Developers who work on mobile payment platforms should start hitting the panic button: Esteemed hacker Charlie Miller is about to mess them up. Dark Reading reports that Miller’s presentation at Black Hat USA this year “will show just how dangerous it can be to pay cabfare with your mobile device, as he demonstrates vulnerabilities he discovered in emerging near-field communications (NFC) technology.” More →
Security firm TrustedSec has found that more than 450,000 passwords have been exposed after a successful hack into Yahoo’s Voices website, the Guardian reports. Voices, formerly known as Associated Content before being purchased by Yahoo in 2010, is a news and analysis site that relies on user-generated content. The big problem with this particular hack, the Guardian says, is that “the passwords for the accounts were not encrypted — meaning that any hacker could scoop up the emails and immediately start using them against other services, including Yahoo Mail.” TrustedSec says the hack was executed using SQL injection attacks that are commonly used to hack into databases, and security expert Anders Nilsson has an analysis of the data that is linked below.
Two LulzSec hackers may soon learn that it’s easier to break into government databases than it is to break out of jail. Ryan Cleary, 19, and Jake Davis, 18, on Monday both pleaded guilty in a London court to charges that they attacked both government websites and major commercial websites, the BBC reports. The two men, both citizens of the United Kingdom, admitted to hacking into the Pentagon, the CIA, the U.K.’s National Health Service, News International, PBS, Sony, Nintendo and the 20th Century Fox film studio. Both men, however, pleaded not guilty to more serious charges that they “unlawfully obtained confidential computer data” and posted it on popular hacker hubs such as LulzSec.com and Pirate Bay. A trial for those charges has been set for April 2013, the BBC reports. More →
Hackers associated with well known hacker-activist group “Anonymous Operations” have released a massive cache of data they say was obtained when they hacked a website belonging to the United States Department of Justice. “Today we are releasing 1.7GB of data that used to belong to the United States Bureau of Justice, until now,” Anonymous wrote in a statement on its website. The hackers claim the file contains emails as well as “the entire database dump” from the DOJ website. More →
Natural gas pipeline operators in the United States have reportedly been the target of sophisticated phishing attacks since last year, and the Department of Homeland Security has been helping firms deal with incidents since March. “DHS’s Industrial Control Systems Cyber Emergency Response Team has been working since March 2012 with critical infrastructure owners and operators in the oil and natural gas sector to address a series of cyber intrusions targeting natural gas pipeline companies,” DHS spokesman Peter Boogaard told CNET on Tuesday. “The cyber intrusion involves sophisticated spear-phishing activities targeting personnel within the private companies. DHS is coordinating with the FBI and appropriate federal agencies, and ICS-CERT is working with affected organizations to prepare mitigation plans customized to their current network and security configurations to detect, mitigate and prevent such threats.” More →
The hacker group “Anonymous operations” plans to launch further attacks on Chinese government-run websites to protest what it believes to be strict and unfair laws. The loosely knit group launched various cyberattacks on China’s goverment last week and warned that further attacks were on the horizon. “First we want to alert the Chinese government that we aren’t afraid, and we are going to show the truth and fight for justice,” Anonymous hacker “f0ws3r” said to Reuters, adding that more serious attacks are coming against Chinese websites. “Yes, we are planning more attacks, a few at a time,” the hacker said. The group is looking to “take down the Great Firewall of China,” which blocks access to Twitter, Facebook, YouTube and many other websites. The Anonymous China team consist of 10 to 12 hackers, most of whom are not based in China, and has “hundreds” of translators who have helped the group hack various Chinese websites, f0ws3r said. The hacker declined to give further details on the next round of attacks, although he did say the group may hit bigger targets this time around. More →
Notorious hacker group “Anonymous” on Thursday claimed responsibility for attacks on several government Web sites in China. The group has launched various Internet attacks on the country over the past week in response to what it believes to be strict and unfair laws. “All these years, the Chinese Communist government has subjected its People to unfair laws and unhealthy processes,” the group wrote on one Chinese website. “Dear Chinese government, you are not infallible, today websites are hacked, tomorrow it will be your vile regime that will fall.” The group goes on to warn that further attacks are on the horizon. “So expect us because we do not forgive, never. What you are doing today to your Great People, tomorrow will be inflicted to you. Nothing will stop us, nor your anger nor your weapons. You do not scare us, because you cannot afraid an idea.” Anonymous also acknowledged the Chinese people directly, telling them to remain optimistic, “Don’t loose hope, the revolution begins in the heart.” More →
A report emerged last week from a security researcher claiming Microsoft’s Xbox lacked important security features that might protect owners who sell used consoles from having personal information stolen. Ashley Podhradsky of Drexel University claimed to have purchased a used Xbox console and used readily available hacking tools to recover the prior owner’s credit card number and other personal information. “Microsoft does a great job of protecting their proprietary information, but they don’t do a great job of protecting the user’s data,” Podhradsky said at the time. More →
The advent of the World Wide Web has delivered instant knowledge to the masses. As the Internet grows, however, danger begins to lurk around every corner. From hackers who steal credit card numbers to cyberbullies, many experts have argued that the Internet has turned into a lawless wasteland where knowledge enters and ignorance exits. The Arizona State Legislature on Monday passed an Internet censorship bill that extends telephone harassment laws to the Internet and other means of electronic communication. The legislation aims to put an end to cyberbullying and states that virtually anything said online that the state deems “offensive” can be a punishable offense. Law enforcement officials will be able to charge Internet lawbreakers with a Class 1 misdemeanor, which is punishable by a $2,500 fine and up to six months in jail. Opponents of the legislation argue that the vague wording of the bill could lead to a crack down on public message boards such as 4Chan and Reddit, thus infringing upon basic American freedoms. The bill is currently on the Governor’s desk waiting to be signed into law or vetoed. More →
Notorious hacker group Anonymous has previously stated its intentions to shutdown the Internet on Saturday, March 31st, as a form of protest. “To protest SOPA, Wallstreet, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun, on March 31, anonymous will shut the Internet down,” the group stated last month. “Remember, this is a protest, we are not trying to ‘kill’ the Internet we are only temporarily shutting it down where it hurts the most.” Operation Global Blackout 2012 looks to shut down the Internet by disabling its core DNS servers, thus making websites inaccessible. Cyber security experts claim that it is unlikely that such an attack would be effective, however, and there is really no need to fear. Read on for more. More →
Hacker group “Anonymous Operations” has confirmed that the custom Linux-based operating system released under its name earlier this week is not a platform it developed. “The Anon OS is fake,” the group posted on Twitter Wednesday evening. “It is wrapped in trojans.” The desktop operating system was released earlier this week by individuals claiming ties with Anonymous. It is based on popular Linux distribution Ubuntu, and it ships with a number of hacking tools pre-installed. According to Anonymous, it also ships with a variety of malware. The team behind Anonymous-OS responded to the group’s claims, denying that its platform contains any malicious software. “The #anonops on their twitter account say ‘That Anonymous-OS is wrapped in trojans,’ ” the group wrote on its Tumblr blog. “Please people… in our world, in Linux and opensource world, there is not virus. If any user believe that Anonymous-OS ‘is wrapped in trojans’ or ‘backdoored OS by any Law enforcement Company or Hacker’ please don’t download it! But don’t mislead the world that Linux is dangerous and has trojans!” Anonymous-OS has been downloaded more than 25,000 times.
Notorious hacker group “Anonymous Operations” on Wednesday released the first version of its own desktop operating system. Dubbed Anonymous-OS, the computer platform is built on top of the open-source Linux-based Ubuntu 11.10 operating system, and it also utilizes the open-source Mate desktop environment, The Hacker News reports. It is unclear exactly who is behind the operating system, which comes with a number of tools pre-installed that are apparently Anonymous-approved. Included are Anonymous HOIC, John the Ripper, SQL Poison and more. Version 0.1 of the hacker group’s Anonymous-OS is free and available immediately for download, though readers should obviously exercise caution.
UPDATE: The Anonymous-OS Tumblr blog states that the group’s operating system is “created for educational purposes, to checking the security of web pages,” and the page suggests that users should not “use any tool to destroy any web page.”
The laughs are reportedly over for five top members of the hacker group LulzSec who were arrested on Tuesday and charged as part of a conspiracy case filed in New York federal court. FoxNews.com reports that the arrests were part of a multinational sting across the United Kingdom, Ireland and the United States on Tuesday morning, and LulzSec leader Hector Xavier Monsegur, who operated online under the alias “Sabu,” provided the Federal Bureau of Investigation with information leading to the arrests. According to the report, Monsegur has been working with the FBI for months. “This is devastating to the organization,” an FBI official told FoxNews.com. “We’re chopping off the head of LulzSec.” Read on for more. More →