Last week, the code repository GitHub was taken off air in a 1.3Tbps denial of service attack. We predicted then that there would be more such attacks and it seems we were right. Arbor Networks is now reporting that a US service provider suffered a 1.7Tbps attack earlier this month. In this case, there were Read more about World’s biggest DDoS attack record broken after just five days using poorly configured memcache servers[…]

Computer speakers and headphones make passable microphones and can be used to receive data via ultrasound and send signals back, making the practice of air gapping sensitive computer systems less secure. In an academic paper published on Friday through preprint service ArXiv, researchers from Israel’s Ben-Gurion University of the Negev describe a novel data exfiltration Read more about Air gapping PCs won’t stop data sharing thanks to sneaky speakers[…]

Two Russian criminals have been sent down in America after pleading guilty to helping run the largest credit-card hacking scam in US history.Muscovites Vladimir Drinkman, 37, and Dmitriy Smilianets, 34, ran a massive criminal ring that spent months hacking companies to get hold of credit and debit card information. They then sold it online to Read more about Russians behind bars in US after nicking $300m+ in credit-card hacks[…]

Last year, a vigilante hacker broke into the servers of a company that sells spyware to everyday consumers and wiped their servers, deleting photos captured from monitored devices. A year later, the hacker has done it again. Thursday, the hacker said he started wiping some cloud servers that belong to Retina-X Studios, a Florida-based company Read more about A Hacker Has Wiped a Spyware Company’s Servers—Again[…]

Telegram has fixed a security flaw in its desktop app that hackers spent several months exploiting to install remote-control malware and cryptocurrency miners on vulnerable Windows PCs.The programming cockup was spotted by researchers at Kaspersky in October. It is believed miscreants have been leveraging the bug since at least March. The vulnerability stems from how Read more about Telegram desktop app exploited for malware, cryptocurrency mining[…]

In its original announcement of the hack, the company had revealed that some driver’s license numbers were exposed. The new documents show that the license state and issue date might have also been compromised. Equifax spokesperson Meredith Griffanti told CNNMoney Friday that the original list of vulnerable personal information was never intended to represent the Read more about The Equifax hack could be worse than we thought[…]

The Grammarly browser extension, which has about 22 million users, exposes its authentication tokens to all websites, allowing any to access all the user’s data without permission, according to a bug report from Google Project Zero’s Tavis Ormandy. The high-severity bug was discovered on Friday and fixed early Monday morning, “a really impressive response time,” Read more about Bug in Grammarly browser extension exposes virtually everything a user ever writes[…]

ash machines in the US are being hacked to spew hundreds of dollar bills – a type of theft dubbed “jackpotting” because the ATMs look like slot machines paying out winnings.A gang of miscreants have managed to steal more than $1m from ATMs using this attack, according to a senior US Secret Service official speaking Read more about Crooks make US ATMs spew million-plus bucks in ‘jackpotting’ hacks[…]

https://github.com/NullArray/AutoSploitAs the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache, IIS, etc, upon which a list of candidates will be retrieved. After this operation has Read more about AutoSploit searches shodan for weak machines and metasploit to hack them for you[…]

The crooks had infected the network of Hancock Health, in Indiana, with the Samsam software nasty, which scrambled files and demanded payment to recover the documents. The criminals broke in around 9.30pm on January 11 after finding a box with an exploitable Remote Desktop Protocol (RDP) server, and inject their ransomware into connected computers. Medical Read more about Hospital injects $60,000 into crims’ coffers to cure malware infection[…]

BCC and MediaMarkt are large electronics stores in NL. Ziggo is a large internet ISP. By linking to fake pages through marktplaats.nl (the Dutch ebay / Craigslist equivalent) people were able to shop for products on the fake sites, which were never delivered. Using a chat interface, the crims tried to gain access to the Read more about 300 Dutch customers fell for fake popular website ring. Perps picked up and given a few months of prison time.[…]

The exploit allowed hackers to request a password reset for a target account and then click the generated link without opening the email it had been sent in. How was this possible? Theories circulated, buoyed by posts on Hacker Noon and The Next Web. It was the r/bitcoin users out to cause trouble; Or was Read more about How a Reddit Email Vulnerability Led to Thousands in Stolen Bitcoin Cash[…]

Malware discovered by Symantec researchers sneakily spoofs Uber’s Android app and harvests users’ passwords, allowing attackers to take over the effected users’ accounts. The malware isn’t widespread, though, and most Uber users are not effected. […] In order to steal a user’s login information, the malware pops up on-screen regularly and prompts the user to Read more about Rare Malware Targeting Uber’s Android App Uncovered[…]

The basic principle behind this attack is that sound waves introduce mechanical vibrations into an HDD’s data-storage platters. If the sound is played at a specific frequency, it creates a resonance effect that amplifies the vibration effect.Because hard drives store vasts amounts of information inside small areas of each platter, they are programmed to stop Read more about Acoustic Attacks on HDDs cause them to shut down[…]

A breach at Forever 21 left customer payment card information exposed to hackers, the retailer confirmed Thursday. The company didn’t specify how many customers had information stolen, but said various point of sales terminals were affected between April 3 and November 18, 2017. Hackers collected credit card numbers, expiration dates, verification codes and sometimes cardholder Read more about Forever 21: Yes, hackers breached our payment system for half of 2017[…]

t is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.The fix is to separate the kernel’s memory completely from user Read more about ‘Kernel memory leaking’ Intel / ARM processor design flaw forces Linux, Windows, OSX redesign, massive slowdowns to be expected[…]

A Romanian man and woman are accused of hacking into the outdoor surveillance system deployed by Washington DC police, which they used to distribute ransomware.The two suspects are named Mihai Alexandru Isvanca and Eveline Cismaru, Romanian nationals, both arrested last week by Romanian authorities part of Operation Bakovia that culminated with the arrest of five Read more about Hackers Used DC Police Surveillance System to Distribute Ransomware[…]

Nissan Canada’s vehicle-financing wing has been hacked, putting personal information on as many as 1.13 million customers in the hands of miscreants. […] According to Nissan Canada, the exposed data includes at least customer names, addresses, vehicle makes and models, vehicle identification numbers (VINs), credit scores, loan amounts and monthly payment figures. “We are still Read more about Nissan Canada Finance hacked, up to 1.1m Canucks exposed[…]

Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models.Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work.HP said more than 460 models of laptop were affected by the “potential security vulnerability”.It Read more about HP laptops found to have hidden keylogger – BBC News[…]