You may have heard the devastating news that The New York Times has finally plugged the famous paywall loophole that allowed users to access more than their monthly allotment of articles. Once you used up your 10 free articles for the month, you could just delete the “?gwh=numbers” part of the URL to easily and freely access the story. Read More
Anonymous announced its intention to “destroy” Westboro Baptist Church this weekend following news that the group would be picketing the funerals of children who died in Friday’s horrific school shooting in Newtown, Connecticut. Now, infamous 15-year-old hacker Cosmo the God of the Underground Nazi Hacktivist Group (UGNazi) appears to have joined the fray. The Twitter account of much-reviled Westboro spokesperson Shirley Phelps-Roper has been hacked, and Cosmo is claiming responsibility. Ms. Phelps-Roper is the daughter of Fred Phelps, who is the head of the WBC. Read More
Samsung’s clever merging of a tablet-like operating system with a conventional TV to create “smart TVs” seems pretty cool, but device developers may have forgotten a pretty crucial detail for a major household appliance connected to the web–security.
Malta-based security researchers ReVuln found a creepy vulnerability in Samsung Smart TVs that could lead to a particularly invasive form of hacking. They detailed for The Security Ledger just how spooky things could get if hackers take advantage of the problem: Read More
The International Atomic Energy Agency (IAEA) reported a striking security breach Tuesday, admitting that hackers had stolen information from one of its servers and published it online.
According to Reuters, a group with “an Iranian-sounding name” published the information and requested a probe into Israel’s nuclear program. The IAEA is already wary of Iran’s nuclear ambitions.
Reuters reports the theft may not have compromised much in the way of confidential data: Read More
Security expert Brian Krebs dropped a bomb on Yahoo email users last week, though his warning was probably lost in the roar of stories about Black Friday fistfights. According to Mr. Krebs, an Egyptian hacker using the screen name TheHell is selling a Yahoo Mail exploit that could allow an attacker to take over and control a victim’s email and browser activity. TheHell is only charging $700 for the information.
TheHell uploaded a video demonstration to prove he was serious. Mr. Krebs reproduced the video, which you can watch below. Read More
Guy Fawkes Day celebrations of a sort began online Sunday when hackers defaced multiple NBC web sites in addition to a fan page for pop singer Lady Gaga. Anonymous has disclaimed any association with the NBC hacks, but today, as part of an effort they’ve dubbed “Operation Vendetta,” the hacktivist collective has been tearing through several other high-profile sites. Hits include image host ImageShack and pages belonging to the Australian government.
Many media outlets reported a possible PayPal hack as well, however PayPal issued a denial, stating they had no evidence of a breach.
Additionally, credit for the Symantec hack may go to a hacker or group of hackers called HTP, not the larger de-centralized mass of Anons. Read More
An alarming report in The Independent may serve as a warning to satellite operators and a challenge to hackers: cyber security experts attending a conference in the United Kingdom say our satellites face more dangers than ever, including hijacking and sabotage by skilled and malicious hackers.
The Independent‘s Jerome Taylor reports that experts attending the Royal United Services Institute for Defense and Security Studies conference believe the world’s dependence on space-based tech could render many “acutely vulnerable”: Read More
Team GhostShell returned late Monday with Project WestWind: a leak of 120,000 records from 100 major universities around the world.
Team GhostShell is the hacking group behind Project Hellfire, which launched in August this year. Project Hellfire lifted 1 million accounts from 100 websites around the world, compromising data from the CIA and from Wall Street.
The hacked data leaked in Project WestWind does indeed appear to come from a who’s who of major learning institutions. They include Harvard, Cambridge, Princeton, Tokyo University, Cornell and New York University.
In their Pastebin announcement, Team GhostShell said Project WestWind was a serious effort to jump-start a dialogue on the state of higher education today. Apparently this hack wasn’t pranksterism for the lulz, but hacktivism for the greater good: Read More
Attendees at the EuSecWest-sponsored World Security Professional Summit in Amsterdam are participating in a contest called Mobile Pwn2Own. Contestants are, yes, basically revealing that our mobile devices can be easily pwned by someone with the know-how. Quell your bubbling phone fanboy or fangirl rage right now: it looks like both Androids and iPhones are vulnerable. The Next Web describes the Android pwnage, which was partially done, by the way, via near-field communication, or NFC: Read More
That was fast. In mid-July hackers calling themselves “the D33Ds Company” gave Yahoo a spanking for lax security by posting the login information of some of the 453,000 mostly unpaid bloggers working for Yahoo and Associated Content’s contributor network. Less than a month later, we’ve got the first class-action lawsuit related to the breach.
New Hampshire resident Jeff Allan is the named plaintiff in the case. In papers filed July 31 in a U.S. District Court in Northern California, attorneys detailed how Mr. Allan discovered his information was compromised: Read More
