Articles about Hacking

Following a massive security breach over the weekend, Hacking Team has issued a warning that its surveillance and remote access software could now be used by anyone -- including terrorists. The Italian security and surveillance firm fell victim to an attack that relieved it of 400GB of company data, including source code for its software.

Whoever was responsible for the security breach made this data available via torrent, meaning that anyone was able to get hold of it. Hacking Team's software is favoured by governments around the world for mounting NSA-style surveillance and monitoring programs and the company has now issued a stark warning: "Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so".

Continue reading →

Adding backdoors so governments can access data is a "major security risk". This is the (perhaps slightly obvious) conclusion of security experts and cryptographers writing in a report entitled Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications.

The report from the Massachusetts Institute of Technology’s Computer Science and Artificial Intelligence Lab criticizes plans to allow law enforcement agencies unfettered access to encrypted data through the use of either front doors or backdoors. More importantly it poses the question: "if we want to maintain the security of user information, is this sort of access even technically possible?"

Continue reading →

Italian security and surveillance firm Hacking Team appears to have itself fallen victim to a security breach. Hacking Team produces software which is used by governments around the world as part of their surveillance programs. The company has been criticized for facilitating invasions of privacy, and, over the weekend, its Twitter feed was taken over, resulting in its name and profile picture being changed to read Hacked Team.

But this is far from being the end of the story. Whoever is responsible for the security breach also released a torrent file that provides access to 400GB of company data. Included in the cache are emails, source code, and confidential documents. The files reveal who the company has been dealing with including a number of countries known for their oppressive regimes.

Continue reading →

In what appears to be a protest against the Indian government’s stand on net neutrality and the way it is handling Digital India, hacker group AnonOpsIndia hacked BSNL Telecommunications' website on Friday. Hours after the breach, the website is still affected.

AnonOpsIndia, which seems inspired by the major hacktivist group Anonymous, describes itself with a similar reverence and asks to be referred to as "Anonymous India". This is the third major hack the group has managed to pull off, after hacking the nation's PAN database and a coal-sector website last week.

Continue reading →

Everybody tends to think that hackers will never ever target them or their company/organization until a breach occurs. I've already written several practical examples explaining why hackers target you and your data.

Here, I will try to concentrate on post-incident actions and provide some brief advice on what to do after you have been hacked.

Continue reading →

When Sony Pictures was hacked last year, one of the primary concerns for the company was the leaking of a number of unreleased movies. But in the UK, there were other consequences, including the daytime broadcast of the movie The Verdict complete with a smattering of four-letter expletives.

Sony Pictures Entertainment's subsidiary company Media Mix Limited owns the TV station Movie Mix, and on 14 December the channel broadcast an edit of the movie peppered with f-bombs. In the middle of the afternoon. The channel's excuse? That the "safe for daytime" broadcast version of the movie had been deleted by hackers.

Continue reading →

UK secret services say that the encrypted files Edward Snowden held from his time working at the NSA have been accessed by intelligence agencies in China and Russia. The Sunday Times reports that the top secret files have been hacked meaning that British and American spies could be identified and located.

Wanted by US authorities, Snowden has been in hiding for some time now. It is believed that the time he spent seeking refuge in Hong Kong and Moscow may have given security official the opportunity to access the data he held. Although the data was protected, it is thought that the encryption was hacked, and US and UK intelligence services have been "forced to intervene and lift their agents from operations to prevent them from being identified and killed".

Continue reading →

Security firms are supposed to keep us safe from threats like malware and hacker attacks, but occasionally they fall foul of the bad guys too. A year ago Avast was hacked, and some 400,000 user details were stolen. Two years ago, AVG and Avira had their websites taken over by pro-Palestinian hackers.

The latest security firm to be hacked is Russian anti-virus software maker Kaspersky Lab.

Continue reading →

For a while now we've witnessed the brutality of Islamic State, but less in the news is the cyber terrorism carried out by it. However that's a big part of the arsenal for this group and media outlets have been a primary target in the war. Recently the site and social media of a French TV station was taken down and defaced with messages from the group.

Following the attack on TV5Monde, media groups within France held an emergency meeting. This came after all of the network went black for more than three hours in April.

Continue reading →

Hackers stole personal information from more than 104,000 taxpayers this spring, the International Revenue Service (IRS) just revealed.

Commissioner John Koskinen said in a press conference that the information included several years' worth of returns and other tax information filed with the IRS, and explained exactly what happened.

Continue reading →

A security consultant is at the centre of a media storm following claims that he hacked into the computer systems on board airplanes on a number of occasions, and during one of those he allegedly managed to take partial control of the craft.

Chris Roberts was picked up by the FBI last month following tweets about hacking into the plane’s systems on a United Airlines flight from Chicago to Syracuse, and upon landing he had his kit -- a MacBook Pro and iPad Air -- seized in order to be scrutinized by their techies.

Continue reading →

There have been numerous instances in the past where anti-virus companies have been accused -- and in many cases caught -- of creating malware their products combat. We’re learning of yet another similar case. A former employee of cybersecurity firm Tiversa is accusing the company of fraud.

Richard Wallace, one of the former investigators at the firm has testified against the firm in a Washington DC courtroom. Wallace says that Tiversa employees would hack their potential clients to force them to buy services from the firm.

Continue reading →

It's one thing to have your personal bank account hacked, you may lose a few dollars or worse a small fortune. However you would expect corporate accounts to have added security, preventing such a devastating event. That's clearly not the case. While we've seen point-of-sale systems hacked and customer data stolen, this time it was actually a company bank account that was robbed.

Irish airline Ryanair had its corporate account plundered by hackers to the tune of $5 million, or €4.6 million. The money apparently disappeared from accounts used to fund the fueling of the company's planes, not a cheap task and perfect for not immediately ringing alarm bells.

Continue reading →

In 2015, the number of cyber-attacks and data breaches being reported by companies and governments across the world does not appear to be decreasing. Many high profile attacks have taken place in the past year alone. As a result of government investigations into cyber-attacks, it was discovered that many of these attacks are not the work of a single criminal acting alone.

In fact, organized hacking groups are increasingly responsible for these incidents. As time goes on, the data breaches and attacks are becoming more devastating and authorities are looking to see who is behind these events in order to stop these groups from organizing further. As the world becomes more technologically integrated, cyber-attacks pose issues of national security that need to be addressed.

Continue reading →

A serious security hole leaves millions of Windows users open to attack, making it possible to extract encrypted credentials from a target machine. Researchers at Cylance say the problem affects "any Windows PC, tablet or server" (including Windows 10) and is a slight progression of the Redirect to SMB attack discovered by Aaron Spangler way back in 1997.

Redirect to SMB is essentially a man-in-the-middle attack which involves taking control of a network connection. As the name suggests, victims are then redirected to a malicious SMB server which can extract usernames, domains and passwords. Cylance also reports that software from companies such as Adobe, Oracle and Symantec -- including security and antivirus tools -- are affected.

Continue reading →