security

  1. AlphaAtlas

    Nest Users Are Getting Hacked Again

    AFP reports that Nest, a smart camera manufacturer founded by former Apple engineers and owned by Alphabet, is urging customers to use two factor authentication for their home systems. The plea comes after local media near San Francisco reported on a couple's trouble with a Nest camera mounted...
  2. AlphaAtlas

    Online Casino Group Leaks User Information

    Last year, an exposed ElasticSearch server reportedly leaked data on nearly 57 Million U.S. citizens. ElasticSearch servers aren't supposed to be exposed to the web, especially if they don't have a password, and the security researcher warned that exposed servers like that are a significant...
  3. AlphaAtlas

    Twitter Bug Could Make Private Tweets Public

    Twitter just posted a notice on their site claiming that they found an issue with the "Protect your Tweets" feature on Android devices. According to the feature's help page, the setting restricts the visibility of Tweets to the followers of an account, and requires users to confirm new...
  4. AlphaAtlas

    Millions of Files Leaked from Oklahoma Department of Securities Database

    The UpGuard Data Breach Research team, who previously uncovered data breaches in U.S. voting systemsand an Experian partner, recently exposed a massive leak from Oklahoma's Department of Securities. The contents of the files "ran the gamut from personal information to system credentials to...
  5. AlphaAtlas

    Check Point Finds Fortnite Login Vulnerability

    Security experts from Check Point Research claim they found a bug in Fortnite's login system that allowed potential attackers to hijack accounts. Unlike the thousands of Fortnite scams that already exist online, this hack allegedly didn't require entering any login credentials or financial info...
  6. AlphaAtlas

    Facebook and Other Corporations Spend Millions on Executive Security

    Wired just ran a story claiming that the Silicon Valley giants spend huge amounts of money to protect their CEOs and other executives. Apple, for example, reportedly dropped $310,000 protecting Tim Cook, while Amazon and Oracle spent $1.6 Million protecting Jeff Bezos and Larry Ellison. But...
  7. AlphaAtlas

    The Department of Defense is Still Not Very Secure

    According to a new report from the Pentagon's Inspector General (PDF Warning), which was spotted by Motherboard, the Department of Defense still has some glaring cybersecurity issues. While the Pentagon has apparently made some great strides since 2017, there are still "266 open...
  8. AlphaAtlas

    Tesla Encourages Auto Hacking with a Model 3 Giveaway

    As cars get smarter, they also become more vulnerable to digital saboteurs. We've reported on several incidents where hackers managed to unlock a drive a Tesla away, but the company has repeatedly reaffirmed its commitment to security, as it did again this week. A post on the Zero Day...
  9. cageymaru

    PremiSys IDenticard System Vendor Ignores Security Researcher Findings

    A security researcher from Tenable Research discovered a hardcoded backdoor in the 3.1.190 PremiSys IDenticard system that "allows attackers to add new users to the badge system, modify existing users, delete users, assign permission, and pretty much any other administrative function." Security...
  10. AlphaAtlas

    Bugs With Big Hosting Providers Made Websites Vulnerable

    Security researcher Paulos Yibelo has reportedly discovered bugs in Bluehost, Dreamhost, HostGator, OVH, and iPage that could compromise hosted websites with a single click, which allows for "account takeover when the victim clicks a link or visits a malicious website." Yibelo documented the...
  11. cageymaru

    Marriott International Has Updated Information on the "Starwood" Data Breach

    Marriott International has provided an update to the "Starwood" data breach that was initially thought to have affected 500 million of its customers. After "working closely with its internal and external forensics and analytics investigation team" Marriott was able to determine that the number...
  12. AlphaAtlas

    Hackers Use Smart TVs to Promote PewDiePie

    Motherboard says that 2 hackers tapped into Chromecasts and Smart TVs to promote the prolific Youtuber PewDiePie. "HackerGiraffe" and "j3ws3r," the duo behind the attack, were reportedly behind an older hack that forced 50,000 printers to print PewDiePie Propaganda. The hackers also posted, and...
  13. AlphaAtlas

    Hackers Attempt to Extort Money from Law Firm

    Motherboard reports that a group of hackers breached a law firm's servers containing case files related to the September 11 attacks. The the hackers supposedly sent an encrypted datafile to Motherboard, before publishing it on the web, and claim they will release the file's encryption keys if...
  14. AlphaAtlas

    Firm Hijacks Popular Twitter Accounts to Highlight Security Hole

    Last week, researchers from Insinia Security hijacked the Twitter accounts of a number of celebrities. But, unlike previous incidents where high profile users were hacked with the intent of defacing popular accounts or proliferating cryptocurrency scams, Insinia took control of the Twitter...
  15. AlphaAtlas

    "Targeted" Ransomware Hits LA Times and Tribune Publishing

    The Los Angeles Times and Tribune Publishing have reportedly been hit by a "targeted" ransomware attack originating from outside the United States. Reports from the Times and the Chicago Tribune themselves say their servers started going down on Saturday, and that Saturday editions of the Wall...
  16. AlphaAtlas

    WannaCry is Still Active in Hundreds of Thousands of Computers

    Citing posts by security researcher Jamie Hankins on Twitter, Bleepingcomputer reports that Wannacry ransomware is still active, but dormant, on thousands of computers across the world. Jamie Hankins reportedly contained the infection last year by setting up a "kill switch" domain in 2017. As...
  17. AlphaAtlas

    Researchers Demonstrate Hot Tub Hack

    Some hot tubs have apps that allow users to control the tubs remotely. But security researchers from Pen Test Partners found a small security flaw in one of those implementations... apparently, there is no security. A wifi access point on the tub can be configured to act as a client accessible...
  18. AlphaAtlas

    Alexa Is Offending Some Users Trying to Learn How to Chat

    According to a recent report by Reuters, Amazon's experiments with Alexa are having some unintended consequences. The publication claims that Alexa blurted out "Kill your foster parents" last year. Other incidents involved chats about sex acts or dog defecation, and anonymous sources claim that...
  19. AlphaAtlas

    Drones Temporarily Shut Down Gatwick Airport

    The Guardian reports that at least one drone shut down Gatwick airport for a few hours. 91 arrivals and 64 departures have been canceled so far, and authorities say the disruption will have a "knock on" effect. The police claim they've found "persons of interest" related to the rogue drone, but...
  20. AlphaAtlas

    "Human Error" Allowed an Alexa User to Hear a Neighbor's History

    Reuters reports that a German Alexa user got access to "thousands of recordings" from their neighbor. According to the German trade publication c’t, the customer reportedly contacted Amazon about the mixup, and was able to download the recordings before Amazon deleted the download link. An...
  21. AlphaAtlas

    Asus and Gigabyte Drivers Allegedly Contain Serious Security Vulnerabilities

    BleepingComputer reports that SecureAuth published "driver elevation of privilege" vulnerabilities for desktop Gigabyte and Asus motherboards. According to the Asus report, multiple vulnerabilities were found in the GLCKIo and Asusgio drivers that the company's Aura Sync RGB control software...
  22. AlphaAtlas

    McAfee Claims Cryptomining Attacks Are Up 4000% This Year

    A new report from McAfee Labs claims that the total volume of "coin miner" malware has grown over 4000% since last year, and over 60% since Q2. Hackers are apparently moving away from ransomware to the more "lucrative" field of cryptomining malware. Malware attacks are up in general too, though...
  23. AlphaAtlas

    White Hat Hacker Contacted a Man Through His Security Camera

    AZCentral reports that a hacker broke into a man's Nest security camera at his Phoenix home. But, instead of abusing the system, the hacker contacted the camera's owner, informing him that the system was compromised with fairly obvious proof. If you aren't already paranoid about cameras in...
  24. AlphaAtlas

    Tencent Allegedly Finds a SQLite Bug

    The security team of the Chinese media conglomerate Tencent has allegedly found a vulnerability in SQLite. Dubbed "Magellan," the vulnerability would supposedly allow attackers to run unauthorized code remotely, leak program memory, or crash programs that use the software. SQLite is used as a...
  25. AlphaAtlas

    Facebook Reveals Photo API Bug

    On their developer website, Facebook revealed a bug in their Photo API that "may have affected people who used Facebook Login and granted permission to third-party apps to access their photos." Facebook claims some "third parties" may have had access to more photos than they were supposed to...
  26. AlphaAtlas

    Drivers Licenses are Going Digital in Louisiana

    Finland announced plans for a digital drivers license this year, and several U.S. States are running similar pilot programs of their own. So far, digital drivers license systems have been fairly limited, but a report by IEEE Spectrum claims that could change in Louisiana soon. According to the...
  27. AlphaAtlas

    Android Facial Recognition Cracked With 3D Printed Heads

    Facial recognition is everywhere now, whether it's used for convenience or pushed as a "security" feature. But according to a report by Forbes, Android's facial recognition system isn't particularly hard to fool. Using a commercial, 3D printed model of his own head, Thomas Brewster was able to...
  28. cageymaru

    Concert Venues Use Facial Recognition to Identify Stalkers and VIPs

    Concert venues and organizers are turning to facial recognition solutions to identify security threats such as stalkers and important individuals who are to be treated as VIPs. Taylor Swift fans were unknowingly scanned at a kiosk that displayed rehearsal clips of the star at her Rose Bowl...
  29. AlphaAtlas

    Bad Default Configurations Leave Ethereum Wallets Exposed

    According to a ZDNet report, bad default configurations in popular Ethereum software are leaving users' wallets wide open to exploitation, and hackers are taking advantage of it. The misconfiguration exposes the standard JSON-RPC interface commonly found in Ethereum software to the internet...
  30. AlphaAtlas

    Supermicro Says They Found No Spy Chips in Their Motherboards

    Following a lengthy investigation, Supermicro sent an open letter to their customers claiming that they "found absolutely no evidence of malicious hardware on our motherboards." The company hired a "leading, third party investigations firm" to assist with the review, and they tested both newer...
  31. AlphaAtlas

    Australia Passes World's First Anti Encryption Law

    New Atlas reports that the Australian government recently passed the world's first anti-encryption bill. The Assistance and Access Bill 2018 can allegedly "compel a private company to create new interception capabilities so no communications data is completely inaccessible to the government."...
  32. AlphaAtlas

    Huawei is in Trouble

    Last month, the Wall Street Journal reported the the U.S. Government asked its allies to stop buying Huawei equipment. Since then, things have gone downhill for the Chinese company. Japan, Australia, New Zealand, Canada, and the UK have all all allegedly stopped buying Huawei equipment...
  33. AlphaAtlas

    Bethesda Support Ticket System Leaked Customer Information

    Today's data leak of the day comes from... Bethesda. Recently, Bethesda promised to give buyers of Fallout 76's $200 Power Armor edition a real canvas bag. But to do that, customers had to create a support ticket and submit proof of purchase, which allegedly included a receipt containing credit...
  34. AlphaAtlas

    Quora Breach Affects 100 Million Users

    Last night, Quora's CEO announced that about 100 million of the site's user accounts were compromised in yet another data breach. Quora says they discovered the breach last Friday, and that account names, email addresses, posting history on the site, IP addresses, personal messages, and hashed...
  35. AlphaAtlas

    Starwood Allegedly Had A Chance to Find Hackers in 2015

    Marriott International suffered a big data breach involving the reservation database for Starwood Properties last week. The attackers allegedly had "unauthorized access" since 2014, and onlookers assumed there were no indications that Starwood's systems were compromised until this year. But, the...
  36. AlphaAtlas

    GCHQ Calls for Encrypted Chat Access and Vulnerability Confidentiality

    The GCHQ, the hub of the UK's surveillance program, recently published a piece in Lawfare that calls for "virtual crocodile clips in today’s digital exchanges," among other things. While the agency isn't advocating weak encryption, they do want law enforcement to be a "third end" in end-to-end...
  37. AlphaAtlas

    Accudoc Data Breach Leaks Patient Info

    On November 27, Atrium Health announced that one of their databases hosted by AccuDoc was breached by an "unauthorized third party" between September 22 and September 29, 2018. According to the release, basic information like names, date of birth, insurance info, and account balances were...
  38. AlphaAtlas

    Records of Nearly 57 Million US Citizens Exposed by ElasticSearch

    An ElasticSearch server has reportedly leaked records of 56,934,021 U.S. citizens. The names, employers, job titles, email addresses, home addresses, IP addresses and phone numbers of these Americans were said to have been exposed exposed, and security expert Bob Diachenko claims that an...
  39. AlphaAtlas

    DriveSavers Charges Around $3,900 to Unlock Password Protected Devices

    Today, DriveSavers announced a new service that can allegedly unlock and recover data from password protected computers. Devices from Apple, Samsung, Huawei, LG and other running iOS, Android, Windows, or Blackberry are said to be supported. Interestingly, the company claims they don't offer the...
  40. AlphaAtlas

    The FBI Impersonated FedEx to Catch Cybercriminals

    After uncovering some interesting court records, Motherboard wrote up an article on how law enforcement is using "network investigative techniques" to catch cybercriminals. In one particular case, attackers used a fake email address and a bit of social engineering to get a $82,000 check from...
Top