Security

If you're being charged by Deliveroo for food you did not order, do not ignore it, as a new investigation by BBC One Watchdog has discovered customers being hacked on a large scale.

Launched in 2013, Deliveroo is a company which is enjoying success as a new player in the takeaway industry. You order from local restaurants through a smartphone app, delivery riders jump on their bicycles or scooters and peddle your food to you, most often within the hour.

Senior US senators have expressed concern that the FBI is not being clear about how it intends to use its enhanced powers to spy on American citizens.

Those are the spying powers granted by Congressional inaction over an update to Rule 41 of the Federal Rules of Criminal Procedure. These changes will kick in on December 1 unless they are somehow stopped, and it's highly unlikely they will be challenged as we slide into the Thanksgiving weekend.

Recently released exploit code makes people running fully patched versions of Fedora and other Linux distributions vulnerable to drive-by attacks that can install keyloggers, backdoors, and other types of malware, a security researcher says.

Michele Orru has released an automated phishing toolkit to help penetration testers better exploit businesses.

The well-known FortConsult hacker, better known as Antisnatchor (@antisnatchor), dropped the phishing kit at the Kiwicon hacking event in Wellington New Zealand last week, offering hackers tips to more successfully target businesses through the world's most popular attack vector.

Not every demo at security cons goes off without a hitch: Badass hackers Ryan and Jeremy electrocuted themselves when building what could have been the first device capable of wirelessly exploiting door-opening push buttons.

The pair demonstrated the trial and terror process of building the box at the Kiwicon hacking event in New Zealand last Friday.

Google's recently released Android Nougat-powered Pixel smartphones offer a whole new level of data protection because of their built in encryption capabilities, the company said this week.

In a blog post Google senior software engineers Paul Crowley and Paul Lawrence said the new data security capabilities made Pixel and Pixel XL better, faster and stronger than the company's previous smartphone models.

The perils of leaving computers unattended just got worse, thanks to a newly released exploit tool that takes only 30 seconds to install a privacy-invading backdoor, even when the machine is locked with a strong password.

New technology can drive huge innovation but it also often means new opportunities for cybercriminals to exploit vulnerabilities for financial gain. Unfortunately, it is no different for the automotive industry. By 2020, 150 million connected cars are expected to be on the roads. This offers 150 million plus new targets for cybercriminals keen to hunt down vulnerable data.

Attributing responsibility for a cyber attack is difficult, but important: the difference between being hacked by a teenager and being hacked by a foreign spy agency could be the difference between public acceptance and a hellish world of lawsuits, fines and shattered reputations.

ccording to FireEye CEO Kevin Mandia, speaking at a FireEye roundtable event, it is time for governments and law enforcement agencies to take a leadership role in demystifying this world of attribution.

On Wednesday, a federal judge in Kentucky approved Deric Lostutter’s motion to plead guilty to two of four counts in a hacking case that has been stretched out over four years. As a result, he could face years in prison.