The Channel logo

Articles about Hacking

Laurel and Hardy on the phone

Phone hacking blitz hammers UK.biz's poor VoIP handsets

UK businesses are getting disproportionately targeted by a surge of attacks against Voice over IP (VoIP) systems. The growing use of VoIP technology in business and a greater availability of hacking tools that dumb down the process of hacking into systems has led to an increase in attacks worldwide. UK-based systems are being …
John Leyden, 16 Jun 2015
FBI badge and gun

TOR users become FBI's No.1 hacking target after legal power grab

The FBI wants greater authority to hack overseas computers, according to a law professor. A Department of Justice proposal to amend Rule 41 of the Federal Rules of Criminal Procedure would make it easier for domestic law enforcement to hack into the computers of people attempting to protect their anonymity on the internet. The …
John Leyden, 19 Sep 2014
man_from_uncle_648

GCHQ: Security software? We'll soon see about THAT

The UK's spook agency GCHQ has been working with the National Security Agency to subvert anti-virus software, according to the latest piece of spoon-fed Snowden info reported on The Intercept. According to Glenn Greenwald's rag, spooks reverse-engineered software products in order to obtain intel – a tactic that will surely come …
Kat Hall, 23 Jun 2015
firing range - target in cross hairs

SEC joins hunt for FIN4 attackers

America's Securities and Exchange Commission (SEC) has joined the hunt for the FIN4 hacking group. The bunch, revealed by FireEye in December 2014, used a phishing attack to get access to listed companies' computer systems. Their payoff was to get insider information to trade their targets' stocks. According to Reuters, the SEC …
Cash in brown paper envelope CC 2.0 attribution StockMonkeys.com

A third of workers admit they'd leak sensitive biz data for peanuts

A third of employees would sell information on company patents, financial records and customer credit card details if the price was right. A poll of 4,000 employees in the UK, Germany, USA and Australia found that for £5,000, a quarter would flog off sensitive data, potentially risking both their job and criminal convictions …
John Leyden, 29 Jul 2015
LG electronics US export photo from 1962

Infosec bigwigs rally against US cyber export control rule

Infosec heavyweights are uniting to oppose US government proposals to tighten up export controls against software exploits, a move critics argue threatens to imperil mainstream security research and information sharing. The proposed regulation, based on the Wassenaar Arrangement of 1996 and not originally intended to include …
John Leyden, 15 Jul 2015

Now Ashley Madison hackers reveal 'CEO's emails and source code'

Updated Another load of internal files swiped by hackers from Ashley Madison have been leaked online – and they apparently feature the CEO's emails and the website's source code. The 18.5GB leak includes, it is claimed, archives of internal company emails, including one folder labeled Noel Biderman – the chief exec of Avid Life Media …
Iain Thomson, 20 Aug 2015
Routers

Cisco posts kit to empty houses to dodge NSA chop shops

Cisco will ship boxes to vacant addresses in a bid to foil the NSA, security chief John Stewart says. The dead drop shipments help to foil a Snowden-revealed operation whereby the NSA would intercept networking kit and install backdoors before boxen reached customers. The interception campaign was revealed last May. Speaking …
Darren Pauli, 18 Mar 2015

Roll up, come see the BOOMING HACKER BAZAAR!

Underground hacker markets are booming with counterfeit documents, premiere credit cards, hacker tutorials, and "complete satisfaction guarantees", according to a new report from Dell SecureWorks. The means to create a false identity are easily purchased through the cracker bazaars. A fake social security card can be obtain for …
John Leyden, 15 Dec 2014

Trustwave's off to Singapore as Singtel slurps security company

Singapore's dominant telco and aspiring services player, Singtel, has acquired Trustwave for about US$810m. Trustwave offers managed security services and the SpiderLabs ethical hacking research outfit, plus a range of network, content and endpoint security products. The company operates in 26 nations and has 1,200 people on the …
Simon Sharwood, 08 Apr 2015

We stand on the brink of global cyber war, warns encryption guru

We are in the early years of a cyber war arms race, security guru Bruce Schneier warned delegates at the Infosecurity Europe exhibition on Wednesday. Schneier, CTO of Resilient Systems, said the much publicised Stuxnet attacks on Iran by the US and Israel in 2010, Iran’s attack on Saudi Aramco, China’s apparent role in hacking …
John Leyden, 04 Jun 2015

Don't be fooled! He's not from the IT crowd... he's a CYBERSPY – FireEye

Impersonating IT departments in spear-phishing attacks is becoming an increasingly popular tactic among hackers, particularly in cyber-espionage attacks. IT staff themed phishing emails comprised 78 per cent of observed phishing schemes picked up by FireEye in 2014, compared to just 44 per cent in 2013. The sixth annual FireEye …
John Leyden, 24 Feb 2015
White Hat for Hackers by Zeevveez, Flickr under CC2.0

Ten years after the sellout, Black Hat is solidly corporate and that’s fine

Analysis When Jeff Moss sold the Black Hat security conference to CMP a decade ago for around $13m (£8.3m), he faced a barrage of abuse from some members of the hacker community as a sellout. They were a little bit right, and a lot wrong, as this year's cons have shown. Black Hat was always supposed to be a little bit corporate anyway …
Iain Thomson, 11 Aug 2015

Silver-tongued phish bait lures execs, hooks M&A deals

A hacking group has been stealing identity information and reading emails to get the inside edge on stock markets to buy and sell to make quick profits. Vendor FireEye reckons the group sent articulate phishing emails with malicious attachments demonstrating "deep" knowledge of financial markets and corporate communications. In …
Darren Pauli, 02 Dec 2014
Hacker image

'A motivated, funded, skilled hacker will always get in' – Schneier

IP Expo Hacking attacks are more or less inevitable, so organisations need to move on from the protection and detection of attacks towards managing their response to breaches so as to minimise harm, according to security guru Bruce Schneier. Prevention and detection are necessary, but not sufficient, he said. Improving response means …
John Leyden, 09 Oct 2014
Meme of a dog "typing" at a computer, with the large font phrase "I have no idea what I'm doing' above him.

It's official: David Brents are the weakest link in phishing attacks

Middle management are increasingly becoming the focus of phishing attacks, according to a new study. Managers received more malicious emails and doubled their click rates year-on-year, according to a study by security company ProofPoint. Senior staff seemed more clued up about dodgy emails, meaning managers and staff clicked on …
John Leyden, 22 Apr 2015
US Pentagon. Pic: DoD photo by MSgt Ken Hammond, USAF

Respect mah privacy! EU delegation begs US to play nice with data

A delegation of MEPs is in Washington this week to put pressure on the US authorities to respect EU privacy laws. The 11-strong group from the European Parliament’s Civil Liberties Committee (LIBE) is led by British Labour MEP Claude Moraes. He said the Parliament hasn’t forgotten about the National Security Agency (NSA)'s …
Jennifer Baker, 17 Mar 2015
The future of air war

US and UK declare red-team CYBER WAR – on EACH OTHER

The US and the UK are planning a series of joint war games involving cyber-warriors from either side attacking each other in a bid to expose security weaknesses before they are abused by criminal hackers or hostile governments. The exercises, which will initially test the security defences and procedures at banks on Wall Street …
John Leyden, 16 Jan 2015

Bank of England CIO: ‘Beware of the cloud, beware of vendors’

The Bank of England is loosening up on IT delivery and recruitment, but not its resistance to public cloud. John Finch, CIO of the UK's central bank since September 2013, Wednesday ruled out the use of any public cloud by the bank for the foreseeable future. Cloud has however crept into the Bank’s IT margins, where it’s been …
Gavin Clarke, 25 Jun 2015

Anonymous plans hacktivism against World Cup sponsors

Ragtag hacktivist collective Anonymous is threatening World Cup sponsors as its next hacking target. Hacker Che Commodore made the threat in solidarity with real-world protestors in Brazil who are enraged that funds are being funnelled into building white elephant stadiums for football's showpiece event rather than much needed …
John Leyden, 09 Jun 2014
Non-sleeper

Self preservation is AWS security's biggest worry, says gros fromage

State-sponsored cyber armies, lone-wolf attackers, denial-of-service attacks ... which keep Amazon’s Web Services security boffins awake at night? None of the above. It’s customers – those who don’t protect themselves adequately against hackers and malware. That’s according AWS head of global security programs Bill Murray, who …
Gavin Clarke, 13 Apr 2015
Money image

NASA's British cloudy collab provider scores $51m from VCs

Cloudy storage and collaboration service provider Huddle has trousered millions more cash from vulture venture capitalists to spend on biz development on both sides of the Atlantic. The UK-based outfit, started by CEO Alastair Mitchell in 2007, last night took home a $51m Series D round of funding, valuing the business at …
Paul Kunert, 12 Dec 2014

US govt now says 21.5 million people exposed by OPM hack – here's what you need to know

The US Office of Personnel Management has come clean on the full extent of the massive data breach that it first disclosed in June, and it's far worse than what was initially thought. On Thursday, OPM announced that records including data from background checks of some 21.5 million people – including present, former, and …
Neil McAllister, 09 Jul 2015

Oracle pulls CSO's BONKERS anti-bug bounty and infosec rant

Updated While other IT industry heavyweights have embraced bug bounties and working with security researchers more generally, Oracle has set its face in the opposite direction in a blog post likening reverse engineering to cheating on your spouse. Mary Ann Davidson, Oracle's chief security officer (CSO), expressed corporate dislike …
John Leyden, 11 Aug 2015
Night scene of bank station in central london

Bank of England seeks 'HACKERS' to defend vaults against e-thieves

The Bank of England is planning to hire ethical hackers to conduct penetration tests on 20 "major" banks and other financial institutions, it has been reported. The move appears to be a response to lessons learned during the Waking Shark II security response exercise last November. The exercise put merchant banks and other …
John Leyden, 24 Apr 2014

Symantec: Antivirus is 'DEAD' – no longer 'a moneymaker'

Symantec, a company that has made huge amounts of cash as the largest antivirus software vendor for the last quarter of a century, looks to be getting out of that business and into fixing hacking problems rather than stopping them. "We don't think of antivirus as a moneymaker in any way," Brian Dye, Symantec's senior vice …
Iain Thomson, 06 May 2014
LIZARD WEARING A TOP HAT SITS ON A BRANCH.  Brett Weinstein pic - ALTERED BY JUDE KARABUS - licensed under  CC 3.0

Oh No, Lenovo! Lizard Squad on the attack, flashes swiped emails

Updated Lenovo's domain name lenovo.com appears to have fallen victim to cyber-mischief-makers Lizard Squad. In the past few minutes, the computer giant's website has been updated to display a slideshow of webcam photos of a bored-looking youth instead of its normal wares. There's some God awful slushy pop music playing in the …
Shaun Nichols, 25 Feb 2015
Bart Simpson

Microsoft will give away Windows 10 FREE - for ONE year

Microsoft is planning a big push for Windows 10 and will be giving away the new operating system to Windows 7, Windows 8.1, and Windows Phone 8 users in the first year of release. "With Windows 10, we think of the operating system as 'Windows as a service'," said Terry Myerson, Microsoft's VP of operating systems. "In next few …
Iain Thomson, 21 Jan 2015
European Union Flag

European Parliament reports HACK ATTACK, turns off public Wi-Fi

The European Parliament has disabled its public Wi-Fi network following the detection of a suspected hacking attack which has been linked to the exposure of weak security practices at the institution by a French media outlet. The private network of the European institution is thought to be secure but techies are advising users …
John Leyden, 26 Nov 2013
HMS Belfast on the Thames. Pic: Nick Hewson

Hurry shipmates - the black hats have hacked our fire control system

The final instalment of Blighty's Cyber Security Challenge, a ten-month process to find new talent for Blighty's infosec workforce, will conclude this afternoon. The Cyber Security Challenge Masterclass, organised by BT, and described as "a series of national competitions, learning programmes, and networking initiatives designed …
balaclava_thief_burglar

Crims at vendors could crock kit says ENISA

Before you sign on the dotted line to acquire some kit or sign up a service provider, ask the vendor you're considering if any of their staff have criminal records. That's just one of many, many, suggestions made by the European Union Agency for Network and Information Security (ENISA), in a new guide to Secure ICT Procurement …
Simon Sharwood, 11 Dec 2014
triangular warning sign featuring exclamation mark

Hackers hijack hacking tools website

Crackers briefly hijacked hacking tools website Metasploit on Monday. Metasploit is an open-source toolkit widely used by both hackers and security admins to test for website vulnerabilities. But visitors to the site on Monday were redirected to a page announcing the site was "hacked by sunwear ! just for fun", as recorded by …
John Leyden, 03 Jun 2008
Spying image

New software ported from Windows to Mac! You'll never guess what. Yes, it's spyware

Miscreants have ported five-year-old spyware XSLCmd to OS X. The Windows version of the malware has been around since 2009, and the Apple Mac edition of XSLCmd shares significant portions of the same code. It can open a reverse shell to its masters, automatically transfer your documents to a remote system, install executables, …
John Leyden, 05 Sep 2014
Windows XP boot screen

Hackers ZERO IN on ZOMBIE XP boxes: Get patching, Internet Explorer 8 users

A newly uncovered attack specifically targeting out-of-support Windows XP machines running Internet Explorer 8 is being used to hack potential victims in multiple industries across Europe and North America, according to security researchers. This is the first “in the wild” attack spotted against Windows XP after Microsoft pulled …
John Leyden, 02 May 2014
chart

Phishers automate attacks using 'Google hacking'

Three in four phishing sites are hosted on compromised servers, according to a new survey. A study of 2,486 fraudulent websites found that 76 per cent were housed on hacked webservers, typically pwned after hackers identified well-known vulnerabilities using search engine queries. Free web hosting for fraudulent websites was …
John Leyden, 02 Mar 2009
channel

cDc automates Google Hacking

Infamous hacking group the Cult of the Dead Cow (cDc) has published a tool that searches for vulnerabilities and private data using carefully-selected Google search queries. The process of so-called Google hacking is already well known, largely due to the efforts of Johnny "I Hack Stuff" Long, whose presentation on the subject …
John Leyden, 22 Feb 2008
Eugene Kaspersky in Sydney

Duqu 2.0: 'Terminator' malware that pwned Kaspersky could have come from Israel

Eugene Kaspersky reckons hacking into his firm's corporate network was a "silly" move by cyberspies, but independent experts are far from convinced. All seem agreed that the rare attack by a state against an leading information security firm is bad news for corporate security more generally, as it shows attacks are getting more …
Handcuffs

Nanny agency hacking suspect cuffed

Scotland Yard arrested a nanny agency worker over suspected hacking offences on Monday. The unnamed woman allegedly rifled through emails in AOL accounts maintained by her former employer, Nannies Incorporated, while working for a competitor agency. The woman was arrested following an investigation by officers at the Specialist …
John Leyden, 09 Oct 2007
Myspace logo

MySpace celebrity hacker downs hacking forum

A wannabe hacker succeeded only in getting a forum for a group he wanted to join taken down after hacking celebrity MySpace profiles. Tesla defaced the MySpace profiles of singers Tila Tequila and Justin Timberlake as well as actress Hilary Duff to post greetings to the Kryogenics crew. Aside from the greeting nothing malicious …
John Leyden, 07 Dec 2007
channel

Sacked IT admin sentenced for hacking ex-employer

A British IT admin was ordered to pay more than £3,000 and given a three-months jail sentence after being accused of hacking into his former employer's computer system so he could install spyware and delete emails. Julius Oladiran, 46, of South Norwood, admitted making a false statement and gaining unauthorized access to …
Dan Goodin, 07 Jan 2009
Hacked US CENTCOM Twitter account

IT'S WAR: Hacktivists throw in their lot with spies and the military

Feature Hacktivism has lost its innocence. Once characterised in the early days of Anonymous back in 2008 by assaults against the Church of Scientology, it has now become part and parcel of far darker plans, such as the spread of terrorist propaganda by Islamic militants. Meanwhile, over in the Ukraine, cyber militias of patriot hackers …
John Leyden, 20 Apr 2015

Enterprise giant SAP's systems take a probe to the wobbly bits - report

At least 3,000 SAP systems are directly exposed to the internet, providing direct access to core corporate systems for potential attackers, according to a penetration-testing firm. Rapid7, the firm behind the Metasploit penetration-testing tool, carried out the scanning exercise in the wake of the discovery of a banking Trojan …
John Leyden, 13 Nov 2013

So many 'cyberspying hackers' about... and most of you are garbage

RSA Europe 2013 Cyber-espionage groups are too numerous to count and are often far less skilled than their reputation suggests, according to threat-trackers. Costin Raiu, director of global research at Kaspersky Lab, estimated that anything between 100 to 200 hacking crews operate in China alone. Despite the hype abut zero-day attacks, many …
John Leyden, 30 Oct 2013
Handcuffs

French police bust 22 youths in alleged hacking network

Police in Dijon, France have detained 22 youths suspected of being members of a domestic network of hackers. According to the French daily Le Monde, sixteen of the alleged hackers are minors, and at least one is reported to be 14 years-old. The oldest detained was 25 years-old. They were apprehended yesterday near Paris and …
Austin Modine, 29 May 2008
Flag Germany

Germany declares hacking tools 'verboten'

Updates to Germany's computer crime laws banning so-called "hacking tools" have been criticised as ill-considered and counterproductive. The revamp to the German criminal code is designed to tighten definitions, making denial of service attacks and attempts to sniff data on third-party wireless networks, for example, clearly …
John Leyden, 30 May 2007

Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...

After Symantec published its report on the Regin super-spyware, there were many questions raised. Who coded it? What can it do? And – above all – why did it take so long for security vendors to notice it? Regin is a sophisticated piece of software. It can be customized for particular missions by inserting into its framework …
Iain Thomson, 26 Nov 2014
Parliament in the clouds

Crack CERT warriors arrive to save UK from grid-crippling hack attacks

The UK is finally getting a national Computer Emergency Response Team (CERT), with the delayed launch of the organisation taking place today. CERT-UK, a key component of the government's £650m National Cyber Security Strategy, will co-ordinate responses to hacking and malware-based cyber attacks on a national level. The …
John Leyden, 31 Mar 2014
The Four Horsemen Apocalypse ride up the grassy mound that adorns the WinXP desktop

Win XP usage down but not out as support cutoff deadline looms

Windows XP usage on the web is decreasing as the venerable operating system edges ever closer towards its "end of life" from Microsoft support next week. Data from cloud security firm's Qualys QualysGuard shows that the percentage of XP on machines decreased from 35 per cent as of January 2013 to 14 per cent in February 2014. …
John Leyden, 04 Apr 2014
globalisation

HP warns over printer hacking risk

A security vulnerability involving some HP printer models makes users open to hacking attack. The bug in the Toolbox software installed with HP's Color LaserJet 2500 and 4600 printers creates a means for attackers to pinch valuable information. When the Toolbox is left in a default configuration hackers might be able to steal …
John Leyden, 06 Apr 2006
Handcuffs

Baby held in Indian jail alongside hacking suspect mum

A seven-month-old child has been held in prison alongside his hacker parents in India. P A Aryan is being held in detention at Puzhal central prison along with his mother, 25 year old Ritu Peter Anderson, and father Peter Anderson. The baby can't be entrusted to the care of his extended family because Anderson's brother P …
John Leyden, 05 Jun 2008

Opinion

Trevor Pott

Why aren't you, personally, stopping the moronocalypse?
Star Trek Into Darkness

Chris Mellor

Federation fissiparousness to form co-ordinated divisions
iot_internet_of_things

Chris Mellor

EMC is ahead overall with HDS mounting an IoT catch-up

Features

Lego gandalf by https://www.flickr.com/photos/isherwoodchris/  CC 2.0 https://creativecommons.org/licenses/by-sa/2.0/ attribution sharealike
Why interconnectivity in the cloud is tougher than just stacking bricks
Handing over dollars picture via Shutterstock
Steve Ballmer. Pic:  Aanjhan Ranganathan
Nokia is the biggest write-off yet, but it wasn't the first
Confused computer keyboard
Last Christmas, I gave you my Cloud, the very next day you gave it away