Articles about Hacking

Whenever you access the internet, you are under attack. There are tons of evildoers out there just waiting to hack or scam you. Between malware and social engineering, it can feel like the wild west on the web. In other words, bad guys are everywhere -- be cautious.

While some of these hackers are merely amateurs looking to wreak havoc or profit monetarily, there is something far more devious. State-sponsored hackers and terrorists could be targeting you with more sophisticated techniques. This could be for political reasons, such as espionage, or even stealing corporate secrets. Starting today, if Microsoft suspects sate-sponsored attacks on your Microsoft Account, it will let you know. This includes both Outlook.com email and OneDrive cloud storage.

Continue reading →

When I go to a hotel, there are plenty of things I worry about. Are there bed bugs? Was the prior guest disgusting? Dear God, is there room service? For the most part, I have satisfying hotel stays, as I check online reviews beforehand. Any mention of cigarette smells, high noise levels, or yellow stains on the sheets, and I move along.

Sadly, there is yet another thing to worry about -- malware. Yes, today, Hyatt Hotels announces that its payment processing was breached by malware. Sigh. This type of news is becoming too commonplace nowadays, and quite frankly, I am getting fed up.

Continue reading →

Linux is usually touted as the operating system of choice for those concerned about privacy, but a recently discovered bug makes it unbelievably simple to bypass authentication. A vulnerability in Grub2 -- the bootloader used by many Linux distros -- means that all it takes to take control of a computer is to press the backspace key 28 times.

Two researchers from the Cybersecurity Group at Spain's Polytechnic University of Valencia published a paper that reveals just how easy it is to gain access to many Linux systems. It's not a problem that Ubuntu, Red Hat, and Debian users need to worry about too much as patches have already been issued, and users of other distros can make use of an emergency patch in the Grub2 git repository.

Continue reading →

Networking manufacturer Juniper has discovered backdoors built into its firewalls. The company says that a number of its devices running the ScreenOS operating system include serious vulnerabilities that could be used to take remote control of networked devices, or to decrypt VPN traffic.

The company says that the security issues were unearthed during an internal code review and has issued an out-of-cycle fix to address the vulnerabilities. Network admins are advised to treat the threats seriously, and to make use of the available patches immediately.

Continue reading →

There will no doubt be many new games and consoles under trees this holiday season. That means a lot of people joining the online gaming community and trying to get started with their new toys. The networks need to be ready for the vast influx of users. Now a hacker group is vowing to prevent all of this.

This isn't a new thing, as last Christmas Lizard Squad knocked both Xbox Live and PlayStation Network offline. This time around it's Phantom Group planning to do exactly the same thing. The group announced its intent on Twitter with such threats as "We are going to shut down Xbox live and PSN this year on Christmas. And we are going to keep them down for one-week straight #DramaAlert".

Continue reading →

10Fold recently evaluated the seven largest breaches this year and found that hackers had absconded with more than 193.4 million personal records. To get to this figure, the agency reviewed 720 data breaches that occurred throughout the year. To narrow the list to a more manageable size, the team made five million the barrier to entry.

10Fold selected these data breaches based on independent research and review of third-party resources such as ID Theft Resource Center and Information is Beautiful.

Continue reading →

The European Space Agency (ESA) has been hacked by Anonymous, and the names and login credentials of some of its employees have been posted online, the media reported on Monday.

The data released into the wild includes full names, email contact details, clear text passwords, office addresses, phone and fax contact details of those registered on the ESA database. The information contains 52 names, email addresses and passwords of 52 internal ESA users.

Continue reading →

Twitter is joining the Google - Facebook bandwagon, as it has started warning its users that they may be potential targets for "state-sponsored" hack attacks.

Canadian non-profit organization Coldhak has tweeted a copy of an email it has received from Twitter, warning it about a possible cyber-attack.

Continue reading →

UK webhosting company Easily has emailed its customers to inform them that it has fallen victim to a malware attack. COO Edwina McDowall says that the assailant is, as yet, unknown but steps have been taken to eliminate the malware.

The company warns that all customers should change their passwords as a precautionary measure, but seeks to assure people that credit card details have not been compromised.

Continue reading →

A high percentage of Americans would change their shopping habits if their favorite retailer was hit by a data breach according to a new study.

Data security specialist Vormetric commissioned the survey over 1000 US adults from Wakefield Research which found that for 85 percent of respondents the significant personal consequences that can result from a breach would cause them to find a new place to shop.

Continue reading →

Just a few days ago, we heard about the potential for the web-enabled Hello Barbie to provide hackers with personal data. Numerous vulnerabilities open up the potential for data to be stolen, but this could be the start of a worrying trend. If you thought the surveillance activities of the NSA and GCHQ are disturbing, things could be about to get much worse.

There is a movement underway that sees every conceivable device being transformed into a connected device. This is more than just the Internet of Things -- security experts are warning that not only could any devices connected to the internet (including web-enabled toys) could be used to spy on users, placing children at risk.

Continue reading →

Only 37 percent of SMBs believe that their organizations are fully equipped to handle IT security according to a new survey.

The study by security company Webroot reveals that in most small to medium businesses, IT teams are expected to handle all cyber security management and concerns. IT employees at almost one in three companies (32 percent) juggle security along with their other IT responsibilities, which leaves them limited time to cope with security tasks.

Continue reading →

The days and weeks after a major security breach can be trying, even for veterans of the security field. Chaos inevitably erupts as the organization attempts to assess and contain the damage. Often far down the list of priorities is the disclosure of the breach, but this can be one of the most critical steps for an organization to get right.

It is vital for financial reasons, to the recovery of the brand and for the viability of the company. It is not an easy task when customer’s personal information has been stolen. The reaction from customers is almost always the same: swift and highly critical of the organization and how it manages the aftermath.

Continue reading →

A new form of malware that targets mass media agencies has been discovered by researchers at the US-based security firm FireEye. The malware was detected in Hong Kong where it was being used to target a small number of media agencies with the initial targets of the attack being newspapers, radio stations and television studios.

The malware leaves a user vulnerable by offering a backdoor to their system. The way in which this is achieved is unique because its command and control or C&C server is hidden inside Dropbox accounts. FireEye was able to trace the malware back to a group of hackers by the name admin@338, who is believed to have ties with the Chinese government.

Continue reading →

Personal details of hundreds of thousands of JD Wetherspoon customers have been accessed and leaked following a hack of its database. The cyber attack affects more than 650,000 customers, the UK pub chain has announced.

The leaked data includes names, birth dates and email addresses, as well as the partial credit and debit card details of some customers who bought gift vouchers. Although the attack occurred back in June, JD Wetherspoon has only just gone public about it.

Continue reading →