Tag Archives: hacking

Use a Software Bug to Win Video Poker? That’s a Federal Hacking Case

Posted on by

It’s the latest test of the Computer Fraud and Abuse Act, a 1986 law originally intended to punish hackers who remotely crack defense or banking computers over their 300 baud modems. Changes in technology and a string of amendments have pushed the law into a murky zone where prosecutors have charged people for violating website terms-of-service or an employer’s computer use policies.

via Use a Software Bug to Win Video Poker? That’s a Federal Hacking Case | Threat Level | Wired.com.

Under the relevant section of the CFAA, Kane and Nestor aren’t charged with hacking into the Game King from the outside, but rather with exceeding their otherwise legitimate access “to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.”

LivingSocial Hacked — More Than 50 Million Customers Impacted

Posted on by

The hack includes customer names, emails, birthdates and encrypted passwords.

via LivingSocial Hacked — More Than 50 Million Customers Impacted – Kara Swisher – Commerce – AllThingsD.

I’d like to read a post mortum on this.  Knowing names and emails will allow for more precise phishing attacks against those 50 million customers.  Hopefully people know to lie about their birthday and if this attack was caught fast enough the bad guys might not have had time to decrypt the encrypted passwords to exploit the accounts.

One positive note in a not-so-positive situation: The email sent to employees and customers noted that neither customer credit card nor merchant financial information was accessed in the cyber attack.

Meet the men who spy on women through their webcams

Posted on by

And if even this handholding isn’t enough, more successful ratters sometimes rent out slaves they have already infected. In other cases, they simply hand them off to others in a “Free Girl Slave Giveaway.”

Calling most of these guys “hackers” does a real disservice to hackers everywhere; only minimal technical skill is now required to deploy a RAT and acquire slaves. 

via Meet the men who spy on women through their webcams | Ars Technica.

Amazon.com website briefly offline, hackers claim credit

Posted on by

The group went on detail how it knocked the front door down (only Amazon.com’s front page was offline), with a large “botnet” or network of thousands of computers working together.

via Amazon.com website briefly offline, hackers claim credit | Fox News.

Interesting.  Looks like a distributed denial of service (DDOS) on the grand daddy of the data center and cloud computing industry.  Amazon was down for only 49 minutes.  It will be interesting to hear the inside baseball techie talk as to how this happened and how Amazon recovered.

Like a Hot Knife Through Butter

Posted on by

In this short post, I’d like to show how hash-DoS can be applied to the btrfs file-system with some astonishing and unexpected success. Btrfs, while still in development stage, is widely considered as being a viable successor of ext4, and an implementation of it is already part of the Linux kernel. According to this page,

via Pascal Junod » Like a Hot Knife Through Butter.

Texas college hacks drone in front of DHS

Posted on by

Humphrey tells Fox News that for a few hundreds dollar his team was able to “spoof” the GPS system on board the drone, a technique that involves mimicking the actual signals sent to the global positioning device and then eventually tricking the target into following a new set of commands. And, for just $1,000, Humphreys says the spoofer his team assembled was the most advanced one ever built.

via Texas college hacks drone in front of DHS — RT.

“In five or ten years you have 30,000 drones in the airspace,” he tells Fox News. “Each one of these could be a potential missile used against us.”

PlayStation 3: The Final Hack?

Posted on by

The release of the new custom firmware – and the LV0 decryption keys in particular – poses serious issues. While Sony will almost certainly change the PSN passphrase once again in the upcoming 4.30 update, the reveal of the LV0 key basically means that any system update released by Sony going forward can be decrypted with little or no effort whatsoever. Options Sony has in battling this leak are limited – every PS3 out there needs to be able to decrypt any firmware download package in order for the console to be updated (a 2006 launch PS3 can still update directly to the latest software). The release of the LV0 key allows for that to be achieved on PC, with the CoreOS and XMB files then re-encrypted using the existing 3.55 keys in order to be run on hacked consoles.

via PlayStation 3: The Final Hack? • Blogs • Eurogamer.net.

A group of Finnish math teachers write an open textbook in a weekend hackathon

Posted on by

A group of Finnish mathematics researchers, teachers and students write an upper secondary mathematics textbook in a booksprint. The event started on Friday 28th September at 9:00 (GMT+3) and the book will be (hopefully) ready on Sunday evening. The book is written in Finnish.

via Vesa Linja-ahon blogi: A group of Finnish math teachers write an open textbook in a weekend hackathon.

3 years later, hackers who hit Google continue string of potent attacks

Posted on by

The hackers who breached the defenses of Google and at least 34 other big companies three years ago have unleashed a barrage of new attacks since then, many that exploit previously undocumented vulnerabilities in software from Microsoft and Adobe, a new report has found.

via 3 years later, hackers who hit Google continue string of potent attacks | Ars Technica.

Researchers have dubbed this approach “watering hole” attacks, and say they’re “similar to a predator waiting at a watering hole in a desert. The predator knows that victims will eventually have to come to the watering hole, so rather than go hunting, he waits for his victims to come to him.”