Security

There are a lot of things Denver is known for being high on --  mostly altitude. Lately, it isn’t just the sticky green political battle that has been gaining attention. It’s the high-altitude antics of our local information security enthusiast Chris Roberts. But, like most highs and hacked aviation systems, this story is bound to plummet into the lifeless, high-desert plains. Why? News agencies are reporting that Chris Roberts, as a passenger, took control of an airplane mid flight by hacking the plane’s entertainment system, and was able to briefly redirect the flight’s course.

Vehicles across an entire car park in Manchester had their locks jammed on Sunday as the apparent result of a botched criminally-motivated hack.

No one at the Manchester Fort Shopping Park, in north Manchester, was able to lock their car's doors on Sunday evening as a result of the attack by persons as-yet unknown.

Manual locking still worked, of course, but even then boots were still unlocked in some cases, leaving motorists little option but to wait by their cars. In addition to leaving cars open, the bungling thieves set off multiple alarms.

Submarine cable and data centre operator Pacnet was breached last month by hackers rummaging through its corporate network accessing emails and administration systems.

Pacent was recently acquired by Australia's Telstra, which today disclosed the breach of a "critical server" and is now informing customers and regulators about the mess.

Tens of thousands of HTTPS-protected websites, mail servers, and other widely used Internet services are vulnerable to a new attack that lets eavesdroppers read and modify data passing through encrypted connections, a team of computer scientists has found.

A version of the open-source PuTTY client has been discovered online which includes an information-stealing Trojan.

According to Symantec researchers, an unofficial version of the open-source Secure Shell (SSH) client PuTTY has been discovered in the wild which may compromise the privacy and safety of developers.

We generally do a good job of protecting the big items in our infrastructures, applications, and frameworks. We can easily see and block the barbarians at the front door. We protect our networks with firewalls and deep packet inspection. We protect open services with code that identifies and blocks known attacks and brute-force attempts. We compartmentalize larger implementations so that a breach or problem in one doesn’t affect the others.

Google’s Project Zero vulnerability research group has drawn some flak recently for its practice of publicly disclosing security flaws in software from other vendors after a 90-day notice period, regardless of whether patches are available or not.

Friday, the company may have gotten a small taste of its own medicine when Polish firm Security Explorations Friday released details on several unpatched vulnerabilities in Google’s cloud software after the Internet giant allegedly failed to respond in a timely manner to the issue.

There’s been growing interest in car hacking in recent years, inspired by researchers showing off exploits in real vehicles, tinkering with Teslas, and uncovering glaring vulnerabilities in third party kit. But criminal hackers could vex drivers in other ways, such as compromising internet-connected, easily hackable parking management systems, according to Spanish researcher Jose Guasch.

Chances are you’ve never cared about any smartphone that Fujitsu has ever released, and with good reason: There’s never been anything close to a noteworthy Fujitsu phone ever. However, the company’s new Arrows NX F-04G Android phone, which it’s releasing in conjunction with Japanese carrier NTT Docomo, is actually worthy of your attention.

The Syrian Electronic Army, the notorious hacking group that has hit several high-profile media companies such as the Associated Press, The New York Times, and CNN, hacked the Washington Post mobile site on Thursday afternoon.

For a brief period of time, visitors to the Post’s mobile site (m.washingtonpost.com) saw pop-up alerts with messages such as “You’ve been hacked by the Syrian Electronic Army.”