May. 17, 2018
Mexican central bank is the last victim of the SWIFT hackers, officials at the bank confirmed this week that hackers hit the payments system and stole millions of dollars from domestic banks. The attack was discovered in late April and presents many similarities with past attacks against the SWIFT systems. The Mexican central bank did not disclose the name of the banks that were hit by the cyber attack and did not detail the overall amount of money that crooks have stolen.
May. 17, 2018
A hacker has broken into the servers of Securus, a company that allows law enforcement to easily track nearly any phone across the country, and which a US Senator has exhorted federal authorities to investigate. The hacker has provided some of the stolen data to Motherboard, including usernames and poorly secured passwords for thousands of Securus’ law enforcement customers. Although it’s not clear how many of these customers are using Securus’s phone geolocation service, the news still signals the incredibly lax security of a company that is granting law enforcement exceptional power to surveill individuals.
May. 9, 2018
But the Internet of Hackable Things leaves no connected device behind: Even in famously cyclist-friendly Copenhagen, the city’s electric bikeshare program recently experienced a huge, pain-in-the-ass technical difficulty. Bycyklen, the company that maintains the bicycles, announced on Sunday that its system—and all of the electric bikes within it—was hacked. The company had to send staff to each of its 100 locations around the city to manually reboot each bike.
Apr. 26, 2018
Gaining access to Alexa turned out to be surprisingly easy. Checkmarx attached their malicious code to a seemingly innocuous app. The company used a simple calculator app for demonstration purposes.
Getting Alexa to continue recording after the benign script in the app was executed proved more difficult. Checkmarx had two problems to solve. Alexa needed to keep listening after the benign response was given without alerting the user, and it had to record what it heard.
Apr. 25, 2018
Amazon lost control of a small number of its cloud services IP addresses for two hours on Tuesday morning when hackers exploited a known Internet-protocol weakness that let them to redirect traffic to rogue destinations. By subverting Amazon’s domain-resolution service, the attackers masqueraded as cryptocurrency website MyEtherWallet.com and stole about $150,000 in digital coins from unwitting end users. They may have targeted other Amazon customers as well.
Apr. 25, 2018
The attackers used BGP—a key protocol used for routing internet traffic around the world—to reroute traffic to Amazon’s Route 53 service, the largest commercial cloud provider who count major websites such as Twitter.com as customers.
Source: doublepulsar.com
Apr. 10, 2018
Due to several bugs in the XVG code, you can exploit this feature by mining blocks with a spoofed timestamp. When you submit a mined block, as a malicious miner or pool, you simply set a false timestamp to this block one hour ago and XVG will then “think” the last block mined on that algorithm was one hour ago. Your next block, the subsequent block, will then have the correct time.
Apr. 9, 2018
The statement said the attack, which hit internet service providers and cut off web access for subscribers, was made possible by a vulnerability in routers from Cisco which had earlier issued a warning and provided a patch that some firms had failed to install over the Iranian new year holiday.
Source: reuters.com
Apr. 6, 2018
The Verge development team is preparing a hard-fork of the entire cryptocurrency code to fix the issue and revert the blockchain to a previous state before the attack to neutralize the hacker’s gains.
Source: bleepingcomputer.com
Mar. 16, 2018
According to an alert from the United States Computer Emergency Readiness Team yesterday, Russia has hacked into many of our government entities and domestic companies in the energy, nuclear, commercial facilities, water, aviation and critical manufacturing sectors – essentially most of what makes our country go.
Source: forbes.com
Mar. 13, 2018
Yahoo has been ordered by a federal judge to face much of a lawsuit in the United States claiming that the personal information of all 3 billion users was compromised in a series of data breaches.
Source: reuters.com
Mar. 7, 2018
Retina-X Studios, which sells several products marketed to parents and employers to keep tabs on their children and employees—but also used by jealous partners to spy on their significant others—announced that its shutting down all its spyware apps on Tuesday with a message at the top of its website.
Source: vice.com