Security

Fifteen years have passed since a couple of MIT grads and a Navy-funded researcher first built The Onion Router, or Tor, a wild experiment in granting anonymity to anyone online. Today, Tor has millions of users. The original project has been endlessly hacked on, broken, and fixed again. While imperfect, it remains the closest thing to a cloak of anonymity for internet users with a high sensitivity to surveillance, without needing serious technical chops. And it’s stronger and more versatile than ever before.

A previously undetected hacker group has netted around $10 million in heists on at least 20 companies, in some cases by targeting the transfer networks banks use to transfer money, a Moscow-based security firm said Monday.

We try. But it's so hard keeping up with password management.

There are so many shopping sites and apps. We want so many things. We only have so much time and patience.

So surveys regularly show that password habits can be dire. Just look at the most common passwords of 2016 and you'll see that "123456" still reigns. Though "123456789" isn't too far behind. What, though, might be people's worst password habits? A new survey by tech consultancy EPC Group offers a little window.

It’s been a while since we’ve seen a a reliable iOS jailbreak. You’d have to go back to iOS 10.2.1 to find a working version that’s widely-known. Since the last working exploit, the jailbreaking community has mostly gone dark, with repositories remaining un-updated (or closed) and a group of once cooperative hackers now at large with both each other and those hungry for future exploits.

Our own Abhimanyu Ghoshal even penned a piece to signify the cat and mouse game between exploit-hunting hackers and Apple developers was, well, pretty much over.

Hackers are looking to exploit the surging interest and value in Bitcoin by targeting traders with a fake advertisement for a bitcoin trading bot called Gunbot, researchers have found. However, the advertisement actually spreads the malicious Orcus remote access trojan (RAT) to steal bitcoin.

Bitcoin is currently the talk of the town as it continues to grow in acceptance, and has soared in value. At the time of publication, 1 BTC is worth $16,116 (£12,035).

Any self-respecting paranoiac long ago taped over the webcam on their laptop—and for good measure, the cameras on their smartphone too. But for those truly concerned that their computers have been hacked and turned into spy tools, the microphones on those devices represent just as much of a security threat as the cameras. They would allow a hacked gadget to bug an entire room.

The good news for the targets of highly sophisticated cyberspies? There’s a practical fix for that audio espionage problem. The bad news: It requires some surgery.

One of Amazon's top-selling electronic gun safes contains a critical vulnerability that allows it to be opened by virtually anyone, even when they don't know the password.

Apple has released a security update to address nearly two dozen vulnerabilities in macOS High Sierra.

The update comes little more than a week after Apple had to kick out an emergency fix to close up a glaring hole in macOS that allowed anyone with access to a Mac (either in person or remote) to bypass the login screen and act as a root account.

In November, the CEO of Uber revealed that the company had paid a hacker $100,000 to delete data obtained from a 2016 breach in which 57 million Uber customers' and drivers' names, email addresses, and phone numbers were exposed. But the company did not reveal who the hacker was or how the payment was made.

A new survey by LNS Research on behalf of Honeywell shows that industrial sector networks are still playing catch-up in cybersecurity.

While more than half of the 130 decision-makers from industrial organizations in the survey say they work in a facility that has suffered a breach, just 37% of the respondents say their organizations monitor networks for suspicious activity and traffic.