"rowhammer", rapidly writes and rewrites memory to force capacitor errors in DRAM, which can be exploited to gain control of the system. By repeatedly recharging one line of RAM cells, bits in an adjacent line can be altered, thus corrupting the data stored. This corruption can lead to the wrong instructions being executed, or control Read more about Rowhammer allows root access to non-ECC DRAM3 memory machines (laptops)[…]
The superfish software shipped with Lenovo laptops can intercept and redirect your secure browsing sessions (eg to your bank) so that third parties can hijack them. You can test to see if your Lenovo product is infected, how to do so is included in the link below. It can also be removed, again instructions in Read more about Lenovo ships laptops with man in the middle spyware on it[…]
By learning about the habits of co-workers in over 100 financial institutions, mainly in Russia, the hackers infected computers using spear fishing techniques. They upped the balance of accounts and transferred away the excess money. They also programmed PIN machines to spit out money at specified times. Hackers stelen 1 miljard dollar bij 'grootste bankroof Read more about Hackers steal 1 billions dollars over 2 years time in greatest heist ever[…]
Luxury car manufacturer BMW has rolled out a patch for a security flaw that could have allowed hackers to open the doors of some 2.2 million vehicles. The issue affects BMW, Mini and Rolls Royce models that come equipped with ConnectedDrive – a technology that allows car owners to access internet, navigation and other services Read more about BMW finally fixes 1/2 year old flaw that lets anyone open windows and doors[…]
Anthem, the US’s second biggest health insurer with about 70 million people on its books across the country, admitted late on Wednesday, Pacific time, that it has been comprehensively ransacked by criminals. Tens of millions of records are likely to have been obtained illegally as a result of the hack, Anthem warned http://www.theregister.co.uk/2015/02/05/anthem_hacked/
All CPUs emit electromagnetic signals when they are performing tasks, and the first thing these researchers discovered was that binary ones and zeroes emit different levels. The second thing they discovered is that electromagnetic radiation is also emitted by the voltage fluctuations and that it can be read from up to six meters away. These Read more about Airgap attack from 6 metres by reading your CPU electromagnetic signals[…]
Rahul Sasi will present a way to hijack a Parrot drone without using any authentication. nullcon – Rahul Sasi.
KeySweeper is a stealthy Arduino-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back all keystrokes from any Microsoft wireless keyboards (which use a proprietary 2.4GHz RF protocol) in the area. Keystrokes are sent back to the KeySweeper operator over the Internet via an optional GSM Read more about KeySweeper – a DIY usb wall charger that logs keystrokes from MS wireless keyboards[…]
C3TV – 31C3: a new dawn.
Gefahren von Kameras für (biometrische) Authentifizierungsverfahren [31c3] von starbug/Jan Krissler – YouTube.
World's Biggest Data Breaches – Static | Information Is Beautiful.
Staples believes that point-of-sale systems at 115 Staples locations were infected with malware that thieves may have used to steal customers’ names, payment card numbers, expiration dates and card verification codes, Staples said on Friday. At all but two of those stores, the malware would have had access to customer data for purchases made between Read more about Staples: Breach may have affected 1.16 million customers’ cards[…]
The data dump, which was reviewed extensively by BuzzFeed News, includes employee criminal background checks, salary negotiations, and doctors’ letters explaining the medical rationale for leaves of absence. There are spreadsheets containing the salaries of 6,800 global employees, along with Social Security numbers for 3,500 U.S. staff. And there is extensive documentation of the company’s Read more about Sony Data Breach gets worse and worse[…]
Excel and Word documents plainly expose thousands of computer log-in, financial, and web services passwords, including the Facebook, Twitter, YouTube, and MySpace passwords for hundreds of major motion picture accounts. via It Gets Worse: The Newest Sony Data Breach Exposes Thousands Of Passwords – BuzzFeed News. Oh dear, Sony is really hammering themselves on this Read more about The Newest Sony Data Breach Exposes Thousands Of Passwords[…]
The South Korean government is considering a complete overhaul of its national identity number computer system – after hackers comprehensively ransacked it and now hold the ID codes for as much as 80 per cent of the population. Each South Korean citizen is issued with a lifetime unique ID number. This number is used in Read more about Hackers own 80% of all South Korean ID data[…]
Authy provides you Strong Authentication for your daily apps like Facebook, Dropbox, Evernote, AWS, Outlook and many others. You can use Authy to keep safe of hacking & phishing attacks easy & quickly. It runs on Apple, Android, Blackberry, OS X, Windows and Linux. It also works when you’re offline. via Two-Factor Authentication App | Read more about Two-Factor Authentication App | Authy[…]
Viator.com | Viator News & Press Releases.
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, Read more about Bash broken – ShellShock[…]
Wonderful and funny story Why this tiny Italian restaurant gives a discount for bad Yelp reviews | Ars Technica.
Security is een ambacht, hackers zijn vaak hun hele leven al bezig om systemen en applicaties te testen, maar evenals bij een goede ICT beheerder is een kenmerk van een hacker dat men liever routineuze taken zal automatiseren (scripten). In de begindagen van het web hadden hackers veelal hun eigen collecties van scripts en werden Read more about De gereedschapskist van de hacker | Workshop Security en Privacy[…]
The software first brute forces an icloud username / password, then tricks icloud into thinking your device is the target device and finally performs a full restore to your device. This software is supposed to be for law enforcement, but can be bought and downloaded by anyone. There are also illegal copies to be found. Read more about The Police Tool That Pervs Use to Steal Nude Pics From Apple’s iCloud[…]
In laboratory tests, the team was able to successfully conceal firearms and plastic explosive simulants from the Rapiscan Secure 1000 scanner. The team was also able to modify the scanner operating software so it presents an “all-clear” image to the operator even when contraband was detected via Researchers find security flaws in backscatter X-ray scanners Read more about Researchers find security flaws in backscatter X-ray scanners[…]
The United Parcel Service announced Wednesday that customers’ credit and debit card information at 51 franchises in 24 states may have been compromised. There are 4,470 franchised center locations throughout the U.S., according to UPS. via UPS: We’ve Been Hacked – TIME. So you don’t know when UPS found out about the hack, but if Read more about UPS: We’ve Been Hacked – Credit Card data compromised since January[…]
Turns out that huge amounts of them are apt to input validation and SSL hacks. This is caused by poor programming practices, which the government does better at avoiding than private companies. Banking apps: Handy, can grab all your money… and RIDDLED with coding flaws • The Register.
The lights use a wireless radio at 900MHz or 5.8GHz to transmit data to each other. They are all on the same subnet. Entering the network doesn’t require a password and the data is unencrypted. The controller for a network has a debug port opened by default. It’s thus easy to get into the controller Read more about It’s very easy to hack traffic lights[…]