Archive

Chinese Hackers Linked to Global Attacks on Telcos

Chinese hackers likely are behind a series of cyberattacks against telecommunications companies around the world, security researchers have reported. The campaign, dubbed "Operation Soft Cell," has been active since 2012, according to Cybereason. There is some evidence suggesting even earlier activi...

Instagram Targets Account Hijacking

Account hijacking has become a nettlesome problem at Instagram so the social media company has begun testing a simpler method for users to reclaim their compromised accounts. It allows users locked out of their hacked accounts to ask for a six-digit code to be sent to the email address or phone numb...

Hacks Highlight Zuckerberg’s Cavalier Attitude Toward Security

Facebook top dog Mark Zuckerberg had several of his social media accounts breached and defaced, according to reports that surfaced Sunday. Zuckerberg's Twitter, LinkedIn and Pinterest memberships were hacked, but evidence of the attacks quickly disappeared. In addition to requiring passwords, Twitte...

Myspace Crowned King of Mega Breaches, With More Likely to Come

Myspace and Tumblr this week emerged as the latest in a string of mega breaches that resulted in the theft of millions of user IDs -- not just recently but years ago. "Over the period of this month, we've seen an interesting trend of data breaches," wrote security researcher Troy Hunt, operator of...

FBI Would Rather Crack Terrorist’s iPhone Itself

On the eve of a court showdown with Apple over unlocking the iPhone of one of the San Bernardino shooters, the FBI put its case on pause Monday to pursue an attack method that could allow it to crack the phone without Apple's assistance. After reviewing the FBI's request for postponement of oral arg...

Users Balk at Mobile App Permission Requests

The Pew Research Center on Tuesday released a report on permissions and mobile applications found in the Google Play store. The number of permissions requested by a mobile app can be a deal breaker for six out of 10 smartphone users, Pew found. Applications request permission from users to access a ...

SPOTLIGHT ON SECURITY

Black Hats Offer Million-Dollar iOS 9 Bug Bounty

Zerodium has posted a million-dollar bounty for juicy iOS 9 bugs or jailbreaks. Zerodium runs a market where exploits and vulnerabilities are bought and sold, according to Damballa. "While there is no insight into a specific buyer, we can assume if an exploit for iOS 9 is found, Zerodium will sell...

Google Expands Bug Bounty Program

Since 2010, when it began paying security researchers to find flaws in its programs, Google has paid more than US$4 million to bug hunters. Now it's prepared to pay even more. The company announced Friday that it's expanding its Security Rewards Programs to include payments to researchers before th...

Keeping Score in the Google vs. Microsoft Zero-Day Games

Google's recent publication of Windows' vulnerabilities -- two within a week -- predictably raised Microsoft's ire. "Risk is significantly increased by publically announcing information that a cybercriminal could use to orchestrate an attack and assumes those that would take action are made aware of...

Hacking as a Service Hits the Mainstream

A fledgling website created last fall connects hackers with clients willing to pay for their services. Nearly 50 hackers have listed their services on Hacker's List so far, for tasks including data recovery, penetration testing and computer forensics. More than 500 hacking jobs reportedly had been o...

Google Outs Unpatched Windows 8.1 Kernel Flaw

Microsoft got a fiery start to 2015 when Google last week publicized a kernel vulnerability in Windows 8.1 Update. Google Project Zero's James Forshaw, who discovered the flaw, ranked it as a high-severity issue. Although Forshaw reported it to Microsoft last September, the company had not yet fixed...

Phishers’ Attacks Pay Off Nicely: Report

The most successful phishing attacks manage to dupe their victims a full 45 percent of the time, according to a study released last week by Google. On average, phishing's success rate is about 14 percent, but even the most obvious scams still manage to lure 3 percent of the people targeted to a fake...

FTC Snags Soltani for Chief Technologist Role

Privacy expert and Pulitzer Prize-winning journalist Ashkan Soltani will be the FTC's new chief technologist, FTC Chairwoman Edith Ramirez announced Tuesday. "Ashkan is well qualified and was an excellent choice for the agency," said Ginger McCall, an associate director with the Electronic Privacy I...

Phishing Scam Ensnares eBay Shoppers

Attackers for months have been using eBay listings to redirect visitors to password-harvesting scam sites. They use cross-site scripting to hijack eBay shoppers and trick them into handing over personal data. Smartphones, televisions, hot tubs and clothing are among the items supposedly for sale in ...

LinuxInsider Channels