hacker

  1. cageymaru

    Hackers Use Stolen Credentials from Data Breaches to "Hack" a Nest Thermostat

    Jonathan Schisler thought his Amazon Alexa or kids had changed the temperature to 90 degrees on his Nest thermostat. But while scrolling through the device to clear a message about changing the air filter, he noticed that the email address on the device wasn't his wife's. Even his phone app was...
  2. cageymaru

    Apple Fixes Zero-Day Exploits with Release of iOS 12.1.4

    Apple has released iOS 12.1.4 and it fixes two zero-day exploits that had been abused by hackers. According to Google Project Zero team lead, Ben Hawkes, "CVE-2019-7286 and CVE-2019-7287 were exploited in the wild as 0day." CVE-2019-7286 allowed hackers to gain elevated privileges by using a...
  3. cageymaru

    Huddle House Affected by Data Breach in Its Point of Sale Systems

    Huddle House has been affected by a data breach in its point of sale system. A third party point of sale (POS) vendor's data system was compromised and hackers used the vendor's tools to gain remote access--and the ability to deploy malware--onto the POS systems at numerous Huddle House...
  4. cageymaru

    The Anti-Cheat System Is Broken in Battlefield V

    Rogue-9 on YouTube has released a video that details the cheating that is going on in Battlefield V. He detected the cheaters in the video by entering matches as a spectator and recording video footage of the aimbots and wall hacks in use. He predicts that Battlefield V will be completely...
  5. cageymaru

    773 Million Records from Massive Data Breach Uploaded to Have I Been Pwned

    Troy Hunt is a Microsoft Regional Director and is the owner and creator of Have I Been Owned (HIBP). Today he alerted the security community to a massive 87GB data breach that the hacker community calls "Collection #1." It contains 773 million unique email addresses, 1.1 billion unique...
  6. cageymaru

    PremiSys IDenticard System Vendor Ignores Security Researcher Findings

    A security researcher from Tenable Research discovered a hardcoded backdoor in the 3.1.190 PremiSys IDenticard system that "allows attackers to add new users to the badge system, modify existing users, delete users, assign permission, and pretty much any other administrative function." Security...
  7. cageymaru

    Marriott International Has Updated Information on the "Starwood" Data Breach

    Marriott International has provided an update to the "Starwood" data breach that was initially thought to have affected 500 million of its customers. After "working closely with its internal and external forensics and analytics investigation team" Marriott was able to determine that the number...
  8. cageymaru

    Data Breach at Marriott International Affects 500 Million Starwood Customers

    Marriott International, a leading hotel and resort chain has released a statement that discloses a data breach associated with 500 million customers that have used its Starwood guest reservation system. On September 10, 2018, Marriott received an alert from an internal security tool regarding an...
  9. cageymaru

    The U.S. Department of Justice Indicts Two Iranians of Deploying SamSam Ransomware

    The U.S. Department of Justice has unsealed an indictment of two Iranians for computer hacking and deploying a crippling style of ransomware called "SamSam Ransomware" onto American and Canadian public institutions such as hospitals and municipalities. Faramarz Shahi Savandi, 34, and Mohammad...
  10. cageymaru

    Dell Foils Hack Attempt with Rapidly Deployed Countermeasures

    Dell has announced that its cybersecurity team foiled an unauthorized intrusion into its network that attempted to extract Dell.com customer information; limited to names, email addresses and hashed passwords. The Dell security team stopped the hackers by immediately implementing...
  11. cageymaru

    Malware Strains Fight over Access to Android Devices with USB Debugging Mode Open

    Users of Android devices that have left port 5555 for Android Debug Bridge (ADB) mode open are being infected with malware that mines cryptocurrency. Sometimes ADB is left open from the factory or when users customize their phones and forget to disable what is commonly referred to as "USB...
  12. cageymaru

    Hackers Are Selling Access to Private Facebook Data for 10 Cents per Account

    Often politicians, researchers, corporate entities and citizens discuss the human toll of social media hacks and fierce debates ensue from those crimes, pertaining to what private account data is worth. Hackers in Russia have attached a price tag of 10 cents per account as they attempt to sell...
  13. cageymaru

    Uber Settles Data Breach Lawsuit with 50 States for $148 Million

    Uber has reached a $148 million settlement with state attorneys general in all 50 states with varying amounts being distributed to each state. The legal matter that was settled was in reference to the 2016 data breach in which Uber failed to notify the 57 million customers affected by it for...
  14. cageymaru

    Three Young Hackers Get Light Sentences After Assisting the FBI Fight Cybercrime

    Three hackers aged 21, 22, and 22 all received 5 years of probation and 62 1/2 weeks of community service in the U.S. District Court in Anchorage. Josiah White, Paras Jha, and Dalton Norman all pleaded guilty to computer fraud charges in December. They were ordered to pay $127,000 in...
  15. cageymaru

    Credit Card Stealiing Magecart Malware Infects Feedify Service

    Security researchers Placebo and Kevin Beaumont have discovered a Magecart malware infection in the Feedify JavaScript library used by thousands of eCommerce websites. Feedify is customer engagement tool that boasts of reaching 1 billion devices worldwide and the Magecart malware steals credit...
  16. cageymaru

    Instagram Users Are Getting Hacked

    Instagram users are getting hacked and in addition to their passwords being changed; profile pictures are being switched to animated Disney characters. The hackers then change the email address to a Russian .ru domain to completely lock them out. This leaves the user to complain on Twitter...
  17. cageymaru

    MikroTik Routers Compromised with Crypto Mining Malware Coinhive

    A known vulnerability in MikroTik routers that was patched within a day of being discovered has been used by hackers to force whole networks of computers to mine cryptocurrency. The exploit causes the router to inject Coinhive's Javascript into every web page that the router visits causing all...
  18. cageymaru

    Hackers Are Recruiting Cellphone Carrier Employees to Hijack Sim Cards

    Hackers are becoming more brazen with the port-out-scams as they have started actively recruiting cellphone carrier employees to assist them in the criminal activity. A port-out-scam is when a criminal uses social engineering to convince a telecom employee to swap a customer's phone SIM card...
  19. cageymaru

    Early Reddit Database Was Hacked and User Information Accessed

    Hackers accessed the 2005 - 2007 Reddit databases and potentially stole email addresses and old encrypted passwords. They also had access to 2018 email digests. The Reddit spokesperson suggests that users enable two factor authentication (2FA) to keep their accounts safe and reassured users...
  20. cageymaru

    NetSpectre: A Remote Spectre Attack Without Attacker-Controlled Code on the Victim

    Remember our coverage of Spectre? Well researchers at the Graz University of Technology have a working model of how to read arbitrary memory over a network called NetSpectre. NetSpectre attacks have been shown to work over LAN and Google Cloud. The computers being attacked do not need to run...
  21. DooKey

    Ransomware Technique Uses Your real Passwords to Trick You

    Those crafty internet thieves have come up with another way to get your money and it's pretty clever. Scammers are sending email to people that tells them they know their password, displays said password, and then goes on to claim malware is on their computer. The email also claims they have...
  22. cageymaru

    Hackers Steal $13.5 Million in Cryptocurrency From Israeli Based Bancor Exchange

    Israeli based Bancor exchange was the site of a breach in which $23.5 million was initially stolen from its customer's cryptocurrency wallets. $12.5 million in Ethereum, $1 million in Pundi, and another $10 million in Bancor tokens was stolen when a wallet used to upgrade smart contracts was...
  23. cageymaru

    US Military Documents Were Posted Onto the Dark Web With a $200 Asking Price

    US military documents were posted onto the dark web and the hacker was only asking for $150 - $200 according to representatives from Recorded Future's Insikt Group. Included in the documents was information on the MQ-9 Reaper drone, M1 Abrams maintenance manual, crew survival course, improvised...
  24. FrgMstr

    Hackers and Your Medical Information

    Dark Reading has a discussion about Why Hackers Love Healthcare. The top three on their list includes: Highly Valuable Data, Lack of IT Investment and Training, and Highly Connected Systems. In totally unrelated news, KrebsOnSecurity points out that MEDantex, a company that supplies medical...
  25. DooKey

    Cisco Warning Smart Install Client Users to Patch and Securely Configure the Software

    Cisco has released a warning to their customers to patch their Smart Install client software (Warning auto play video) because hackers are exploiting a "protocol misuse" issue in the client. These attacks are primarily to critical infrastructure providers according to Cisco and CERT has linked...
  26. R

    Cryptocurrency Exchange Offering $250k Bounty For Hackers

    Cryptocurrency exchange Binance was the target of a hacking attempt on March 7th, and they aren't happy about it. In an article from Binance, they announced that they are offering a $250,000 USD equivalent bounty to anyone who supplies information that leads to the arrest of the hackers involved...
  27. R

    Hackers Create Prosthetic Nerf Gun

    Have you ever wanted to have a Nerf battle with your friends but you were missing a hand? Well the collective at Hackerloop has solved that problem. In a report from TechCrunch, the group used a Nerf Swarmfire, along with some 3d printing, a microcontroller, and some electrodes to create a Nerf...
  28. FrgMstr

    Hacker Tool Author Sentenced to 3 Years

    Crime does pay, just not much when it comes to selling your remote access trojan for $25. What is a bit odd about this "hacking" case is that the man being sentenced is not being prosecuted for using it, but rather simply selling and distributing it. Taylor Huddleston, 26, of Hot Springs...
  29. R

    Hackers Infect Android Phones And Smart TV's to Mine Monero

    Hackers have infected thousands of Android phones and smart TVs, turning the devices into Monero miners. Chinese cyber security firm 360Netlab announced that the attack affected more than 7,000 devices in China by taking advantage of an open port 5555. The report says that scan traffic for port...
  30. DooKey

    Hackers Redirect Schools to Islamic State Video

    Some 800 schools across the US have been targeted by hackers and their websites redirected to an Islamic State-sponsored YouTube video. Somehow the hackers were able to inject a small file into the root of one of the websites run by SchoolDesk. The Atlanta-based company is advising...
  31. DooKey

    Hackers Target Security Researchers With Malware-Laden Document

    State-backed hackers are targeting security researchers (WARNING auto play video) in their latest campaign. They are sending malware infested documents disguised as advertisement for a cybersecurity conference. The malware variant is Seduploader, and has been used in previous campaigns by...
  32. FrgMstr

    Horribly Coded Website "Hacked" Teen Goes to Jail

    So you go to a website that is so horribly coded, that you can change the company's pricing when purchase its product. Then you change the price, buy the ticket as proof of the problems, and report it to the company. Then what happens, the company has you arrested. Wow. The company, BKK...
  33. Bees

    Russian Cybercriminal Sentenced to 27 Years for Credit Card Theft

    A decade-long investigation, 2014 arrest, and lengthy trial have come to a close today as Russian hacker Roman Valerevich Seleznev was sentenced to serve 27 years in U.S. Federal prison. 3,700 financial institutions and 500 business were victimized by the credit card and identity theft ring...
  34. Bees

    Punycode Exploit the Newest Phishing Attack

    In the newest wave of phishing attacks, hackers have seemingly found a method to spoof SSL connected URLs using Punycode exploits. Said exploits are quite clever, and even the most careful user could fall susceptible to this attack. By default, many web browsers use ‘Punycode’ encoding to...
  35. Zarathustra[H]

    Cloudflare's Next Big Business? Protecting Your Car From Hackers

    Forbes is reporting that Cloudflare is looking to get into the business of securing cars equipped with smart technologies from being hacked. As we have reported on several times in the past, cars could certainly use added protections from hacking and other security problems, but a question that...
Top