hacking

US government warns: Stop filling plastic bags with gasoline

US government warns: Stop filling plastic bags with gasoline

The United States Consumer Product Safety Commission was put in a position this week where they needed to issue a warning to citizens. May 12, 2021, at 9AM, the USCPSC released a warning: "Do not fill plastic bags with gasoline." The followed up with another warning: "Use only containers approved for fuel." Why, you might wonder, would anyone EVER fill a plastic bag full of gasoline?

Continue Reading

New WiFi Frag Attacks and one simple way to be safe

New WiFi Frag Attacks and one simple way to be safe

A bit of research was published this week about a security issue now called Frag Attacks. It's a security issue that apparently could be gone by now, if companies that use or associate with WiFi internet connectivity made the effort to update their protocols and keep their hardware up-to-date, but here we are. Security researchers in Belgium revealed the vulnerabilities and showed how some of these insecure bits have been insecure for the last two decades (or more!)

Continue Reading

Colonial Pipeline hack: Gas woes loom as feds take emergency steps

Colonial Pipeline hack: Gas woes loom as feds take emergency steps

A huge cyberattack that has taken four key fuel pipelines into the US offline has prompted emergency steps by the US government, amid warnings that the key infrastructure could be offline until the end of the week or beyond. The hack of Colonial Pipeline on May 7 saw ransomware installed on the company's systems, with the FBI already pinpointing DarkSide as responsible for the unexpected shutdown.

Continue Reading

App Store XCodeGhost malware details revealed in Fortnite trial

App Store XCodeGhost malware details revealed in Fortnite trial

It's not unusual for companies to experience data breaches that put their customers at risk. When that company happens to own the one and only sanction app store for its platform, however, then it becomes a rather scary prospect. That is always one of the risks of Apple's App Store when the tools used to upload apps are themselves infected with malware, which is what happened almost six years ago with the XCodeGhost incident whose details are only surfacing now thanks to a lawsuit involving Fortnite of all things.

Continue Reading

Apple AirTag can be hacked but it’s not as bad as it sounds

Apple AirTag can be hacked but it’s not as bad as it sounds

Given its hard stance on security and privacy, it's really no surprise that Apple's latest accessories are being put under a microscope, both technically and even legally by the likes of Tile. The AirTag trackers, after all, are in a prime position to become spying tools and some hackers and security researchers seem to want to test whether that will indeed be the case. Based on a revelation over the weekend, the AirTag could indeed be reprogrammed but the process and the end result might not yet be worth the worry.

Continue Reading

Qualcomm Snapdragon 5G modem flaw puts Android users at risk

Qualcomm Snapdragon 5G modem flaw puts Android users at risk

Manufacturers and network operators have been pushing 5G technology hard, even throughout a pandemic that forced some industries to stall for a while. Now it seems, however, that one of the most critical pieces of hardware that enables that technology for users might be putting them at risk as well. Qualcomm's 5G modem reportedly has a very severe flaw that can be exploited through Android, putting potentially hundreds of thousands of users at risk.

Continue Reading

Passwordstate breach pushes malicious update to password manager

Passwordstate breach pushes malicious update to password manager

Given how weak passwords are, many security specialists recommend using a password manager to generate strong passwords and store their indecipherable sequences for you. The problem, however, is when bad things happen to these password managers themselves, giving their users a headache or a scare. Last February saw the popular LastPass suddenly limit its free tier, much to the chagrin of many of its users. Now enterprise password manager Passwordstate is reporting a security breach that may have infected customers with a data-stealing malicious update.

Continue Reading

Qlocker ransomware attack leverages 7zip to plague users of QNAP devices

Qlocker ransomware attack leverages 7zip to plague users of QNAP devices

A major ransomware attack has been underway this week that is targeting users of QNAP devices. The attack takes user files and stores them in password-protected 7zip archives demanding money to return the files. The ransomware behind the attacks is Qlocker, and it began targeting QNAP devices on April 19.

Continue Reading

New MacBook Pro port details leak after Apple supplier hack

New MacBook Pro port details leak after Apple supplier hack

A ransomware gang suggests this week that they've broken past security of the Apple contractor Quanta. They've suggested that they're holding secret and/or private information hostage, including data and drawings on a pair of Apple products that have not yet been released to the public. One of these items appears to be a new MacBook Pro, likely set for release in the year 2021. Specifications indicated in one drawing say MacBook Pro 2021 could have more ports than it's had in a number of years - which is good.

Continue Reading

Signal drops a bomb on the phone hack tool used by law enforcement

Signal drops a bomb on the phone hack tool used by law enforcement

Signal has surreptitiously declared war on smartphone data extraction tool Cellebrite, dropping heavy hints that it will update its secure messaging app in a way that could compromise any law enforcement use of the controversial analyzer. Cellebrite offers one of a number of data analysis devices - also known as phone hackers - which promise to pull out messaging logs, call and SIM records, and more from iPhone and Android handsets.

Continue Reading

Nintendo adds copyright lawsuit against Switch hacker Bowser

Nintendo adds copyright lawsuit against Switch hacker Bowser

With a surname like "Bowser", many would probably presume you'd grow up to be a fan of Nintendo's products and franchises. For hacker Gary Bowser, however, that love may have manifested in an ironic way. Accused of being the mastermind behind the Team Xecuter hacking group, Bowser and a colleague were arrested and charged last year with 11 felony counts over the sale of Nintendo hacking tools. Nintendo has now added trafficking and copyright violation charges in an attempt to finally put a stop to what it has labeled as an international pirate ring.

Continue Reading

Exposed Clubhouse user data raises privacy questions

Exposed Clubhouse user data raises privacy questions

There seems to be a spate of incidents in the recent weeks where large social networks had their database simply scraped, not hacked, to expose user records that were then distributed in hacker forums. At first, it seemed that Clubhouse, the budding audio-centric network, was the victim of such activity but the company denied that was the case. Unfortunately, its explanation for what really happened raised more questions than it answered, causing concerns about the way it is handling the security and integrity of its own official access points.

Continue Reading

1 2 3 4 Next