CeBIT attendees on Thursday fell victims to a series of well-executed hacks. Thankfully, they weren’t malicious in origin; instead, they were live demonstrations by notorious ex-hacker Kevin Mitnick.
Though Mitnick’s hacking skills once earned him a spot on the FBI’s Most Wanted list, he is now a world-renowned security consultant. He and his team of specialists use various methods of intrusion to infiltrate clients - including major Fortune 500 companies – and boast a 100% success rate.
Even though some Android device makers have already rolled out devices with embedded fingerprint sensors that offer users added security features, Google has yet to make it a core security feature for Android. But Google is still working on its own interesting solutions for temporarily killing the need for a PIN on smartphones, as the company has just added new functionality to Android 5.0 Lollipop that’s not only cool, but also very useful.
Cisco's small business SPA300 and SPA500 internet protocol (IP) phones contain a vulnerability that if exploited, allows attackers to remotely listen in on audio from the devices.
The vulnerability was discovered by Chris Watts, director of Tech Analysis in Sydney, along with two others.
Two researchers on Thursday took down the four major browsers, Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari, as Pwn2Own, the annual hacking contest that runs in tandem at CanSecWest, wound down in Vancouver.
The story of the day was Korean researcher Jung Hoon Lee, who worked alone under the name lokihardt and earned the single highest payout for an exploit in the competition’s history, a staggering $110,000 in just two minutes.
Hospitality giant Hilton Hotels & Resorts recently started offering Hilton HHonors Awards members 1,000 free awards points to those who agreed to change their passwords for the online service prior to April 1, 2015, when the company said the change would become mandatory. Ironically, that same campaign led to the discovery of a simple yet powerful flaw in the site that let anyone hijack a Hilton Honors account just by knowing or guessing its valid 9-digit Hilton Honors account number.
In the latest security lapse involving the Internet's widely used encryption system, Google said unauthorized digital certificates have been issued for several of its domains and warned misissued credentials may be impersonating other unnamed sites as well.
Just when it seemed like the controversy surrounding anonymous message posting app Whisper was calming down, the company is facing new accusations. And the app maker is fighting back tooth and nail.
A security startup, Xipiter, has published a long blog post full of scathing allegations about Whisper, including a video that it says demonstrates a security hole it says it found.
Next weekend, voters in the Australian State of New South Wales go to the polls to elect a new government. Some have already cast their votes online, with a system that may be running the FREAK bug.
So say Vanessa Teague and J. Alex Halderman, respectively a research fellow in the Department of Computing and Information Systems at at the University of Melbourne and an assistant professor of computer science and engineering at the University of Michigan and director of Michigan’s Center for Computer Security and Society.
GitHub has been ordered to hand over records on some of its users to taxi-booking app Uber after unsuccessfully challenging a subpoena.
Last month, Uber announced its driver database had been hacked in May 2014, but it had only noticed in September of that year. Uber discovered that a supposedly secret database access key had somehow ended up in a couple of Gists in a public area of GitHub. It's alleged this key was spotted by miscreants who used the key to delve into Uber's internal database of driver names and license plates.
Just over eight months ago, we wrote about a number of arrests relating to cybercrimes against StubHub.
StubHub is an eBay company that deals with what's called "secondary ticketing," brokering the buying and selling of tickets to sporting events, music concerts, theatre shows and more.