Tag Archives for " hacking "

Hackers Turned an Amazon Echo Into a Spy Bug

Researchers found they could turn the smart speakers into surveillance devices—if they could get their own attack tool on the same Wi-Fi. However, Echo owners shouldn’t panic: the hackers already alerted Amazon to their findings, and the company pushed out security fixes in July.

Source: Hackers Turned an Amazon Echo Into a Spy Bug | WIRED

Fighting cybercrime with A.I.

Cybersecurity start-up Darktrace, which uses artificial intelligence to fight cybercrime against corporations. Its artificial intelligence takes inspiration from something distinctly organic: the way the human immune system fights illness. Its machine learning understands normal patterns of behavior of every user and every device connected to a corporate network.

Source: Billion-dollar start-up Darktrace is fighting cybercrime with A.I.

Hackers Can Turn Body Cameras Into Malware Spewing Machines

Once lauded as tools to enhance police accountability, body cameras have been facing increasing scrutiny from privacy advocates, and now one researcher has identified them as cybersecurity time bombs.

Speaking to Wired ahead of a Def Con presentation, Josh Mitchell, a consultant at the security firm Nuix, demonstrated that many body cameras are vulnerable to hacking, making several different nightmare scenarios possible: officers themselves could be tracked while wearing the cameras, footage could be doctored or deleted entirely, and the cameras could be hijacked to spread ransomware or other malicious code throughout police networks.

Source: Hackers Can Turn Body Cameras Into Malware Spewing Machines, Security Expert Says

Crypto-Security – the Good, the Bad, and the McAfee

If you’ve been following the news over the past few days then you might have noticed our coverage on reported acquisition of unauthorised hacker access to the recently released Bitfi hardware wallet.

There is a burning need for a standardization of security expectations and delivery across different areas of the industry – with a focus on preventing all risks to investors and the public with regards to funds and data sanctity.

Read article: Op-Ed: Crypto-Security – the Good, the Bad, and the McAfee

PayPal, Square vulnerabilities impact mobile point-of-sale machines

Security flaws in mobile point-of-sale (mPOS) devices from vendors including Square, SumUp, iZettle, and PayPal have been disclosed by researchers. Vulnerabilities present in mPOS machines could allow unscrupulous merchants to raid the accounts of customers or attackers to steal credit card data.

Source: PayPal, Square vulnerabilities impact mobile point-of-sale machines | ZDNet

Reddit hack: data held in 2007 exposed

Reddit, the website supporting discussion and content ratings, has confirmed it was subject to a data breach, affecting all data held in 2007 and before and email digests sent in June of this year. “Although it was a serious attack,” said Reddit in a statement, “the attacker did not gain write access to Reddit systems; they gained read-only access to some systems that contained backup data, source code and other logs.” Information involved consisted of: “A complete copy of an old database backup containing very early Reddit user data – from the site’s launch in 2005 through to May 2007.

Source: Reddit hack: data held in 2007 exposed

Decade-old Bluetooth flaw lets hackers steal data passing between devices

Serious error in the in the Bluetooth specification lets hackers to intercept and tamper with data exchanged between vulnerable devices. Attackers can view any exchanged data – including contacts stored on a device, passwords typed on a keyboard, or other sensitive information – and forge keystrokes on a Bluetooth keyboard to open up a command window or malicious website in an outright compromise of the connected phone or computer.

Source: Decade-old Bluetooth flaw lets hackers steal data passing between devices | Ars Technica

Anatomy of a malicious script: how a website can take over your browser

What can a site do to you, or to your device, without your explicit consent? What happens when you visit a slightly “improper” site, or a “proper” site you visited includes some third-party script that hasn’t been thoroughly checked? Has it ever happened to you that your browser gets hijacked and innumerable pop-ups come up, and you seem to be unable to close them without quitting the browser altogether, or clicking 25 times on the “Back” button?  This article looks at what happens under the hood of a script that does exactly that.

Read full article: Anatomy of a malicious script: how a website can take over your browser | CSS-Tricks

All corporate networks ‘highly vulnerable’ to attacks

Corporate Wi-Fi networks and employee mistakes make all corporate networks vulnerable to attacks from hackers, according to Positive Technologies. The report studied 2017 audits of 22 corporate systems belonging to companies across different industries, including IT, finance, retail, and transportation. Positive Technologies researchers were able to gain full control of infrastructure on every corporate networks they attempted to compromise. Only 7% of the systems studied were moderately difficult to access, the report found.

Source: 100% of corporate networks ‘highly vulnerable’ to attacks, here’s how to secure yours – TechRepublic

1 2 3 14
>