Security researchers at Pen Test Partners have found a security vulnerability in the iKettle Wi-Fi Electric Kettle that allows attackers to crack the password of the WiFi network to which the kettle is connected. Researchers say that using this simple trick and information about iKettles, they drove around London, cracked home WiFi networks, and created Read more about Tattling Kettles Help Researchers Crack WiFi Networks In London[…]

This rig is able to send radio waves at an iPhone or Android with its headphones still plugged in, using the headphone cable as a receiver that picks up the radio signals and relays them to the operating system’s voice recognition software. Source: Hackers Can Use Radio Waves to Hijack Androids and iPhones via Siri Read more about Hackers Can Use Radio Waves to Hijack Androids and iPhones via Siri and Google Now[…]

Flat, firewall-free network was a walk in the park, boffins say.[…]They say the casino lacked even basic firewalls around its payment platforms and did not have logging. “It was a very flat network, single domain, with very limited access controls for access to payment systems,” Emmanuel Jean-Georges told the Cyber Defence Summit (formerly Mircon) in Read more about Jackpot: New hacking group steals 150,000 credit cards from casino[…]

“It appears that the focus was to obtain contact information such as names, addresses, email addresses and phone numbers of current and former subscribers in order to send fraudulent solicitations.”[…]“As part of the investigation to date, we also determined that payment card and contact information for fewer than 3,500 individuals could have been accessed, although Read more about Dow Jones hacked for 3 years, 3500 of 1%ers data taken[…]

Dridex, which seeks to harvest users’ banking credentials, apparently originates with what the NCA’s release describes as ‘technically skilled cyber criminals in Eastern Europe’, and is said to target both individuals and consumers alike. Losses in the UK to the attacks are currently estimated at £20mn. Source: FBI and NCA join forces against Dridex banking Read more about Dridex banking malware steals GBP 20m +[…]

Depressingly familiar and stupid mistakes in EEG kit, health org’s storage of recorded brains Source: Hackers can steal your BRAIN WAVES EEG results are basically not encrypted or stored or transmitted any way securely, allowing them to be stolen, replayed and altered in transit. It’s not too much of a problem to fix, but it Read more about Hackers can steal your BRAIN WAVES[…]

Researchers have created an app that follows the micro-movements of your smartwatch and is able to detect what keys you’re pressing with your left hand and thus guess what words you may be typing on a keyboard. Source: Creepy Smartwatch Spies What You Type on a Keyboard – Softpedia

A British infosec company has found that cheap thermal imaging accessories for smartphones can be used to glean personal identification numbers entered on push-button security devices on bank ATMs.. Thermal imaging devices used to be bulky and expensive, but Sec-Tec told iTnews they can now be bought cheaply as compact iPhone accessories – for instance, Read more about Cheap thermal imagers can steal user PINs[…]

You can be identified by how you type, even behind proxies and Tor. Protect yourself with KeyboardPrivacy. Source: Behavioral Profiling: The password you can’t change. Some websites are storing your typing patterns and it turns out that after some training, systems can identify who is in a system by the way in which passwords are Read more about Behavioral Profiling: The password you can’t change. Your identity through how you type[…]

UCLA Health hospitals say hackers may have accessed personal information and medical records on 4.5 million patients.The California medical group admitted today that miscreants infiltrated its computer systems as long ago as September. It is possible the intruders accessed databases holding patient names, addresses, dates of birth, social security numbers, medical records, health plan numbers, Read more about Hackers invade systems holding medical files on 4.5 million California patients[…]

A spokeswoman for AFC Kredieten, when asked if customers whose data had been stolen had been informed, replied: “They are not our customers. They are applicants, we had not necessarily organised a loan for them yet. AFC Credits is the victim here. What that group did is illegal and writing about it would be against Read more about AFC Kredieten loan application data hacked, company responds: Meh, not our customers[…]

Source: WikiLeaks – The Hackingteam Archives

And let the shouting begin about who’s fault it was. ‘Most devastating cyber attack in US history’ Source: As the US realises it’s been PWNED, when will OPM heads roll? • The Register “Incidentally, the stolen OPM database was reportedly being offered on Hell, an onion site hosting a e-crim forum. According to Brian Krebs. Read more about US personel files and intelligence agents copied – multiple disclosures, could be 18million records out[…]

Because people don’t every patch their BIOSes, it is extremely likely that the vast majority of systems in the wild are vulnerable to at least one known exploit. We made public the details of the new SMM “Incursion” vulnerabilities (CERT VU# 631788, reported Oct 29th), that can be found automatically from SMM dumps. We showed Read more about Lighteater goes through BIOS owns your PC[…]

These extreme hacks rise above the unending morass of everyday, humdrum hacks because of what they target or because they employ previously unknown, unused, or advanced methods. They push the limit of what we security pros previously thought possible, opening our eyes to new threats and systemic vulnerabilities, all while earning the begrudging respect of Read more about Be paranoid: 10 terrifying extreme hacks[…]

Security researchers presenting at this week’s RSA Conference in San Francisco, have uncovered a whole new compelling reason to switch off your phone. Skycure’s Yair Amit and Adi Sharabani have demonstrated a startling vulnerability in iOS that can allow malicious hackers to crash any iOS device within range of a WiFi hotspot. And it doesn’t Read more about How to crash any iPhone or iPad within WiFi range[…]

ubiquiti makes some pretty cool wifi mesh networking stuff that does some cool things. however by violating GPL they are actually introducing as well as not fixing known security vulnerabilities into networks running their hardware. http://libertybsd.net/ubiquiti/

http://webwereld.nl/cloud/85889-langdurige-storing-outlook-com-blijft-een-mysterie

Starting on 27 March 2015, a very large number of people have found that their Avios balance has been reset to zero. Their list of transactions shows an "Ex-Gratia" deduction of their entire previous balance. Other people are also reporting they are unable to access their accounts at all, with their BAEC number not being Read more about Large numbers of British Airways Executive Club accounts being Locked/Zeroed Out/in Audit (‘Ex-gratia’) due to data breach[…]

ANTLabs InnGate devices are a popular Internet gateway for visitor-based networks. They’re commonly installed in hotels, convention centers and other places that provide temporary guests access to a WiFi connection. If you’ve ever used WiFi in a hotel, you’re familiar with these types of devices as they are typically tied to a specific room number Read more about Hotel routers very insecure[…]

"rowhammer", rapidly writes and rewrites memory to force capacitor errors in DRAM, which can be exploited to gain control of the system. By repeatedly recharging one line of RAM cells, bits in an adjacent line can be altered, thus corrupting the data stored. This corruption can lead to the wrong instructions being executed, or control Read more about Rowhammer allows root access to non-ECC DRAM3 memory machines (laptops)[…]