hacking

NSA expanded warrantless internet surveillance in attempt to stop hackers

NSA expanded warrantless internet surveillance in attempt to stop hackers

New documents from Edward Snowden have revealed that since 2012, the US's National Security Agency has had an expanded ability to spy on Americans' internet data and communications, with no need to get a warrant. The documents were published in a New York Times article this week, and reveal that the NSA's goal is to find and stop hackers attempting cyberattacks from outside the country. Until now, this program was never disclosed to the public.

Continue Reading

Matchlight searches for stolen data on the darkweb

Matchlight searches for stolen data on the darkweb

Data theft is a big issue. From the hacking of celebrity photos serious data breaches like the recent hacking of the IRS, unsecured data often ends up in the wrong hands and on the dark net. A new data service, Matchlight, launched last week and claims it can trace the source of a data breach all the way through the underbelly of the internet, the dark web.

Continue Reading

IRS hacked; data stolen from over 100,000 taxpayers

IRS hacked; data stolen from over 100,000 taxpayers

Hackers successfully accessed—stole—personal information, including tax return data, from over 100,000 U.S. taxpayers. In a series of attacks that took place from February to mid-May, the hackers utilized the IRS's "Get Transcript" system to access all of the personal information that would be on a tax return, from birthdays and social security numbers to addresses. The motivation behind the attack is, apparently, an extensive plot to claim fraudulent tax returns using stolen identities. According to the IRS, over $5.8 billion USD in fraudulent refunds were sent out in the year 2013, alone.

Continue Reading

MediaTek’s LinkIt ONE developer kit targets makers and hobbyists

MediaTek’s LinkIt ONE developer kit targets makers and hobbyists

MediaTek is dipping its toe in the market for makers and builders. The company recently showed off its newest offering at the Wearable World Congress. MediaTek put together the LinkIt One development kit, which is a reasonably priced ($79 USD) kit designed for entrepreneurs to make devices ready for the Internet of Things (IoT) and wearables. The chip on the board is tiny, only about the size of a fingernail. Its diminutive size leaves space to integrate additional hardware, and its relatively powerful specs would make it a good fit for small devices, like smart coffee makers.

Continue Reading

Raspberry Pi gets an ePaper display screen from PaPiRus

Raspberry Pi gets an ePaper display screen from PaPiRus

Raspberry Pi has practically unlimited possibilities in the hands of talented hackers and makers. Even Silicon Valley giants like Microsoft are realizing Raspberry Pi's potential, as Windows 10 will have support for the DIY developer's board. Now, the same e-ink that has been successfully used in various devices from the original Amazon Kindle to Pebble's smartwatch can be incorporated into Pi creations. Pi Supply is using Kickstarter to crowdfund its PaPiRus HAT, so hackers will now have the choice of an e-ink screen HAT for their mini computers.

Continue Reading

CareFirst health insurer hacked: up to 1.1m customers affected

CareFirst health insurer hacked: up to 1.1m customers affected

Recently we reported that the number of health care providers that have suffered some sort of breach sit at the 90-percent mark (over the last two years), and though some have taken steps to protect their networks, many are still vulnerable. Today it was announced that the health insurer CareFirst had been breached, making it the third in the United States to suffer such an attack (or, at least, to disclose as much). The attack took place in June of last year, and is said to have been sophisticated, affecting up to 1.1 million of the insurer’s customers. The company is based in Maryland but services the Washington DC region.

Continue Reading

Experts say researcher’s in-flight hacking claims are dubious

Experts say researcher’s in-flight hacking claims are dubious

Making headlines yesterday, security researcher Chris Roberts is being investigated by the FBI for claiming the ability to mess with a plane's flight systems from onboard. An ill-received tweet started it all, as Roberts claimed he could hack his flight's oxygen regulation. Roberts went on to tell the FBI that he hacked en-route 15 to 20 times over the several years using his laptop, modified cables, and the in-flight entertainment systems. He even claimed to be able to access engine commands and make his plane move sideways. Industry experts are calling Roberts out on his claims, citing a range of reasons why his claims are dubious, if not impossible.

Continue Reading

Penn State says it was hit with pair of “sophisticated” cyber attacks

Penn State says it was hit with pair of “sophisticated” cyber attacks

Penn State has revealed that it was hit with two major cyber attacks, one of which it determined originated from China. The announcement was made today, with the university saying that it first became aware of the threats on November 21, 2014 after being alerted by the FBI. According to the statement, the FBI alerted the university of a cyber attack taking place on its College of Engineering network. The university is saying that “advanced persistent threat actors” conducted the two cyber attacks, with “at least” one being based in China. The oldest discovered date of intrusion was September of 2012.

Continue Reading

United Airlines is offering 1 million miles in bug bounties

United Airlines is offering 1 million miles in bug bounties

Bug bounty programs are a great way for white-hat security researchers--hackers-- to earn extra cash. The best programs incentivize finding security flaws with cold, hard cash. On the other end of the spectrum, some companies only offer swag in return for finding flaws. A new set of bounties from United Airlines falls squarely in the middle. The company is offering airline miles in return for hunting security flaws. These miles aren't a measly upgrade from economy; you could earn some real travel time for uncovering a serious system flaw.

Continue Reading

Robots are about to replace lockpicking kits

Robots are about to replace lockpicking kits

If you're protecting treasured first edition comic collection with a combination lock, you may want to upgrade your security. traditional combo locks are about to be toast thanks to this new robot. The contraption is the creation of Samy Kamkar, the same hacker who brought us the pocket-sized KeySweeper, capable of sniffing keystrokes from wireless keyboards. With a little help from a 3D-printer and Arduino, Kamkar's device exploits a trick he discovered which allows anyone to crack a Masterlock in eight tries or less. The programmable motor is more efficient than any lock picker, opening the lock in seconds.

Continue Reading

Tesla website, Elon Musk’s Twitter defaced by hackers

Tesla website, Elon Musk’s Twitter defaced by hackers

Even the smartest, most innovative companies fall victim to hackers once in a while, as evidenced by the few hours of difficulty Tesla Motors experienced on their website and Twitter account. Starting sometime between 4:00 and 5:00pm ET on Saturday, hackers took control of the company's official home page, Twitter account, and even founder Elon Musk's Twitter account for a brief time. The profile name on the social networking site's page was changed to #RIPPRGANG during the time control was lost, with tweets promising a free car to anyone who called a certain phone number.

Continue Reading

Here’s how Google Play scans your Android phone

Here’s how Google Play scans your Android phone

Google has a system enacted through Google Play for Android devices called Verify Apps. Google's latest Android Security State of the Union (for the year 2014) includes clarification on what the company is scanning on your phone - both inside Google Play-downloaded apps and in apps you've downloaded elsewhere. Verify Apps scans your phone's apps for security risks in Google Play apps, and Safety Net provides protection for (and from) apps outside of Google Play. Yes, Google Play is scanning your phone - no, it's not something to freak out about.

Continue Reading