Articles about Hacking

The Internet of Things (IoT) may be the US National Security Agency’s next potential target for spying and collecting data according to a comment made by its deputy director at a recent military technology conference.

During the conference, which was held in Washington DC on June 10, deputy director of the NSA Richard Ledgett said that the agency is considering potential ways it could collect data from internet-connected devices such as smart appliances and pacemakers.

Continue reading →

In recent days the internet has been abuzz with news that credentials for millions of Twitter accounts have been put up for sale on the Dark Web. Despite the online chatter about what many people assumed to be a security breach, Twitter chose to remain silent. Now the company has spoken out after an investigation and denies that the password leak was the result of Twitter being hacked.

Dismissively referring to the "purported Twitter @names and passwords", the company says that the leak is probably a combination of data gathered from previous breaches as well as credentials gathered by malware. Twitter has identified a number of accounts directly affected by the leak and has reset the passwords to protect the owners.

Continue reading →

Almost a fifth (19 percent) of companies in the UK wouldn’t notify their customers in case of a data breach, a new report highlights.

As the EU GDPR draws closer, Trend Micro investigated if companies have formal processes in place to notify data protection authorities (within 72 hours), and the public, in case of a data breach, as will be enforced by the Regulation.

Continue reading →

Security researchers at Pen Test Partners have discovered a vulnerability in Mitsubishi’s plug-in hybrid electric Outlander that could allow potential car thieves to disable the car’s anti-theft alarms.

The security researchers investigate potential vulnerabilities in connected devices through the use of penetration testing and found that the Outlander’s Wi-Fi module can be accessed by anyone within range of the vehicle by connecting to it with their smartphone.

Continue reading →

In the last couple of weeks there have been a huge number of reports from TeamViewer users that their computers have been hijacked. In addition to this, users of the remote access tool have complained of funds being extracted from PayPal and bank accounts. But TeamViewer insists that there has not been a security breach, instead shifting the blame to users.

The company says they are in the habit of reusing the same passwords for a number of apps and services. It suggests that recent high profile security breaches -- such as the password dumps from MySpace and LinkedIn -- have allowed cyber criminals to learn TeamViewer log in credentials. Despite laying the blame firmly at the feet of users, the company is introducing two new measures to help increase security.

Continue reading →

Security firm Trustwave has discovered a zero-day exploit for Windows for sale on an underground Russian hacking forum. A user going by the name BuggiCorp says the vulnerability affects all versions of Microsoft's operating system, from Windows XP and 2000 upwards, including both 32- and 64-bit versions.

The source code for the exploit is offered for upwards of $90,000, and the seller explains that it can be used to elevate the privileges of any software process to SYSTEM level -- the highest there is. Payment is requested in Bitcoin, but while the exploit is considered serious, experts suggest that the asking price is a little high.

Continue reading →

Earlier reports of a couple of banks using the SWIFT (Society for Worldwide Interbank Financial Telecommunication) system being hacked are now paired with new reports saying that additional 12 banks using the same system might have fallen victim to the attack.

According to security researchers FireEye, which have been investigating the matter, "numerous" other banks have contacted them, including banks from the Philippines, and New Zealand. Even though the majority of these attacks were thwarted, approximately $81 million made it to the Philippines and ended up at casinos, where its trail is lost.

Continue reading →

You know your website isn’t worth much when a database of 427 million stolen login credentials are being sold online for roughly $2,800 (£1,920).

Yep, that’s what happened to MySpace over the weekend. But Myspace not being worth much nowadays is not the news. Possibly the biggest login credentials theft, is.

Continue reading →

The group that tried to steal a million dollars from the Vietnamese Tien Phong Bank, managed to steal $81 million from Bangladesh's Central Bank, and managed to steal $12 million from a bank in Ecuador, also attacked a bank in the Philippines.

However, it remains unclear if the group actually managed to steal any money from this bank or not. What we do know, though, is that all these attacks seem to be pointing at the same hacking group, known as Lazarus.

Continue reading →

Security researchers have discovered that DDoS attacks are now available to purchase on the Internet for as little as $5 an hour.

The researchers, who work for the security firm Imperva, were able to find distributed denial of service attacks (DDoS) for as low as $5 an hour on the online professional services marketplace Fiverr. A year ago these same services cost $38 an hour and could only be found on the dark web.

Continue reading →

Researchers at the US cybersecurity company FireEye have discovered that hackers have begun to probe the defenses of banks in the Middle East by targeting bank employees with malware-infected emails to collect information about bank networks and user accounts.

The company started an investigation into the cyberattack in February in which hackers were able to steal $81 million from Bangladesh’s central bank. FireEye found no apparent connection between that attack and the similar attacks against banks in Vietnam and Ecuador. Currently in all three cases the hackers responsible for the attacks are unknown.

Continue reading →

A new security report by digital identity company ThreatMetrix says hackers are using a large army made out of "automated cyber robots", or bots, for financial gain.

Their Q1 2016 report, entitled Q1 Cybercrime Report, says there have been 311 million bot attacks detected and stopped in this year’s first quarter.

Continue reading →

Hacking and cyber attacks are no longer confined to computers. Thanks to the Internet of Things they affect a whole lot of other equipment too and that includes medical devices.

Application protection specialist Arxan has produced an infographic looking at the growing threat landscape surrounding connected medical devices.

Continue reading →

The email addresses and private messages of over 470,000 members of the popular hacking website Nulled have been leaked following a data breach.

The website served as a marketplace where its users could buy and sell the account details they stole from users along with hacking advice and tips. The data that was leaked from Nulled contained over 5,000 purchase records that detailed how the stolen information available on the site’s marketplace was exchanged between users.

Continue reading →

Cast your mind back to 2012 and the LinkedIn hack that had the grown up's social network scurrying to advise its users to change their passwords.

It was thought at the time that the 6.5 million sets of credentials posted on a Russian password forum was the extent of the breach. However, four years on a hacker under the name of 'Peace' is offering for sale a database of millions more LinkedIn accounts.

Continue reading →