When Hacking Team was hacked, a massive cache of data was leaked, including the source code for government-strength surveillance tools. Hacking Team warned that the code could have fallen into terrorist hands, but then backtracked slightly to say that any code that had been obtained was incomplete and out of date.

We already know that the company managed to sneak malicious apps into Google Play, and you might be concerned that some of its malware has made its way onto your computer. To help put minds at rest -- hopefully -- Rook Software has released a tool to seek out Hacking Tool malware.

Continue reading →

As you may or may not know, Adobe Flash -- a veteran tool required by many modern browsers for video playback -- is riddled with vulnerabilities. The product has a long history of being thrown under the bus for its security incompetence. Such is the case today. Mozilla announces that it is blocking all versions of Flash Player in its browser with its latest update.

Mark Schmidt, the head of the Firefox team at Mozilla notes that the company is disabling Adobe Flash by default in the browser. The block is accompanied by an image showing a raised fist and the phrase "Occupy Flash". Users who wish to enable Flash can do so by flipping switches in the settings menu, however.

Continue reading →

Following a massive security breach, Italian security firm Hacking Team warned that its government-strength surveillance tools could have fallen into the hands of terrorists. The company advised its customers -- including governments and law agencies around the world -- to stop using its software, and is now launching something of a damage-limitation exercise.

Hacking Team has released a statement indicating that far from giving up and admitting defeat, a new, more powerful version of its software will be released soon. The replacement for Galileo, called Remote Control System 10, is described as a "complete revision" of the old system and "not simply an update". The security firm also stresses that not all of its source code was compromised, only code which is considered obsolete.

Continue reading →

Security researchers at Symantec have discovered that a number of well-known hacking collectives are actually highly trained independent groups targeting large corporations for financial gain.

The likes of Apple, Facebook and Twitter have all faced cyberattacks in the past and it is now thought that this is only viable if the information that is acquired is then sold or traded through some "financial market".

Continue reading →

Following a massive security breach over the weekend, Hacking Team has issued a warning that its surveillance and remote access software could now be used by anyone -- including terrorists. The Italian security and surveillance firm fell victim to an attack that relieved it of 400GB of company data, including source code for its software.

Whoever was responsible for the security breach made this data available via torrent, meaning that anyone was able to get hold of it. Hacking Team's software is favoured by governments around the world for mounting NSA-style surveillance and monitoring programs and the company has now issued a stark warning: "Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so".

Continue reading →

Adding backdoors so governments can access data is a "major security risk". This is the (perhaps slightly obvious) conclusion of security experts and cryptographers writing in a report entitled Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications.

The report from the Massachusetts Institute of Technology’s Computer Science and Artificial Intelligence Lab criticizes plans to allow law enforcement agencies unfettered access to encrypted data through the use of either front doors or backdoors. More importantly it poses the question: "if we want to maintain the security of user information, is this sort of access even technically possible?"

Continue reading →

Italian security and surveillance firm Hacking Team appears to have itself fallen victim to a security breach. Hacking Team produces software which is used by governments around the world as part of their surveillance programs. The company has been criticized for facilitating invasions of privacy, and, over the weekend, its Twitter feed was taken over, resulting in its name and profile picture being changed to read Hacked Team.

But this is far from being the end of the story. Whoever is responsible for the security breach also released a torrent file that provides access to 400GB of company data. Included in the cache are emails, source code, and confidential documents. The files reveal who the company has been dealing with including a number of countries known for their oppressive regimes.

Continue reading →

In what appears to be a protest against the Indian government’s stand on net neutrality and the way it is handling Digital India, hacker group AnonOpsIndia hacked BSNL Telecommunications' website on Friday. Hours after the breach, the website is still affected.

AnonOpsIndia, which seems inspired by the major hacktivist group Anonymous, describes itself with a similar reverence and asks to be referred to as "Anonymous India". This is the third major hack the group has managed to pull off, after hacking the nation's PAN database and a coal-sector website last week.

Continue reading →

Everybody tends to think that hackers will never ever target them or their company/organization until a breach occurs. I've already written several practical examples explaining why hackers target you and your data.

Here, I will try to concentrate on post-incident actions and provide some brief advice on what to do after you have been hacked.

Continue reading →

When Sony Pictures was hacked last year, one of the primary concerns for the company was the leaking of a number of unreleased movies. But in the UK, there were other consequences, including the daytime broadcast of the movie The Verdict complete with a smattering of four-letter expletives.

Sony Pictures Entertainment's subsidiary company Media Mix Limited owns the TV station Movie Mix, and on 14 December the channel broadcast an edit of the movie peppered with f-bombs. In the middle of the afternoon. The channel's excuse? That the "safe for daytime" broadcast version of the movie had been deleted by hackers.

Continue reading →

UK secret services say that the encrypted files Edward Snowden held from his time working at the NSA have been accessed by intelligence agencies in China and Russia. The Sunday Times reports that the top secret files have been hacked meaning that British and American spies could be identified and located.

Wanted by US authorities, Snowden has been in hiding for some time now. It is believed that the time he spent seeking refuge in Hong Kong and Moscow may have given security official the opportunity to access the data he held. Although the data was protected, it is thought that the encryption was hacked, and US and UK intelligence services have been "forced to intervene and lift their agents from operations to prevent them from being identified and killed".

Continue reading →

Security firms are supposed to keep us safe from threats like malware and hacker attacks, but occasionally they fall foul of the bad guys too. A year ago Avast was hacked, and some 400,000 user details were stolen. Two years ago, AVG and Avira had their websites taken over by pro-Palestinian hackers.

The latest security firm to be hacked is Russian anti-virus software maker Kaspersky Lab.

Continue reading →

For a while now we've witnessed the brutality of Islamic State, but less in the news is the cyber terrorism carried out by it. However that's a big part of the arsenal for this group and media outlets have been a primary target in the war. Recently the site and social media of a French TV station was taken down and defaced with messages from the group.

Following the attack on TV5Monde, media groups within France held an emergency meeting. This came after all of the network went black for more than three hours in April.

Continue reading →

Hackers stole personal information from more than 104,000 taxpayers this spring, the International Revenue Service (IRS) just revealed.

Commissioner John Koskinen said in a press conference that the information included several years' worth of returns and other tax information filed with the IRS, and explained exactly what happened.

Continue reading →

A security consultant is at the centre of a media storm following claims that he hacked into the computer systems on board airplanes on a number of occasions, and during one of those he allegedly managed to take partial control of the craft.

Chris Roberts was picked up by the FBI last month following tweets about hacking into the plane’s systems on a United Airlines flight from Chicago to Syracuse, and upon landing he had his kit -- a MacBook Pro and iPad Air -- seized in order to be scrutinized by their techies.

Continue reading →