BERLIN–In the last few years, there have been a series of DDoS attacks and intrusions on government networks in South Korea that have resulted in the loss of untold amounts of data. The four attacks haven’t been linked together or attributed to the same attackers, but there are some similarities in the methods and results,[...]
Browsing Category: Hacks
WASHINGTON–Security, like a lot of other things, tends to go in phases. A new attack technique is developed, vendors respond with a new defensive technology and then attackers find a way to defeat it. It has always been that way. And right now, things seem to be in one of those periodic down cycles in which the attackers have the upper hand.
A Belgian telecom company that handles some of the undersea cables that carry international voice traffic said Monday that its internal network had been compromised sometime in the last few months and malware had planted on some of its systems. Belgacom said the attack only affected its own systems, and not those of customers, and said it has filed a complaint with the Belgian federal authorities about the incident.
The latest iteration of the Pwn2Own hacking contest, which has run at the CanSecWest conference in Vancouver for several years, will take place at the Japanese version of the conference in November, and the targets will be the most popular mobile platforms.
Dennis Fisher and Mike Mimoso discuss the big stories of the last couple of weeks, including the Syrian Electronic Army’s attacks against the registrar for the New York Times and Twitter, and the release of Facebook’s first transparency report.
A paper presented at USENIX demonstrates how two researchers managed to reverse engineer Dropbox.
Late Tuesday morning, one of the engineers in CloudFlare’s San Francisco office saw a message on Twitter saying that the New York Times Web site was down. Minutes later, more messages appeared, as security researchers and others began looking into the situation and realized that someone may have compromised the site’s DNS records. Understanding the ramifications of that sort of attack, if that’s in fact what it was, Matthew Prince, CloudFlare’s CEO sent an email to Rajiv Pant, the CTO of the Times, saying that the company’s engineers would be available if Pant needed some help figuring out the situation. He did.
The attack that took down the New York Times Web site Tuesday afternoon, along with domains belonging to Twitter and the Huffington Post, was accomplished through the use of compromised credentials belonging to a reseller for the registrar that those companies use to buy their domains.
The Syrian Electronic Army, a group known for attacking high-profile media sites in the last year or so, has in the last few hours compromised the domain information for a large number of sites, including the New York Times home page and some of Twitter’s domains. Security researchers say that the most likely attack vector was the domain registrar used by the companies.
The Food and Drug Administration (FDA) last week issued a series of guidelines regarding the regulation of radio frequency (RF) technology in medical devices, moves that if put into practice, could eventually help shore up the increasingly vulnerable medical device security world.