hacker

Jonathan Schisler thought his Amazon Alexa or kids had changed the temperature to 90 degrees on his Nest thermostat. But while scrolling through the device to clear a message about changing the air filter, he noticed that the email address on the device wasn't his wife's. Even his phone app was...

Apple has released iOS 12.1.4 and it fixes two zero-day exploits that had been abused by hackers. According to Google Project Zero team lead, Ben Hawkes, "CVE-2019-7286 and CVE-2019-7287 were exploited in the wild as 0day." CVE-2019-7286 allowed hackers to gain elevated privileges by using a...

Huddle House has been affected by a data breach in its point of sale system. A third party point of sale (POS) vendor's data system was compromised and hackers used the vendor's tools to gain remote access--and the ability to deploy malware--onto the POS systems at numerous Huddle House...

Rogue-9 on YouTube has released a video that details the cheating that is going on in Battlefield V. He detected the cheaters in the video by entering matches as a spectator and recording video footage of the aimbots and wall hacks in use. He predicts that Battlefield V will be completely...

Troy Hunt is a Microsoft Regional Director and is the owner and creator of Have I Been Owned (HIBP). Today he alerted the security community to a massive 87GB data breach that the hacker community calls "Collection #1." It contains 773 million unique email addresses, 1.1 billion unique...

A security researcher from Tenable Research discovered a hardcoded backdoor in the 3.1.190 PremiSys IDenticard system that "allows attackers to add new users to the badge system, modify existing users, delete users, assign permission, and pretty much any other administrative function." Security...

Marriott International has provided an update to the "Starwood" data breach that was initially thought to have affected 500 million of its customers. After "working closely with its internal and external forensics and analytics investigation team" Marriott was able to determine that the number...

Marriott International, a leading hotel and resort chain has released a statement that discloses a data breach associated with 500 million customers that have used its Starwood guest reservation system. On September 10, 2018, Marriott received an alert from an internal security tool regarding an...

The U.S. Department of Justice has unsealed an indictment of two Iranians for computer hacking and deploying a crippling style of ransomware called "SamSam Ransomware" onto American and Canadian public institutions such as hospitals and municipalities. Faramarz Shahi Savandi, 34, and Mohammad...

Dell has announced that its cybersecurity team foiled an unauthorized intrusion into its network that attempted to extract Dell.com customer information; limited to names, email addresses and hashed passwords. The Dell security team stopped the hackers by immediately implementing...

Users of Android devices that have left port 5555 for Android Debug Bridge (ADB) mode open are being infected with malware that mines cryptocurrency. Sometimes ADB is left open from the factory or when users customize their phones and forget to disable what is commonly referred to as "USB...

Often politicians, researchers, corporate entities and citizens discuss the human toll of social media hacks and fierce debates ensue from those crimes, pertaining to what private account data is worth. Hackers in Russia have attached a price tag of 10 cents per account as they attempt to sell...

Uber has reached a $148 million settlement with state attorneys general in all 50 states with varying amounts being distributed to each state. The legal matter that was settled was in reference to the 2016 data breach in which Uber failed to notify the 57 million customers affected by it for...

Three hackers aged 21, 22, and 22 all received 5 years of probation and 62 1/2 weeks of community service in the U.S. District Court in Anchorage. Josiah White, Paras Jha, and Dalton Norman all pleaded guilty to computer fraud charges in December. They were ordered to pay $127,000 in...

Security researchers Placebo and Kevin Beaumont have discovered a Magecart malware infection in the Feedify JavaScript library used by thousands of eCommerce websites. Feedify is customer engagement tool that boasts of reaching 1 billion devices worldwide and the Magecart malware steals credit...

Instagram users are getting hacked and in addition to their passwords being changed; profile pictures are being switched to animated Disney characters. The hackers then change the email address to a Russian .ru domain to completely lock them out. This leaves the user to complain on Twitter...

A known vulnerability in MikroTik routers that was patched within a day of being discovered has been used by hackers to force whole networks of computers to mine cryptocurrency. The exploit causes the router to inject Coinhive's Javascript into every web page that the router visits causing all...

Hackers are becoming more brazen with the port-out-scams as they have started actively recruiting cellphone carrier employees to assist them in the criminal activity. A port-out-scam is when a criminal uses social engineering to convince a telecom employee to swap a customer's phone SIM card...

Hackers accessed the 2005 - 2007 Reddit databases and potentially stole email addresses and old encrypted passwords. They also had access to 2018 email digests. The Reddit spokesperson suggests that users enable two factor authentication (2FA) to keep their accounts safe and reassured users...

Remember our coverage of Spectre? Well researchers at the Graz University of Technology have a working model of how to read arbitrary memory over a network called NetSpectre. NetSpectre attacks have been shown to work over LAN and Google Cloud. The computers being attacked do not need to run...

Those crafty internet thieves have come up with another way to get your money and it's pretty clever. Scammers are sending email to people that tells them they know their password, displays said password, and then goes on to claim malware is on their computer. The email also claims they have...

Israeli based Bancor exchange was the site of a breach in which $23.5 million was initially stolen from its customer's cryptocurrency wallets. $12.5 million in Ethereum, $1 million in Pundi, and another $10 million in Bancor tokens was stolen when a wallet used to upgrade smart contracts was...

US military documents were posted onto the dark web and the hacker was only asking for $150 - $200 according to representatives from Recorded Future's Insikt Group. Included in the documents was information on the MQ-9 Reaper drone, M1 Abrams maintenance manual, crew survival course, improvised...

Dark Reading has a discussion about Why Hackers Love Healthcare. The top three on their list includes: Highly Valuable Data, Lack of IT Investment and Training, and Highly Connected Systems. In totally unrelated news, KrebsOnSecurity points out that MEDantex, a company that supplies medical...

Cisco has released a warning to their customers to patch their Smart Install client software (Warning auto play video) because hackers are exploiting a "protocol misuse" issue in the client. These attacks are primarily to critical infrastructure providers according to Cisco and CERT has linked...

Cryptocurrency exchange Binance was the target of a hacking attempt on March 7th, and they aren't happy about it. In an article from Binance, they announced that they are offering a $250,000 USD equivalent bounty to anyone who supplies information that leads to the arrest of the hackers involved...

Have you ever wanted to have a Nerf battle with your friends but you were missing a hand? Well the collective at Hackerloop has solved that problem. In a report from TechCrunch, the group used a Nerf Swarmfire, along with some 3d printing, a microcontroller, and some electrodes to create a Nerf...

Crime does pay, just not much when it comes to selling your remote access trojan for $25. What is a bit odd about this "hacking" case is that the man being sentenced is not being prosecuted for using it, but rather simply selling and distributing it. Taylor Huddleston, 26, of Hot Springs...

Hackers have infected thousands of Android phones and smart TVs, turning the devices into Monero miners. Chinese cyber security firm 360Netlab announced that the attack affected more than 7,000 devices in China by taking advantage of an open port 5555. The report says that scan traffic for port...

Some 800 schools across the US have been targeted by hackers and their websites redirected to an Islamic State-sponsored YouTube video. Somehow the hackers were able to inject a small file into the root of one of the websites run by SchoolDesk. The Atlanta-based company is advising...

State-backed hackers are targeting security researchers (WARNING auto play video) in their latest campaign. They are sending malware infested documents disguised as advertisement for a cybersecurity conference. The malware variant is Seduploader, and has been used in previous campaigns by...

So you go to a website that is so horribly coded, that you can change the company's pricing when purchase its product. Then you change the price, buy the ticket as proof of the problems, and report it to the company. Then what happens, the company has you arrested. Wow. The company, BKK...

A decade-long investigation, 2014 arrest, and lengthy trial have come to a close today as Russian hacker Roman Valerevich Seleznev was sentenced to serve 27 years in U.S. Federal prison. 3,700 financial institutions and 500 business were victimized by the credit card and identity theft ring...

In the newest wave of phishing attacks, hackers have seemingly found a method to spoof SSL connected URLs using Punycode exploits. Said exploits are quite clever, and even the most careful user could fall susceptible to this attack. By default, many web browsers use ‘Punycode’ encoding to...

Forbes is reporting that Cloudflare is looking to get into the business of securing cars equipped with smart technologies from being hacked. As we have reported on several times in the past, cars could certainly use added protections from hacking and other security problems, but a question that...