Security

Report: A Bunch Of Illegal Websites Seized By The FBI Were Fakes

The dark web owes the FBI a thank-you. It turns out that during its recent mass seizure operation against a number of Tor sites (including Silk Road 2.0), a little more than half of the sites taken down were either clones or scams — and, in a number of cases, the real, functional websites are…

State Department Computer Systems Hit by Hackers

Yesterday, the State Department announced that it’s had to temporarily shut down its email system and public websites following a breach of its computer systems. The Associated Press reports that the security breach didn’t ultimately affect its classified systems. “This has impacted some of our unclassified email traffic and our access to public websites from…

America’s nukes are in a shocking state of neglect. A recent Pentagon review found outdated equipment, weak leadership, and abysmal morale among the people responsible for maintaining and launching these massively destructive weapons. Billions of dollars will be required over the next five years to ensure its security and safety.

Apple Says So-Called Security Flaw Isn’t Actually a Security Flaw

Earlier this week, the internet was up in arms about a new iOS vulnerability, dubbed ‘Masque Attack’, that was discovered by security firm FireEye. Apple have released a statement to iMore pointing out that Masque Attack isn’t really a flaw at all, and that it’s ‘not aware’ of anyone who’s actually been affected by the…

This Is How ATMs Get Hacked in Russia: Using Explosives

Forget super-skinny card skimmers and clever malware attacks. In Russia, many of the attempts to illegally obtain cash from ATMs are rather more crude—because they involve explosives. English Russia points out that more than 20 Russian ATMS have been blown up recentlyin an attempt to steal money. The site reports that criminals pump the cash…

Why Are ISPs Removing Their Customers’ Email Encryption?

Recently, Verizon was caught tampering with its customer’s web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reportedISPs in the US and Thailand intercepting their customers’ data to strip a security flag—called STARTTLS—from email traffic.…

Windows Has a Huge Vulnerabilty, Get the Patch Now

As scary as Heartbleed was this past spring, it looks like virtually every Microsoft Windows user is in for a little deja vu. Microsoft just released a critical patch for a huge server vulnerability—one that affects quite a few current versions of Windows out there. As of now, Microsoft isn’t aware of anyone actually taking…

Watch That Wi-Fi: Hackers Use Hotel Internet to Steal Nuclear Secrets

Security researchers recently identified an elite team of possibly state-sponsored hackers that infiltrate hotel Wi-Fi networks to gain access to the computers of high-level executives and leaders, probably to steal nuclear secrets. They’re calling this band of cyber-spies DarkHotel. Wired’s Kim Zetter recently published a report about Kaspersky Labs and its efforts to track down…

This Bizarre High-Security Lock Is Every Drunk Person’s Nightmare

While some people are trying to reinvent the lock by eliminating keys altogether, others solutions, like the XPUZMAG from Taiwan, are going in decidedly different direction—by taking a traditional lock-and-key mechanism and just making it a thousand times more complicated. Warning to the belligerent drunk about town: This lock is not your friend. Not only…

Why Don’t All Phones Have This Clever PIN Code Scrambler?

An upcoming build of the CyanogenMod operating system includes a simple but brilliant security feature called “Scramble PIN Layout.” It’s exactly what it sounds like: a way to scramble the keypad when you unlock your phone so that people can’t peek at your keystrokes and learn your PIN. Why don’t all phones have this feature?…

The US Postal Service Got Hacked

The U.S. Postal Service just made a bad-news delivery to its 800,000 employees: Their personal data, including social security numbers, may have been stolen. The good news: It doesn’t look like the pilfered information has been used. “It’s an unfortunate fact of life these days that every organization connected to the internet is a constant…

How to Lock Down Your Internet-Enabled Houseful of Gadgets

Our houses are quickly filling with an internet of things—smart TVs, DVRs, thermostats, and more all online, all the time. But to a hacker, each of these devices is a digital door or window into your home (network). Here’s what you need to do to keep your devices locked against outside intrusions. It sounds paranoid,…

Healthcare.gov Is Being Hacked—By the Government

Healthcare.gov wasn’t the Obama administration’s finest moment. But ahead of a second enrolment period which kicks off November 15th, the team behind the website are making sure the same problems don’t happen again—by hacking their own site. The AP reportsthat weekly white-hat hacking sessions are being used to simulate real attacks and ensure that the…

Hackers Ravaged Home Depot With a Password Stolen from a Vendor

Earlier this year Home Depot confirmed that 56 million cards had been compromised in one of the biggest retail security breaches in history. Now we know that much like the Target hack—which was traced to a heating company—Home Depot was infiltrated by custom malware and passwords stolen from a third party vendor. An article in…

A Creepy Website Is Streaming From 73,000 Private Security Cameras

It shouldn’t be so easy to peer into a stranger’s bedroom, much less hundreds of strangers’ bedrooms. But a website has collected the streaming footage from over 73,000 IP cameras whose owners haven’t changed their default passwords. Is this about highlighting an important security problem, or profiting off creepy voyeurism—or both? Insecam claims to feature…

New Malware Infects Macs and Then iPhones via USB

A team of security researchers has discovereda new malware campaign called WireLurker that targets Apple’s desktop and mobile devices. Currently aimed at Chinese users, the team says it’s “the biggest in scale we have ever seen.” Palo Alto Network explains that the malware has so far infected 467 applications designed for Apple’s Mac OS X…

Which Messaging Technologies Are Truly Safe and Secure?

In the face of widespread Internet data collection and surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer “secure messaging” products – but how can users know if these systems actually secure? The Electronic Frontier Foundation (EFF) released its Secure Messaging Scorecard, evaluating…

UK Security Chief: Privacy Has Never Been an Absolute Right

Major US technology companies are “in denial” as to how their services are being used by extremist groups, says Robert Hannigan, the new head of UK intelligence agency GCHQ. Calling out Twitter, Facebook and WhatsApp by name, Hannigan has requested that tech companies be more cooperative in sharing user information, stating that “privacy has never…

Report: A Flaw In Visa’s Contactless Card Lets Anyone Charge It $999,999

Contactless credit cards are a hit in the UK. But a British research team has revealed a serious security flaw that allows anyone to charge up to $999,999.99 in foreign currency to a nearby card, even while it’s still in a wallet or purse. Contactless cards let you buy things without a pin, up to…

How Hackers Reportedly Side-Stepped Google’s Two-Factor Authentication

Two-factor authentication is generally seen as the safest bet for protecting your Gmail account. But a harrowing tale from indie developer Grant Blakeman, whose Instagram was hacked through Gmail, reveals how not even two-factor authentication can beat every security threat. Writing on Ello, Blakeman describes how hackers gained access to his Instagram account through his…