A ransomware strain has been making a pretty penny by opening its doors to unskilled hackers.
Security firm Check Point gained a rare look at the inner workings of the Cerber ransomware and found that its developers are building a network of partners to attack more targets -- and rake in more cash.
Check Point also warned that because of Cerber, more unskilled cybercriminals might choose to participate in ransomware schemes.
"Even the most novice hacker can easily reach out in closed forums to obtain an undetected ransomware variant," it said in a new report.To read this article in full or to leave a comment, please click here
An anonymous group claims to have stolen hacking tools that might belong to the National Security Agency and is auctioning them off to the highest bidder.It’s a pretty bold claim, but the hackers have offered sample files, and some security researchers say they appear to contain legitimate exploits.The files were allegedly stolen from the Equation Group, a top cyberespionage team that may have links to the NSA.The Equation Group is known to use some of the most advanced malware and probably helped develop the infamous Stuxnet computer worm, according to security firm Kaspersky Lab.To read this article in full or to leave a comment, please click here
An anonymous group claims to have stolen hacking tools that might belong to the National Security Agency and is auctioning them off to the highest bidder.It’s a pretty bold claim, but the hackers have offered sample files, and some security researchers say they appear to contain legitimate exploits.The files were allegedly stolen from the Equation Group, a top cyberespionage team that may have links to the NSA.The Equation Group is known to use some of the most advanced malware and probably helped develop the infamous Stuxnet computer worm, according to security firm Kaspersky Lab.To read this article in full or to leave a comment, please click here
The hacker who claims to have breached the Democratic National Committee’s computers is now taking credit for hacking confidential files from a related campaign group.Guccifer 2.0 alleged on Friday that he also attacked the servers of the Democractic Congressional Campaign Committee (DCCC). He posted some of the purported files on his blog, and is promising journalists "exclusive materials" if they contact him directly.Although Guccifer 2.0 claims to be a lone hacktivist, some security experts believe he's actually a persona created by Russian government hackers who want to influence the U.S. presidential election.To read this article in full or to leave a comment, please click here
The hacker who claims to have breached the Democratic National Committee’s computers is now taking credit for hacking confidential files from a related campaign group.Guccifer 2.0 alleged on Friday that he also attacked the servers of the Democractic Congressional Campaign Committee (DCCC). He posted some of the purported files on his blog, and is promising journalists "exclusive materials" if they contact him directly.Although Guccifer 2.0 claims to be a lone hacktivist, some security experts believe he's actually a persona created by Russian government hackers who want to influence the U.S. presidential election.To read this article in full or to leave a comment, please click here
Researchers have found a way to steal a PC’s data by using the mechanical noise coming from the hard disk drives inside.It’s not a very practical hack, but the scheme has been designed for “air-gapped” systems, or computers that have been sectioned off from the Internet.The researchers at Ben-Gurion University of the Negev in Israel have been studying how to use sound to extract information from air-gapped computers. In June, they showed that even a PC’s cooling fans can be controlled to secretly transmit data, including passwords and encryption keys.To read this article in full or to leave a comment, please click here
Researchers have found a way to steal a PC’s data by using the mechanical noise coming from the hard disk drives inside.It’s not a very practical hack, but the scheme has been designed for “air-gapped” systems, or computers that have been sectioned off from the Internet.The researchers at Ben-Gurion University of the Negev in Israel have been studying how to use sound to extract information from air-gapped computers. In June, they showed that even a PC’s cooling fans can be controlled to secretly transmit data, including passwords and encryption keys.To read this article in full or to leave a comment, please click here
Researchers have found a way to steal a PC’s data by using the mechanical noise coming from the hard disk drives inside.
It’s not a very practical hack, but the scheme has been designed for “air-gapped” systems, or computers that have been sectioned off from the Internet.
The researchers at Ben-Gurion University of the Negev in Israel have been studying how to use sound to extract information from air-gapped computers. In June, they showed that even a PC’s cooling fans can be controlled to secretly transmit data, including passwords and encryption keys.To read this article in full or to leave a comment, please click here
Millions of Volkswagens built over the past 20 years can be broken into with a hack that exploits the cars’ remote control key systems, security researchers have found.
Most VWs built since 1995 use one of a handful of electronic “master keys” to remotely open and lock the doors, and those keys can be extracted by reverse engineering the firmware, the researchers wrote in a new paper.
That alone isn’t enough to break into a car -- the master key has to be combined with a unique code generated by each remote key device. But the researchers also devised a way to do that, assembling a piece of radio hardware costing around $40.To read this article in full or to leave a comment, please click here
Millions of Volkswagens built over the past 20 years can be broken into with a hack that exploits the cars’ remote control key systems, security researchers have found.
Most VWs built since 1995 use one of a handful of electronic “master keys” to remotely open and lock the doors, and those keys can be extracted by reverse engineering the firmware, the researchers wrote in a new paper.
That alone isn’t enough to break into a car -- the master key has to be combined with a unique code generated by each remote key device. But the researchers also devised a way to do that, assembling a piece of radio hardware costing around $40.To read this article in full or to leave a comment, please click here
As the U.S. presidential election nears, Donald Trump is emerging as the clear winner -- at least when it comes to having his name used in spam messages.Spammers and cyber attackers are using Trump's name far more than Hillary Clinton's in emails pushing get rick quick schemes or phishing for personal information, according to an analysis from Proofpoint.The security firm scanned the subject line of emails received by its customers in June and July looking for occurrences of "trump" or "clinton," and found that the Republican nominee appeared in 169 times as many emails as his Democratic opponent.To read this article in full or to leave a comment, please click here
As the U.S. presidential election nears, Donald Trump is emerging as the clear winner -- at least when it comes to having his name used in spam messages.Spammers and cyber attackers are using Trump's name far more than Hillary Clinton's in emails pushing get rick quick schemes or phishing for personal information, according to an analysis from Proofpoint.The security firm scanned the subject line of emails received by its customers in June and July looking for occurrences of "trump" or "clinton," and found that the Republican nominee appeared in 169 times as many emails as his Democratic opponent.To read this article in full or to leave a comment, please click here
A security firm is offering up to US$500,000 for information on zero-day vulnerabilities in iOS, surpassing Apple's bug bounty just days after it was announced.On Tuesday, Texas-based Exodus Intelligence said it will give between $5,000 and $500,000 for zero-day vulnerabilities relating to iOS version 9.3 and higher.
These zero-days are software flaws that have gone undetected by Apple, making them potentially very valuable, especially for cyber criminals who can use them to hack iPhones. To read this article in full or to leave a comment, please click here
Can a supercomputer beat humans in a hacking contest? We're about to find out.For the first time, a fully automated supercomputer is trying to compete with humans in a major hacking contest, and so far the machine is hanging in there.The supercomputer, known as Mayhem, is among the teams taking part in this year’s Capture the Flag contest at the DEF CON security conference in Las Vegas.The game involves detecting vulnerabilities in software and patching them, and humans have been playing it at DEF CON for years.Now computers are getting in on the act. DARPA, a U.S. defense agency, recently held an all-machine competition, awarding $2 million to the team that did best.To read this article in full or to leave a comment, please click here
Can a supercomputer beat humans in a hacking contest? We're about to find out.For the first time, a fully automated supercomputer is trying to compete with humans in a major hacking contest, and so far the machine is hanging in there.The supercomputer, known as Mayhem, is among the teams taking part in this year’s Capture the Flag contest at the DEF CON security conference in Las Vegas.The game involves detecting vulnerabilities in software and patching them, and humans have been playing it at DEF CON for years.Now computers are getting in on the act. DARPA, a U.S. defense agency, recently held an all-machine competition, awarding $2 million to the team that did best.To read this article in full or to leave a comment, please click here
Don’t believe everything you see. It turns out even your computer monitor can be hacked.On Friday, researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.To read this article in full or to leave a comment, please click here
Don’t believe everything you see. It turns out even your computer monitor can be hacked.On Friday, researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.To read this article in full or to leave a comment, please click here
Giant refrigerator-sized supercomputers battled each other on Thursday in a virtual contest to show that machines can find software vulnerabilities.
The result: the supercomputers time and time again detected simulated flaws in software.
It represents a technological achievement in vulnerability detection, at a time when it can take human researchers on an average a year to find software flaws. The hope is that computers can do a better job and perhaps detect and patch the flaws within months, weeks or even days.
Thursday’s contest, called the Cyber Grand Challenge, was a step in that direction. The final round of the competition pitted computers from seven teams to play the hacking game “Capture the Flag,” which revolves around detecting software vulnerabilities.To read this article in full or to leave a comment, please click here
Giant refrigerator-sized supercomputers battled each other on Thursday in a virtual contest to show that machines can find software vulnerabilities.
The result: the supercomputers time and time again detected simulated flaws in software.
It represents a technological achievement in vulnerability detection, at a time when it can take human researchers on an average a year to find software flaws. The hope is that computers can do a better job and perhaps detect and patch the flaws within months, weeks or even days.
Thursday’s contest, called the Cyber Grand Challenge, was a step in that direction. The final round of the competition pitted computers from seven teams to play the hacking game “Capture the Flag,” which revolves around detecting software vulnerabilities.To read this article in full or to leave a comment, please click here
Industrial facilities should be on guard against drones. Even off-the-shelf versions of the unmanned aircraft could be used to disrupt sensitive systems.
On Wednesday, Jeff Melrose, a presenter at Black Hat 2016, showed how consumer drones could do more than just conduct aerial spying. The flying machines can also carry a transmitter to hack into a wireless keyboard or interfere with industrial controls, he said.
It’s not enough to place a fence around a building to keep intruders out, according to Melrose, who is a principal tech specialist at Yokogawa, an industrial controls provider. These days, some consumer drones can travel up to 3 miles (4.8 kilometers) or more.To read this article in full or to leave a comment, please click here
Michael Kan