Hack News, Articles and Updates

Security researchers discover way to hack into any hotel room

F-Secure finds millions of hotel rooms at risk from hackers. The key card given out by hotels to guests to access their rooms may not be as secure as thought.

SirenJack flaw exposes problems in emergency alert system

Security researchers have found a flaw in the emergency alert warning siren system used by many local authorities - could be sounded by hackers, research finds.

US tax collector breach victims double original estimate

As typical with most breaches initially underestimating the overall impact of a cyber-security "incident," the hack of the Massachusetts Department of Revenue in the US was more than twice as large than originally anticipated.

Amazon issues security patch for Key after researcher claims hack

Amazon is issuing a security patch for its "Key"services shortly after a researcher posted a video demonstration of them claiming to hack the Amazon device using a Raspberry Pi.

661 blacklisted Bitcoin apps which leave users open to hackers

Apps on Google Play and others could steal money and personal data from victims. App stores are hosting 661 blacklisted Bitcoin apps which leave users open to hackers, accoriding to a recently published report.

'Golden Ticket' SAML attack vector puts cloud apps at risk

New Golden Ticket technique could allow hackers to authenticate themselves with cloud services and enable any level of privilege.

AVGater hijacks functionality of AV tools to turn them against themselves

Researcher uncovers method of hijacking the functionality of some AV tools in order to compromise endpoints. Trend Micro, Emisoft, Ikarus, Kaspersky, Check Point's ZoneAlarm and Malwarebytes have fixed their offerings.

Boeing 757 airliner successfully hacked with radio comms hacking tools

A Boeing 757 airliner was successfully hacked by a team of public and private security professionals, according to a US Department of Homeland Security (DHS) official.

Kracking the code - why businesses don't yet need to panic about 'Krack attack'

Krack attackers need to be within range of the targeted Wi-Fi network, so widespread data loss is unlikely, but do add fixes when available as this vulnerability would allow anyone to read traffic from mobile and laptop to Wi-Fi devices.

Equifax hackers likely in network from March - 141 days before discovery

It took Equifax 141 days to discover a breach that exposed the data of 143 million US consumers with hackers likely accessing the credit monitoring firm's systems in March, a full two months before Equifax originally said they did.

BlueBorne shows Bluetooth protocol's security inadequately researched

Bluetooth technology is overlooked by security experts and bug hunters in comparison to other protocols. The highly eclectic and fragmented nature of devices relying on Bluetooth means that some may never issue secure updates.

Instagram hack victims identified, details now for sale on darkweb

The 500 A-list celebrities whose Instagram accounts have been hacked, and whose contact details are for sale on the dark web, have now been identified.

Messing about with Real Madrid Twitter accounts, FC Barcelona breached

Grey hat hackers pranked soccer fans by hacking the Real Madrid Twitter accounts and posting tweets announcing the signing of rival player Lionel Messi.

Skype bug allows hackers to execute arbitrary code on victim's machine

Security researchers have discovered a flaw in Skype that could enable hackers to run code on a target system, phish for credentials and crash applications.

ICYMI: MSP APT; MS 0-day; Travel phish: Retraining; Hacktivists hit

In Case You Missed It: Chinese hack MSPs; Windows Server 2003 flaw; Phishing hits travellers; retraining graduates; OpIsrael hacktivists targeted.

ICYMI: Cyber-Sec challenge; Tesco hack, DDoS hits Finns; US election hack?; NHS Trust downed

In this week's In Case You Missed It we look at: Youngest Cyber-Sec winner; Tesco bank hacked; DDoS hits Finns heating; US election vulnerability; NHS Trust closed by malware

ICYMI:PSN hacked; Russia prepares; Internet blackouts; Mirai botnet use; GDPR & Brexit

This week In Case You Missed It looks at: PSN hack on B1 launch; Russia prepares for retaliation; Blackouts from Dyn DDoS; Mirai botnets cause Dyn blackouts; Brexit confuses GDPR plans.

PSN hacked! Server outage on launch day of Battlefield 1

The PlayStation Network (PSN) is reportedly down worldwide on the same day as the launch of Battlefield 1, one of the network's biggest games.

ICYMI: US to retaliate; 6,000 stores hacked; Euro CyberSec exercise; GDPR preparation

ICYMI: This week: The buck stops with Obama; 6000 e-commerce stores hacked; largest ever pan-European cybersec exercise; preparation for the GDPR and mounting security spends

Hackers hiding stolen credit card details in images

Cyber-criminals extract financial information using website product pictures

Trump says Russia's role in hacks unclear, US intel community says otherwise

During Sunday's presidential debate, Donald Trump said Hillary Clinton doesn't know if Russia is behind hacks of the DNC and others.

Russia 'offers to rein in WADA hackers' in exchange for dropping sport investigation

Sources close to Russian presidency tell SC's Russia correspondent they can put a stop to Fancy Bear's attacks on World Anti Doping Agency (WADA) if an investigation of Russian sport is halted and atheletes pardoned.

ICYMI: Dropbox, Minecraft fans, malicious SSL attacks, voter databases breached

This Week: Dropbox data dump, Minecraft fansite data dump, one click iOS exploitation, more encryption means more cyber-attacks and two the voter databases of two separate US states get breached by hackers

Swift reveals banks of more cyber-thefts

Financial institutions advised to tighten security further

Epic hack, thousands of salted logins stolen

A hacker has stolen around 808,000 accounts from two forums run by Epic Games, the games maker has confirmed the hack and is investigating what happened.

WordPress Summer of Pwnage: 64 holes in 21 days

As the Pwnage summer heat rages on, hackers find 64 holes in popular publishing platform, WordPress

Researchers claim Android Keystore encryption is broken

Developers wrong to choose simplicity over security

20 million Iranian mobile users' data leaked but operator denies being hacked

Iran's second largest mobile operator, Irancell, lost the personal information of 20 million customers in a data leak last week but denies being hacked.

GoToMyPC, but not until you reset your password

Unfortunately, the GoToMYPC service has been targeted by a 'very sophisticated password attack', says GoToMYPC