When the AP Twitter stream was hacked a few weeks ago leading to a massive drop in the equities market, I went off. I found the fact that the AP – a news organization staffed by intelligent people and with a long history of adapting to new media – could be hacked through a phishing attack was unconscionable. It would be like Bank of America being hacked by a group of script kiddies. → Read More
The price of freedom, as they say, is eternal vigilance. A user called bitbully on the Bitcointalk Forums found himself 34 bitcoins poorer when he visited a site claiming to be a chat service connected with Mt. Gox, a popular bitcoin trading service. The site, wwwdotmtg(this is an o)x-ch(this is an a)tdotinfo (do not visit this site), apparently places a cross-site transfer order on the victim’s… → Read More
Security writer Brian Krebs’ phone was spoofed and a SWAT team called to his home last week by hackers who apparently took offense at his investigations into various online hacking organizations. His website also suffered a denial of service attack for a short period. → Read More
No site is fully immune to getting hacked, but there are some obvious things every site owner can do to make it a bit harder for hackers to break into a web server and add rogue links or take over a site completely. Today, Google launched its new “Help for Hacked Sites” series to teach webmasters how to avoid getting hacked in the first place – and how to recover their sites if… → Read More
Google’s operating system Chrome OS survived all attempts to hack it at this year’s Pwnium 3 competition, which took place at the CanSecWest security conference in Vancouver, BC this week. Google, which was offering up $3.14159 million in prize money (get it, Pi money?), said that there was no winning entry, but it was in the process of evaluating some exploits for partial credit. → Read More
Evernote is requiring its nearly 50 million users to reset their passwords after the popular personal note-taking app became the latest high-profile victim of wide-scale hacking attempts. The breach follows malicious activity at Twitter, Facebook and others in recent weeks. → Read More
By now you must have heard of Unit 61398 of the People’s Liberation Army: “an overwhelming percentage of the attacks on American corporations, organizations and government agencies originate in and around [their] white tower,” claims the New York Times, who were themselves recently owned by the 1337 h4ck3r5 of the 61398. And just recently, there were “extremely sophisticated” attacks on Apple, … → Read More
With hacking and malware on the rise, Europe is cracking down on cybersecurity: today the European Commission, working with the High Representative of the Union for Foreign Affairs and Security Policy, is launching a new cybersecurity strategy along with a proposed directive on how to implement it (both embedded below). Among other things, the directive calls for each member state of the EU to set… → Read More
ENISA, the European Network and Information Security Agency, today called out drive-by exploits as the biggest, most increasing threat of the moment in the Internet landscape, amongst a sea of other all-too-familiar issues like worms, phishing and botnets. Spam, one of the oldest and most annoying aspects of being online, is the only threat that is on the wane, according to ENISA’s Threat… → Read More
The U.S. Defense Intelligence Agency is looking for a few good contractors to help it kick up its mobile information gathering capabilities, according to a new request for information. The request has the government organization soliciting information sources for technology aimed at exploiting digital media and hardware, with a special request for exploitation of mobile devices with methods not… → Read More
It all started with a score that needed to be settled. A couple of weeks ago, I wrote up some news about how various, high-profile sites in Pakistan and Romania were getting defaced by hackers. I did a little digging around to see who might have been behind the events. → Read More
Six weeks ago I was out drinking in a Kipling-themed bar in Rangoon, Myanmar–as you do–and happened to find myself next to a table of high-powered international telecommunications consultants, overhearing juicy lines like “Skype and Viber are going to kill us.” Needless to say I told Twitter right away. Then an old friend who’s also a genuine International Man Of Mystery got in touch and asked… → Read More
Pakistan’s domain registry provider PKNIC has posted an explanation of what it says happened when visits to a number of high-profile websites last weekend redirected to another page — in many cases to one with a photo of penguins and a message from someone called Eboz claiming responsibility. It says that during a security upgrade, a vulnerability opened up, which let someone breach four user… → Read More
Government sites get shut down all the time by hackers either worming their way through firewalls or via DDoS jobs. Today, it looks like someone decided to mess around a little with a site instead: a job posting on Directgov, the site that serves as the main online interface between government departments and the public, today advertises that the UK’s “Secret Intelligence Service” is seeking a… → Read More
Earlier today we reported how GoDaddy suffered a major outage, affecting millions of websites and hosted e-mail accounts that are run through the hosting and domain registrar’s DNS services. Now it looks like the sites are coming back up, but GoDaddy has yet to confirm whether the outage was due to a distributed denial of service attack — the reason claimed by a member of the Anonymous hacking… → Read More
If you’d been following Mat Honan’s harrowing story this weekend, you’ve learned that the Wired writer was completely hacked by a pair of 19-year-olds who targeted him because he had a cool Twitter handle. Honan has updated his tale and posted it on Wired where he goes through the seemingly innocent processes used to eventually wipe out his laptop hard drive, erase his digital identity, and… → Read More
Several weeks ago, reports started to trickle out that a number of Dropbox users were under attack from spam. Since then, Dropbox has been investigating those attacks (with some help from a third-party) and today gave the first update on the progress, saying that some accounts were indeed accessed by hackers, but that it is now adding two-factor authentication and other security features to… → Read More
Hacking, viruses, megabreaches and other cybercriminal activity are on the increase, and cybersecurity specialists Bit9 has today announced a significant round of funding to help fight it.
Bit9, which works with 30 of the Fortune 100 companies, Raised its biggest round yet, a $34.5 million Series D led by new investor Sequoia Capital, with participation from existing investors Atlas Venture… → Read More
There are still a lot of questions about this alleged Yahoo Voices data breach — including whether there was a reason behind the breach in the first place — but Yahoo has now officially confirmed that the data did in fact come from its servers, and that “approximately” 400,000 email addresses and passwords have been leaked in plain text online. Meanwhile, security specialists are now parsing the… → Read More
Move over organized cybercriminals, the new gangs in town don’t want our money, but they want to make a point, and they’re going to do whatever it takes to make sure we listen. The annual Data Breach Investigations Report (embedded below this post) from Verizon and major security agencies has found that hacktivism from the likes of Anonymous accounted for 58 percent of all data stolen online in… → Read More
An Android developer by the name of Koushik Dutta is building an alternative Android app store which will house the apps that have been banned from Google’s official Android Market. These will include the custom ROMs (customized versions of the Android OS), classic gaming emulators pulled due to copyright complaints, unofficial tethering apps removed at the behest of mobile operators, Visual… → Read More
Customers who used the self-checkout lanes at Lucky Supermarkets have been hacked. The grocer, which operates stores in California, says some of their credit card machines have been altered with sniffers to capture credit and debit card numbers. Lucky, owned by parent company Save Mart, is telling customers who used those machines to close their bank and credit card accounts. At least 80… → Read More
A hacking group calling themselves “Team Swastika” posted what they claimed was over 10,000 comprised Facebook accounts to Pastebin, a service that serves as an online clipboard. However, according to statements from Facebook PR, these email and password combinations don’t actually represent live Facebook accounts. Instead, it appears that the hackers obtained the accounts using common phishing… → Read More
Austrian blogger and developer Florian Rohrweck recently discovered a lot of Google+’s upcoming features just by digging around in the source code for the new social networking service. He was one of the first (but not the only one), to reveal Google+ Games before its launch, for example, as well as still unreleased features like “Shared Circles” and social search, among other things.
Now… → Read More
Apple has just hired yet another member of the iPhone jailbreaking community, Nicholas Allegra, also known as “@comex” on Twitter. Allegra is best known for the JailBreakMe website which made the process of jailbreaking the iPhone as simple as visiting a webpage using mobile Safari.
The 19-year old hacker from Chappaqua, New York, posted the news of his hire on Twitter, stating that he will be… → Read More
The bounty to get a workable version of the Android operating system installed on the now-discontinued HP TouchPad is up to $2,000+, as of today.
As we previously reported, the goal of this project is to get some version of Android 2.x onto the TouchPad and, most importantly, stable. If successful, this effort will help keep the HP tablet a little more relevant to those unfortunate early… → Read More
They’re out there. Be afraid. They could be anywhere, everywhere, anyone. They are shadowy, deadly, mysterious, guided by intellects vast and cool and unsympathetic. Security consultants and antivirus firms whisper legends of them to their clients to scare them straight. They’re the Voldemort of online security, except that everyone is all too eager to say their name: the Advanced Persistent… → Read More
There’s just no way around it. Sony really screwed up. And not just in the way they consistently have in the past. I mean big time. The outage that started last week and was finally addressed yesterday is worse than anyone expected, and naturally, someone has already sued. The lawsuit alleges that Sony was both remiss in its security responsibilities and its duty to inform its customers of… → Read More
Unfortunately for PlayStation Network and Qriocity services users, it looks like the widespread network outages will continue.
Since Sony’s PlayStation and music networks went down two days ago, there has been a fair amount of public speculation over the cause of the outage. (Largely due to Sony’s tight-lipped handling of public relations.) Many blamed vengeful gremlins loose in Sony’s server… → Read More
Austin, TX
Seattle, WA
San Diego, CA
Menlo Park, CA
Boston, MA
Disrupt Europe: Berlin Hackathon
Berlin, Germany
