UPDATE — The group that claimed responsibility for large-scale distributed denial-of-service attacks against major U.S. banks in September and October has carried out another flurry of attacks that are still ongoing today.
Browsing Category: Hacks
An FBI memo says cyber intruders took advantage of weak credentialing in an industrial control system to gain control of a New Jersey air conditioning company’s heating, ventilation and air conditioning units.
Earlier reports of a planned, sophisticated attack on 30 U.S. banks to siphon millions from fake wire transfers have been vetted by McAfee Labs in a just-released report.
It turns out that some smart TVs are a little too smart for their own good–and the good of users. Some specific models of Samsung TVs that have Wi-Fi and other advanced capabilities have a flaw that enables an attacker to take a variety of actions on the TV, including accessing potentially sensitive data, remote files and information, the drive image and eventually gain root access to the device.
Hacktivist collective Team Ghostshell is claiming this morning to have spilled 1.6 million accounts from a handful of companies in the aerospace, nanotechnology, banking, law, education and government realm, a hack the group deems Project White Fox.The group claims White Fox is its “final stand” this year in a lengthy diatribe posted to Pastebin. The post goes on about internet freedom, espionage and trolling before addressing the actual leak.
When the history of cyberwar is written, 2012 may well be marked down as the year that it all began in earnest. Governments have been attacking one another electronically for decades now, but the last 12 months have seen both the concept and reality of cyberwar elbow their way into the consciousness of the general public through attacks such as Flame, Gauss and Shamoon, and also have seen government officials openly discussing offensive operations and calling out other nations for their extensive attacks on U.S. networks. Now, those same U.S. officials are in the process of developing doctrines for cyberwar operations as way of defining how and when military and government teams can act.
Attacks against massive and proprietary enterprise accounting systems, in particular financial software such as SAP and Oracle, have been few and far between. That changed at this week’s Black Hat Abu Dhabi conference where a pair of researchers presented proof-of-concept code that could change the dynamic of the financially motivated attack landscape.
Highway traffic systems deployed across the United States could be open exploit via what a group of researchers has deemed an “insufficient entropy vulnerability” in the systems’ software.
Security researcher Bogdan Calin found that he could remotely compromise the internal networks of users with default or weak router passwords merely by compelling them to open a legitimate looking email on their iPhone, iPad, or Mac.
UPDATE — DNS hijacking attacks carried out today against the home pages of Google, Yahoo and other high-profile sites in Romania have been traced to an attack on the Romanian Top Level Domain Register, researchers at Kaspersky Lab said.”The altered DNS records propagated from there to different Internet Service Providers’ DNS services, including Google’s,” Kaspersky said in a statement.