Category: Hacking

November 1, 2016
IoTSeeker Scanner Finds Smart Devices With Dumb Credentials
With the Mirai botnet still wreaking havoc, and other IoT botnets appearing, security researchers are looking for ways to discover the insecure devices that are being targeted by attackers before they can be compromised. One such effort is a new scanner that will check networks for devices that are using default credentials, which often are exploited…
Read More →
October 31, 2016
Google Identifies Unpatched Windows Bug Being Used in Attacks
Ten days after informing Microsoft of a serious privilege of escalation vulnerability in Windows, Google researchers have disclosed some limited information about the bug because it is under active attack. The Google researchers discovered the vulnerability earlier this month and sent the details to Microsoft on Oct. 21. The team at Google knew that attackers…
Read More →
October 28, 2016
Congress Pushes Justice Department for Data on Government Hacking
A group of more than 20 members of Congress from both parties is asking the Department of Justice for details about how the government plans to use expanded lawful hacking authority that would come online in December if a proposed change goes into effect. The letter raises a number of questions about the way that changes…
Read More →
October 26, 2016
Senator Asks FCC Whether ISPs Can Block Insecure IoT Devices
Sen. Mark Warner on Tuesday sent a letter to the chairman of the FCC expressing concern about the emergence of the Mirai botnet and asking whether ISPs should have the ability to prevent compromised IoT devices from connecting to their networks. In his letter, Warner (D-Va.) said that the weak security of many embedded devices…
Read More →
October 24, 2016
The Short Dumb Life Of the Internet of Things
We knew it was coming, we knew it would be bad, and we also knew it would be stupid. But just how bad and stupid the Internet of Things has become in its short life has surpassed even the most outrageously pessimistic predictions. Anyone who has been paying any kind of attention to IoT security, such…
Read More →
October 21, 2016
Ancient Privilege Escalation Bug Haunts Linux
Researchers are warning about a serious vulnerability in the Linux kernel that affects essentially all of the current versions of the operating system in use right now. The vulnerability is a local privilege-escalation flaw, which isn’t normally cause for much concern, because an attacker needs local access to a vulnerable device in order to exploit…
Read More →
October 19, 2016
Mirai Source Code Release Leads to Huge Increase in Botnet
When the source code for the malware behind the Mirai botnet was released nearly three weeks ago, security researchers immediately began poring over it to see how the malware worked. Of course, attackers took notice too, and in that time, the number of devices infected by Mirai and associated with the botnet has more than…
Read More →
October 17, 2016
DHS Warns Mirai Malware is Targeting Sierra Wireless Gateways
DHS is warning users that the Mirai malware is infecting wireless gateways sold by Sierra Wireless and using the compromised devices as part of a botnet for DDoS attacks. The Mirai malware has been targeting a variety of embedded devices, especially CCTV cameras, that have default telnet credentials enabled and compromising them. The attackers deploying…
Read More →
October 13, 2016
The Infowar Shaping the Election
Depending upon your definition of the word, this presidential campaign cycle has included perhaps more surprises than any other in recent memory. Leaked videos, tax returns, and other data dumps have turned the 2016 campaign into the first to be defined by a modern information war. Political campaigns by their very nature always have been…
Read More →
October 12, 2016
Vera Bradley Reveals Data Breach at Retail Stores
Vera Bradley, the maker of women’s handbags and accessories, said attackers compromised its payment processing system and were able to steal card data for customers who used cards in the company’s stores from the end of July through late September. The data breach doesn’t affect cards that were used online and the company hasn’t specified…
Read More →