hack

South Korea traces cyberattack to IP address in China

The cyberattack that targeted banks, TV broadcasters, and an Internet service provider in South Korea yesterday originated from an IP address in China, but the identities of the people responsible remain unknown, South Korean regulators say.

"We've identified that a Chinese IP has connected to the organizations affected," a spokesman for South Korea's Communications Commission told a press conference on Thursday, according to a Reuters account of the event.

The revelation comes a day after a massive coordinated attack on servers in South Korea led officials to raise the alert status for the nation's army … Read more

AT&T 'hacker' and Internet troll sentenced to over three years

In the latest criminal prosecution to alarm Internet activists, a security researcher who accessed a non-password protected portion of AT&T's Web site was sentenced today to 41 months in prison and three years of supervised release.

Andrew Auernheimer, who goes by the nickname "Weev" and was convicted by a federal jury last year of hacking, was sentenced today by a federal judge in Newark, N.J. "No matter what the outcome, I will not be broken," Auernheimer said this morning after hosting an all-night party in Newark and making an unsuccessful appearance on … Read more

Reuters editor indicted on Anonymous conspiracy charge

When Matthew Keys allegedly handed over the passwords of his former employer to members of the hacker group Anonymous a couple of years ago, he probably didn't think it would lead to an indictment.

However, the U.S. Department of Justice announced today that Keys was being indicted on three counts: conspiracy to transmit information to damage a protected computer, transmitting information to damage a protected computer, and attempted transmission of information to damage a protected computer.

Keys, 26, currently works as a deputy social media editor at Reuters but used to be a Web producer for the Tribune … Read more

Google rolls out initiative to help hacked sites

It's not pretty when a Web site gets a "this site may be compromised" or "this site may harm your computer" status note. Many webmasters and Web site owners can be at a loss of what to do in these situations.

For this reason, Google has launched "Help for Hacked Sites" informational series, which has a dozen articles and videos aimed to help people avoid having their sites hacked and also teach them how to gain back control of compromised sites.

"Every day, cybercriminals compromise thousands of websites. Hacks are often invisible … Read more

Microsoft's latest patches address new USB hack

A new kind of vulnerability popped up recently, one that lets hackers stick a USB thumb drive into a computer -- even if it's logged-off or locked -- type out a bit of attack code and steal whatever data they want.

In an effort to avoid this type of cyberattack, Microsoft issued its monthly software patches today and included a fix for this Windows vulnerability called MS13-027. This vulnerability lets a hacker get into the computer with a thumb drive and take over administrative privileges.

"When the Windows USB device drivers enumerate the device, parsing a specially crafted … Read more

Apple, Facebook hackers hit car and candy companies too

More details have been revealed about the massive cyberattack that hit several tech companies last month. Not only were Apple, Facebook, Microsoft, and Twitter hit -- but other industries' computer systems were also hacked, including prominent car manufacturers, U.S. government agencies, and a candy company.

According to The Security Ledger, people familiar with the matter said that hackers infiltrated computer networks by using at least three third-party "watering hole" Web sites, which made it possible for hackers to put malware on those companies' computers.

"The breadth of types of services and entities targeted does not reflect … Read more

Researchers win $100,000 for Chrome hack that leaves Windows vulnerable

Security researchers at MWR Labs have won a $100,000 prize at the Pwn2Own hacking competition in Vancouver.

The researchers showed off their hack yesterday as they took a fully patched version of the Google Chrome browser, hacked it, and then took control of Windows 7. According to the researchers, when a Chrome user visits a malicious Web page, it's possible for the page's creator to exploit a vulnerability that allows for code execution in the sandboxed renderer process. From there, the team exploited a kernel vulnerability in Windows 7 to gain elevated privileges and execute commands.

Here's what the researchers were able to achieve:… Read more

Jailed hacker allowed into IT class, hacks prison computers

They're arguing now about who let it happen, but happen it did, with entertaining consequences.

Somehow Nicholas Webber found himself in an IT class while in jail. He's serving five years for creating a site called GhostMarket, which allowed those interested in creating computer viruses, partaking of stolen IDs and enjoying private credit card data to congregate.

He was caught using hacked personal information to buy everything from iPods to luxury hotel stays.

One might have thought that an IT class would have been quite dull for him. One might also have thought that inviting him to an … Read more

Upcoming iOS update likely to kneecap Evasi0n jailbreak

One of the most popular jailbreaking tools for iOS could be snuffed out as part of an upcoming software update from Apple.

iOS 6.1.3, which Apple gave to developers for testing last week, reportedly keeps Evasi0n from being installed, leaving would-be jailbreakers in a lurch.

Evasi0n came out earlier this month and gives iPhone, iPod, and iPad owners deeper access to the software on their devices than Apple allows. The two key benefits for those who install it is that you can make significant changes to basic system software, as well as add additional apps through third-party software … Read more