hack

US Postal Service employee, customer details hacked

US Postal Service employee, customer details hacked

If you thought only retail chains like Home Depot and Target or commercial services like Apple's iCloud are the only victims of data breaches, better thinking again and rethink your outlook on personal information security. The US Postal Service has just disclosed that it was the target of a cybercrime that compromised personal information stored in its databases. But unlike other data breaches, this one actually didn't affect customers as much as it did the USPS' own employees, with attackers able to run off with critical pieces of information.

Continue Reading

Darkhotel hack targets hotel WiFi – but staying safe is easy

Darkhotel hack targets hotel WiFi – but staying safe is easy

A four year campaign to steal data from high-power targets like CEOs and R&D specialists has taken advantage of compromised hotel WiFi, a research firm claims today, taking advantage of overly trusting guests to strip as much information as possible. The so-called "Darkhotels" exploit focused on guests at luxury hotels, Kaspersky says, with hackers predominantly in the Asia Pacific region using fake software installers to open a backdoor into travelers' laptops. That backdoor is then used to load a full complement of tools that can be used to yank as much sensitive data as possible.

Continue Reading

New ‘Masque Attack’ iOS phishing vulnerability sideloads apps

New ‘Masque Attack’ iOS phishing vulnerability sideloads apps

On the heels of WireLurker, a new iOS threat has been discovered. This one, called Masque attack, could be a lot more problematic, too. While the previously discovered WireLurker vulnerability required users to be tethered to a Mac before anything nefarious could happen, Masque Attack is one that occurs in-app. Discovered by security research firm FireEye, Masque Attack could pose a much bigger risk to anyone using apps that didn’t come pre-loaded on their iPhone, iPod, or iPad.

Continue Reading

Home Depot hack gets worse; email addresses stolen, too

Home Depot hack gets worse; email addresses stolen, too

If you were wondering how The Home Depot was hacked, we’ve got the gritty details. The Atlanta-based home improvement store says they fell victim to the same vulnerability Target did: a third-party vendor. A vendor/partner of The Home Depot was hacked, and their password stolen. From there, hackers went after the bigger fish in Home Depot. Originally thought to have compromised roughly 56 million credit card numbers, it seems about 53 million email addresses were pinched as well.

Continue Reading

Apple blocks WireLurker iPhone malware apps

Apple blocks WireLurker iPhone malware apps

Apple has blocked the suspect apps behind the WireLurker malware discovered targeting iPhone users in China, effectively minimizing the likelihood of casual infections. The exploit made headlines yesterday for its supposed virulence, watching out for iOS devices being connected to compromised Macs and then grabbing data from them. According to Apple, however, the issue has already been addressed for the most part, while a little common-sense could prevent anyone still at risk from succumbing.

Continue Reading

Samsung clarifies Find My Mobile vulnerability

Samsung clarifies Find My Mobile vulnerability

Samsung has broken its silence regarding a reported security exploit that exists in its Find My Mobile service. That security hole could have potentially let hackers remotely lock, unlock, and ring a targeted device from Samsung's web service. Scary as that may sound, the OEM insists that not only would the hackers be limited to only those three actions, it would require a specific set of circumstances for the exploit to be used, which hopefully leaves majority of users unaffected and out of harm's way.

Continue Reading

Oops: Apple Pay arch-rival CurrentC has already lost users’ info

Oops: Apple Pay arch-rival CurrentC has already lost users’ info

Apple Pay rival CurrentC is already spilling customer data, despite the mobile payments system only being available in a limited pilot program, according to an email sent out to partners. According to the message, which began hitting inboxes earlier today, the big-retailer backed venture to replace credit cards has seen email addresses of some of its early users acquired by unnamed hackers. However, CurrentC insists that it's only been those contact details and not payment information that has been taken.

Continue Reading

Samsung Find My Mobile reported to be vulnerable to attack

Samsung Find My Mobile reported to be vulnerable to attack

One of the biggest objections that detractors of the kill switch have against the theft deterrent measure is that the feature could be used for good or for ill, depending on who holds the power. Those fears might have just materialized with the discovery that Samsung's Find My Mobile feature, which lets users remotely lock or unlock their devices in case of loss or theft, can easily be broken into, giving hackers the power to remotely control access to a victim's Samsung Galaxy smartphone.

Continue Reading

Facebook proactively searching for compromised user data

Facebook proactively searching for compromised user data

We see it a lot lately — some hacker makes a big data grab, then dumps the info in a dark corner of the web. The most recent victim of polarizing headlines about compromised data has been Dropbox. While claiming the username/password combinations taken were dated, they still faced a lot of furrowed brows at the data grab. Securing your own servers is a smart measure, but Facebook — perhaps the biggest data fish in the sea — is taking it a step further, and has taken to hunting in the deep waters.

Continue Reading

Millions of Dropbox credentials hacked from 3rd party services [UPDATE]

Millions of Dropbox credentials hacked from 3rd party services [UPDATE]

Just when you though Dropbox was in the clear, a storm suddenly rises to dump a rain of worries on the service's millions of users. As much as 7 million usernames and their corresponding passwords have reportedly been accessed, with a few of them "teased" with a pastebin posting. This incident comes shortly on the heels of yesterday's revelation of a bug in Dropbox's desktop client that lead to some data loss. Considering passwords are involved, this new development, however, has more frightening consequences.

Continue Reading

Prev 1 2 3 4 5 6 7 8 9 Next