Over the last couple of weeks I’ve seen a pattern of companies frustrating an individual to the point where the person gives up trying to communicate with the company and hacks them in a major way instead. I guess you could call it Revenge Hacking. In each case, the company was communicating with the person in an above-board manner.
If you can hack a wireless printer to play one of the most famous videogames of all time, what else can you do with it?
And if printer hardware can be reprogrammed by hackers to perform functions far beyond its intended use, what does it say about other the other devices that make up “the internet of things”?
DIY retail chain Home Depot might be the latest big company to be hit by a serious data breach, after suspicions started to circulate that hackers had broken into its systems and manage to steal credit and debit card data.
For understandable reasons, Home Depot is working hard to reassure consumers about the situation –
Just over a month ago, security researchers revealed that one of PayPal’s primary mechanisms to protect accounts from hackers had been fundamentally flawed for years.
Researchers at Duo Security discovered a method of bypassing the two-factor authentication (2FA) technology used by the site, which is supposed to protect your account should your PayPal username and password fall into the hands of online criminals.
It has become the trendy thing to connect more and more household and office devices to the internet. It is becoming increasingly common to find yourself typing a WiFI password not just into your smartphone, but also your smoke alarm, your fridge, your printer, your baby monitor and maybe even your car.
The FIFA World Cup has kicked off in Brazil, with fans travelling to the country from around the globe in the hope that their country’s football team will make it to the grand final.
But if you’re travelling (whether it be to South America watch the world’s greatest soccer tournament, or a couple of days away on a business trip) what precautions should you take to stay safe online?
You can’t fail to have missed the news today that eBay has suffered a serious security breach, meaning that personal information about users has fallen into the hands of hackers.
According to eBay’s official announcement the database accessed by the hackers included customers’ names, encrypted passwords, email addresses,
The increasing numbers of attacks profiled in news reports over the last several months demonstrate that we live in an unsecure world. The Target breach in particular shows how important a complete cyber security program is to an enterprise network environment. Target’s security systems generated events from the attack, but the events were not followed up on.
A few years ago, in what we call the BS era (“Before Snowden”), there were frequent accusations levelled against China for attempting to hack into foreign country’s computer systems and steal information.
And, to be fair, there was often good reason to suspect that some attacks were conducted with the endorsement of the Beijing authorities.
In my last post, I discussed the reality of APT hitting unsuspecting organizations with a predictable pattern. Study after study indicates people are being hit by malicious hackers and the attack goes on for months before anyone is any the wiser. If they ever know.
Some very large companies, with hundreds of business units and locations,
It used to be that only large, Fortune 500-sized businesses had to worry about targeted threats, or APTs. Today, it’s a whole new ballgame. Sophisticated, malicious hackers use focused resources for small- and medium-sized companies too. Everyone is a target and your risk is multiplied if you do business with important partners and business associates who have valuable intellectual property.
In February, President Obama signed an Executive Order that called for increased cyber-threat information sharing between government and private companies who oversee our country’s critical infrastructure. The goal was to break down the barriers that cause privately-managed critical infrastructure companies to work independently of the government groups that could create a repository of intel on trending cyber attacks.
October marks the 10th anniversary of National Cyber Security Awareness Month, a public education campaign spearheaded by our colleagues at the National Cyber Security Alliance. It’s somewhat disheartening to consider the lack of progress made in cyber security over the last 10 years; cyber criminals continue to wreak havoc stealing personal identities, corporate IP, and even national secrets.
A quick scan of news headlines shows the practical side of cybercrime. As you read this, a fake “Grand Theft Auto V’ torrent is racing to spread its infectious payload. An Advanced Persistent Threat (APT) called NetTraveler is doing its dirty work, most recently via a known Java vulnerability. Fake Xerox emails are delivering malware to your employees’ inboxes.
A few weeks after retiring Department of Homeland Security Secretary Janet Napolitano gave a farewell speech, we are still unclear on her replacement unfortuntely. In that departure speech, Napolitano advised her successor “You will need a large bottle of Advil.” Given the DHS Secretary is responsible for dealing with everything from natural disasters to terrorists attacks,