United States officials are charging an Iranian hacker in the theft of 1.5 terabytes of data from HBO in May, an attack that tormented network executives and included the release of several unaired programs and scripts.
Behzad Mesri, who went by the pseudonym “Skote Vahshat,” was charged with computer fraud, wire fraud, extortion and identity theft, according to an indictment unsealed Tuesday in United States District Court in Manhattan. But he remains in Iran, and officials acknowledged that it would be difficult to detain him. “He will forever be looking over his shoulder, and if he isn’t, he should be,” Joon H. Kim said at a news conference.
Read moreUber disclosed Tuesday that hackers had stolen 57 million driver and rider accounts and that the company had kept the data breach secret for more than a year after paying a $100,000 ransom.
The deal was arranged by the company’s chief security officer and under the watch of the former chief executive, Travis Kalanick, according to several current and former employees who spoke on the condition of anonymity because the details were private. The security officer, Joe Sullivan, has been fired. Mr. Kalanick was forced out in June, although he remains on Uber’s board. The two hackers stole data about the company’s riders and drivers.
Read moreThe Google Play Store is seeing a wave of malware-infested apps like never before. Four separate security companies have reported — or are preparing to release reports — on malware campaigns currently underway via Android apps available on the Play Store.
Reports published today by Dr.Web, Malwarebytes, and McAfee reveal the presence of three new Android malware families hidden in games and apps uploaded on the Play Store. An ESET spokesperson told Bleeping Computer the company also found a new multi-stage malware strain they're going to detail in a report later today.
Read moreAnyone with a free Amazon Web Services account could have looked at the hoard of information stored in the cloud by the U.S. Defense Department, according to Chris Vickery, a researcher at cybersecurity firm UpGuard who discovered the exposure.
Amazon Web Services is a cloud platform that individuals, businesses and the government use for things like storing data and boosting computing power. Amazon said on its website it is best practice to restrict access to information stored in the cloud to "people that absolutely need it." The military databases hold at least 1.8 billion internet posts scraped from social media, news sites, forums and other publicly available websites, Vickery told.
Read moreThe personal computer of an NSA worker who took government hacking tools and classified documents home with him was infected with a backdoor trojan, unrelated to these tools, that could have been used by criminal hackers to steal the US government files.
The Moscow-based antivirus firm, which has been accused of using its security software to improperly grab NSA hacking tools and classified documents from the NSA worker's home computer and provide them to the Russian government, says the worker had at least 120 other malicious files on his home computer.
Read moreSecurity research firm Rhino Security Labs found a vulnerability in the Amazon Key in-home delivery service's security procedures that could allow either the courier or even a savvy and malicious bystander to enter your home undetected after the delivery is completed.
Amazon has promised to change how Key works in order to make it easier for you to tell when something unusual is happening in this event, but the changes proposed by Amazon don't necessarily resolve the vulnerability. Amazon Key is available to Amazon customers who have bought and installed Amazon's own Cloud Cam security camera and installed it at their front door.
Read moreResearchers are warning users about a wave of recent attacks targeting U.S. financial institutions that leverage a new banking Trojan dubbed IcedID.
The IcedID Trojan was spotted in September. They said the Trojan has several standout techniques and procedures, such as the ability to spread over a network and the ability to monitor a browser’s activity by setting up a local proxy for traffic tunneling. “At this time, the malware targets banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites in the U.S.,” researchers wrote in a report released Monday explaining the discovery.
Read moreMore than 20 million Amazon Echo and Google Home devices are vulnerable to attacks via the BlueBorne Bluetooth vulnerability that was first disclosed back in September.
Security firm Armis said this week that BlueBorne, a Bluetooth-based attack vector that was initially reported as exploitable on phones and PCs with an active Bluetooth connection, is now setting its sights on digital AI assistants. The firm said that both the Amazon Echo and Google Home can be exploited using existing BlueBorne vulnerabilities (of which there are eight in total).
Read moreImagine a plane: large, wings, lots of passengers — you get the picture. And it can be hacked, or so it seems. Such a theoretical possibility has been voiced more than a few times by more than a few people; a plane, like any other modern craft, is after all a network of computers, some of which are connected to the Internet. Now such theorizing seems to have been confirmed in practice.
The claim was made by none other than a representative of the US Department of Homeland Security. In the space of two days, Robert Hickey managed to gain access to the internal systems of an aircraft parked at an airport, without having physical access to the aircraft or any insider assistance.
Read moreJake Williams awoke last April in an Orlando, Fla., hotel where he was leading a training session. Checking Twitter, Mr. Williams, a cybersecurity expert, was dismayed to discover that he had been thrust into the middle of one of the worst security debacles ever to befall American intelligence.
Mr. Williams had written on his company blog about the Shadow Brokers, a mysterious group that had somehow obtained many of the hacking tools the United States used to spy on other countries. Now the group had replied in an angry screed on Twitter. It identified him — correctly — as a former member of the National Security Agency’s hacking group, Tailored Access Operations, or T.A.O., a job he had not publicly disclosed.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland