Hacks


Man Convicted of Illegally Accessing AT&T Servers by ‘Impersonating’ an iPad

A 27-year-old New York man known online as “Weev” was convicted Tuesday of “impersonating” an iPad in order to gain access to AT&T’s servers and swiping 114,000 email addresses, including some belonging to celebrities.

Andrew Auernheimer faces up to 10 years in prison after being found guilty of conspiracy to access a protected computer without authorization and fraud in connection with personal information.


BROOKLYN, NY–After years of research and investigation into the cyber-espionage attacks that began with the discovery of Stuxnet and continued with Flame, Duqu and Gauss, there still are many details that are unknown. While researchers have a pretty good handle on many of the tools’ capabilities, experts say that there may be other modules from these weapons still in circulation that have yet to be discovered.

Information systems and algorithms designed to personalize online search results will give attackers the ability to influence the information available to their victims in the coming years. Researchers, in turn, must seek ways to fortify these systems against malicious manipulation, according to the Emerging Cyber Threats Report 2013 [PDF], a report released ahead of yesterday’s Georgia Tech Cyber Security Summit 2012.

Adobe is looking into an apparent compromise of one of its sites, the ConnectUsers forum. The company says that it is investigating reports of an attack on the site, which is a community site for users of Adobe’s Connect conferencing software.The reports of the compromise began to surface on Tuesday and Adobe security officials began looking into them, trying to determine whether there actually was an infiltration. It now appears that someone was able to compromise the database associated with the ConnectUsers site. The company has taken the site offline and is resetting passwords for users associated with the site.

UPDATED–A group of customers is suing gaming giant Blizzard Entertainment in connection with a data breach in August that resulted in user email addresses, hashed passwords and other information being stolen by attackers. The suit claims that the company did not do enough to secure users’ accounts before the compromise and that the company now is forcing users to pay for a two-factor authentication system to increase the security on their accounts.

Dennis Fisher talks with Dan Guido, CEO of Trail of Bits and hacker-in-residence at NYU-Poly, about the school’s first mobile security conference, called THREADS, taking place this week in Brooklyn. Part of the college’s Cybersecurity Awareness Week (CSAW), THREADS will include speaker such as Dino Dai Zovi, Guido, Jon Oberheide and Vincenzo Iozzo.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.