Tags hacked

It Has Been Zero Days Since the US Government Was Last Hacked

Same as it ever was. [August 6, 2015]

Read more...











Comments Off on It Has Been Zero Days Since the US Government Was Last Hacked

Photo

Matt Novak on Paleofuture, shared by Alissa Walker to Gizmodo

August 6th

Uncategorized

Delta’s Facebook Page Just Wants To Talk About Bl0wjobs Right Now

Delta, Delta, Delta. The Jan Brady of airlines has fucked up again. Someone has hacked Delta's Facebook page and is posting about blowjobs and worms. (No word yet on whether the hacker is a group of 13-year-old boys at a sleepover.)

Read more...








Comments Off on Delta’s Facebook Page Just Wants To Talk About Bl0wjobs Right Now

Photo

Kate Knibbs

February 10th

Uncategorized

iPhone 5s, Samsung Galaxy S5 and Nexus 5 hacked at Pwn2Own

A man holds a new Apple iPhone 5S next to his iPhone 5 at an Apple Store at Tokyo's Ginza shopping district

HP’s annual two-day Mobile Pwn2Own competition came to a close this afternoon, with a group of veteran security researchers and other competitors able to compromise several flagship smartphones across the top-three mobile operating systems: iOS, Android and Windows Phone. The devices that were exploited include the iPhone 5s, Samsung Galaxy S5, Nexus 5, Amazon Fire Phone and Nokia Lumia 1520.

The first day of the competition was highly successful, with five teams, five targeted devices and five successful attempts. A total of nine bugs were discovered and immediately disclosed to and confirmed by the Zero Day Initiative, in order for smartphone vendors to patch their mobile operating systems to close vulnerabilities that allow for things like the iOS 8 untethered jailbreak Pangu and malware attacks.

A team of South Korean competition veterans were able to come across a two-bug combination in iOS that compromised the iPhone 5s through the Safari browser. One of the bugs was able to execute a full Safari sandbox escape, making it possible for the security researchers to gain full control of the system. The security flaw was immediately disclosed to Apple by the Zero Day Initiative.

HP Pwn2Own 2014

The second contest involved two successful attempts against compromising the Samsung Galaxy S5. The first vulnerability, which “used NFC as a vector trigger a deserialization issue in certain code specific to Samsung,” was discovered by Japan’s team MSBD on day one of the competition. Jon Butler of South Africa’s MWR InfoSecurity also hacked the Samsung Galaxy S5 with an NFC focus.

Later during the first day of competition, Adam Laurie from UK’s Aperture Labs stepped up his game with a two-bug exploit for the Nexus 5 that involves NFC capabilities. The security bug demonstrated a way for the Nexus 5 to force Bluetooth pairings between two smartphones, presenting a myriad of privacy and security issues if one of the users is a malicious attacker.

The first day was rounded off with a three-bug exploit targeting the Amazon Fire Phone’s web browser by the three-man MWR InfoSecurity team of Kyle Riley, Bernard Wagner, and Tyrone Erasmus. Amazon’s Fire Phone is based on the proprietary Fire OS operating system that is distributed as a fork of Android 4.2.2 Jelly Bean.

The second day of competition was not as successful, given that competitors were only able to obtain partial attacks on the Android and Windows Phone platforms. Competitor Nico Joly tackled the Lumia 1520 with an exploit aimed at the smartphone’s web browser, but was only able to exfiltrate the cookie database and could not break the sandbox to gain full access to the system.

Meanwhile, the final competitor of the second day and event altogether, Pwn2Own veteran Jüri Aedla, was able to present an exploit that involved utilizing Wi-Fi on his Nexus 5 running Android. As with Joly before him, however, Aedla was unable to elevate his system privileges higher than their original level. Afterwards, the event officially came to a close.

Mobile Pwn2Own is a recurring event that resumes at CanSecWest next spring.


Filed under: iOS Devices Tagged: Amazon Fire Phone, Android, competition, hacked, HP, iOS, iPhone 5s, mobile, Nexus 5, Pwn2Own, Samsung GALAXY S5, Windows Phone

Visit 9to5Mac to find more special coverage of iOS Devices, iOS, and Android.

What do you think? Discuss "iPhone 5s, Samsung Galaxy S5 and Nexus 5 hacked at Pwn2Own" with our community.

Comments Off on iPhone 5s, Samsung Galaxy S5 and Nexus 5 hacked at Pwn2Own

Photo

Joe Rossignol

November 14th

Apple

Mac

Mobile

Developer claims Apple is throttling iPhone/iPad data speeds on AT&T, Sprint, & Verizon (but not T-Mobile), posts fixes

test-drive-t-mobile

Joseph Brown, the developer behind the hacked carrier updates floating around for AT&T, Sprint, Verizon, and T-Mobile, just posted a lengthy blog post detailing how he claims “Apple limits devices to even out” the networks of its carrier partners. Specifically, Brown says that Apple is limiting the iPhone 5 to Category 10 (14.4Mbps) HSDPA despite the device’s support for category 24 (42.2Mbps) DC-HSDPA+ and the AT&T network supporting up to Category 14 (21.1Mbps) HSDPA+:

Here we can see what is quite obvious to, really, anyone at this point from being jerked around so much by carriers. Yes folks, this is throttling coding. When we made the AT&T Hacked Carrier Update, this was the first line of coding to be scrapped when the project started. Immediately, through my testing on an AT&T iPhone 5 and iPad 4th generation, there were significant and noticeable results. There is no argueing or disputing that this is clear evidence you are purposely, 24/7, being throttled, even if you haven’t used more data than your authorized to use or that you’ve purchased with your hard earned money. AT&T users, do you think this is fair?

The theory is that Apple limits the capabilities of the device in order to combat the large amount of data/bandwidth iOS device users consume and ease congestion on carrier networks. Brown found signs of throttling data speeds for Verizon and Sprint too. The only carrier that is apparently not limiting the iPhone 5′s capabilities is T-Mobile.

Brown also says “Apple has band preferences set for T-Mobile and AT&T causing signal issues” that could be easily fixed.

Here’s what Brown found in his analysis of the other carriers:

-AT&T limits HSPA+ and permanently throttles LTE (unless hack is applied)

-Verizon permanently throttles LTE (unless hack is applied)

-Verizon and Sprint throttle down 3G (unless hack is applied)

-Apple has band preferences set for T-Mobile and AT&T causing signal issues (very much fixable by Apple and the carrier and is currently being looked into, from I’ve been told)

(via iClarified)


Comments Off on Developer claims Apple is throttling iPhone/iPad data speeds on AT&T, Sprint, & Verizon (but not T-Mobile), posts fixes

Photo

Jordan Kahn

June 5th

Apple

Mac

Snooki’s Cellphone Gets Hacked, Naked Pictures Get Leaked, Eyeballs Get Hurt [Nsfw]

Someone has allegedly hacked into the cellphone of the beautiful Snooki, the elegant lady who is the beacon of good taste and faithful love in a show called Jersey Shore, the epitome of modern American values. Surprisingly enough, the hacker found naked pictures of her, which obviously were taken by coercion. More »


Comments Off on Snooki’s Cellphone Gets Hacked, Naked Pictures Get Leaked, Eyeballs Get Hurt [Nsfw]

Photo

Jesus Diaz

June 10th

Uncategorized

‘Anonymous’ hacker group releases its own desktop OS [updated]

Notorious hacker group “Anonymous Operations” on Wednesday released the first version of its own desktop operating system. Dubbed Anonymous-OS, the computer platform is built on top of the open-source Linux-based Ubuntu 11.10 operating system, and it also utilizes the open-source Mate desktop environment, The Hacker News reports. It is unclear exactly who is behind the operating system, which comes with a number of tools pre-installed that are apparently Anonymous-approved. Included are Anonymous HOIC, John the Ripper, SQL Poison and more. Version 0.1 of the hacker group’s Anonymous-OS is free and available immediately for download, though readers should obviously exercise caution.

UPDATE: The Anonymous-OS Tumblr blog states that the group’s operating system is “created for educational purposes, to checking the security of web pages,” and the page suggests that users should not “use any tool to destroy any web page.”

UPDATE 2: Anonymous says this OS is fake, not affiliated with their group, and packed with malware.

[Via The Hacker News]

Read

Comments Off on ‘Anonymous’ hacker group releases its own desktop OS [updated]

Photo

Zach Epstein

March 14th

Uncategorized

Hackers tried to extort $50,000 from Symantec after stealing source code

A group of hackers demanded that Symantec pay $50,000 to prevent it from releasing stolen source code for several of the firm’s software titles. Symantec reportedly confirmed that it was cooperating with a sting operation while communicating via email with a group of hackers claiming ties to notorious hacktivist group “Anonymous.” Those ties have not been confirmed. The email conversation was posted to Pastebin on Monday, and a Symantec representative confirmed to CNET that the emails were authentic. Read on for more.

A person identifying him or herself as Yamatough contacted Symantec in January and claimed to be in possession of the company’s proprietary source code for its Norton Antivirus and PCAnywhere software. The hacker provided code samples to prove possession of the code in question, and then demanded a payment of $50,000 to prevent the release of Symantec’s code. Conflicting reports suggest Symantec’s initial actions were not part of a sting, however, and the firm attempted to offer a bribe to the hackers in order to prevent them from releasing the company’s source code.

“In January an individual claiming to be part of the ‘Anonymous’ group attempted to extort a payment from Symantec in exchange for not publicly posting stolen Symantec source code they claimed to have in their possession,” a Symantec spokesperson told CNET in a statement. “Symantec conducted an internal investigation into this incident and also contacted law enforcement given the attempted extortion and apparent theft of intellectual property. The communications with the person(s) attempting to extort the payment from Symantec were part of the law enforcement investigation. Given that the investigation is still ongoing, we are not going to disclose the law enforcement agencies involved and have no additional information to provide.”

Negotiations between Symantec and the hacker reportedly broke down however, culminating with an email on Monday that threatened to release the company’s source code if Symantec didn’t deliver funds within 10 minutes. ”Since no code yet being released and our email communication wasnt also released we give you 10 minutes to decide which way you go,” Yamatough wrote. ”After that two of your codes fly to the moon PCAnywhere and Norton Antivirus totaling 2350MB in size (rar) 10 minutes if no reply from you we consider it a START this time we’ve made mirrors so it will be hard for you to get rid of it.”

The Symatec employee who had been the point of contact with the hacker made an attempt to delay the code’s release, replying with, “We can’t make a decision in ten minutes. We need more time.” Yamatough was apparently unwilling to afford the company more time, however, as a 1.2GB file titled ”Symantec’s pcAnywhere Leaked Source Code” was posted to the Pirate Bay Monday evening. Symantec has not yet confirmed whether or not the code within the file is authentic.

Read

Comments Off on Hackers tried to extort $50,000 from Symantec after stealing source code

Photo

Zach Epstein

February 7th

Uncategorized

RIM puts BlackBerry Playbook on massive sale; Android Market shoehorned onto rooted units

Research in Motion may not have found itself in a coveted spot as 2011 ended, but if it's learned anything from HP, there's a surefire way to rid itself of remaining BlackBerry PlayBook inventory: sell 'em for a loss. After the unloved slate went on sale in its native land, Americans can now save up to $400 on a PlayBook through February 4th. RIM's official webstore is offering the 16GB, 32GB and 64GB model for $299, leaving us to wonder who would ever choose the smaller two if all three remain in stock. In related news, those who take the company up on the offer can now gain access to the Android Market with a few choice moves. The fine folks over at CrackBerry have detailed the process, which requires a rooted PlayBook, WinSCP, the latest version of Cyanogen Google apps and a fair amount of patience. Naturally, not all Android apps will actually work on the device, but it's a lovely hack for a sure-to-be-sluggish week in your workshop. Hit the links below to learn more.

RIM puts BlackBerry Playbook on massive sale; Android Market shoehorned onto rooted units originally appeared on Engadget on Mon, 02 Jan 2012 18:29:00 EDT. Please see our terms for use of feeds.

Permalink Android Central  |  sourceRIM, CrackBerry  | Email this | Comments

Comments Off on RIM puts BlackBerry Playbook on massive sale; Android Market shoehorned onto rooted units

Photo

Darren Murph

January 2nd

Uncategorized

PlayStation Vita shown running Sega Genesis titles (video)

Still mulling whether or not to pick yourself up a PlayStation Vita? Obsessed with retro gaming titles? If you answered "yes" to both, you should probably start socking away a few extra coins, buster. YouTube user frwololo has just upped a video showcasing the Half Byte Loader running the Picodrive emulator on Sony's PS Vita -- the first major proof that this kind of wizardry is indeed a possibility. The nuts and bolts of how it happened are being kept under wraps for now, and he seems certain that Sony's inbuilt security will make the mod unusable as soon as it's released. That said, there's still a lot of hope to be found in the clip just after the break, and c'mon -- who doesn't need a little hope to kick off a year where we're all supposed to perish?

Continue reading PlayStation Vita shown running Sega Genesis titles (video)

PlayStation Vita shown running Sega Genesis titles (video) originally appeared on Engadget on Mon, 02 Jan 2012 13:39:00 EDT. Please see our terms for use of feeds.

Permalink SlashGear  |  sourceWololo, frwololo (YouTube)  | Email this | Comments

Comments Off on PlayStation Vita shown running Sega Genesis titles (video)

Photo

Darren Murph

January 2nd

Uncategorized

Gamers beware: Steam’s database hacked, including encrypted credit card information and passwords

Popular game platform Steam, owned by Valve, has been hacked (via PC Gamer). Hackers were able to get into a Steam database, which included encrypted credit card information and passwords of many of its users. Steam isn’t sure at this point if the encryption of the credit card numbers or passwords have been obtained, but warns users to be on the look out for malicious activity. Steam’s Gabe Newell said in a statement to users:

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked.”

Steam is currently keeping their forums closed down while they investigate the situation. The Steam platform hasn’t been knocked down, however. Gabe’s full statement after the break:

Dear Steam Users and Steam Forum Users,

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked. We are still investigating.

We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.

While we only know of a few forum accounts that have been compromised, all forum users will be required to change their passwords the next time they login. If you have used your Steam forum password on other accounts you should change those passwords as well.

We do not know of any compromised Steam accounts, so we are not planning to force a change of Steam account passwords (which are separate from forum passwords). However, it wouldn’t be a bad idea to change that as well, especially if it is the same as your Steam forum account password.

We will reopen the forums as soon as we can.

I am truly sorry this happened, and I apologize for the inconvenience.

Gabe.



Comments Off on Gamers beware: Steam’s database hacked, including encrypted credit card information and passwords

Photo

Jake Smith

November 11th

Uncategorized
line
February 2016
M T W T F S S
« Jan    
1234567
891011121314
15161718192021
22232425262728
29