Articles about Hacking

Hungarian airline Wizz Air has emailed millions of customers informing them that their passwords have been reset.

While the company is at pains to stress that it has not been the victim of hacking, nor is any personal information at risk, the email took many customers by surprise and raised concerns about a possible data breach.

Continue reading →

The Twitter account of Scotland Yard has been hit by hackers, resulting in a series of strange and offensive tweets being sent to hundreds of thousands of followers. The website for the Metropolitan Police was also hacked.

Tweets sent by the hackers made references to Keemstar as well as drill artist Digga D, calling for the rapper to be freed from prison. The attack by hackers also resulted in a series of emails being sent out to journalists via the Metropolitan Police's official email address.

Continue reading →

Slack has just been made aware of additional information about a security breach that took place back in 2015, forcing the company to reset the passwords of around 1 percent of its users.

The company announced earlier this year that it has a daily userbase of over 10 million people, so this means that a huge number of users are affected by the incident no matter how much Slack tries to downplay it.

Continue reading →

Microsoft has revealed that it has issued warnings to nearly 10,000 people that they are the targets or victims of state-sponsored hacking.

The announcement comes as Microsoft showcases election systems running Microsoft ElectionGuard which not only helps to increase security, but also makes voting more accessible. Microsoft reveals that the vast majority of the state-sponsored attacks targeted enterprise customers, but there were still a significant number of regular consumers affected.

Continue reading →

Greetings, Comrade!

I write to you to celebrate the coming glorious victory over imperialist America. Our efforts to undermine their so-called democratic institutions is nearly complete. What began as a seemingly disastrous failure on the part of our cyber and Internet propaganda forces has now morphed into a highly successful psy-ops campaign that threatens the black, decadent heart of the Western society!

Continue reading →

If the word MouseJack seems familiar, it's because it as been around for a while. It is a remote access hack that emerged a few years back that took advantage of a vulnerability in some Logitech wireless dongles, as well as hardware from other manufacturers.

Being at least three years old, you would expect that patches would have been addressed -- and they were. But a large number of devices are still at risk because Logitech failed to recall the affect units that were on sale so there's a chance that if you bought a Logitech wireless keyboard, mouse or standalone dongle in the last few years, you could be at risk.

Continue reading →

Learn Ethical Hacking from Scratch from Packt Publishing will teach you how to hack systems like black hat hackers and secure them like security experts.

It will help you understand how computer systems work and their vulnerabilities, explain how to exploit weaknesses and hack into machines to test their security, and learn how to secure systems from hackers now.

Continue reading →

Congratulations! You’ve selected and deployed a new cybersecurity solution. But, once you’re up and running you might not feel completely secure. Do you need to test your incident response process as much as testing the software? Does the new solution have vulnerabilities you -- or its creators -- don’t know about? Are there emerging attacks that it will miss?

If you want to know that a cybersecurity solution will do what you need it to do, and that you’re ready to respond to whatever it detects, you need to test it. Penetration testing ("pentesting") is a common part of deploying any new tool for cybersecurity, and it may help you identify and fix weaknesses in your defense. Pentesting can be automated through software, but that can lack the ingenuity of a live human trying to breach your system. The surefire way to simulate a real human attack is to enlist the service of a real human attacker -- subjecting your network and its cybersecurity defenses to "ethical hacking."

Continue reading →

Canonical -- the company behind the Ubuntu Linux distro -- is investigating an attack on its GitHub account over the weekend.

On Saturday, hackers were able to break into Canonical's GitHub account and create a number of new repositories. Named CAN_GOT_HAXXD, the eleven repositories were empty and have now been removed. Canonical says that no source code was accessed, but it is not yet known who carried out the attack.

Continue reading →

A Windows support tool bundled with Dell computers has a high-severity security hole that leaves millions of systems at risk of a privilege-escalation attack.

Dell has announced that both the Business and Home versions of its SupportAssist tool have a security vulnerability within the PC Doctor component that requires immediate patching. The discovery was made by SafeBreach, and there could be over 100 million systems that are affected.

Continue reading →

A number of Linux and FreeBSD servers and systems are vulnerable to a denial of service vulnerability dubbed SACK Panic, as well as other forms of attack.

A total of three security flaws were discovered by Jonathan Looney of Netflix Information Security. A series of malicious packets sent to vulnerable system is all it takes to crash or slow them down -- a remotely-triggered kernel panic. Patches and workaround have been released to help plug the holes.

Continue reading →

Security firm Symantec was attacked by a hacker back in February, but the company did not reveal details of the incident.

The attack has been brought to light by Guardian Australia which has seen some of the data extracted by hackers. This comprises not only passwords, but what is thought to be a list of Symantec clients -- including government agencies. But Symantec is downplaying the data breach, dismissing it as a "minor incident".

Continue reading →

Security researchers have revealed an exploit that can be used by hackers to steal data from DRAM, even if ECC protection is in place. RAMBleed is a Rowhammer-based attack that can also be used to alter data and increase privilege levels.

Taking advantage of the design of modern memory chips, a Rowhamer attack works by "hammering" the physical rows of data in quick succession causing bit-flipping in neighboring rows. RAMBleed takes this in a different direction, using a similar technique to access data stored in physical memory.

Continue reading →

Hackers have stolen the photographs of travellers entering and leaving the US, as well as photos of their license plates, US Customs and Border Protection (CBP) has said.

The cyberattack was carried out on the network of a federal subcontractor, and the images were taken as part of a "malicious cyberattack". Although the hack attack has only just been revealed publicly, CBP first learned of it on May 31.

Continue reading →

Medical testing firm and clinical laboratory Quest Diagnostics has revealed that a data breach has led to the records of nearly 12 million of its customers being exposed. The data includes financial data, Social Security numbers and medical information.

Quest Diagnostics was itself not the target of hackers, but the American Medical Collection Agency (AMCA) was. The company is used by Optum360 for billing collections services, and Optum360 is used by Quest Diagnostics.

Continue reading →