Hacking, Security & Privacy News - Page 5

All the latest Hacking, Security & Privacy news with plenty of coverage on new data breaches and leaks, new hacks, ways to protect yourself online & plenty more - Page 5.

Follow TweakTown on Google News

Nintendo Switch homebrew project shutdown after new Zelda game leaks

Kosta Andreadis | May 8, 2023 1:57 AM CDT

Lockpick is a tool used to legitimately play Nintendo Switch games on PC, in that it's designed to work with games you own via accessing the physical files and keys. With the upcoming The Legend of Zelda: Tears of the Kingdom leaking ahead of its launch, the creators of Lockpick have reportedly received a DMCA takedown notice from Nintendo.

Nintendo Switch homebrew project shutdown after new Zelda game leaks

One of Lockpick's programmers/contributors took to Twitter to confirm this by stating, "Nintendo has just issued multiple DMCA takedown requests to GitHub, including for Lockpick, the tool for dumping keys from your own Switch."

He argues that pirates that emulate software do not use keys from their own copies of games, though emulation has always been a legal grey area regarding what and what you cannot do with the physical copies of games you own.

Continue reading: Nintendo Switch homebrew project shutdown after new Zelda game leaks (full post)

Google Authenticator one-time passwords will now sync with your Google account

Kosta Andreadis | Apr 24, 2023 10:56 PM CDT

Google Authenticator is a popular app that gives your accounts an additional layer of two-step authentication security and is widely used by millions. But, it's the sort of app that is limited to a single Android or iOS device, which puts a lot of pressure on people to ensure that they don't lose their smartphone where Authenticator is installed.

Google Authenticator one-time passwords will now sync with your Google account

It's a potential issue that Google is well aware of, and it is looking to remedy it by making the one-time passwords backup and sync to your Google Account.

"One major piece of feedback we've heard from users over the years was the complexity in dealing with lost or stolen devices that had Google Authenticator installed," writes Christiaan Brand, Google's Group Product Manager, in a new blog post. "Since one-time codes in Authenticator were only stored on a single device, a loss of that device meant that users lost their ability to sign in to any service on which they'd set up 2FA using Authenticator."

Continue reading: Google Authenticator one-time passwords will now sync with your Google account (full post)

Patch Chrome now, as Google's browser has a nasty security flaw

Darren Allan | Apr 19, 2023 3:10 PM CDT

Google has pushed out an update for its Chrome browser to patch up a serious vulnerability.

Patch Chrome now, as Google's browser has a nasty security flaw

This is a fix for a zero-day security flaw (CVE-2023-2136), so it's been deployed in a fair old hurry by Google, which acknowledged that it was aware that an exploit for the vulnerability exists in the wild (meaning malicious actors out there have already leveraged this flaw to their advantage).

Bleeping Computer reports that running the new version of Chrome, 112.0.5615.137 (or 138), ensures that this problem is cured, and indeed a bunch of other vulnerabilities - eight of them in total.

Continue reading: Patch Chrome now, as Google's browser has a nasty security flaw (full post)

Hackers discover they can remotely make Tesla's honk uncontrollably

Jak Connor | Mar 29, 2023 1:33 AM CDT

A team of security researchers found a slew of vulnerabilities within Tesla's that give them control over a few different parts of the vehicle.

Hackers discover they can remotely make Tesla's honk uncontrollably

The security researchers work for Synacktiv, a security research firm that supported the team presenting their findings at the Pwn2Own conference in Vancouver last week. The researchers explained that a string of three vulnerabilities within the software allowed them to take control system to turn off the car lights, honk the horn, open the trunk, activate the windshield wipers, and play with the infotainment system.

Notably, the researchers explained the first security vulnerability was discovered in the vehicle's Bluetooth settings, and the second vulnerability gave the hackers enough vulnerability to become root, or in layman's terms, obtain the highest level of administrative access to the system. Once the security researchers gained root access, they were able to execute code in the infotainment system that gave them control of the security gateway, a component that sends specific commands to the vehicle.

Continue reading: Hackers discover they can remotely make Tesla's honk uncontrollably (full post)

There's now a fix for Windows 11's nasty 'acropalypse' security flaw

Darren Allan | Mar 27, 2023 9:44 AM CDT

Microsoft has swiftly deployed emergency fixes for a security flaw in Windows 11 that affected the Snipping Tool (and the Snip & Sketch app in Windows 10, too).

There's now a fix for Windows 11's nasty 'acropalypse' security flaw

Those screenshot-grabbing and editing utilities were blighted by an issue whereby cropped data in PNG image files wasn't being properly overwritten, playfully named the "acropalypse" bug.

In other words, when users crop a file, the part of the picture discarded could potentially be recovered and scrutinized by someone exploiting the flaw.

Continue reading: There's now a fix for Windows 11's nasty 'acropalypse' security flaw (full post)

Listen up, Google: Here's what YouTube should do to prevent channel hijacking

Cameron Wilmot | Mar 24, 2023 3:15 PM CDT

Over the past couple of days, the big news was that Linus Tech Tips, a huge YouTube channel with over 15 million subscribers, was hacked. The hackers were able to change the channel name and live stream a fake Elon Musk video trying to get viewers to send Bitcoin to them.

Listen up, Google: Here's what YouTube should do to prevent channel hijacking

Thankfully, Google helped Linus and his team recover his channel. Still, I can only imagine it would have been an incredibly stressful and nightmare-type situation while the recovery was in process. And it's not just Linus Tech Tips that was hacked. A few weeks ago, Andy from eTeknix suffered the same fate after being conned by a fake video sponsorship scheme where the victim is tricked into opening what appears to be an agreement PDF - the "PDF" file is the malware.

Once opened, the malware sends the user's data to the hacker. It does not matter how strong your password is or if you have enabled two-factor authentication. It's not entirely clear which data is sent, but the critical data we know that is sent includes the user's browser data, including actively logged-in session tokens and cookies. Once obtained, the hacker can carefully plan an attack on the unsuspecting victim, usually when they are asleep.

Continue reading: Listen up, Google: Here's what YouTube should do to prevent channel hijacking (full post)

Linus Tech Tips, one of the most popular tech YouTube channels, got hacked

Kosta Andreadis | Mar 23, 2023 11:27 PM CDT

UPDATE: It looks like the Linus Tech Tips channel has been restored, with the channel re-appearing literally moments after this story went live. Here's the original article.

Linus Tech Tips, one of the most popular tech YouTube channels, got hacked

Popular and long-running tech-focused YouTube channel Linus Tech Tips (and those associated with the Linus Media Group) was hacked overnight and used as a platform to promote crypto scams. After a few tumultuous hours, the account was ultimately delisted.

The channel is still down, though a statement released by channel owner Linus Sebastian notes that "we are now on top of it with Google's team now." Adding that "we are getting to the bottom of the attack vector with the (hopeful) goal of hardening their security around YouTube accounts and preventing this sort of thing from happening to anyone in the future."

Continue reading: Linus Tech Tips, one of the most popular tech YouTube channels, got hacked (full post)

Basketball fans, take note: NBA warns of personal details leaked in data breach

Darren Allan | Mar 20, 2023 11:56 AM CDT

The NBA has warned about a data breach that has resulted in the theft of some personal details.

Basketball fans, take note: NBA warns of personal details leaked in data breach

That personal data was stolen from what's described as a third-party newsletter service. Those affected have reportedly been contacted by the NBA and notified of the breach, and that some personal info was leaked, including names and email addresses.

However, the NBA clarified that its own systems had not been hacked, and that usernames, passwords, and suchlike have not been compromised.

Continue reading: Basketball fans, take note: NBA warns of personal details leaked in data breach (full post)

Massive ACER data breach sees hacker putting up 160GB of data for sale

Kosta Andreadis | Mar 8, 2023 9:01 PM CST

Taiwanese computer company Acer has confirmed that it has experienced a massive data breach. However, its investigation into the hack indicates that customer data has not been stolen and is limited to things found on a server for repair technicians. The confirmation arrives after a hacker put up the data for auction on a popular hacker forum - claiming that 160GB of data had been stolen.

Massive ACER data breach sees hacker putting up 160GB of data for sale

The hacker claims that the data includes "confidential" internal slides and presentations, staff documentation for technical support, Windows images, product information across various devices, "tons of BIOS stuff," and other files. The threat actor shared screenshots of schematics for an Acer display and other confidential documents to prove the data theft was real.

There isn't a price set other than the data will go to the highest bidder with the condition that payment is made via the hard-to-trace cryptocurrency Monero.

Continue reading: Massive ACER data breach sees hacker putting up 160GB of data for sale (full post)

Windows 11 just got some vital security updates, so don't hang around, patch now

Darren Allan | Feb 15, 2023 9:30 AM CST

Windows 11 just got a raft of security fixes in the latest round of monthly patching from Microsoft, including some crucial ones.

Windows 11 just got some vital security updates, so don't hang around, patch now

In fact, there are three fixes for zero-day vulnerabilities provided, meaning bugs in Windows 11 which are public knowledge. And in this case, these security flaws are being actively exploited by nefarious types - so they represent a clear potential danger to Windows 11 users.

In total, there are 77 vulnerabilities fixed by Microsoft's February patch for Windows 11 PCs, and nine are labeled as 'critical.'

Continue reading: Windows 11 just got some vital security updates, so don't hang around, patch now (full post)