By Steve Huff 12/13/12 5:03pm

Hack Hack Hack Hack It Apart

This guy is everywhere now. (Image Devdsp on Flickr

Hackers in The Vents: Cyber Intruders Could Access HVAC Systems Via Big Security Holes

Sometime last summer, hackers invaded a New Jersey company’s web-accessible heating and air-conditioning systems using a gaping security hole in the system’s supervisory control and data acquisition (SCADA) software.

Ars Technica reports that an IT contractor who works with the business informed F.B.I. agents investigating the breach that controls for the HVAC system were “directly connected to the Internet” and there was no “interposing firewall.”

The backdoor into the controls is found in some versions of the Niagara AX Framework, software that controls similar systems at the Pentagon and the Federal Bureau of Investigation. An F.B.I. memo issued in July said any hacker who found their way into the nameless New Jersey company’s Niagara controls would have been able to learn the same information available to a systems administrator, such as “a floor plan layout of the office, with control fields and feedback for each office and shop area.” The web interface wasn’t even password-protected. Read More

By Steve Huff 12/11/12 1:23pm

Hack Hack Hack Hack It Apart

Bank of America, one of the victims of Operation Ababil (Screengrab)

The Qassam Cyber Fighters Return, Warning of Phase 2 in ‘Operation Ababil’ [Updated]

The Izz ad-Din al-Qassam Cyber Fighters published a new message on their Pastebin profile late Monday, warning of a new round of cyber attacks against U.S. financial institutions, beginning this week.

In their lengthy post, titled “Phase 2 Operation Ababil,” the Qassam Cyber Fighters announced that they plan to attack websites owned by J.P. Morgan Chase, Bank of America, U.S. Bancorp, PNC Financial Services and SunTrust Banks. Read More

By Steve Huff 12/10/12 1:15pm

Hack Hack Hack Hack It Apart

Team GhostShell's Project WhiteFox logo.

Team GhostShell Finishes The Year With Megahack on Orgs Including NASA and Pentagon Defense Contractor

Team GhostShell published their “last project” Monday, “Project WhiteFox.” The hacking crew again used their signature method of announcing the large-scale hack, hijacking numerous Twitter  profiles to link to their Pastebin page and notify tech blogs and writers who have covered them in the past.

On the page linking to data taken as part of Project WhiteFox, Team GhostShell explained some of their actions over the past year or so. They also revealed that “DeadMellox” was a ploy, writing that he “was a ghost to begin with.” Read More

By Steve Huff 11/29/12 11:34am

Hack Hack Hack Hack It Apart

Not all clouds are security threats. (flickr.com/kky)

Researchers Say the Cloud Could Aid in Large-Scale Cyber Attacks

Researchers at North Carolina State University and the University of Oregon have discovered a way to turn cloud computing into hacker heaven.

Disguising data transfers with URL-truncating services like TinyURL or Bit.ly, researchers found that cloud-based processing power intended to shift computing tasks from laptops, tablets and mobile devices could be converted to crack encoded passwords or used for a large scale denial-of-service attack. Read More

By Kelly Faircloth 11/28/12 8:22am

Linkages

Whoops. (Photo: The Amazing iOS 6 Maps)

Booting Up: The Chickens Come Home to Roost for Apple Maps Manager

Word on the street says Apple has fired the manager who oversaw the development of its ill-fated Maps app. [Bloomberg]

This anthropologist completely submerged herself in the culture she was studying for three years … meaning she moved to the Bay Area and started chatting up hackers. [Wired]

Google has released an icy slew of Street View updates, including photos of Svalbard, Norway–which is about 400 miles north of continental Europe. [TNW]

The most commonly asked politics question on Ask.com in 2012: “Who will win the Presidential race?” Guys, it’s a search engine, not a crystal ball. For fortune-telling, you need Nate Silver. [VentureBeat]

Nokia is suing to block the sale of many RIM products until they can straighten out royalties, not that it’ll save either company from the scrapheap of corporate history. [ComputerWorld]

By Steve Huff 11/27/12 4:04pm

Hack Hack Hack Hack It Apart

Bank of America, one of the victims of Operation Ababil (Screengrab)

Muslim Cyber-Fighters Who Took Down U.S. Bank Websites Deny They Work for Iran

The Izz ad-Din al-Qassam Cyber Fighters, who claimed credit for multiple DDoS attacks on American financial institutions like Bank of American and Suntrust, Inc., still steadfastly deny they were working for the Iranian government. Wired directs us to this interview with the hackers conducted in early November by researchers Flashpoint Global Partners, a security research firm.

The hackers always claimed in various Pastebin posts that their “Operation Ababil” was not motivated by a need to hurt the United States so much as they wanted to express outrage over the anti-Muslim film, Innocence of Muslims.

In their interview with Flashpoint, the hackers repeated the same sentiment, stating that they targeted banks to do “something proportional to what has happened against us. In the system where… religion and sacred things are not honorable, and only material, money and finance have value, this seems a suitable and effective… act[ion] and can influence governors and decision makers.” Read More

By Steve Huff 11/21/12 3:15pm

Hack Hack Hack Hack It Apart

screengrab

Pro-Gaza Hackers Completely Dismantle Israeli Official’s Social Media

Israel and Hamas may have agreed to cease hostilities on “land sea and air” but that may not stop the cyberwar. On Wednesday the ZCompany Hacking Crew (ZHC) hacked apart the online life of Israel’s Vice Prime Minister, Silvan Shalom. ZHC took over Mr. Shalom’s Facebook, Twitter account, his blog–just about everything. ZHC tweeted that their control was almost total: Read More

By Steve Huff 11/20/12 6:08pm

Hack Hack Hack Hack It Apart

Not one of the hacked iPads, we guess.

Goatse Security’s Andrew Auernheimer Found Guilty Of Charges Related to Massive AT&T Hack

Goatse Security hacker Andrew Auernheimer, age 26, has been found guilty on federal charges related to downloading the data of over 100,000 iPad owners from AT&T’s website. Wired reports that the jury that heard Mr. Auernheimer’s trial in a New Jersey federal court only took hours to reach a verdict, finding him guilty of identity fraud and conspiring to access a computer without authorization.

Mr. Auernheimer, using the Twitter handle @rabite, tweeted that he knew “there would be a guilty here” and he will appeal. Read More

By Steve Huff 11/05/12 3:36pm

Hack Hack Hack Hack It Apart

opvendettaII

Anonymous Celebrates Guy Fawkes Day By Hacking ImageShack

Guy Fawkes Day celebrations of a sort began online Sunday when hackers defaced multiple NBC web sites in addition to a fan page for pop singer Lady Gaga. Anonymous has disclaimed any association with the NBC hacks, but today, as part of an effort they’ve dubbed “Operation Vendetta,” the hacktivist collective has been tearing through several other high-profile sites. Hits include image host ImageShack and pages belonging to the Australian government.

Many media outlets reported a possible PayPal hack as well, however PayPal issued a denial, stating they had no evidence of a breach.

Additionally, credit for the Symantec hack may go to a hacker or group of hackers called HTP, not the larger de-centralized mass of Anons. Read More

By Steve Huff 11/05/12 1:06pm

Hack Hack Hack Hack It Apart

Chinese flag

Hackers Torpedoed Coke’s Multi-Billion Dollar Deal to Buy a Chinese Corporation

A Chinese hacking crew dubbed the Comment Group has been romping through corporate America’s computer networks for a few years now. The extent of the breaches wasn’t clear until Bloomberg published an in-depth report Sunday detailing in part how soft drink giant Coke was hacked in 2009 and didn’t tell.

The deep hacking of sensitive data from Coke’s systems destroyed a $2.4 billion acquisition deal with China Huiyuan Juice Group, which would have been the largest deal of its kind at the time: Read More