue reading →

The most recent Facebook security issue is one of the most serious yet for users of the social network. Depending on which numbers you are look at, the hackers who exploited a security flaw have impacted on anything between 14 and 30 million people.

Facebook is still -- with the help of law enforcement agencies -- investigating the incident, and in the meantime many people feel as those they are being left in the dark. If you want to find out if your account has been affected, here's what you need to do.

Continue reading →

In a news release with the bizarrely vague title of "An Update on the Security Issue", Facebook has revealed that the "View As" security breach it opened up about recently gave hackers access to the personal details of 15  million users.

Having previously advised that the access tokens stolen by hackers had not been used to infiltrate other apps and services, the social networking giant now says 15 million people have had their names and contact details exposed. 14 million users had significantly more details revealed, including username, relationship status, religion, hometown,  birthdate, places they have checked into, and recent searches.

Continue reading →

Around two-thirds of executives and IT professionals responding to a new survey believe that hackers would be able to penetrate their networks.

The study from security and application delivery company Radware focused on global companies and reveals that at least 89 percent of respondents have experienced attacks against web applications or web servers of the past year.

Continue reading →

Since the revelation that a "security issue" allowed hackers to steal access tokens to view people's Facebook accounts, the company has provided a further update about the incident. Facebook has already provided one update about the attack, but now the investigation has progressed and the social network is trying to offer reassurances to those who have understandable concerns about security.

The company says that the attackers did not access any apps that make use of Facebook Login, the system that makes it possible to sign into other accounts and services with Facebook credentials.

Continue reading →

The Guardian was among many outlets to write about the huge Facebook vulnerability and attack reported yesterday, and people were understandably keen to share the story on the social network. However, many people found that they were unable to do.

Large numbers of Facebook users who tried to share the Guardian's story -- as well as one published by the Associated Press -- were greeted by a message informing them that the messages was spam and could not be posted. The matter has been addressed, but it led to complaints that Facebook was trying to hush up the story, and renewed calls to #DeleteFacebook. On its blog, Facebook's security team has also given more details about the "security issue" that happened earlier this week,

Continue reading →

Facebook has revealed that it discovered a security issue which could have exposed the accounts of 50 million people.

A vulnerability was discovered in Facebook's View As feature on Tuesday, September 25, but the company has not given too many details about how the flaw was exploited or by whom, but it has said that attackers were able to steal access tokens and access other people's accounts. Law enforcement agencies have been informed, and an investigation is under way.

Continue reading →

Just 15 lines of code was all it took for hackers to hijack the checkout of online retailer Newegg. The month-long attack took the form of a huge card skimming operation and is believed to have been carried out by the same group that was responsible for hacking both British Airways and Ticketmaster recently -- Magecart.

The hackers inserted car-skimming code into Newegg's payment page, and this script remained in place between August 14 and September 18. It is not known how many people may have been affected by the incident, but with millions of visitors each month, the numbers are potentially huge.

Continue reading →

A new report from cloud delivery company Akamai reveals that the financial services industry has become a prime target for credential stuffing botnets.

Between May and June 2018, Akamai detected more than 8.3 billion malicious login attempts. However, many botnets attempt to remain in stealth mode for as long as possible.

Continue reading →

British Airways has fallen victim to what it describes as a "very sophisticated" attack in which hackers stole financial data relating to hundreds of thousands of customers.

The airline revealed that hackers gained access to its systems and managed to remain undetected for two weeks. The theft of data took place between August 21 and September 5 and the attackers managed to compromise both the ba.com web site and the airline's mobile app.

Continue reading →

While the US and UK governments continue to eye China with suspicion, blocking the use of some Chinese hardware because of national security concerns, it has come to light that Google's Titan Security Key is produced in China.

The keys are supposed to boost security through the use of two-step verification, but security experts are calling for transparency about the supply chain for the hardware after it was revealed it is produced by Chinese company Feitian. There are concerns that the devices could be compromised by Chinese hackers (state or otherwise) to spy on users.

Continue reading →

T-Mobile has revealed that it fell victim to a security incident earlier in the week, and details of around 2.3 million accounts were accessed.

The hack attack took place on Monday, August 20, and while T-Mobile stresses that no financial data was taken, it concedes that it detected "unauthorized capture of some information". The exposed data includes names, billing zip code, phone number, email address, account number and account type, which would be enough for hackers to launch successful phishing attacks.

Continue reading →

Unless you are in regular touch with the 1980s it's probably a while since you gave much thought to using fax machines.

Even then you might think your biggest worry would be a paper jam. But new research from Check Point released at Def Con in Las Vegas reveals organizations and individuals could be hacked via their fax machines, using newly discovered vulnerabilities in the communication protocols used in tens of millions of fax devices globally.

Continue reading →

Increasingly cybercriminals are using their initial attacks to probe systems and look for other vulnerabilities or network resources that they can later exploit.

Threat detection platform Preempt is launching new capabilities that allow enterprises to prevent lateral movement and unauthorized domain access due to the misuse of network credentials in reconnaissance tools.

Continue reading →