Welcome Guest | Sign In
LinuxInsider.com
iPhone Call Logs Easy Pickings on iCloud, Says Russian Security Firm
November 17, 2016
Russian digital forensics firm ElcomSoft on Thursday reported that Apple automatically uploads iPhone call logs to iCloud remote servers, and that users have no official way to disable this feature other than to completely switch off the iCloud drive. The data uploaded could include a list of all calls made and received on an iOS device, as well as phone numbers, dates and times, and duration.
Google Clamps Down on Sneaky Malicious Sites
November 16, 2016
Sites that repeatedly violate Google's safe browsing policies will be classified as repeat offenders, the company said. A small number of websites take corrective actions after Google displays alerts on their landing pages warning visitors that they're harmful. However, they typically revert to violating the policies after Google verifies that they're safe and removes the warnings.
Conspiracy Theories in the Information Age, Part 2
November 15, 2016
In the past, heightened rhetoric and propaganda were the tools of choice for those looking to convince an electorate to vote them into office, and conspiracy theories were their bane. This election season has seen the rise of a new form of persuasion, one that's unique to the Information Age. For months, WikiLeaks creator Julian Assange had promised to rain bombshells.
Defeating Malware With Its Own DNA
November 11, 2016
It's widely known that human DNA evidence has had a major impact in the criminal justice system. Now another kind of DNA may have a similar impact in the fight to eradicate malicious software. Malware DNA, also known as "malware provenance," is the art and science of attributing elements of one object to another object. The technique has applications outside information security -- for example, in genetics, or to test the authorship of student papers.
Election Day Cybershenanigans Highlight Need to Shore Up Security
November 10, 2016
Hackers last week launched DDoS attacks against both presidential candidates' campaign websites. The attacks were routed through HTTP Layer 7 of the OSI protocol. There were at least four 30-second attacks reported. "The websites were not penetrated by a cyberintrusion," said John Costello, a senior analyst at Flashpoint. The attackers were unsophisticated hackers and not a nation-state.
Russia's Fancy Bear Attacks Microsoft, Adobe as Election Nears
November 4, 2016
Microsoft earlier this week said it had fallen victim to "Strontium," its code name for the Russian hacking group also known as "Fancy Bear," which has been linked to recent attacks on Democratic Party systems. The group launched a spear phishing attack that targeted vulnerabilities in both the Windows operating system and Adobe Flash, according to Microsoft EVP Terry Myerson.
Tech on TV: A Little Realism Goes a Long Way
October 27, 2016
Watching TV shows often requires the suspension of disbelief -- that is, a willingness to press pause on one's critical faculties in order to believe the unbelievable. Realism often must be secondary to story, in other words. This very often is necessary when computers are used to advance plot lines, when programmers and hackers alike can produce tremendous results in seconds.
Antique Kernel Flaw Opens Door to New Dirty Cow Exploit
October 25, 2016
A Linux security vulnerability first discovered more than a decade ago once again poses a threat, Red Hat warned last week, as an exploit that could allow attackers to gain enhanced privileges on affected computers has turned up in the wild. Users need to take steps to patch their systems to prevent the exploit, known as "Dirty Cow," from granting access to unprivileged attackers.
Assange Lives to Leak Another Day
October 19, 2016
The status of WikiLeaks founder Julian Assange grew a bit murky on Tuesday after the group accused the U.S. State Department of pressuring Ecuadorian officials to block him from posting additional emails linked to presidential candidate Hillary Clinton. The Ecuadorian foreign ministry on Tuesday acknowledged restricting Assange's access, saying it did not wish to interfere in a foreign election.
US Considers 'Proportional Response' to Russia's Election Tampering
October 13, 2016
The Obama administration on Tuesday indicated it was considering a proportional response to retaliate against Russia for its efforts to influence the U.S. election process. The administration has officially linked Russian operatives to a series of cyberattacks against the Democratic National Committee and other organizations, apparently in an effort to influence the November presidential race.
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
Yahoo Makes It Harder for Email Users to Jump Ship
October 11, 2016
Yahoo in recent days disabled autoforwarding for Yahoo Mail -- and in at least one corporate client's case, it disabled the webmail deletion feature. The autoforwarding feature "is under development," reads a statement on the Yahoo site. "While we work to improve it, we've temporarily disabled the ability to turn on Mail Forwarding for new forwarding addresses."
Insulin Pump Susceptible to Hacking
October 7, 2016
Medical device manufacturer Animas on Tuesday warned that its OneTouch Ping insulin pump system was susceptible to hacking. "We have been notified of a cybersecurity issue with the OneTouch Ping, specifically that a person could potentially gain unauthorized access to the pump through its unencrypted radio frequency communication system," reads the company's letter to users of the device.
Feds Probe Alleged Phone Hacks as Election Fears Surge
October 4, 2016
Federal authorities have been investigating reports that hackers targeted the mobile phones of a handful of Democratic Party staffers. The news follows a series of breaches in recent months that revealed emails and other personal information of party staffers and other Democratic officials. The FBI has launched an investigation into the attacks, which may be linked to Russia.
Garden-Variety Cybercrooks Breached Yahoo, Says Security Firm
September 30, 2016
The hackers who stole the data of hundreds of millions of Yahoo users two years ago were two cybercriminal gangs, InfoArmor reported. That finding contradicts the notion that state-sponsored actors were behind the attack, which Yahoo suggested when it disclosed the breach. Further, the number of users' records stolen is closer to 1 billion than to the 500 million Yahoo acknowledged.
Hacking Elections Is Easy, Study Finds
September 30, 2016
It's no longer a question whether hackers will influence the 2016 U.S. elections -- only how much they'll be able to sway them. Leaked emails already have cost a Democratic Party chairperson her job, and the FBI last month issued a flash warning that foreign cyberadversaries had breached two state election databases. Those two states -- most likely Arizona and Illinois -- aren't alone.
Cisco Battles Shadow Broker Exploits
September 28, 2016
Cisco has swung into action to combat a hacker group's exploitation of vulnerabilities in its firmware. The group, known as the "Shadow Brokers," released online malware and other exploits possibly stolen from the Equation Group, which is believed to have ties to the U.S. National Security Agency. Cisco earlier this month disclosed the vulnerability, even though patches were not yet ready.
Hackers Get Up Close and Personal With WH Staffer's Email
September 27, 2016
Federal authorities last week launched a probe of a suspected cyberattack that targeted the private Gmail account of a White House staffer. The employee's correspondence turned up on the DCleaks hacktivist site, which earlier this month posted the private emails of former Secretary of State Colin Powell. The latest dump involves the private account of White House staffer Ian Mellul.
Project Shield Has Krebs on Security's Back
September 27, 2016
The website of prominent security blogger Brian Krebs is back online this week after sustaining one of the largest distributed denial of service attacks in Internet history. DDoS attacks typically disrupt service at a website by flooding it with junk traffic. In this case, garbage traffic assaulted Krebs' site at 620 gigabits per second. By comparison, consumer bandwidth is in the 10-15 megabit per second range; businesses, 100 Mbps to 1 Gbps.
Hack of Half a Billion Records Takes Shine Off Yahoo's Data Trove
September 23, 2016
Yahoo on Thursday disclosed that a data breach in late 2014 resulted in the theft of information from at least 500 million customer accounts. It appears that state-sponsored hackers carried out the attack, the company said. Account information compromised includes names, email addresses, telephone numbers, dates of birth, hashed passwords, and security questions and answers.
Congress to Bureaucrats: Trust No One
September 20, 2016
Congress earlier this month lowered the hammer on the U.S. Office of Personnel Management in a report on the massive data breach that resulted in the theft of 4.2 million former and current government employees' personnel files, as well as 21.5 million individuals' security clearance information, including fingerprints associated with 5.6 million of them.
Why Russian Hackers Are Doing the US a Favor
September 19, 2016
Colin Powell's hacked email once again showcases that what people in office tell us and what they actually think are two very different things. Politicians work for us -- we are supposedly their employers. Yet we seem to know far less about what they do and think than what we need to know in order to vote intelligently. Powell's comments are actually far more damaging to Clinton than Trump.
Dropbox Drops Other Shoe in Years-Old Data Breach
September 8, 2016
Dropbox has confirmed that more than 68 million emails and passwords have been compromised from a hack that originally was disclosed in 2012. Exposure from the breach was limited to email addresses, Dropbox originally claimed. However, the hackers actually stole hashed and salted passwords. Even so, there have been no indications that they succeeded in accessing user accounts, the company said.
Obama Warns Against Cyber Cold War
September 6, 2016
President Obama on Monday urged de-escalation of a potential arms race involving cyberweapons. The president's remarks followed his meeting with world leaders, including Russian President Vladimir Putin, at the G20 Summit in Hangzhou, China. The U.S. has more offensive and defensive capability than any other country on Earth, Obama noted. The president urged adoption of new cybersecurity norms.
Feds Warn States to Batten Down Hatches Following Election System Attacks
September 2, 2016
The FBI has launched investigations into malicious cyberattacks on the electronic election infrastructures in Illinois and Arizona, and federal officials last month warned states to take steps to protect their systems as the presidential campaign heats up, according to reports. The attacks, dating back to June, led to the illegal download of information on more than 200,000 Illinois voters.
FairWare Hackers May Take Ransoms, Keep Stolen Files
September 2, 2016
The latest ransomware intrusion that targets Linux servers, dubbed "FairWare," may be a classic server hack designed to bilk money from victims with no intent to return stolen files after payment in bitcoins is made. The attack reportedly targets a Linux server, deletes the Web folder, and then demands a ransom payment of two bitcoins for return of the stolen files.
Massive Data Breach Puts French Sub Maker in Crosshairs
September 1, 2016
Officials in France and India are investigating a massive data breach involving thousands of documents belonging to defense industry contractor DCNS, which was scheduled to deliver six Scorpene-class submarines to the Indian navy later this year. Hackers stole more than 22,000 pages of documents that included detailed technical information on the vessels, some of which was published online.
Election Season Spawns Scams With Political Twist
August 30, 2016
Dirty tricks during political campaigns are nothing new, but the Internet and the proliferation of mobile devices have allowed tricksters to up their games a notch. It came to light last week, for example, that Donald Trump's campaign app was hoovering the address books on his supporters' phones. Trump's app wasn't doing anything illegal. It wasn't even trying to hide what it was doing.
Edward Snowden Sheds Light on Shadow Brokers
August 18, 2016
Edward Snowden has injected himself into an escalating cyberstruggle that could affect the U.S. presidential election. The reported hack of The Equation Group might have been a warning shot from Russia, Snowden claimed. The group, which is widely believed to be a front operation for the NSA, apparently was hacked over the weekend by a previously unknown outfit called the "Shadow Brokers."
The Big Tech Election Stories No One Else Is Covering
August 15, 2016
Most analysts earn their daily bread by focusing on a particular subject area and following that direction. However, I rebelled against that established pattern. I tend to look between the lines more than many of my peers do. That means when major news media outlets focus on a story, I'm more likely to see what they missed. What interests me isn't what's been covered but what hasn't been covered.
See More Articles in Hacking Section >>
Facebook Twitter LinkedIn Google+ RSS
What's your reaction to the Turkish Crime Family's claim that it can access hundreds of millions of iCloud accounts?
I'm very worried -- I take all cyberthreats seriously.
I'm feeling secure -- I changed my password and set up 2FA.
I'm angry -- companies need to be more responsible.
I'm not at all concerned -- I trust Apple.
I'm resigned -- I expect to be breached at some point.
I don't care much -- the world has bigger problems.