Anonymous hacks Donald Trump's voicemail and leaks the messages
In the run-up to the presidential election, few days go by when Donald Trump isn't hitting the headlines for something he's said or done. The bombastic billionaire looks set to become the republican candidate, and his journey towards the White House is littered with offense and controversy, and back in December Anonymous declared war on him.
The loose collective of hackers and activist made its declaration after Trump announced plans to ban Muslims from entering the US. One of the alleged first strikes in Anonymous' war sees the group hacking the businessman's voicemail and leaking the messages. The messages appear to show that Trump had a surprisingly cosy relationship with the more left-leaning section of the media than one might imagine.
While the government searches for an iPhone backdoor, researchers find another way in
While the news about the dispute between Apple and the FBI rages on, security researchers continue to look for other ways into products, not just the iPhone. But as a prominent device it becomes a big target and deserves extra scrutiny.
The security experts from Israel and Australia decided to test out the electromagnetic radiation emitted by devices, in this case using an iPhone. The results were interesting, though they won't help in the case of phones in the custody of law enforcement.
Popular WordPress plugin pulled after discovery of password-stealing backdoor
The precise number of websites out there running on WordPress may not be known, but one thing is for sure -- there are a lot of them. Two reasons for the popularity of WordPress are the ease of set up and the availability of a huge range of plugins. One popular plugin, Custom Content Type Manager (CCTM), has just been pulled from the WordPress Plugin Directory after a backdoor was discovered.
The plugin has been installed on thousands of websites, and a recent update -- automatically installed for many users -- included a worrying payload. In the hands of a new developer, Custom Content Type Manager made changes to core WordPress files, ultimately making it possible to steal admin passwords and transmit them in plaintext to a remote server.
Amazon values encryption so much that it drops support on Kindle Fire tablets
Amazon has came out in support of encryption, following Apple's recent legal battles with the US government, saying that it "plays a very, very important role" in protecting customer data.
But you might be surprised to learn that Amazon has also decided to quietly drop support for full disk encryption on its Android-based Kindle Fire tablets. Since it is portraying itself as an encryption and consumer advocate, its decision to go in the opposite direction strikes me as sheer hypocrisy.
Yahoo joins the club, throws its support behind Apple against the FBI
For the past couple of weeks the tech news has circled around Apple versus the FBI, after the iPhone maker refused to comply with a court order to unlock a phone used by one of the terrorists in the San Bernardino shootings. That handset may or may not hold data relevant to the case or perhaps reveal plans for future attacks.
We'll possibly never know, given the agency changed the Apple ID and there are claims that even the iPhone maker cannot now get into it. The FBI, for its part, has acknowledged that it made a mistake in changing that ID.
'Accessibility Clickjacking' malware could impact 500 million Android devices
Researchers at threat defense company Skycure have uncovered an Android proof of concept malware that uses accessibility services to allow attackers to spy on and even control a device.
It can monitor all of a victim's activity and allow attackers to read, and possibly compose, corporate emails and documents via the victim's device, as well as elevating their permissions to remotely encrypt or even wipe the device.
7 things needed for a successful cyber attack
While it is true that pretty much every network is vulnerable to a cyber attack, it is also the case that attackers must follow a certain formula of actions to compromise these systems. Industry research has shown that, on average, advanced attacks nest inside organizations for 200 days before discovery. That’s a long time for an attacker to stealthily gather private data, monitor communications and map the network.
However, once we understand the steps of a successful cyber attack from an attacker’s point of view, then it is possible to, at the very least, shorten the amount of time it takes to detect it; or mitigate it entirely.
Here are the passwords cybercriminals are most likely to use in hacking attempts
The security group Rapid7 has released a new report that may prompt some alarm from web users who are heedless when it comes to choosing their online passwords.
Instead of using the passwords that internet users are the most likely to pick, the group took a different route and examined the passwords that cybercriminals are actually trying to use to hack into a number of systems including POS systems, kiosks, and computers.
Hack the Pentagon!
The Pentagon is to run its own big bounty program, inviting white-hat hackers to test the security of its systems. It is not intended to be a free-for-all, and would-be hackers will be vetted before being given the go-ahead -- although of course there is nothing to stop anyone from trying to breach the defenses if they feel so inclined
The 'Hack the Pentagon' initiative was launched today by Defense Secretary Ash Carter. He said "I am confident that this innovative initiative will strengthen our digital defenses and ultimately enhance our national security". It is to be a carefully managed program which will only be open to US citizens, and networks relating to particularly sensitive material and weapons will be off-limits.
WinRT PDF found to be a possible vulnerability in Edge for Windows 10
With the introduction of Windows 10, Microsoft said goodbye to Internet Explorer, the aging Netscape killer, and hello to Edge. While the company has been increasingly vigilant about security and the nightmares of IE 6 have slowly faded away, with a new browser comes with the potential for new problems.
Security researcher Mark Yason of IBM thinks he may have found a potential path to attack. Yason plans to demonstrate the flaw at the upcoming RSA USA 2016 conference.
What makes a typical information security chief?
Major data breaches continue to highlight how essential it is for businesses to secure their systems, and as a result many organizations are looking to recruit information security officers.
But what should they be looking for? What are the traits that the top information security professionals share? Data loss prevention specialist Digital Guardian has produced an infographic based on research into the CISOs and security leaders at Fortune 100 companies which throws up some interesting results.
Is MasterCard's 'selfie pay' too much of a security risk?
Biometrics were the talk of the town last month in Barcelona. As the world’s mobile technology companies gathered for their largest annual event, Mobile World Congress 2016, talk centered firmly around authentication and identity.
Whilst MasterCard announced it will accept selfie photographs and fingerprints as an alternative to passwords when verifying IDs for online payments, security company Vkansee was demonstrating how easy it was to create a spoof finger with clay and a pot of Play-Doh.
Malvertising campaigns now use fingerprinting techniques
Cyber-criminals are now using fingerprinting techniques in their malvertising campaigns, researchers from security firms Malwarebytes and GeoEdge have reported.
Fingerprinting is an evasion technique in which crooks, through snippets of code, check if the targeted machine is a honeypot set up by malware researchers or an actual machine belonging to a potential victim.
Cyber threats could overwhelm the healthcare industry
Healthcare organizations average about one cyber attack per month and almost half say they have experienced an incident involving the loss or exposure of patient information during the last year, leaving patients at risk of identity theft.
These are among the findings of a survey by security company ESET and the Ponemon Institute into cyber security in the healthcare sector.
Updated Snooper's charter will allow police to remotely hack phones and computers
The UK's controversial Snooper's charter (or draft Investigatory Powers Bill) has been updated to grant the police sweeping new powers. The new legislation will permit authorities to not only access the browsing histories of suspected criminals, but also to remotely hack into computers and phones in certain circumstances.
Previous version of the bill had limited such powers to the investigation of "serious crime", but the updated version expands this dramatically. Home Secretary Theresa May is hoping to push the draft Investigatory Powers Bill through parliament later this year. The bill has already met with strong criticism from not only privacy groups, but also governmental advisers. While there are some concessions to protect unbreakable encryption, the latest changes will do little to assuage concerns with the bill.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.