Ad: Manage updates with the Download App
  • CNET
  • All hacking posts

hacking

NBC Web site back up after hack attack

NBC's Web site is up and running again after being knocked offline by a cyberattack for several hours yesterday.

The NBC site was the victim of a form of malware known as the Citadel Trojan. This specific strain targets companies in an attempt to steal usernames, passwords and other sensitive data. People who visit sites infected by the trojan can find their own PCs infected as well.

In the past, Citadel typically attacked banks and financial firms but has since expanded its reach to a wider range of organizations.

NBC, which is part of cable giant Comcast, is still trying to figure out how the attack occurred, … Read more

Zendesk hack snares user data from Twitter, Tumblr, Pinterest

At a time when it seems no company is immune from hackers, user information from three high-profile social-networking sites has been compromised due to a hack at another company.

Customer support service Zendesk revealed today that it had been the victim of a security breach and that information from three of its clients had been downloaded. As first reported by Wired, those three clients are Twitter, Pinterest, and Tumblr.

Zendesk revealed the hack in a company blog post today that said the vulnerability was immediately identified and patched:

Our ongoing investigation indicates that the hacker had access to the support … Read more

Forum site gives more details on Apple and Facebook hacks

The popular forum site that hackers used to access employee computers at Apple and Facebook gave more details today on how the cyberattack happened.

The site's owner Ian Sefferman confirmed previous reports that hackers injected JavaScript into his site, iPhonedevsdk, and were then able to use a previously unknown exploit to access certain user's computers. He also said that the cyberattack most likely ended on January 30, 2013.

Apple revealed yesterday that hackers targeted computers used by its employees, but that "there was no evidence that any data left Apple." In a statement, the company said … Read more

Hackers take Jeep's Twitter account for a joyride

This is not a whopper of a tale: Jeep is the second big brand this week -- after Burger King -- to have its Twitter account hijacked.

The American automaker's official Twitter account was the victim of a hacking attempt early Tuesday. Jeep's Twitter profile was updated with a description that said the Chrysler-owner brand was sold to Cadillac, a General Motors company, which is not true. The account was restored to its original state at around noon PT.

The temporary account holders also posted several disparaging updates saying the brand was sold to Cadillac because the CEO … Read more

Apple: Employee computers were targeted in hack attack

Apple today said it too was targeted as part of the string of hacking efforts on companies and news agencies.

The iPhone and Mac maker told Reuters that hackers targeted computers used by its employees, but that "there was no evidence that any data left Apple."

In a statement, Apple said it discovered malware that made use of a vulnerability in the Java plug-in, and that it was sourced from a site for software developers:

Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware … Read more

Chinese Army linked to hacks of U.S. companies, agencies

An "overwhelming percentage" of cyberattacks on U.S. corporations, government agencies, and organizations originate from a 12-story office tower on the outskirts of Shanghai that's connected to the People's Liberation Army, according to an extensive New York Times report.

The newspaper cites a 60-page report by U.S. security firm Mandiant that traces the activities of a sophisticated Chinese hacking group -- known in some circles as "Comment Crew" or "Shanghai Group" -- to the headquarters of People's Liberation Army Unit 61398. The report notes that a body of digital forensic … Read more

Burger King Twitter account hacked, defaced

The Twitter account associated with the fast-food chain Burger King was suspended after an apparent hack defaced the page with messages that the account had been sold to McDonald's.

The @BurgerKing account name was changed today to "McDonalds" and the Golden Arches logo was added to the page, as was a message that the account had been sold to McDonald's "because the whopper flopped."

The page has since been taken down, but images of the defacement are still visible on Web cache.

Before the feed's suspension, hackers posted tweets that included racial epithets … Read more

iPhone hack can bypass password

Thursday's CNET Update is reliving the '90s:

Apple is addressing two iOS bugs mentioned in today's tech news roundup. But one isn't so much a "bug" as it is an exploit to bypass a lock-screen passcode through a series of steps. Once bypassed, it's possible to make calls and listen to voice mail messages. Another fix is coming for those that use Exchange Sync. Some iOS 6.1 users were seeing batteries drain faster because it was excessively communicating with Exchange servers.

Also in today's report:

- Research firm IDC breaks down which smartphones dominatedRead more

iOS 6.1 hack lets users see your phone app, place calls

Some sleight of hand will allow iOS 6.1 hackers to access your phone application, listen to your voice mails, and place calls.

A YouTube video showing users how to "bypass iPhone 5 passcode" on Apple's latest iOS releases, including iOS 6.1, has been published. The person who uploaded the video shows how anyone can access the phone application on a passcode-protected iPhone.

In order to achieve the hack, users must come close to turning off the iPhone, place an emergency call, and keep their finger on the power button. CNET was able to re-create the … Read more

Jawbone warns of 'limited' MyTalk hack, disables old passwords

Bluetooth headset maker Jawbone informed its customers recently that its MyTalk service has been hacked.

In a letter to users obtained by Engadget, Jawbone wrote that it was the target of an "isolated" attack aimed at accessing user information. The company said that the hackers stole some of its MyTalk users' names, e-mail addresses, and the encrypted version of their password.

"We took immediate action to protect your login information," Jawbone wrote to its customers. "Based on our investigation to date, we do not believe there has been any unauthorized use of login information or … Read more