iOS Live Photos

Researcher uses Apple’s ‘Live Photos’ feature to hack into two mobile banking apps

By on August 18, 2016 at 3:24 PM.

Researcher uses Apple’s ‘Live Photos’ feature to hack into two mobile banking apps

Biometric authentication systems have been around for ages, but it wasn’t until Apple released Touch ID alongside the iPhone 5s that it entered the mainstream. Building off that, a number of banks across the globe have started to update their mobile apps with¬†with fingerprint and facial recognition systems in place of the tried and true password.

More →

No Comments
iPhone Hacking

Hacking companies are willing to pay a lot more than Apple for flaws in iOS

By on August 10, 2016 at 5:05 PM.

Hacking companies are willing to pay a lot more than Apple for flaws in iOS

At the Black Hat Conference in Las Vegas last week, Apple introduced its first bug bounty program. Whereas Apple has historically relied upon security researchers and hackers to discover and report critical security exploits out of the goodness of their hearts, Apple finally wised up and realized that it might want to include some sort of financial incentive for those who have a knack for discovering important security flaws.

More →

No Comments
Oracle Hack

Security breach at Oracle could affect hundreds of thousands of businesses

By on August 8, 2016 at 4:30 PM.

Security breach at Oracle could affect hundreds of thousands of businesses

Oracle, a software giant that makes point-of-sale credit card systems, has reportedly seen a massive security breach that could have far-reaching implications for its customers. According to security journalist Brian Krebs, a Russian cybercrime group has gained access to Oracle’s systems, including the customer portal for businesses that use its credit card processing systems. As you might imagine, this is not good.

Oracle confirmed to Krebs that it had “detected and addressed malicious code in certain legacy MICROS systems,” and is telling customers to reset username and passwords. The Micros systems are credit card processing terminals used by hotels, banks, restaurants, and hundreds of thousands of other businesses.

More →

No Comments
Airport Lounge Access Hack

Hacker uses fake boarding pass to get into every airline lounge for free

By on August 5, 2016 at 2:40 PM.

Hacker uses fake boarding pass to get into every airline lounge for free

It sounds way too good to be true. “One Weird Trick Can Get You Into Any Airline Lounge You Want!” But as Wired reports, one ethical hacker did actually find a simple way to trick the computer systems used by airline lounges across the world.

The security flaw was discovered by Przemek Jaroszewski, the head of Poland’s Computer Emergency Response Team. He discovered that lounge access is coded into the QR code of an electronic boarding pass, but not verified by any central database.

More →

No Comments
Walmart email hack

Someone is trying to steal accounts from Walmart.com customers

By on August 4, 2016 at 4:10 PM.

Someone is trying to steal accounts from Walmart.com customers

According to hundreds of reports on social media, people across the US have been receiving password reset emails for their Walmart.com accounts, indicating that someone is trying to access those accounts and change the password.

This appears to be some kind of mass hacking attempt, although success appears to be limited for now.

More →

No Comments
Linux Forums Hacked

Here’s another really great reason to never touch Linux

By on July 15, 2016 at 1:50 PM.

Here’s another really great reason to never touch Linux

As a desktop OS, Linux leaves a lot to be desired compared to OS X or Windows. But one thing we’re always hearing about is the Linux community, a frequently-sweary place likeminded geeks can gather and work towards the greater good.

Well, that community — or at least one of its more prominent message boards — has been badly hacked.

More →

No Comments
Download Netflix Movies

A bug in Chrome makes pirating Netflix and Amazon movies easy

By on June 24, 2016 at 3:50 PM.

A bug in Chrome makes pirating Netflix and Amazon movies easy

Bad news for Google, good news for pirates: a pair of security researchers have found a flaw in the way the Chrome browser unpacks encrypted video. It’s all rather technical, but the upshot is that pirates have an easy way to save DRM-ed video streams to their desktop.

Wired first reported on the vulnerability, which was discovered by researchers David Livshits from the Cyber Security Research Center at Ben-Gurion University and Alexandra Mikityuk of Telekom Innovation Laboratories.

More →

No Comments
ATM Card Skimmer

There’s no way you’d spot these tiny ATM card skimmers

By on June 15, 2016 at 5:10 PM.

There’s no way you’d spot these tiny ATM card skimmers

I’m aware that card skimmers at ATMs and gas stations are a very real threat. I always pay attention when using a card machine, but to date, I’ve never seen a card skimmer in the flesh. Maybe that’s because they’re way, way sneakier than I’d imagined.

More →

No Comments
uTorrent Security Breach

Hundreds of thousands of pirates exposed by uTorrent security breach

By on June 8, 2016 at 1:38 PM.

Hundreds of thousands of pirates exposed by uTorrent security breach

Torrenting TV shows isn’t a particularly risky activity, but most pirates tend to prefer to keep their identity a secret. That’s why a security breach on the forums of uTorrent, the internet’s most widely used torrenting software, is not a good thing.

More →

No Comments
Teamviewer Hack

Hackers are using remote-control software Teamviewer to hijack PCs and drain PayPal accounts

By on June 1, 2016 at 6:47 PM.

Hackers are using remote-control software Teamviewer to hijack PCs and drain PayPal accounts

Teamviewer, a piece of software that people can use to remote-control PCs, appears to have been hacked. Numerous user reports have indicated that unknown third parties are taking control of PCs and trying to steal money, through services like PayPal or eBay. Needless to say, this looks bad.

Teamviewer has denied the allegations, but something’s definitely going on. Dozens of Reddit users are flooding the /r/teamviewer forum looking for advice, and one of my personal friends asked my advice after reporting something very similar.

More →

No Comments
Windows Zero Day

Newly discovered zero-day exploit affects almost every version of Windows

By on June 1, 2016 at 12:47 PM.

Newly discovered zero-day exploit affects almost every version of Windows

Researchers from Trustwave’s SpiderLabs research team recently discovered a new zero-day exploit that affects all versions of Windows from Windows 2000 all the way up to Windows 10.

Trustwave initially discovered the exploit last month after seeing it advertised on a Russian hacking forum for the not-so-affordable price of $95,000. According to security researcher Brian Krebs, the exploit is of the “local privilege escalation” variety and, as a result, works in tandem with other exploits.

“An attacker may already have a reliable exploit that works remotely,” Krebs explains, “but the trouble is his exploit only succeeds if the current user is running Windows as an administrator. No problem: Chain that remote exploit with a local privilege escalation bug that can bump up the target’s account privileges to that of an admin, and your remote exploit can work its magic without hindrance.”

More →

No Comments
Norton Antivirus Hacked

Norton antivirus has a gaping security flaw

By on May 17, 2016 at 11:34 AM.

Norton antivirus has a gaping security flaw

A security researcher has discovered a “bug” in Symantec antivirus software, which affects “the core Symantec Antivirus Engine used in most Symantec and Norton branded Antivirus products.” I say “bug” because it’s less bug, and more a gaping security flaw that makes it incredibly easy to hack any PC, Mac or Linux box running Symantec software.

The flaw (spotted by The Register) was found by Tavis Ormandy, a white-hat hacker whose previous work has involved hacking internet-connected scales. The Symantec bug is to do with how the antivirus engine scans code, in particular an old compression tool.

More →

No Comments