Tech content trusted by users in North America and around the world
6,314 Reviews & Articles | 41,867 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 11

Hackers copy politicians fingerprint from press conference photos

Biometric security just took a big blow to the chin. Fingerprint scanners are increasingly used for security in Apple and Samsung devices, along with many others, and are even used for voter identification in some countries. At a recent conference in Hamburg, the Chaos Computer Club (CCC) hacker network revealed they had copied German Defense minister Ursula von der Leyens' fingerprint from publically available photos of a press conference she held.

 

TweakTown image news/4/2/42323_01_hackers-copy-politicians-fingerprint-press-conference-photos.png

 

The photos were taken from standard cameras, and several images were used to stitch together the copied thumbprint. One fingerprint may have taken a bit of work to accomplish, but now that the proof-of-concept experiment has succeeded it would be relatively easy to refine the process. This isn't the best news for politicians and others who are regularly photographed, and it might be wise to move to other technologies to secure access to devices.

Continue reading 'Hackers copy politicians fingerprint from press conference photos' (full post)

MasterCard running "Masters of Code" hacking competition - $100k cash

Roll up Lizard Squad and Anonymous members, it's time to put your skills to the test. MasterCard has just announced through a press release that they will be running massive hacker collective competition across 10 cities with the ultimate prize being $100,000 in cold, hard cash.

 

TweakTown image news/4/2/42317_063_mastercard-running-masters-code-hacking-competition-100k-cash.jpg

 

Conducted through the use of MasterCard-supplies APIs, the entrants will compete to "create innovative prototypes that demonstrate artful coding and design skills while also articulating clear business use cases - all focused on driving the next generation of commerce applications" as according to their release.

Continue reading 'MasterCard running "Masters of Code" hacking competition - $100k cash' (full post)

Snowden leak reveals which encryptions NSA cannot decipher

The compilation of sensitive data secreted out of the NSA by Edward Snowden continues to be a big thorn in the side of spying agencies. Recent disclosures in Der Spiegel, the newspaper that has leaked the majority of the Snowden information, reveals several programs that the NSA has found to be very difficult, or totally impossible, to decipher. The information is complete as of late 2012, so the NSA may have already overcome these limitations, but the information is interesting.

 

TweakTown image news/4/2/42318_01_snowden-leak-reveals-encryptions-nsa-decipher.png

 

Some emails are still indecipherable, notably the Zoho encrypted email service. The NSA has also noted that following targets across the Tor network is difficult to impossible, which means it works as advertised. The NSA has been very proactive in their dealings with encryption programs, primarily by working with vendors and committee's to have backdoors installed into the major encryption programs before they are even released to the public. One of the most surprising findings is that TrueCrypt, an open-source program, is largely safe for encrypting data. The NSA apparently didn't have as much luck penetrating an open-source project, which isn't entirely surprising considering the peer-reviewed nature of open source programs. It would be hard to insert a secret back door into a program that is actively worked on by a large group of people without company/government affiliations. PGR encryption tools and OTR chat encryption were also notable exceptions to the NSA's decryption schemes.

Continue reading 'Snowden leak reveals which encryptions NSA cannot decipher' (full post)

State hacking operation used commercial software to compromise targets

Military targets in Europe and Israel have been hit by cyberespionage attacks that could have been aided by commercial security-testing software released by Core Security, according to a report from the Computer Emergency Response Team (CERT). Israeli officials are unsure who launched the attack, but Iran is on the short list of suspects - as the Iranian government routinely tries to conduct surveillance and steal information from Israel.

 

TweakTown image news/4/2/42308_01_state-hacking-operation-used-commercial-software-compromise-targets.jpg

 

"The most likely answer is they didn't have the capability to do it on their own," said Tilmann Werner, CrowdStrike analyst, in a statement, also adding "there is no risk of leaving tool-marks."

 

Cybercriminals trying to compromise government and military departments, corporations, and other major targets are greatly improving their attack capabilities. Iran has invested a large amount of resources in developing internal cyberespionage efforts, with Israel a popular target for new attacks.

South Korea nuclear facilities still under cyberattack, officials say

South Korea reported cyberattacks against its nuclear power operator are still underway, with non-critical operations being targeted - but the Korean nuclear power plants are safe and secure. The company faced a cyberattack and data breach last week, but hackers were able to only steal non-critical data, while reactors and other critical infrastructure were untouched.

 

TweakTown image news/4/2/42306_01_south-korea-nuclear-facilities-still-under-cyberattack-officials.jpg

 

"We cannot let cyberattacks stop nuclear power operation," said Cho Seok, Korea Hydro & Nuclear Power Co. President and CEO, during a press conference. "We will continue operating nuclear plants safely against any attempted foul play, including cyberattacks. Cyberattacks on KHNP's (headquarters) operations and administration are still continuing now."

 

The Korean government currently has an investigation underway, and is asking for cooperation from China, as it's possible North Korea was responsible for the incident.

Norse provides mesmerizing real-time view of global hacking attacks

Norse has developed a network of 8 million sensors worldwide designed specifically to absorb various types of internet attacks. These sensors analyze the malicious traffic and trace it back to its source. This vast network of global trackers is called the DarkMatter Platform, and it delivers real-time threat tracking and intelligence within five seconds.

 

TweakTown image news/4/2/42305_03_norse-provides-mesmerizing-real-time-view-global-hacking-attacks.png

 

Norse provides this service to companies to protect their web services, but they also provide an amazing real-time view for everyone of malicious traffic at their comprehensive monitoring site. The view of ongoing attacks is amazing due to the sheer scale of the attacks, and their continuing nature highlights the intense threats companies face every day. The site identifies each type of attack, and DDoS attacks are easily visible as attacks from multiple locations worldwide converge on a single target.

Continue reading 'Norse provides mesmerizing real-time view of global hacking attacks' (full post)

Hackers enter large-name online portals, releasing usernames and more

Right about now you've really got to feel sorry for Sony. Alongside numerous hacking scandals surrounding their pictures department, they've been targeted by the infamous North Korea and even had their PlayStation Live Network service taken down on the 26th of December thanks to a timely DDoS. Just when you thought it couldn't get worse, hackers have released 13,000 username-and-password combinations alongside stolen credit card details, claiming these were stolen from large-scale websites like Sony's PlayStation Network, XBOX Live and Amazon plus more.

 

TweakTown image news/4/2/42302_050_hackers-enter-large-name-online-portals-releasing-usernames-more.jpg

 

Released via the Twitter account "@AnonymousGlobo", this hack is also said to target some of the largest porn websites alongside these gaming and retail web portals. This gives the hack yet another tie to the group known as Anonymous, who have been involved in recent Klu Klux Klan altercations alongside many other large-scale operations in recent years.

Continue reading 'Hackers enter large-name online portals, releasing usernames and more' (full post)

North Korean Internet infrastructure suffers another outage

For the second time in less than one week, it appears the fragile North Korean Internet infrastructure has been dropped offline from cyberattacks. Reports from Chinese media indicate the Internet and 3G mobile phone networks in North Korea have gone offline, following the US government's accusations that Pyongyang had a direct hand in breaching Sony Pictures.

 

TweakTown image news/4/2/42288_01_north-korean-internet-infrastructure-suffers-another-outage.jpg

 

In the incident reported earlier in the week, it appears a distributed denial of service (DDoS) attack stopped Internet access for a brief period. Most Internet access in North Korea is reserved for high-ranking government officials and military personnel, reports indicate.

 

Despite countries focusing on developing cyberespionage weapons able to target foreign companies and governments, clearly not enough is being done to help improve cybersecurity. The United States, UK, North Korea, China, Russia, Iran, and other nations have greater cyberattack capabilities - but fall prey to their own data incidents on a frequent basis.

US government warns Sony breach tactics could be used in other attacks

The malware software and cybercriminal techniques used to cripple Sony Pictures could be used in additional attacks against US companies, according to a recent alert from the U.S. Computer Emergency Readiness Team (US-CERT). Specifically, the malware, which is similar to code used to target South Korean companies, is able to communicate with operators while spreading quickly and conducting brute-force password attacks against systems.

 

TweakTown image news/4/2/42286_01_government-warns-sony-breach-tactics-used-attacks.jpg

 

"Due to the highly destructive functionality of this malware, an organization infected could experience operational impacts including loss of intellectual property and disruption of critical systems," the US-CERT warning stated. It's true that next-generation malware, written by increasingly skilled cybercriminal groups, has a wide variety of different purposes. Although stealing and compromising infected PCs remains lucrative, cyberespionage would be better served by disrupting day-to-day operations of necessary systems.

 

North Korea has been blamed by the US government for the attack against Sony Pictures, a charge it vehemently denies - has dedicated resources to improving its cyberattack capabilities.

Continue reading 'US government warns Sony breach tactics could be used in other attacks' (full post)

Lizard Squad stop DDoS of PSN and Xbox Live thanks to Kim Dotcom

Thanks to the "Lizard Squad", many bright-eyed youngsters were left out of luck - being unable to connect their new Santa-given PlayStation's and XBOX's to their respective online gaming and content networks.

 

TweakTown image news/4/2/42281_024_lizard-squad-stop-ddos-psn-xbox-live-thanks-kim-dot-com.jpg

 

This group of hackers targeted both of these large-scale online mediums on the 25th of December, seeing Kim Dotcom come in as some kind of savior - offering them 3,000 lifetime premium Mega accounts worth $99 each in return for PSN and XBOX Live's safety. The squad accepted, stopping the DDoS atacks instantly, vowing never to return.

 

According to a Twitter post, this deal is only made true if "they don't attack Xbox Live & PSN again. #ThatsTheDeal," in the words of Dotcom himself.

Continue reading 'Lizard Squad stop DDoS of PSN and Xbox Live thanks to Kim Dotcom' (full post)

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases