Articles about hacking

ISP TalkTalk's Wi-Fi passwords Walk Walk thanks to Awks Awks router security hole

A years-old vulnerability continues to menace the security of some home Wi-Fi networks in the UK. The WPS feature in TalkTalk's Super Router can be compromised to steal the gateway's wireless network password, according to folks at software development house IndigoFuzz. The British ISP and telco was warned of the shortcoming …
Shaun Nichols, 22 May 2018
CCTV camera trained on a garden. Photo by Shutterstock

Signal bugs, car hack antics, the Adobe flaw you may have missed, and much more

Roundup Here's your guide to this week's infosec news beyond what we've already covered. ICE's extreme vetting plan melts away US Customs won't getting their massive terror predicting system after all. It's reported that America's immigration cops – ICE – have abandoned its call for the development of an artificially intelligent tool …
Shaun Nichols, 19 May 2018
Spock

Congratulations, we all survived Star Wars day! Now for some security headaches

Roundup May is already upon us, and as usual it has been a busy week for security news. Here's a summary of what didn't make it into El Reg this week, well, until now. Son of a glitch! Brainiacs at Vrije Universiteit in Amsterdam have detailed an attack called GLitch. It exploits Adreno GPUs built into Qualcomm-powered system-on-chips …
Shaun Nichols, 5 May 2018
bars broken in jail cell

Failbreak: Bloke gets seven years in the clink for trying to hack his friend out of jail

A Michigan fella will spend up to seven years and three months behind bars – for trying to hack government IT systems in the US state to get a friend out of jail. Konrads Voits, 27, of Ypsilanti, Michigan, received the 87-month sentence after he pleaded guilty to one federal charge of damaging a protected computer. He will …
Shaun Nichols, 30 Apr 2018
An upset woman with an empty wallet

AWS DNS network hijack turns MyEtherWallet into ThievesEtherWallet

Updated Crooks today hijacked internet connections to Amazon Web Services systems to ultimately steal a chunk of alt-coins from online cryptocurrency website MyEtherWallet.com. The Ethereum wallet developer confirmed on Tuesday morning that thieves redirected DNS lookups for its dot-com to a malicious website masquerading as the real …
Shaun Nichols, 24 Apr 2018
hands through the jail bars. Photo by shutterstock

British Crackas With Attitude chief gets two years in the cooler for CIA spymaster hack

The British teenager who was sufficiently talented and stupid to hack the webmail of the head of the CIA was today sent down for two years. Kane Gamble, who is now 18 but was 15 at the time of the attacks, blagged his way into the internet accounts of top American officials, including then-CIA chief John Brennan's AOL account …
Kieren McCarthy, 20 Apr 2018
baratov

Yahoo! webmail! hacker! faces! nearly! eight! years! in! the! cooler!

The Canadian hacker who helped Russian agents by breaking into more than 11,000 Yahoo email accounts could spend the next eight years behind bars, if American prosecutors get their way. The case against Karim Baratov entered its sentencing phase this week as both sides submitted to a California federal district judge their …
Shaun Nichols, 19 Apr 2018
letters stuffed in a mailbox. Photo by SHutterstock

Eight months after Equifax megahack, some Brits are only just being notified

Some of the 15 million Britons affected by the Equifax mega-hack are only now receiving letters notifying them that they were affected by the breach, eight months after the event. As we reported in September 2017, Equifax confessed to having been hacked, upping the number of affected people in the following weeks to a 145 …
Gareth Corfield, 19 Apr 2018
still of Ian McKellan as magneto in the x-men movie

Badmins: Magento shops brute-forced to scrape card deets and install cryptominers

Hackers have compromised hundreds of e-commerce sites running the popular open-source Magento platform to scrape credit card numbers and install crypto-mining malware. The Magento sites are being compromised through brute-force attacks using common and known default Magento credentials, threat intel firm Flashpoint has warned …
John Leyden, 3 Apr 2018
spy

Guccifer 2.0 outed, Kaspersky slammed, Oz radio hacker in the slammer, and more

Roundup Here's your easy-to-digest round up of information security news beyond everything we've already covered this week. DNC hacker outed as Russian 007 Guccifer 2.0, the hacker busy stealing and leaking emails from US Democratic Party servers amid the 2016 presidential elections, turned out, surprise, surprise, to be a Russian …
Iain Thomson, 24 Mar 2018
theft

Now that's a bad trip: 880k credit cards 'likely' stolen by Orbitz hackers

Vacation-booking biz Orbitz has warned that sensitive details on as many as 880,000 credit cards have "likely" been stolen from its servers by hackers. In a statement today, US-based Orbitz said it discovered evidence of an intrusion on one of its legacy platforms on March 1, and called in a third-party forensics team. It now …
Iain Thomson, 20 Mar 2018
Car crash

Auto manufacturers are asleep at the wheel when it comes to security

Cars are getting smarter every year but their increasing computational power isn’t being backed up by good IT security practices – hacking them is child’s play. That’s the conclusion of a series of speakers at the Kaspersky Security Analyst Summit. These security researchers have demonstrated how easy it is to introduce …
Iain Thomson, 10 Mar 2018
Mike Rogers

NSA boss: Trump won't pull trigger for Russia election hack retaliation

NSA boss Mike Rogers told a US congressional panel today that Russia’s online mischief-making in America's elections is not going to stop – because Uncle Sam isn’t hitting back. "I believe that President Putin has clearly come to the conclusion there’s little price to pay here, and that therefore I can continue this activity …
Iain Thomson, 27 Feb 2018
shutterstock_56353756-band

Fender's 'smart' guitar amp has no Bluetooth pairing controls

Updated Guitar amp manufacturer Fender's recently-introduced Mustang GT 100 guitar amplifier can be made to play whatever audio an attacker fancies, security researchers have discovered. The amp allows Bluetooth connections, but without pairing security. Anyone within range could therefore "stream arbitrary audio to it and hijack your …
John Leyden, 27 Feb 2018
Atlanta, GA skyline

You get a criminal record! And you get a criminal record! Peach state goes bananas with expanded anti-hack law

A proposed anti-hacking law in the US state of Georgia is raising all kinds of alarms – because it could chill security research, and criminalize anyone who breaks a website or ISP's T&Cs. The bill, SB 315, would expand the state's computer crime laws to include penalties for accessing a machine without permission even if no …
Shaun Nichols, 26 Feb 2018
jail

Russians behind bars in US after nicking $300m+ in credit-card hacks

Two Russian criminals have been sent down in America after pleading guilty to helping run the largest credit-card hacking scam in US history. Muscovites Vladimir Drinkman, 37, and Dmitriy Smilianets, 34, ran a massive criminal ring that spent months hacking companies to get hold of credit and debit card information. They then …
Iain Thomson, 16 Feb 2018
Lauri Love and girlfriend Sylvia Mann leaving the Royal Courts of Justice. Pic: Richard Priday

Accused Brit hacker Lauri Love will NOT be extradited to America

Accused hacker Lauri Love will not be extradited to United States to stand trial, the High Court of England and Wales ruled today. In a judgment handed down by the Lord Chief Justice, Lord Burnett of Maldon, upheld both of Love's grounds for appealing against District Judge Nina Tempia's 2016 order for him to be extradited to …

Stop us if you've heard this one before: Tokyo crypto-cash exchange 'hacked' for half a billion bucks

Japan-based cryptocurrency exchange CoinCheck says it has been taken for around $530m by hackers. The Tokyo-based exchange says it is working with cops and Japan's Financial Services Agency to investigate a heist CoinCheck admits went undetected for more than eight hours. CoinCheck believes the theft occurred Friday around …
Shaun Nichols, 26 Jan 2018

Create a news alert about hacking, or find more stories about hacking.

Biting the hand that feeds IT © 1998–2018