Hacking News

When Edward Snowden walked out of the NSA in 2013 with thumb drives full of its most secret files, the agency didn’t have a reliable list of people—like Snowden—who had privileged access to its networks. Nor did it have a reliable list of those who were authorized to use removable media to transfer data to […]

Canadian hacker Karim Baratov, accused of working with Russian intelligence agents in the 2014 Yahoo breach, may deny the right to fight a US extradition request, Reuters reports, citing the cybercriminal’s lawyer. Read more

Britain’s cyber security skills gap has shrunk by more than a third in the last two years thanks to a surge in interest from potential candidates, according to job site Indeed. Researchers tracked the number of cyber security roles advertised and the number of clicks from candidates to gauge the mismatch between supply and demand,

A huge trove of voter data, including personal information and voter profiling data on what’s thought to be every registered US voter dating back more than a decade, has been found on an exposed and unsecured server, ZDNet has learned. Read more

The number of new malware samples in the wild this year targeting connected internet-of-things (IoT) devices has already more than doubled last year’s total. Honeypots laid out by Kaspersky Lab researchers mimicking a number of connected devices running Linux have attracted more than 7,200 different malware samples through May, all bent on infecting connected devices

In a recent automated attack, a large bot army hacked into accounts using brute-force methodology and a highly accurate username and password list. PerimiterX researchers discovered that by overwhelming sites with requests from a network of tens of thousands of Internet of Things devices such as Canon printers and network devices, and with each bot

A form of banking Trojan malware has evolved a new attack technique and is using infected machines as control servers – even after its ability to steal data has been removed by security products. Qakbot is a worm which can spread through the networks and is capable of stealing credentials, opening a backdoor on the

Duo Labs does a lot of odd research now and again. The whole IoT world can offer up a lot of ups and downs to a researcher, but since we are trying to not only get through this ourselves, we are also trying to encourage others to research. Therefore, it makes sense to come up

In March 2017, Palo Alto Networks Unit 42 published research on a new malicious spam campaign dubbed “Blank Slate.” Named as such because the malspam message is empty. Only the malicious attachment is present. Read more

Another banking malware variant has been spotted in the wild, and it’s using UPnP to pop home routers to expose unsuspecting home users, recruited as part of the botnet. McAfee Labs says the new campaign uses a variant of the ancient “Pinkslipbot”, and says it uses Universal Plug’n’Play (UPnP) to open ports through home routers,