Articles about Hacking

There are too many security firms offering insufficient security. At least that's what Ilia Kolochenko, CEO and founder of High-Tech Bridge thinks. He points to the splitting of Symantec as proof that security companies are struggling, and suggests that the emergence of so many firms competing for attention is the start of a new dot com bubble that could burst at any moment.

Security is important to both home computer users and enterprise businesses. There is a huge amount of money to be made in the field, so it is perhaps little wonder that the number of companies muscling in on the market is on the increase. Kolochenko says that at the end of the century a lot of tech companies sprang up overnight and "most of these businesses were designed to create artificial problems or boost non-existent demand in order to make quick money. They didn't actually solve any real problems". There is a danger that the same could happen in the security world.

Continue reading →

Google is an amazing company that offers many products and services that make our lives better. For example, Gmail, YouTube, Maps and Android help many people every day. Unfortunately, there is one downside to living in Google's world -- having one password.

You see, with Google services, one password gains access to them all by utilizing a central account. If your password is exposed, nefarious people can wreak havoc across Google, including your precious Gmail account. Unfortunately, this recently happened to 5 million users and you could be one of them! Don't panic -- there is now an app for iOS and Android that can tell you if you are affected.

Continue reading →

According to the IBTimes, around five million Google Account credentials have been leaked online by hackers, with around 60 percent of the compromised accounts judged to still be active.

A user called "tvskit" made the announcement on the Bitcoin Security forum along with a link to the alleged email list. The majority of the leaked accounts seem to belong to Russian users.

Continue reading →

Ever wondered why hackers do what they do? Thycotic, a software firm specializing in privileged access password protection, conducted a survey of 127 hackers at Black Hat USA 2014 to try and understand their thinking.

The company found that more than half of the hackers (51 percent) were driven by the fun/thrill, while 19 percent were in it for the money. Few hackers fear getting caught with 86 percent confident they will never face repercussions for their activities.

Continue reading →

When Google bought Nest Labs for $3.2 billion seven months ago, I described the move as the start of a home invasion. Google already knows a lot about you, including where you live, what your interests are, where you go on the Internet and in the real world (via Android), and its acquisition of Nest, which makes smart thermostats and (not so smart) smoke detectors, meant it would potentially also know what you get up to in your own home.

As it turns out, Google using Nest products to find out what customers are doing is just one worry. A team of researchers has discovered an easy hack that allows anyone to gain control of Nest’s smart thermostat and turn it into a spying device which can reveal when you’re at home or away, and even divulge your Wi-Fi credentials.

Continue reading →

A cyber security researcher has worked out ways to hack into passenger jets through the plane's Wi-Fi and inflight entertainment systems.

If confirmed, the claim could prompt a comprehensive restructure of aircraft security, and cast new scrutiny on the way aircraft electronic security has been managed in the past.

Continue reading →

All mobile apps can be hacked. A group of hackers with enough time and dedication can gain access to, and reverse engineer, even the most secure app environment.

Android represents 80 percent of the smartphone OS market, according to ABI research, and its open development environment exposes the platform to certain unique threats from hackers and malware.

Continue reading →

News and review website CNET has been targeted by a team of Russian hackers called W0rm. CNET's servers were hit over the weekend, but details have only just been released.

Although CNET has not given a concrete confirmation of exactly what happened, the site explains that a representative of W0rm claims to have stolen a database containing the usernames and passwords of over a million users. It seems a security hole in the Symfony PHP framework was exploited, and it is not yet clear what the fallout could be.

Continue reading →

It seems that not a week goes by these days without news of a security breach at some company. We've seen Target, Michaels and others fall victim, though the true victims are really the customers of these establishments.

Earlier this week we heard rumors that restaurant P.F. Chang's was the latest chain to suffer a data breach. The report first came from security researcher Brian Krebs, who stated "On June 9, thousands of newly-stolen credit and debit cards went up for sale on rescator[dot]so, an underground store best known for selling tens of millions of cards stolen in the Target breach. Several banks contacted by KrebsOnSecurity said they acquired from this new batch multiple cards that were previously issued to customers, and found that all had been used at P.F. Chang’s locations between the beginning of March 2014 and May 19, 2014".

Continue reading →

OpenSSL, which runs on the servers for many websites, has been having a rough time in recent weeks. We all learned of the near fatal flaw named Heartbleed, which affected quite a number companies and services on the web.

Now a new, albeit less severe, flaw has been discovered. Security researchers at AVG have unveiled what they are calling CCS Injection, which the company terms a vulnerability, but points out that it is not easily taken advantage of.

Continue reading →

Relying on passwords alone to keep your Internet accounts safe can get you in a lot of trouble. They may be comfortable to use, but hackers can easily bypass or crack them. Or, even worse in my opinion, steal personal information without you even knowing. A recommended method for minimizing such risks is to enable two-factor authentication.

Two-factor authentication is an added security layer that requires you to use a password and a security code, in order to log in. It is a feature available in the account's settings that is usually not enabled by default. The security code can be delivered via SMS, email or a dedicated app. I have it turned on for every Internet account that supports it.

Continue reading →

Working in the corporate world can be pretty soul-crushing. This is particularly true for engineers and programmers. You see, they all start out as young men and women with big ideas and ambition. However, office politics and bureaucracy can quickly destroy all promise. While this isn't true of all companies, let's face it, not everyone is going to be a hero -- the world needs grunts.

Wouldn't it be great if some companies could sponsor an outlet for creativity? Imagine, the minds of employees being free to create. Even if it is just one day, the fun and memories would make the rest of the year palpable. Well, Netflix has done just that, with what it calls, "Netflix Hack Day".

Continue reading →

Hackers get a bad rap, but that's usually down to a simple misunderstanding of the term. PayPal is doing what it can to set the record straight with its second annual Hackathon competition, Battle Hacks, where participants are invited to "become the ultimate hacker for good". This is not the type of hacking you see on TV and in movies -- there are no passwords to be broken, no encrypted files to crack. Instead, developers are invited to create something magical and useful based on the PayPal API, or the Braintree and Venmo SDKs, in just 24 hours.

The Hackathon takes place in eleven cities around the world, starting in Tel Aviv on 6 February, and ending in London on 11 October. The world finals take place in San Jose, CA over three days starting 14 November, and the winner will walk away $100,000 richer. Oh, and they get the chance to wield the axe trophy -- "good luck clearing customs," quips PayPal.

Continue reading →

When the Prism and NSA scandal was unearthed and brought to light by Edward Snowden, the internet died a little. I still remember reading the news and being heartbroken that my own government was spying on me by forcing companies to secretly disclose information.

In June of 2013, Microsoft and Google filed lawsuits to gain the ability to disclose the details of these information requests. Today the internet scores a victory -- the shackles have been loosened, and the gags removed from these companies and others like them.

Continue reading →

Apparently Adobe should not rest on its laurels, as Target reaches record-setting data losses. Over the past couple of weeks we have gradually learned of a security breach at the retailer that exposed customer data, including credit card information.

The whole thing seemed bad enough right off the bat, when we reported the number of affected customers at 40 million. It grew worse this week, when that total rose to 70 million. Now the retailer has truly hit the big time.

Continue reading →