Browsing Category: Hacks

Inside the Response to the New York Times Attack

Late Tuesday morning, one of the engineers in CloudFlare’s San Francisco office saw a message on Twitter saying that the New York Times Web site was down. Minutes later, more messages appeared, as security researchers and others began looking into the situation and realized that someone may have compromised the site’s DNS records. Understanding the ramifications of that sort of attack, if that’s in fact what it was, Matthew Prince, CloudFlare’s CEO sent an email to Rajiv Pant, the CTO of the Times, saying that the company’s engineers would be available if Pant needed some help figuring out the situation. He did.

Read more...

Registrar Hack at Root of NY Times and Twitter Attacks

Categories: Hacks, Web Security

The attack that took down the New York Times Web site Tuesday afternoon, along with domains belonging to Twitter and the Huffington Post, was accomplished through the use of compromised credentials belonging to a reseller for the registrar that those companies use to buy their domains.

Read more...

Syrian Electronic Army Hack Results in Compromise of Domain Data For NY Times, Twitter

Categories: Hacks, Web Security

The Syrian Electronic Army, a group known for attacking high-profile media sites in the last year or so, has in the last few hours compromised the domain information for a large number of sites, including the New York Times home page and some of Twitter’s domains. Security researchers say that the most likely attack vector was the domain registrar used by the companies.

Read more...

FDA Issues Recommendations on the Security of Wireless Medical Devices

The Food and Drug Administration (FDA) last week issued a series of guidelines regarding the regulation of radio frequency (RF) technology in medical devices, moves that if put into practice, could eventually help shore up the increasingly vulnerable medical device security world.

Read more...

Twitter OAuth Data Leaked From Third-Party App

An attacker, who may have gotten the information from the database of a third party, claims to have access to the OAuth login tokens and secrets for every Twitter user. He has posted more than 15,000 of the entries online and claims that he can now access the account of any user he wishes. Twitter officials, however, say no accounts have been compromised.

Read more...