Cybercrime & Hacking

Cybercrime & hacking news, trends, analysis and practical advice

uber logo

Hackers exploit router flaws in unusual pharming attack

An email-based attack spotted in Brazil recently exploited security flaws in home routers to allow hackers to change DNS settings.


lenovo

Researchers uncover signs of Superfish-style attacks

Researchers at the Electronic Frontier Foundation found evidence that indicates attackers have exploited a security vulnerability in the Superfish adware and a slew of other programs

Lenovo site hack

Lenovo website hacked in wake of Superfish debacle

Lenovo's website appeared to have been hacked Wednesday, possibly in retaliation for a piece of adware it installed on PCs that was found to have opened up a security hole. Early Wednesday afternoon Pacific time, some visitors...

internet security with lock

Google scrubs Pwnium hack contest

Google has shut down its annual Pwnium hacking contest, which it has held alongside the better-known Pwn2Own challenge each spring since 2012.

Gemalto now says spies didn't get mobile phone encryption keys

SIM card maker Gemalto has dismissed recent reports that U.K. and U.S. spies obtained encryption keys protecting millions of mobile phones.

Hacked, unlocked, unsafe.

Anthem now says 78.8M were affected by breach

The Anthem data breach may have exposed 78.8 million records, according to a more finely tuned estimate by the health insurance company, which is still investigating.

Feds offer $3M reward for Gameover Zeus botnet suspect

Two U.S. government agencies are offering a $3 million reward for information leading to the arrest or conviction of a Russian man suspected serving as an administrator for the destructive Gameover Zeus botnet.

patch bandage band-aid first-aid ouch cure remedy

Critical remote code execution flaw patched in Samba

Security researchers are urging users to install new Samba security updates in order to address a critical vulnerability that allows attackers to execute arbitrary code with root privileges.

Hacking stealing password data.

Many attackers lurk undetected for months, then pounce

Attackers who penetrate company networks often pose as legitimate users for long periods of time, causing lengthy delays before victims figure out they've been hacked.

Burning Man 2014 Burning Embrace

200 virtual line jumpers exploited 'technical backdoor' to score Burning Man tickets

Nearly 80,000 people were waiting in a virtual line queue to purchase 40,000 Burning Man 2015 tickets. About 200 techies allegedly 'exploited' a backdoor in the ticketing system to cut in front of other Burners in line and buy the...

david pegna blog image 1

Creating cybersecurity that thinks

Data science techniques can help security move from reacting to threats after discovery to predicting them.

guard dog cyber attack prevent security

Security experts call for halt to PC 'crapware' after Lenovo debacle

Security professionals want Lenovo -- and other PC makers -- to stop the practice of loading third-party software on new PCs after one such app was found to be vulnerable to abuse by cyber criminals.

Lenovo admits to Superfish SNAFU, plans to release clean-up tool

Lenovo says it "messed up badly" by pre-loading software on some consumer laptops that exposed users to possible attack, and will soon release a tool to remove it.

nsa

Update: Spy agencies hacked SIM card maker's encryption

U.S. and U.K. intelligence agencies reportedly hacked into the computer network of giant SIM card maker Gemalto and took smartphone encryption keys potentially used by customers of hundreds of mobile phone carriers worldwide.

Facebook app for Windows 8.1

Facebook sees challenges in sharing threat data with U.S.

Facebook's new platform for sharing information about security threats is gaining ground, but the idea of passing that information along to law enforcement officials is "fraught with challenges."

north korea hack sony security

Code typo helps tie North Korea to the Sony hack

Security firm CrowdStrike on Tuesday presented another piece of evidence to support the argument that last year's devastating hacking attack on Sony Pictures was carried out by a group with ties to North Korea.

credit card fraud

Russian extradited to U.S. for hacks that stole 160M credit card numbers

A Russian man accused of high-profile cyberattacks on Nasdaq, Dow Jones, Heartland Payment Systems and 7-Eleven has been extradited to the U.S. and appeared in court in Newark, New Jersey, Tuesday. Vladimir Drinkman, 34, of...

DHS cybersecurity staff won’t get paid during shutdown

If Congressional leaders carry through on their threat to shut down the Department of Homeland Security, life for the agency's cybersecurity professionals will be miserable

equation cyberspies

Equation cyberspies use unrivaled, NSA-style techniques to hit Iran, Russia

A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia.

Load More