Articles about Hacking

Israeli security firm Cellebrite -- the company said to have helped the FBI access the San Bernadino iPhone -- says that it has the power to break into, and extract data from, just about any phone out there. Speaking with the BBC, the company demonstrated how it can crack the password on a smartphone to access its data.

It said that it was able to extract data from the very latest handsets including Android 7 devices and the iPhone 7. Cellebrite says it works with law enforcement agencies around the world too, and stopped short of saying it refused to work with oppressive regimes. The interview raises some interesting questions.

Continue reading →

If your business gets hacked, expect to lose a significant portion of your customers -- for good. This is according to a new report released by Alertsec, the cloud-based encryption company. Its Brand Perception Study, based on a poll of 1,200 Americans, says 17 percent of women and 11 percent of men would permanently lose trust in a hacked company.

Almost a third (29 percent) would need months to return while a further 22 percent would need only one. Men are also more likely (16 percent) to switch brands after a hack than women (6 percent). For more than a third (35 percent), a hack means the company was sloppy. Another third (32 percent) says it is the result of a lack of professionalism, while 26 percent say the company would become a great target for lawsuits.

Continue reading →

A group of hackers speaking Russian and using Russian servers are out hunting for American companies' user credentials, an exclusive story published on The Epoch Times claims.

This group, allegedly not tied to any government and basically operating on its own, is targeting "at least" 85 companies, including Amazon, American Airlines, AT&T, Best Buy, Wells Fargo, DropBox, Dunking Donuts, Ebay, GoDaddy, Uber, Match.com, McDonald’s, Office Depot, PayPal, Pizza Hut, Steam, and Apple Pay.

Continue reading →

There have been numerous cases of iCloud accounts being hacked over the years, but it's the celebrity ones that hit the headlines. Well, that and things like the Fappening. The latest celebrity account to fall victim to hackers is Pippa Middleton, sister of British royal Kate Middleton, the Duchess of Cambridge.

A reported 3,000 images have been stolen from Pippa's account, and these are said to include photographs of Kate and her children. Leaked images also show photos from private parties, and shots of wedding dresses.

Continue reading →

Data breaches have become the norm in recent years with 2014 earning the nickname the "year of the data breach" and 2015 being known as the "year of the breach". So far in 2016, even more data breaches have been made public, including LinkedIn, MySpace and Dropbox and we will likely see more before the year comes to a close.

For companies, being the victim of a breach is unnerving enough, but there also implications to their reputation, brand and finances. However, breaches also have an indirect impact on organizations and some end up facing the "collateral damage" of such an attack for some time after the initial breach.

Continue reading →

Yahoo users who have not changed their passwords for a while are being advised to do so. The company has confirmed that it suffered a major security breach back in 2014 and information relating to 500 million accounts was stolen.

Yahoo says that the attack was carried out by a "state-sponsored actor" but does not elaborate on who it might be. The data accessed includes "names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers".

Continue reading →

Attacks on websites are a daily occurrence so to get any real attention an attack needs to be something special. Starting on Tuesday, Brian Krebs' security blog, KrebsOnSecurity.com, was hit with what is being described as "the largest DDoS the internet has ever seen".

Despite being clobbered with a colossal 665 Gbps of traffic, Krebs' site remained online thanks to the anti-DDoS efforts of security firm Akamai. It is thought that Krebs was targeted for his exposés of hackers, and the attack was delivered via a huge number of hacked IoT devices.

Continue reading →

Hackers are increasingly targeting healthcare institutions with malware because of their poor cyber-security posture, reliance on legacy IT systems, third-party services and the need to access information as soon as possible in order to deliver great patient care. These are the conclusions released in a new report entitled McAfee Labs Threats Report: September 2016.

It says that hospitals paid almost $100,000 (£75,500) to a specific bitcoin account. In the first half of 2016, one "actor" (it could be a single hacker, but more likely a group) apparently received $121 million in ransomware (189,813 bitcoin), targeting various industries. This actor, according to the report, has had profits of $94 million in the first six months of this year.

Continue reading →

Hackers are using social media to gather information about their next victim. They use that information to form sophisticated strategies and deliver advanced threats into networks.

These are the results of a new Blue Coat Systems report, based on a poll of 3,130 workers in various industries in Great Britain, France and Germany. Key takeaway from the report is that user behavior has not improved much since last year. This year, 42 percent of respondents say they only accept friend requests from people they know.

Continue reading →

Whilst the popular view of hackers tends to be of outsiders, there's been increasing emphasis in recent years on the threat to enterprise data posed by those inside the organization.

Behavior analytics company RedOwl carried out a survey at last month's Black Hat conference, asking almost 300 security professionals for their views on insider threats, and the results are released today.

Continue reading →

A security researcher has revealed a way to determine the password needed to access a protected Windows or OS X account. Using Rob Fuller's technique, it doesn't matter if the computer in question is locked, and it uses a USB SoC-based device to crack user credentials.

By modifying the firmware of a USB dongle, Fuller was able to make the device appear as an Ethernet adaptor. By spoofing a network connection, it is then possible to trick a target computer into giving up an account password.

Continue reading →

I've been at CloudSec 2016 in London, listening to various security professionals from the likes of Trend Micro and Microsoft talk about the challenges businesses face in securing their data in the cloud.

As you could probably have guessed, talks have centered around the ever-expanding threat landscape, the continued industrialization of cybercrime through various underground marketplaces around the world and general cyber security trends.

Continue reading →

It seems that serious data breaches are all but an everyday occurrence at the moment. At the same time, there have also been instances of historical hacks suddenly coming to light such as the 2012 breach of Dropbox.

But Dropbox was not the only company to suffer an attack in 2012 -- so did music site Last.fm. Now, four years after the hack, details of 43 million accounts have been leaked.

Continue reading →

OurMine is a hacking collective that gets its jollies by causing havoc in the name of security. For instance, the group often takes over Twitter accounts, causing distress to the handle owner. Heck, just last month it hacked TechCrunch. Ultimately, OurMine never seems to cause real damage -- its antics are an inconvenience more than anything.

Today, OurMine hacks Variety.com and takes its mischief to a new level. You see, the hackers not only infiltrated the company's newsletter database, but OurMine sent spam to the contained subscriber email addresses too. Apparently it was not just one spam email, but many.

Continue reading →

Remember how Dropbox asked all those that haven't changed their passwords since 2012 to do so now? Remember how they said they did it for no particular reason, just as a precaution? Turns out, it was much more than that.

As a matter of fact, back in 2012, more than 68 million accounts were hacked.

Continue reading →