cyberweapons, dea, foia, hacking, malware, Security technology, zeroday
The US Drug Enforcement Agency has purchased zero-day exploits from the cyberweapons arms manufacturer Hacking Team. BoingBoing post. Powered by WPeMatico
Category: hacking
Auto Added by WPeMatico
exploits, hacking, Security technology, television
This is impressive: The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal. That signal is then broadcast to nearby devices. It worked against two fully updated TV models made by Samsung. By exploiting two known security flaws in the Web browsers running in the background, the attack was … Read More “Smart TV Hack via the Broadcast Signal” »
cia, hacking, leaks, Security technology, vulnerabilities, wikileaks
WikiLeaks is obviously playing their Top Secret CIA data cache for as much press as they can, leaking the documents a little at a time. On Friday they published their fourth set of documents from what they call “Vault 7”: 27 documents from the CIA’s Grasshopper framework, a platform used to build customized malware payloads … Read More “Fourth WikiLeaks CIA Attack Tool Dump” »
encryption, gametheory, hacking, keys, nsa, Security technology
Last August, an unknown group called the Shadow Brokers released a bunch of NSA tools to the public. The common guesses were that the tools were discovered on an external staging server, and that the hack and release was the work of the Russians (back then, that wasn’t controversial). This was me: Okay, so let’s … Read More “Shadow Brokers Releases the Rest of Their NSA Hacking Tools” »
apple, backups, cloudcomputing, crime, cybercrime, extortion, hacking, Security technology
Turkish hackers are threatening to erase millions of iCloud user accounts unless Apple pays a ransom. This is a weird story, and I’m skeptical of some of the details. Presumably Apple has decided that it’s smarter to spend the money on secure backups and other security measures than to pay the ransom. But we’ll see … Read More “Hackers Threaten to Erase Apple Customer Data” »
children, hacking, internetofthings, Security technology, securityengineering, spyware
CloudPets are an Internet-connected stuffed animals that allow children and parents to send each other voice messages. Last week, we learned that Spiral Toys had such poor security that it exposed 800,000 customer credentials, and two million audio recordings. As we’ve seen time and time again in the last couple of years, so-called “smart” devices … Read More “IoT Teddy Bear Leaked Personal Audio Recordings” »
cyberattack, france, hacking, internet, Security technology, voting
Some good election security news for a change: France is dropping its plans for remote Internet voting, because it’s concerned about hacking. Powered by WPeMatico
cia, cryptography, encryption, hacking, malware, Security technology, tradecraft
Useful best practices for malware writers, courtesy of the CIA. Seems like a lot of good advice. General: DO obfuscate or encrypt all strings and configuration data that directly relate to tool functionality. Consideration should be made to also only de-obfuscating strings in-memory at the moment the data is needed. When a previously de-obfuscated value … Read More “The CIA's “Development Tradecraft DOs and DON'Ts”” »
childpornography, courts, exploits, fbi, hacking, pornography, Security technology, tor
The Department of Justice is dropping all charges in a child-porn case rather than release the details of a hack against Tor. Powered by WPeMatico