Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Security

Syrian Social Hack Co-Opts Fighter's Computers 71

hij (552932) writes "The BBC is reporting that Syrian government forces used a social hack to gain access to opposing forces computers. By acting like women sympathetic to their cause they were able to send images laced with malware to the fighters. From the article: "Fake 'femme fatales' have been used to steal battle plans and other data from Syrian opposition groups, a report suggests. The virtual women had been used in text chat on Skype to engage potential victims, security company FireEye said. And data had been stolen via booby-trapped images of the women to whom the victims had believed they had been chatting."
Sony

The Sony Pictures Hack Was Even Worse Than Everyone Thought 528

An anonymous reader writes with today's installment of Sony hack news. "It's time to take a moment of silence for Sony Pictures, because more startling revelations about leaked information just came out and employees are starting to panic. BuzzFeed raked through some 40 gigabytes of data and found everything from medical records to unreleased scripts. This is probably the worst corporate hack in history. Meanwhile, Fusion's Kevin Roose is reporting on what exactly happened at Sony Pictures when the hack went down. The hack was evidently so extensive that even the company gym had to shut down. And once the hackers started releasing the data, people started 'freaking out,' one employee said. That saddest part about all of this is that the very worst is probably still to come. Hackers say they stole 100 terabytes of data in total. If only 40 gigabytes contained all of this damning information, just imagine what 100 terabytes contains."
Android

Pwnie Express Releases Pwn Pad Ahead of Schedule 24

An anonymous reader writes "The team at Pwnie Express released their Pwn Plug, which combined an off the shelf SheevaPlug with a feature packed open source firmware that turned it into an incredibly capable security tool. Then came the Power Pwn, which hid the same type of functionality into what looked like a standard power strip. Today they've launched their latest product, continuing along the same line of hiding cutting edge open source security tools in plain sight: the Pwn Pad."
Facebook

Facebook Hacks Points To Much Bigger Threat For Mobile Developers 59

DavidGilbert99 writes "Facebook admitted last weekend that it was hacked but assured everyone that no data was compromised. However following some investigation by security firm F-Secure, it seems this could be just the tip of the iceberg and that thousands of mobile app developers without the dedicated security team Facebook has in place could already be compromised. The vector for the attack was a mobile developer's website, and the malware used likely targeted Apple's Mac OS X rather than Windows."
Security

Two FreeBSD Project Servers Hacked 46

hypnosec writes "The FreeBSD project has suffered a security breach. Hackers have successfully compromised servers that were part of the infrastructure used to build third-party software packages. The Security team over at the FreeBSD project is of the opinion that hackers were able to gain access to the servers using legitimate SSH keys and not by exploiting any operating system vulnerabilities. Instances of intrusion were first detected on November 11. FreeBSD project, through a message on public announcements mailing list said that the security breach hasn't affected the project's core components like kernel or system libraries but, has affected third-party software packages being distributed by the project."
Security

Anonymous Claims To Have Hacked Sony PSN Again 239

hypnosec writes "Anonymous has claimed a new attack on Sony's PlayStation Network, and this time around it seems they have information from nearly 10 million user accounts. As a proof of the hack they dumped more than 3000 credentials online in the form of a pastebin post. The notorious hacktivist group is claiming that the entire set of hacked credentials contains over 10 million PSN accounts and that the file is of around 50GB." Update: 08/16 13:12 GMT by S : Sony has denied this claim.
NASA

Could You Hack Into Mars Curiosity Rover? 452

MrSeb writes "NASA's Curiosity rover has now been on the surface of Mars for just over a week. It hasn't moved an inch after landing, instead focusing on orienting itself (and NASA's scientists) by taking instrument readings and snapping images of its surroundings. The first beautiful full-color images of Gale Crater are starting to trickle in, and NASA has already picked out some interesting rock formations that it will investigate further in the next few days. Over the weekend and continuing throughout today, however, Curiosity is attempting something very risky indeed: A firmware upgrade. This got me thinking: If NASA can transmit new software to a Mars rover that's hundreds of millions of miles away... why can't a hacker do the same thing? In short, there's no reason a hacker couldn't take control of Curiosity, or lock NASA out. All you would need is your own massive 230-foot dish antenna and a 400-kilowatt transmitter — or, perhaps more realistically, you could hack into NASA's computer systems, which is exactly what Chinese hackers did 13 times in 2011."
Crime

Two Arrested For Hacking Personal Data of 8.7 Million Phone Users 43

An anonymous reader writes "South Korea's second largest wireless service provider has apologized after personal data of 8.7 millions of its mobile phone subscribers was stolen by hackers. The details are suspected to have been sold to marketing firms, netting the hackers close to $1 million. From the article: 'South Korean police have arrested two men who allegedly stole the personal information of about 8.7 million cellphone customers from KT Corp., the second biggest mobile carrier in South Korea. The company alerted police on July 13 after detecting traces of hacking attacks. The data was collected for the last five months, starting in February 2012.'"
Australia

Hackers Release AAPT Data To Protest Aussie Policies 62

An anonymous reader writes "Anonymous is releasing some of the 40GB of data it claims to have stolen from Australian internet service provider AAPT. The hack is reportedly in protest against Australia's proposed data retention regime, which would mandate ISPs to collect and hold transmission data from its users for up to two years."
Government

Hacked Syrian Officials Used '12345' As Email Password 231

Nominei writes "The Israeli newspaper Haaretz reports that the Syrian President, aides and staffers had their email hacked by Anonymous, who leaked hundreds of emails online. Reportedly, many of the accounts used the password '12345' (which their IT department probably warned them to change when the accounts got set up, of course)."
Android

Google Wallet Stores Card Data In Plain Text 213

nut writes "The much-hyped payment application from Google on Android has been examined by viaForensics and appears to store some cardholder data in plaintext. Google wallet is the first real payment system to use NFC on Android. Version 2 of the PCI DSS (the current standard) mandates the encryption of transmitted cardholder data encourages strong encryption for its storage. viaForensics suggest that the data stored in plain text might be sufficient to allow social engineering to obtain a credit card number."
Security

FBI Arrests LulzSec and Anonymous Hackers 289

Velcroman1 writes "The FBI arrested two alleged members of the hacking collectives LulzSec and Anonymous on Thursday morning in San Francisco and Phoenix. Search warrants were also being executed in New Jersey, Minnesota and Montana, an FBI official told FoxNews.com. A document purported to come from the FBI leaked online earlier this month called these hacker groups a national security threat. One individual was described as part of the LulzSec group, the other belongs to the group that calls itself Anonymous, the official said. The suspected hacker arrested in California is homeless and alleged to have been involved in the hacking of Santa Cruz County government websites."
Security

Time Warner Cable Modems Expose Users 185

eldavojohn writes "Wired is reporting on a simple hack putting some 65,000 customers at risk. The hack to gain administrative access to the cable modem/router combo is remarkably simple: '[David] Chen, founder of a software startup called Pip.io, said he was trying to help a friend change the settings on his cable modem and discovered that Time Warner had hidden administrative functions from its customers with Javascript code. By simply disabling Javascript in his browser, he was able to see those functions, which included a tool to dump the router's configuration file. That file, it turned out, included the administrative login and password in cleartext. Chen investigated and found the same login and password could access the admin panels for every router in the SMC8014 series on Time Warner's network — a grave vulnerability, given that the routers also expose their web interfaces to the public-facing internet.' If you use Time Warner's SMC8014 series cable modem/Wi-Fi router combo, watch for firmware to be released soon that they are reportedly in the process of testing."

Slashdot Top Deals

The one day you'd sell your soul for something, souls are a glut.

Working...