Hacking News, Articles and Updates

JLaw nudes hacker pleads guilty to breaking into nearly 240 iCloud accounts

A man from Connecticut, USA, admitted to hacking into the iCloud accounts of prominent female celebrities including "Red Sparrow" actress Jennifer Lawrence and more than 200 others.

Turkish financial institutions spearphished: North Korea possible attacker

The reputed state-sponsored North Korean hacking group Hidden Cobra has once again been caught in a malware attack against financial organisations.

Brute force and dictionary attacks up 400 percent in 2017

New report also finds information stealing malware still vastly more popular among hackers than ransomware. Hacking attempts using brute force or dictionary attacks have increased 400 percent in 2017, according to a report.

Android spyware maker Retina-X's servers breached twice in two years

Retina-X Studios, maker of several Spyware apps designed to help parents and enterprises keep tabs on children and employees, was hacked again, resulting in the compromise of sensitive data belonging to users.

Nation state cyber-attacks on the rise - detect lateral movement quickly

The line between cyber-criminals and nation-state hackers is increasingly blurred. The volume and intensity of cyber-attacks hit a new high in 2017 alongside the increasing level of sophistication of hacks.

Hacking critical infrastructure via a vending machine? The IOT reality

Mirai and Satori show the potential malicious actors can have when armed with malware and lots of unsecured IoT connected devices to target.

Flash Player zero-day attacks attributed to advancing North Korean APT

Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.

Business​ ​Risk​ ​Intelligence​ ​-​ 2017​​ ​Review​,​ ​2018​ ​Flashpoints

China leads the hacking charts with the highest combination of impact factors ticked off on a matrix combining the potential capability and impact of possible attacker groups, thus presenting the highest risk.

Spanish research tool probes smartphone electromagnetic emissions for encryption keys

Spanish researchers are developing a tool that will scan smartphones for 'electromagnetic emanations' that could be used to obtain encryption keys as part of an attack.

Letter submitted in lawsuit alleges Uber hacked competitors' networks

A letter written on behalf of a former Uber employee contains allegations that the transportation company illegally hacked and surveilled its competitors.

Starbucks free Wi-Fi caught secretly mining cryptocurrency

A tech CEO noticed the free Wi-Fi at his local Starbucks didn't exactly come without a price after discovering the network was secretly jacking his computing power to mine crypto-currency.

A postmortem of the Grey's Anatomy ransomware episode: Accurate or not?

In the mid-season finale of Grey's Anatomy, titled "Out of Nowhere," Grey-Sloan Memorial Hospital itself was on life support after its network became infected with ransomware - how realistic was the portrayal?

Suicide risk leads appeal grounds in Lauri Love extradition case

A legal precedent will be set over the extradition of Lauri Love, a man with Asperger's accused in the US of hacking government computer systems, when a decision is made following presentations being made in the UK high court.

MPs push May to block Lauri Love extradition on health grounds

A group of UK MPs has beseeched Prime Minister Theresa May to block the extradition of hacker Lauri Love to the US, saying they fear for his mental health.

ROCA, the role of key generation and decrypting of private keys

Richard Moulds takes a look behind recent crypto vulnerability headlines - the ability to calculate the private key of an RSA keypair purely by knowing the public key - and asks if they are a prelude to a 'cryptoapocalypse'.

Is it time to rethink the password?

The password on its own is not enough to protect an organisation's data, even if you follow best practice says Kevin Timms, adding passwords that are easily entered and remembered are inherently weak and easily compromised.

Social Media - the privileged account no one talks about

Companies seem to be slow to realise that their Twitter, Facebook or LinkedIn accounts and passwords require exactly the same protection as any of their high-risk or high-value internal systems says Jackson Shaw.

Oilpro.com founder sentenced to prison for hacking competitor

The founder of a professional networking site was sentenced to a year and one day in prison after hacking into a competitor's database and attempting to sell his site to the same company whose database he hacked.

Malicious websites targeting Israeli institutions- TwoFace webshell link

A webshell used to harvest credentials from an unnamed Middle Eastern organisation appears to be targeting Israeli institutions and may possibly be linked to the Iranian APT group OilRig.

Attackers can pull data from air-gapped networks' surveillance cameras

Researchers have demonstrated a way for remote attackers to exfiltrate data from and send malicious commands to air-gapped networks, using infrared surveillance cameras.

ICYMI: Facebook malware; nude celeb hack; logons key; spambot; CeX hack

In Case You Missed It: Facebook spreads malware; Instagram celeb hack; Logon breach id key; Spambot weaponises 711 m accounts; CeX hacked

Hackers leak more celeb nude pics - Dakota Johnson joins Miley Cyrus

Hackers leak more celeb nude pics - Dakota Johnson joins former sports couple Tiger Woods and Lindsey Vonn, actress Kristen Stewart, performers Miley Cyrus and Katharine McPhee, and model Stella Maxwell.

Solar panel hack could knock out power grid

Cyber-attack on photovoltiac panels could bring down power and have a domino effect on the rest of the electricity supply, both nationally and potentially, continentally.

Blog: Malwaretech, a black and white case or somewhere in between?

Is Malwaretech, aka Marcus Hutchins, innocent? The FBI says Hutchins wrote the code for the Kronos banking Trojan. Without seeing all the evidence from both sides, it's impossible to know for sure.

Researchers pwn Alexa, turning Amazon Echo into covert snooping device

Older versions of Amazon Echo are vulnerable, and though physical access to the device is needed, this is more achievable with second hand devices.

Is China's newly built quantum crypto-network really unhackable?

It looks like China is the latest to apply quantum cryptology to create a supposedly unhackable network. But just how valid are these claims?

Don't be a copycat: TTPs of CopyKittens revealed

The group is known for attacking government, security and academic institutions around the world.

Security sucks: measures often disabled to increase productivity

Research shows most security pros would disable security to allow employees more freedom to get their work done.

G20 finance chiefs agree on concerted effort to fight financial crime

The agreement follows a number of high profile cyber-attacks on banking systems around the world, which has brought banking security to the top of the agenda.