FBI makes arrests in global email‑hacking ring
The FBI has announced several arrests in a worldwide coordinated effort to break up a gang of email ‘hackers for hire’.
Hacking
Facebook pays record sum to hacker who exposed login bug
Facebook has given out a record fee for bug discovery, after a Brazilian security researcher exposed a vulnerability that could have been used to deliver malware to millions of Facebook users.
Trendnet under fire from FTC over camera security flaws which let hackers spy on babies
Baby monitors which shipped with security flaws that allowed hackers to watch and listen to babies from remote locations have led to an FTC complaint against the company responsible, Trendnet.
One in five internet users have had emails or social networks hijacked, Pew study finds
Internet users are becoming more savvy about keeping their private data safe - but many have already fallen victim to crime and scams, a study by the Pew Research Institute’s Internet Project has found. One in five (21%) of internet users have had an email or social networking account compromised or taken over without their permission.
Whiter‑than‑white hats, malware, penalty and repentance*
I was recently contacted by a journalist researching a story about ‘hackers’ quitting the dark side (and virus writing in particular) for the bright(-er) side. He cited this set of examples – 7 Hackers Who Got Legit Jobs From Their Exploits – and also mentioned Mike Ellison (formerly known as Stormbringer and Black Wolf, among
China has “mountains of data” on U.S. cyber attacks, top official claims
A top internet security official in China has said that his organization has “mountains of data” on U.S. cyber attacks against the country. Huang Chengqing, the director of the National Computer Network Emergency Response Technical Team Coordination Center of China (CNCERT), made the comments in the state-run China Daily newspaper, calling for greater cooperation between the two states on hacking.
China accuses U.S. of being “the real hacking empire” after Pentagon report
China has accused the United States of being, “the real hacking empire” after a Pentagon report which said for the first time that cyber attacks on the U.S. were “directly attributable” to Beijing.
Up to 600,000 gamers at risk as emails and other details stolen from online zombie game
Up to 600,000 gamers at risk as emails and other details stolen from online zombie game
Apple ID password and verification two‑step plays on
Stepping up protection of the Apple ID falters as password reset bug emerges before two-step verification is fully implemented.
Top celebrities and government officials financial details leaked online
The Associated Press reports that celebrities, including ashton Kutcher and Kim Kardashian, along with top government officials have had private financial information stolen and posted to a rogue website.
Bush family e‑mails stolen in online attack
Several email accounts belonging to family members of former President George W. Bush were hacked and the contents made public, exposing private data, correspondence and personal photos, according to The Smoking Gun. The apparent hack affected email threads between several members of the Bush family, including both former U.S. Presidents. According to the report, the
Java vulnerability woes continue as Apple blocks access
The uncertainty around Java shows no sign of abating as Apple blocks all versions of Java on OS 10.6 and above through its anti-malware security applet, XProtect. This follows the blocking in all but name by Mozilla as it moved to end auto-loading of plug ins for the Firefox browser.
FBI snatches Algerian bank hacker in Thailand
Hamza Bendelladj, the Algerian alleged bank hacker responsible for defrauding US banks of millions of dollars has been detained in Thailand, following three years of tracking by the FBI.
“Hollywood hacker” sentenced to 10 years jail time
A hacker who broke into celebrity email accounts and leaked nude pictures of Hollywood actors, including Scarlett Johansson, has been sentenced to 10 years in prison, according to an Associated Press report.
Australian Defence Force Academy attack exposes 20,000 user records
An attack on the Australian Defence Force Academy servers held at the University of New South Wales (UNSW) resulted in the loss of 20,000 user records. According to a report in the Sydney Morning Herald the hacker, known as Darwinare, managed to break in and steal the records, including passwords and email addresses in a
How’s your cyber security awareness? Or, do we really need security training?
As you may know, October is National Cyber Security Awareness Month in America, which is a good time to ask yourself how aware you are when it comes to threats to your digital devices and personal information.
Blizzard Entertainment hacked this time for real (lessons learned)
In May we read that game maker Blizzard, developer of a series of popular games including World of Warcraft, Diablo III and Starcraft, was hacked, but that turned out to just be individual compromised accounts from some of its users. Now we read, from Blizzard itself rather than a third party, that they have been
Authentication attacks: Apple, Amazon, iCloud, Google, anything with a password
Sharing details of the hack that “wiped his life” has earned Mat Honan a place in the annals of information system security; the specific inter-dependence of flawed authentication systems that cost him so dearly–encompassing Apple, iCloud, Amazon.com, Gmail and more–would probably still exist if Mat had not gone public. Wired has the full story here
Gamigo game site hack lessons learned (and what should you do)
Gamigo learned a few months ago about a breach and alerted its users that they had been attacked. But now, we see an estimated 8+ million records just went public, no small amount for the attackers. What is interesting is that by one account, hash cracking was able to decrypt over 90% of the passwords,
You've Got (Nation State Hacked) Mail
We read in the New York Times that Google is rolling out a service that will attempt to alert users when it thinks their accounts might be subject to hacking by a government, hoping the user will take precautions after getting a notice that says “Warning: We believe state-sponsored attackers may be attempting to compromise