Articles about Hacking

New evidence has emerged detailing Russia's attempts to interfere in the 2016 US election. A leaked, top secret NSA report shared by the Intercept reveals that Russian intelligence agencies hacked the manufacturer of US voting systems.

The Intercept says that the authenticity of the documents has been independently verified, and they show a concerted Russian effort to sway the result of the battle between Trump and Clinton. Following the leak, a government contractor called Reality Leigh Winner has been arrested for allegedly removing classified material from a government facility in Georgia.

Continue reading →

Password management service OneLogin has fallen victim to a serious attack. The company says that it "detected unauthorized access to OneLogin data in our US data region" -- this was blocked, but not before the attacker gained access to AWS keys and the ability to decrypt data.

The company warns that "all customers served by our US data center are affected; customer data was compromised, including the ability to decrypt encrypted data." OneLogin has provided a guide for securing data, but it's possible that it may be too late for some people.

Continue reading →

A report published by the British American Security Information Council (BASIC) cautions that the UK's fleet of Trident submarines faces "growing potential for cyber-attack." The authors issue a stark warning that "a successful attack could neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads."

Government officials have long dismissed the risk of hacking the nuclear subs because they are not connected to the internet. But the report, entitled Hacking UK Trident: A Growing Threat, suggests that risk of malware infection during manufacturing or software updating are just two possible attack vectors that could lead to the compromise of nuclear weapons.

Continue reading →

TheShadowBrokers, the hacking group behind the leak of NSA malware, has announced further details of the "Data Dump of the Month" subscription service it has previously talked about. Now known as "TheShadowBrokers Monthly Dump Service," the launch sees the group switching from Bitcoin to Zcash as its currency of choice.

Signing up for the service will set interested parties back 100 ZEC (Zcash). As this equates to over $20,000, it's not a subscription that many people are likely to be taking out, particularly as there is no evidence that the group has more exploits to offer. The hacking group has previously said that it has Windows 10 vulnerabilities to expose.

Continue reading →

Security researchers from Check Point have discovered a major vulnerability in popular media players, like VLC, Kodi and Popcorn Time, which leaves users vulnerable to hacker attacks via malicious subtitles. The security firm estimates that the number of potential victims is around 200 million.

Media players give users the option to load subtitles from repositories, which can be tricked by attackers to rank their altered subtitles higher. This leads to those malicious subtitles being recommended to the user. If they are loaded, attackers can gain control over "any device running them." Check Point notes that the "potential damage the attacker can inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more."

Continue reading →

Cybersecurity experts from Recorded Future think the cybercrime group we know as APT3 is on the Chinese Ministry of State Security’s payroll.

It bases its conclusions on the work of "intrusiontruth," a group claiming to have investigated some of the most important APT actors. Analyzing APT3’s C&C infrastructure, it came across two names, Wu Yingzhuo and Dong Hao, who allegedly registered many of the domains that the threat actors had used.

Continue reading →

Two thirds of consumers in the UK would "break up" with a brand if it suffers a data breach.

That's according to a new report by Talend which highlights the importance of businesses engaging with customers to ensure they provide high-quality data security.

Continue reading →

News over the past week has been dominated by the fallout from the WannaCry ransomware. Now the hacking group that released the NSA's hacking tool kit into the wild has announced plans to start an exploit subscription service in June.

ShadowBrokers used a blog post to announce that next month will see the launch of "TheShadowBrokers Data Dump of the Month" service. Described as "being like wine of month club," such a subscription service would attract a great deal of interest from intelligence agencies and would-be hackers alike, particularly if -- as the group suggests -- it includes access to Windows 10 exploits.

Continue reading →

Just a couple of weeks since a leak of season five of Orange is the New Black was held to ransom, the same is now happening with the upcoming Pirates of the Caribbean 5. Yesterday Disney CEO Bob Iger revealed that hackers had stolen one of the company's movies, and it has since transpired that it is the upcoming Johnny Depp flick.

Subtitled "Dead Men Tell No Tales", Pirates of the Caribbean 5 is due to hit the big screen next week, and hackers are demanding a ransom from Disney to avert a leak ahead of the official launch. This is the latest move in the world of piracy that shows a marked shift from the previous aim of release groups simply wanting to be the first to push out a decent quality rip of a movie.

Continue reading →

The "WannaCrypt" ransomware has proven to be a disaster globally. This malware will encrypt a user's files and then demand some Bitcoin ransom to decrypt them. While the amount being demanded is relatively low at $300 or $600, the scam can be modified for even larger amounts. Heck, even after the ransom is paid, there is no guarantee that the bad guys will follow through with the decryption, making it quite the gamble. As the ransomware has disrupted government agencies, medical services, and other critical computers, the ransom is being paid by some, as it can literally be the the difference between life and death -- surgeries and other procedures have been delayed.

While there are many directions in which you can point the finger of blame, Microsoft should absolutely not shoulder any of the responsibility. After all, the vulnerability that led to the disaster was patched back in March. It never even affected the most recent version of the operating system, Windows 10. The company has even since patched the archaic Windows XP! So who is to blame? Users and administrators that failed to keep their systems up to date are partially at fault. The biggest blame belongs to an unlikely party -- the US Government! You see, an agency of our own government -- the NSA -- knew about the exploit, and rather than alert Microsoft, it chose to stockpile it for intelligence purposes. Sadly, the exploit itself got leaked, and as a result, it landed into the hands of evildoers.

Continue reading →

Cyberattacks against the government sector increased by 100 percent in 2016, rising up to 14 percent, according to a new report by Dimension Data. The financial sector has also seen a dramatic increase in the number of attacks, from three percent in 2015 to 14 percent in 2016.

The manufacturing sector is now on third place with 13 percent of all attacks while retail, which used to be the number one target, fell to fourth place with 11 percent. Poor retail.

Continue reading →

WikiLeaks continues to release revealing documents from its Vault 7 cache. This time around the organization introduces us to a CIA tool called Archimedes -- previously known as Fulcrum.

As before, there is little to confirm whether or not the tool is still in active use -- or, indeed, if it has actually ever been used -- but the documentation shows how it can be installed on a LAN to perform a man-in-the-middle attack.

Continue reading →

Left-wing French presidential hopeful Emmanuel Macron has been hit by a "massive and coordinated" hack attack just before voters go to the polls. A 9GB cache of emails and photos was dumped as a torrent on Pastebin by a leaker by the name of EMLEAKS. The torrent was initially hosted on Archive.org.

It was quickly pulled offline, but not before it had spread far and wide on social media. Released just before midnight on Friday night, the leak was timed to prevent Macron from responding. French election rules forbid candidates from engaging in any form of campaigning immediately before polls open.

Continue reading →

Industrial robots make many of the things that we use in our everyday lives, from cars to domestic appliances.

If the world isn't to descend into chaos therefore, it's imperative that robots follow their programming. But a new report from the TrendLabs research arm of cyber security company Trend Micro reveals just how easily industrial robots can be hacked.

Continue reading →

A hacking group by the name of TheDarkOverlord has leaked the first episode of the Netflix show Orange is the New Black [Update: the group has since leaked 9 more episodes]. The season premiere of the hit show is not set to air until June, but TheDarkOverlord released it to The Pirate Bay after Netflix failed to meet ransom demands.

The group allegedly managed to get hold of the episode after gaining access to the systems of post-production studio Larson Studios in Hollywood. When Netflix refused to comply with its demands, which are described as "modest", the show was made available for BitTorrent users.

Continue reading →