Technology content trusted in North America and globally since 1999
7,772 Reviews & Articles | 57,636 News Posts

Hacking & Security Posts - Page 1

TIO Network suffers data breach, affecting 1.6 million users

By: Jak Connor | More News: Hacking & Security | Posted: 1 week, 3 days ago

TIO Networks is a telecom, wireless, cable and utility network operator in North America that also offers bill payment services, earlier this year PayPal purchased this company for $233 million and now it has come out that TIO network has had their data compromised. PayPal announced on November 10th that there was a potential breach in the TIO network but now has later confirmed that they "identified a potential compromise of personally identifiable information for approximately 1.6 million customers.

 

tio-network-suffers-data-breach-effecting-1-6-million-users_06

 

Thankfully PayPals systems are not linked in anyway to that of TIO networks as PayPal reassures customers that their data remains in secure hands.

 

"A review of TIO's network has identified a potential compromise of personally identifiable information for approximately 1.6 million customers. The PayPal platform is not impacted in any way, as the TIO systems are completely separate from the PayPal network, and PayPal's customers' data remains secure."

Continue reading 'TIO Network suffers data breach, affecting 1.6 million users' (full post)

Former NSA worker admits to stealing Russian hacked data

By: Jak Connor | More News: Hacking & Security | Posted: 1 week, 4 days ago

Nghia Pho, a former NSA employee has pleaded guilty to taking home classified information that was soon after linked to a hack from Russian intelligence. Pho will be sentenced on April 6th and has had his maximum penalty capped at 8 years, which would usually be 10 years.

 

former-nsa-worker-admits-stealing-russian-hacked-data_02

 

According to sources of The New York Times, Pho stole the information both in physical and digital form between 2010 and 2015, then proceeded to intentionally use this information to then rewrite his resume. The hack came through exploited Kaspersky anti-virus software which the company was not aware of at the time. Kaspersky was aware that it has held NSA data but it is not clear whether it was that specific data or not.

 

Recently the NSA has had to deal with many leaks, scrambling to fix all these leaks could either motivate others to come forward and blow the whistle, or they could see Pho be made an example of, putting fear into others that were considering coming forward because of the penalty.

Yahoo now admits 3 billion accounts were breached

By: Anthony Garreffa | More News: Hacking & Security | Posted: Oct 4, 2017 4:37 am

The massive breach of Yahoo looks like it was worse than the original stories, which were already bad, but now Yahoo has said that all 3 billion users had their accounts breached.

 

yahoo-now-admits-billion-accounts-breached_01

 

Yahoo first reported 1.5 billion accounts had been breached in 2013, something that was announced just days before Verizon acquired the search giant. Verizon, which now owns Yahoo, has said that the attack had breached every Yahoo account... which means 3 billion accounts were attacked.

 

Verizon disclosed the new findings after an internal investigation into the 3 billion account breach, working with the SEC. The filing reads: "Subsequent to Yahoo's acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft".

Continue reading 'Yahoo now admits 3 billion accounts were breached' (full post)

Biggest data breach in India affects 120 million users

By: Lana Jelic | More News: Hacking & Security | Posted: Jul 10, 2017 2:34 pm

Jio, a mobile network operator in India, is currently experiencing what could be the biggest data breach in India.

 

biggest-data-breach-india-affects-120-million-users_01

 

Jio is one of the fastest growing carriers in India and the whole world and was made famous by their launch of a nationwide LTE network for a very low price. They launched their network in September of last year, and have over 120 million users in less than a year. However, it appears that their speedy launch may have come at a cost.

 

Jio's customer's data has been leaked revealing many sensitive details, including customer's names, last names, phone numbers, emails, SIM Activation Date and even their Aadhaar Number.

Continue reading 'Biggest data breach in India affects 120 million users' (full post)

Huge security flaw: Keylogger found on HP laptops

By: Lana Jelic | More News: Hacking & Security | Posted: May 11, 2017 8:23 pm

Swiss cyber-security company Modzero discovered some worrying security flaws in certain HP laptops and made them public.

 

huge-security-flaw-keylogger-found-hp-laptops_01

 

According to their report, some HP laptops come with an audio driver that includes a feature which would be best described as a keylogger. This feature records all the user's keystrokes and saves the information into a local file, which is accessible to third-party software or malware.

 

The keylogger feature was discovered in the Conexant HD Audio Driver Package version 1.0.0.46 and earlier. The audio driver in question is preinstalled on the HP laptops.

 

The problem with this is that it shouldn't be storing a local unencrypted record of your keystrokes. This behavior opens your personal keystrokes to anyone that has access to your computer. Both local and remote, which means your passwords can be compromised. This is a huge risk, especially because the affected laptops from HP are enterprise notebooks that could make businesses vulnerable.

Continue reading 'Huge security flaw: Keylogger found on HP laptops' (full post)

Qualcomm announces vulnerability bounty program

By: Lana Jelic | More News: Hacking & Security | Posted: Nov 17, 2016 12:30 pm

Qualcomm announced they are launching a vulnerability rewards program (also known as a bounty) designed to expand their collaboration with invited white hat hackers. The company firmly believes that these type of hackers will help to improve the security of their Snapdragon family and LTE modems by finding the vulnerabilities and then reporting them to Qualcomm to fix.

 

qualcomm-announces-vulnerability-bounty-program_01

 

The program is the first of its kind to be announced by a major silicon vendor. The program will be administered in collaboration with vulnerability coordination platform HackerOne. This also takes Qualcomm another step towards becoming one of the most secure silicon vendors in the industry.

 

Qualcomm says that they will offer up to $15,000 per vulnerability. By comparison, Google has numerous vulnerability bounties that range from $500 to $20,000. Apple, on the other hand offers up to $200,000 per vulnerability discovered on its devices.

Continue reading 'Qualcomm announces vulnerability bounty program' (full post)

Huge cyber attack involved 10s of millions IP addresses

By: Lana Jelic | More News: Hacking & Security | Posted: Oct 23, 2016 3:33 pm

Tens of millions of IP addresses were used to take down popular websites like Twitter, Spotify and Netflix on Friday by so far unknown sources. The DDoS attack on the DynDNS started on Friday morning, but the service was restored around 9:30 AM ET. However, around Friday noon, another attack began. Service was restored at approximately 1:00 PM ET same day, but many users had reported they had issues with certain websites.

 

huge-cyber-attack-involved-10s-millions-ip-addresses_01

 

Dyn reported there was an attempt of a third attack wave, but the were able to successfully mitigate it without customer impact.

 

Dyn issued a statement saying they are continuing their investigation.

 

At this point, we know this was a sophisticated, highly distributed attack involving 10s of millions of IP addresses. We are conducting a thorough cause and forensic analysis and will report what we know in a responsible fashion. The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack.

Continue reading 'Huge cyber attack involved 10s of millions IP addresses' (full post)

Major cyber attack knocks out popular websites

By: Lana Jelic | More News: Hacking & Security | Posted: Oct 21, 2016 7:29 pm

Twitter, Spotify, Amazon, Netflix, Reddit, Etsy and many other popular websites went offline earlier today due to a massive cyber attack on the DynDNS, a world renowned Domain Name Servers (DNS) service provider.

 

major-cyber-attack-knocks-popular-websites_01

 

Dyn issued a statement acknowledging the attack.

 

Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available. This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our Engineers are continuing to work on mitigating this issue.

 

The DDoS attack began this morning, but the service was restored around 9:30 AM ET. However, around noon, another attack began. According to DownDetector's outage map, the DDoS attack is primarily targeting US users.

Continue reading 'Major cyber attack knocks out popular websites' (full post)

This map shows cyber attacks in real-time

By: Lana Jelic | More News: Hacking & Security | Posted: Oct 4, 2016 1:45 pm

Tens of thousands of cyber attacks occur every second, but it's hard to imagine and visualize the number of attacks. Norse, a company from California that provides intelligence to many different companies, has created an interactive map where users can watch the cyber attacks in real-time.

 

cyber-attacks_01

 

The attacks are shown with colored lines that connect the source and the target of the attack. Norse tracks these attacks with the help of more than 8 million sensors located in 47 different countries.

Continue reading 'This map shows cyber attacks in real-time' (full post)

France's new bank cards feature ever-changing digits

By: Sean Ridgeley | More News: Hacking & Security | Posted: Oct 3, 2016 6:02 pm

French digital security company Oberthur Technologies has developed a revolutionary new bank card that should make it very difficult for fraudsters to do any damage to your account. Called Motion Code, the technology sees that three digit PIN on the back of your card change every hour for three years, meaning anyone who steals your card or acquires the digits will have minimal time to spend your money.

 

frances-new-bank-cards-feature-changing-digits_1

 

Most fraud occurs hours or days after cards are stolen, but no doubt the criminals will catch on and spend the money quicker upon recognizing a Motion Code card.

 

The downside is added difficulty in using your card remotely: no longer will you be able to memorize the PIN and use it regardless of whether you have your card on you or not. But for most, it's likely well worth it.

Continue reading 'France's new bank cards feature ever-changing digits' (full post)

loading