Security

The company that builds Ubuntu, a popular Linux distribution, has said its forums were hacked Thursday.

Canonical, which develops the operating system, said in a statement on Friday that two million usernames, email addresses, and IP addresses associated with the Ubuntu Forums were taken by an unnamed attacker.

The attacker was able to exploit an SQL injection vulnerability in an add-on used by older vBulletin forum software. That gave the attacker access to the forum's databases, but the company said that only limited user data was accessed and downloaded.

Taiwan is trying to figure out how hackers managed to trick a network of bank ATMs into spitting out millions.

Police said several people wearing masks attacked dozens of ATMs operated by Taiwan's First Bank on Sunday. They spent a few minutes at each of the machines before making off with the equivalent of $2 million stashed in a backpack.

Juniper Networks has fixed several vulnerabilities in the Junos operating system used on its networking and security appliances, including a flaw that could allow hackers to gain administrative access to affected devices.

The most serious vulnerability, rated 9.8 out of 10 in the Common Vulnerability Scoring System, is located in the J-Web interface, which allows administrators to monitor, configure, troubleshoot and manage routers running Junos OS. The issue is an information leak that could allow unauthenticated users to gain admin privileges to the device.

Take note: if I ever proposition you with some free mobile juice via a portable charger, don’t accept.

Over the last month, I’ve created chargers that try to brute force open Android phones by guessing the passcode. Then, with a handy bluetooth chip hidden inside, they let me control the compromised phone’s keyboard from my own Android.

The World Wide Web Consortium has published a "Candidate Recommendation" for Encrypted Media Extensions, a pathway to DRM for streaming video.

A large community of security researchers and public interest groups have been alarmed by the security implications of baking DRM into the HTML5 standard. That's because DRM -- unlike all the other technology that the W3C has ever standardized — enjoys unique legal protection under a tangle of international laws, like the US Digital Millennium Copyright Act, Canada's Bill C-11, and EU laws that implement Article 6 of the EUCD.

Borg-like voice commands from your phone could take control of nearby Android devices using a newly demonstrated voice recognition vulnerability.

Security researchers have discovered a way of hiding voice commands in online videos that could take control of smartphones and tablets.

In a paper, researchers described how a voice recognition feature, such as Google Now, Siri or Cortana can be abused. In a YouTube video, the researchers demonstrated a proof-of-concept attack against an Android smartphone.

Five members of an international money-laundering gang based in London have been jailed after cops unravelled their malware-enabled conspiracy.

The gang, composed exclusively of Russian nationals, was led by a pair of men who were both named Aslan.

The security team of the popular Drupal content management system worked with the maintainers of three third-party modules to fix critical vulnerabilities that could allow attackers to take over websites.

The flaws allow attackers to execute rogue PHP code web servers that host Drupal websites with the RESTWS, Coder or Webform Multiple File Upload modules installed. These modules are not part of Drupal's core, but are used by thousands of websites.

L33tdawg: They missed out CANsee - The automobile intrusion detection system that Jun Li from Qihoo360 presented in May at #HITB2016AMS

A report published by the House Committee on Science, Space and Technology today found that hackers purported to be from China had compromised computers at the Federal Deposit Insurance Corporation repeatedly between 2010 and 2013. Backdoor malware was installed on 12 workstations and 10 servers by attackers—including the workstations of the chairman, chief of staff, and general counsel of FDIC.