A 25-year-old broke into a DoD satellite communication system and doxed around 800 Department of Defense employees. A British man has pleaded guilty to hacking into a US Department of Defense system stealing data from around 30,000 satellite phones.
Sean Caffrey, a 25-year-old from the outskirts of Birmingham, admitted to breaking into a US military communications system on June 15, 2014, stealing "hundreds of user accounts." The hacker stole "ranks, usernames and email addresses of more than 800 users of a satellite communications system, as well as of about 30,000 satellite phones," according to NCA.
Read morePurported CIA documents published by WikiLeaks reveal the US Central Intelligence Agency has been hacking wireless routers for years as part of its surveillance efforts.
The trove of documents released by the anti-privacy publication on Thursday details the CIA’s CherryBlossom project, in which the intelligence agency has compromised Wi-Fi routers in private homes, public spaces, businesses and enterprise environments in order to gather information about specific targets. The project comes from the CIA's elite hacking unit, the Engineering Development Group. The leaked files include installation guides, manuals and other documents.
Read moreHackers allied with the Russian government have devised a cyberweapon that has the potential to be the most disruptive yet against electric systems that Americans depend on for daily life.
The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system — in Ukraine in December. In that incident, the hackers briefly shut down one-fifth of the electric power generated in Kiev. But with modifications, it could be deployed against U.S. electric transmission and distribution systems to devastating effect, said Sergio Caltagirone, director of threat intelligence for Dragos.
Read moreWhen you're a bad guy breaking into a network, the first problem you need to solve is, of course, getting into the remote system and running your malware on it. But once you're there, the next challenge is usually to make sure that your activity is as hard to detect as possible.
Microsoft has detailed a neat technique used by a group in Southeast Asia that abuses legitimate management tools to evade firewalls and other endpoint-based network monitoring. The group, which Microsoft has named PLATINUM, has developed a system for sending files — such as new payloads to run and new versions of their malware — to compromised machines.
Read moreFor the second time in less than three years, Kmart Stores is battling a malware-based security breach of its store credit card processing systems. Last week I began hearing from smaller banks and credit unions who said they strongly suspected another card breach at Kmart.
Some of those institutions received alerts from the credit card companies about batches of stolen cards that all had one thing in comment: They were all used at Kmart locations. Asked to respond to rumors about a card breach, Kmart’s parent company Sears Holdings said some of its payment systems were infected with malicious software.
Read moreThe hacking group that says data they released facilitated the WannaCry ransomware attack has threatened to leak a new wave of hacking tools they claim to have stolen from the US National Security Agency.
The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft’s Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.
Read moreFour researchers from two universities in Germany have devised a method of turning an antivirus engine’s malware scanning engine into an attack weapon. The attack is centered around malware signatures, an old malware identification technique that relies on filters to look for patterns inside the bytes of a file.
These malware signatures are created by malware analysts who study malware samples and create a signature to be used by the antivirus engine. When the AV engine scans a new file, it looks at the malware signature, which tells it to look between bytes X and Y for certain content.
Read moreHajime the IoT worm that's supposedly trying to block rival botnets, including the famous and mighty Mirai, has reportedly compromised some 300,000 devices already. The data shows the impressive magnitude of this worm that was apparently built by a vigilante white hat.
The rapidly spreading IoT worm fights against the likes of Mirai for control of the products, closing off some ports that are normally exploited by it. While this is great news, it's still a worrying fact that such a worm is spreading so fast because the code allows the creator to change its purpose quite easily. This means the hacker has the ability to go from white hat to black hat.
Read moreA group with a Ukrainian top level domain is sending out blackmail threats, using Ashley Madison information. They sent one to me, so here's what to expect: "On May 1 2017 we are launching our new site -- Cheaters Gallery - exposing those who cheat and destroy families. We will launch the site with a big email to all the friends and family of cheaters taken from Facebook, LinkedIn and other social sites. This will include you if do not pay to opting out."
Then they quoted from my AM profile. Give them points for the human touch. The price for "opting out"? About $500 at today's bitcoin value. Of course, they're lying. You can't opt out. The AM data is out on the dark web, accessible by criminals, forever. So even if you pay these guys off, they can come back in a couple of months, posing as a different group -- if they even bother -- and hit you up again.
Read moreWhy bother coding when you can just copy and paste. Whether it's the CIA, or likely Russian hackers, stealing malware from other people happens more than you might think.
Now, there is another notable example of attackers re-purposing hacking tools made by someone else for their own gains. A hacking unit dubbed the Callisto Group allegedly used malware stolen from Italian surveillance company Hacking Team and subsequently dumped online, according to a report from F-Secure. The evidence points "towards this being a group that grabbed the leaked tools, because it was the easiest way," Sean Sullivan, security advisor at F-Secure told.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland