Islamic militants brag online that it is only a matter of time before they manage to pull off a highly disruptive attack on America’s infrastructure or financial system. In addition, Islamic State that claims to boast openly of plans to establish a "cyber caliphate," which they hope to mount catastrophic hacking and virus attacks on America and the West.
The groups are trying to add to their numbers to boost their capabilities, using social media to reach a larger pool of potential recruits and calling on militant-minded specialists to join them. The targets are the websites of U.S. government agencies, banks, energy companies and transport systems.
Read moreHackers know how to hack a bank account with the help of MITM. About 23% percent of applications, based on Android by means of which people use banking services were hacked. Everything is a bit better with iOS, there are only 14 percent of apps.
According to the research, hackers use such attack as Man-in-the-Middle in order to steal money. Theft happens during the information transfer from the sender to the recipient. A client will be redirected to fake Wi-Fi knot. Everything will happen very quickly and unexpectedly. To achieve their insidious purposes, hackers set network equipment and create their own Wi-Fi. The difference in wireless network does not matter for you.
Read morePopular Gmail service could not resist hacking, which led to the promulgation of a huge addresses database. Recently, the same thing happened with Yandex and Mail.ru. 4 929 090 gmail.com accounts became public. Authenticity has not been confirmed, but it is said about 60 percent of current addresses and passwords.
People perceived this information quite easily, saying that such fraud is not new. This is certainly true, but many users find themselves in the lists of exposed information, then they changed the passwords and began to be more careful to the security of their data. From the fact that bases appear from many services, messages from "Yandex" and Mail.ru are correct, and it is not the result of data leakage.
Read moreIt is known that satoshin@gmx.com is the address, which belongs to the world famous inventor of Bitcoin cryptocurrency. Almost all accounts at forums were attached to this E-mail, but recently strange letters were sent from this address and became suspicious.
Last night the strange letter was sent to the administrator of the Bitcointalk.org forum. In line the sender was genuine address satoshin@gmx .com, but obviously there was not Satoshi's handwriting in the text. The letter contained the following message: "Michael, send some coins to me, until I hired the sniper ". Nakamoto never joked in such a way. A little bit later somebody left the message for the real Nakamoto at P2P Foundation forum.
Read moreAfter determining the most common vulnerabilities, experts decided to test the effectiveness of methods for their detection.
Attacks on the corporate website lead not only to disorganize the work, but they can be the first step for breaking networks of large corporations. According to Positive Technologies, the number of sites with the critical vulnerabilities has been increased significantly. During the test, the aim of which is to determine the level of information security in 2013 and about 500 sites were tested and 61 was studied deeper. Most of the test sites were banking, because the attacks on the field of finance became very common.
Read moreIn order to steal the encrypted keys it is necessary to put a bracelet-digitizer on a hand and to touch to any part of system.
Israeli university experts know how to hack computers and steal data from it by touching. According to the researchers, a usual electric trick gives the chance for a skilled hacker to get access to million encrypted keys, having simply touched the corpus of the personal computer. Receiving the encrypted keys can be used to create hundreds of digital signatures which users all the time use during generation of passwords, signing of contracts, and the most dangerous, at online-payments implementation.
Read moreRussian hackers were able to get access to the accounts of many users. Alexander Grebenshikov and Leo Loktionov, information security specialists told about the presence of a dangerous gap in the Yo messenger.
Experts said that if you update the account login application, the system sends a confirmation code to the mobile number by default, without making sure that it really belongs to the owner of the account. Information security experts explained that on the Yo Password Reset page, one may write any user‘s name and get a link to change the password, by using and entering your own phone number. Alexander Grebenshikov noticed this kind of vulnerability, while Leo Loktionov found a way with the help of which one may get account using the panel of service creators.
Read moreThe FBI is investigating an incident of data theft from JPMorgan Chase & Co. (JPM) that could potentially have been carried out by Russian hackers, Bloomberg reported Thursday, citing sources familiar with the situation.
“The way the Russians do it, to the extent we can see into the process, is they encourage certain targets,” James Lewis, the director of the Strategic Technologies program at the Center for Strategic and International Studies in Washington, was quoted as saying by Bloomberg. “The Russians typically keep open the options to do something more, and the question now is what would trigger that and what would our response be,” he added.
Read moreAs many of you may have already been aware, a breach at Community Health Systems (CHS) affecting an estimated 4.5 million patients was recently revealed. TrustedSec obtained the first details on how the breach occured and new information relating to this breach.
The initial attack vector was through the infamous OpenSSL “heartbleed” vulnerability which led to the compromise of the information. This confirmation of the initial attack vector was obtained from a trusted and anonymous source close to the CHS investigation. Attackers were able to glean user credentials from memory on a CHS Juniper device via the heartbleed vulnerability.
Read moreActivists just got another reason to worry about what spooks might be able to learn about them, with boffins demonstrating that a decent traffic fingerprint can tell an attacker what's going on, even if an app is defended by encryption.
The researchers from the Universities of Padua and Rome have found that for activities like posting messages on a friend's Facebook wall, browsing a profile on a social network, or sending an e-mail, there's no need to decrypt an encrypted data flow. The researchers note that even in the hands of a knowledgeable user there are opportunities for “malicious adversaries willing to trace people … the adversary can still infer a significant amount of information from the properly encrypted traffic.”
Read moreAxarhöfði 14,
110 Reykjavik, Iceland