Security

Hackers have already attacked critical infrastructure, but now they're launching campaigns that could have dire consequences. FireEye reported that a plant of an unmentioned nature and location (other firms believe it's in the Middle East) was forced to shut down after a hack targeted its industrial safety system -- it's the first known instance of a breach like this taking place. While the digital assault was clearly serious in and of itself, there are hints that it could have been much worse.

Like any classic hustle, phishing has staying power. The fake emails and texts that lure you into a digital con—Free cruise! Act now!—may not comprise a very technical hack, but the attackers behind them still put a lot of resources and expertise into giving their cons as much authenticity as possible.

Khalil Shreateh, a self-professed IT expert from Palestine, hit the headlines four years ago when he hacked Facebook CEO Mark Zuckerberg’s wall. Shreateh was frustrated that Facebook was ignoring a big security flaw, so demonstrating it on Zuckerberg’s own Facebook wall was an easy way to get the company to act. Shreateh discovered a security flaw in LinkedIn last month, and he reached out to The Verge after becoming frustrated that the company was ignoring his report — just like four years ago.

An alleged computer hacker living in a caravan park on an island off the Kent coast has admitted to stealing customer data from the websites of over a dozen high-profile companies.

Grant West, 25, admitted at Southwark Crown Court Thursday (14 December) to obtaining details of 165,000 Just Eat customers' in a bid to sell them on the so-called 'dark web' for bitcoin.

Attackers have exploited an old WordPress vulnerability to infect more than one thousand websites with malware capable of injecting malvertising and even creating a rogue admin user with full access privileges, according to researchers.

The exploited flaw is specifically found in outdated versions of the WordPress tagDiv Newspaper and Newsmag themes, according to a Dec. 14 blog post by Sucuri security analyst Douglas Santos. (Sucuri explains the vulnerability in further detail in an older report here.)

For almost two weeks, Microsoft quietly forced some Windows 10 computers to install a password manager with a browser plugin that contained a critical vulnerability almost identical to one disclosed 16 months ago that allows websites to steal passwords, a researcher said Friday.

Hackers who may have been working on behalf of a nation recently caused an operational outage at a critical-infrastructure site, researchers said Thursday. The attackers did so by using a novel piece of malware to target the system that prevents health- and life-threatening accidents.

Hacking takes all kinds of forms, and sometimes it’s not personal data that’s at risk but rather sensitive commercial or government data that’s the target. That’s particularly true for companies and agencies that run important public services such as transportation, where information like security protocols could be valuable to certain nefarious parties. That’s what makes the theft of sensitive information from Australia’s Perth Airport so scary, and the arrest of the guilty hacker so encouraging.

Hackers can threaten your smartphone in lots of ways, and if you want (or need) to lock it down completely, ironclad protection gets a little complicated. Fortunately, you can take some quick and easy steps to make big improvements to your mobile security. They don’t eliminate all risk, but they’re a solid baseline for any smartphone owner.

Connected devices are everywhere these days. Routers, speakers, cameras, sensors... If it's electronic, someone makes one that hooks up to the Internet. They don't always put a lot of effort into security, however.

The shoddy state of security on the Internet of Things (IoT) provided hackers with millions and millions new potential targets. Targets that they've attacked on numerous occasions, leading to several major incidents like the Mirai botnet attacks that crippled websites and Internet connectivity around the globe.