Category Security

Court Rules Against Workplace Hackers

VS

Thanks to the U.S. district court, your computer equipment can be seized without warning if you proclaim yourself to be a hacker. This court, I am sorry to say, in Bums-ville, Idaho, had recently decided it was okay to confiscate a software developer’s system. Why did they do this? Because his website stated: “We like hacking things and don’t want to stop.” Whose website is it? Well, it belongs to a man named Corey Thuen.

Corey Thuen runs a new start-up named Southfork Security. It is working in the ICS/SCADA security space. They are made up of former security researchers of the Idaho National Laboratory.   Thuen was working for Battelle which is a business of innovation (whatever that means). On their website, they state, “Battelle is solving what matters most for our clients today...

Read More
Computer-Password-Security-Hacker

Computer-Password-Security-HackerSpamhaus, a Dutch anti-spam group, was attacked in what was called the “biggest cyber-attack ever.”  One so powerful, it reportedly slowed down sections of the internet in Europe.

A London teen has been arrested by British police (in April) on suspicion of involvement in the attack. The unknown teen was arrested at the same time as the main suspect Sven Olaf Kamphuis.

The unknown teen was found sitting in front of his computer and still logged into various systems and forums.  It was also reported he a had significant amount of money flowing through his bank account.

The attacker used what is known as DDoS attacks.  His motive continues to be a mystery at this time.

The 16-year old is currently out on bail.

DDoS attacks are a distributed denial-of-service attack and it is an attempt to ...

Read More

TouchID Not As Secure As You Think

iPhone 5s Fingerprint

The new iPhone 5s was released and just a day and a half later, the Chaos Computer Club hackers were able to bypass the fingerprint bio-metric scanner TouchID.
Dan Riccio, Senior Vice President of Apple Hardware Engineering, stated, “you’re fingerprint is one of the best passwords in the world. It’s always with you, and no two are exactly alike.”

Even though that may be true on some levels, watch the following video and see just how easy and quickly the fingerprint security is setup and circumvented.

With the new iOS and hardware, you can use your fingerprint as the password to unlock your phone and it can be setup to enable your phone to authorize purchases through Apple stores for music, movies, TV series, applications, and books...

Read More

Belgian Telco Belgacom Was Hacked

System Failure

Belgacom security/systems were not only hacked into but they also fell prey to a virus attack.  The malware was so complex, that they think an intelligence agency was probably to blame.

Belgacom is the largest telco company in Belgium.  Headquartered in Brussels, Belgacom Group is primarily state owned with the Belgian state holding 53.3% + 1 share.  Their offerings include fixed line communication through the Belgacom brand, mobile communications through the Proximus brand, and ICT services to the professional market under the Telindus brand.

These attacks were uncovered in June of this year, and the third party intruders have yet to be identified.  They penetrated the systems and inserted a virus which reached at least 30 servers and workstations...

Read More

Microsoft’s 10 Immutable Laws of Security

Microsoft

 
These laws are all common sense. When I found them I thought I would take the opportunity to post them for those of you that are far too busy to bother yourself with such trivial concepts (you know exactly who you are!):
 
Law #1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore
 
Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore
 
Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore
 
Law #4: If you allow a bad guy to upload programs to your website, it’s not your website any more
 
Law #5: Weak passwords trump strong security
 
Law #6: A computer is only as secure as the administrator is trustworthy
 
Law #7: Encrypted data is only as se...

Read More

Say Cheese! Welcome to the Internet

Stop looking at me!

 
If you are a private person that does not care to have your mug plastered all of the world wide web then you have undoubtedly noticed that it is getting harder and harder to keep images of yourself to yourself. With the increase in small cameras being manufactured into just about every portable gadget from phones, PDA’s, and laptops, to hats, sunglasses and even stuffed animals, it’s just about impossible to remain a shadow.
 
This problem is compounded even further when there are small applications that can be installed on any platform that will quietly take pictures from webcams without your knowledge or consent. Mr. Kyle McDonald programmed an application that will patiently wait and watch like a digirati sniper until it recognizes that there is a face in the frame...

Read More

Hacking In Northern Ireland

Britain's former Northern Ireland secretary Peter Hain

 
I would just like to point out that even though the image appears to be Mr. Hain showing us the size of his penis, it simply is not the case (it clearly is an exaggeration). :)
 
Now for the news…
 
Former Northern Ireland secretary Peter Hain is caught up in an ongoing investigation where his computer may have been compromised by cyber criminals. These individuals are said to be private detectives and intelligence agents who are working under the direction of News International. On top of that Senior Northern Ireland civil servants may also have been hacked (Plot Thickens).
 
What were these individuals after you might ask?  Well his system most likely contained sensitive intelligence material of course...

Read More

Visualization of Attack on VOIP Server

I happened to be clicking around YouTube when I found this gem. It is an interesting visualization of a single attack aimed at a VOIP network server and its clients. Kind of takes me back to 1995 and the movie Hackers (hmmm Angelina Jolie, whoops I’ll stop drooling now) when Hackers of the world united together to take down the Gibson super computer.

 

 

Source: New Scientist

Read More

Another day, Game Company Hack

It seems that three Codemasters websites (Codemasters.com website, DiRT 3 VIP code redemption page, The Codemasters EStore) were hacked Friday and its believed that customer names, usernames, screen names, email addresses, date of birth, encrypted passwords, newsletter preferences, any biographies entered by users, details of last site activity, IP addresses and Xbox Live Gamertags were compromised. An email from Codemasters states that they use external payment providers “meaning your payment details were not at risk from this intrusion.”

The Codemasters website will be down until a new one launches in “the foreseeable future” instead redirecting to the company’s Facebook page.

I wonder who’s next?

Read More

Not Everyone Who Electronically Steals is a Hacker

After hackers stole $300k from the account of a construction company in Maine the company sued the bank with the thought that the bank was responsible for the security on the account.  Magistrate Judge John Ridge sided with Ocean Bank and dismissed the claim.  He says the reason is that the people at Patco Construction Company should have done more to protect their credentials.

Reportedly, hackers sent malicious e-mails to the company that installed the Zeus password-stealing trojan on an employee computer.  After the account had enough money in it a series of wire transfers went through, and it was off to the races.  Of course, once Patco realized the issue they contacted the bank, and were able to stop about $240k of the $600k that was going out...

Read More