hack posts

Scientists Find RFID 'Fingerprint' That Could Prevent Counterfeiting

by Caleb Johnson (RSS feed) — Nov 20th 2009 at 3:45PM

Radio frequency identification tags (RFID), which appear in items like credit cards and passports, have long been susceptible to hackers looking to steal personal information. Still, RFID tags are used in many ways -- from tracking a shipment of clothes to automatically opening a doggie door. But a breakthrough from a group of University of Arkansas scientists might just ease the minds of those who worry these devices aren't secure enough. The discovery hasn't much to do with the devices themselves, but the way in which they are read.

According to Physorg.com, Professors Dale R. Thompson and Jai Di discovered that each RFID tag has a "fingerprint." Essentially, each tag has a unique power response at different radio frequencies -- even for tags of the same make and model. With preexisting physical characteristics in mind, scientists can interpret an electronic "fingerprint" to each tag. Using those fingerprints as a key would make the devices harder to hack and counterfeit.

With RFID being used more and more by government agencies and private businesses, it's comforting to know that somebody is thinking about security. Maybe now we can stop wrapping our credit cards in aluminum foil. It's a good thing this news broke before we let paranoia take over. [From: Physorg.com, via Engadget]

Tags: counterfeit, credit cards, CreditCards, fingerprint, hack, identity theft, IdentityTheft, radio, research, rfid, security

Web

Chinese Military Web Site Battered With Attempted Cyber-Attacks

by Caleb Johnson (RSS feed) — Nov 20th 2009 at 8:40AM

When China launched a Web site for its defense ministry in August, the whole world took notice. With both English and Chinese versions, the government hoped the site would prove it was serious about being more transparent when it came to the military. However, this attempt also attracted hackers.

According to BBC News, there have been about 2.3 million cyber-attacks on the site in its first month of operation alone. We thought Twitter was bombarded with a ridiculous number of attacks, but that's just a flat-out, mind-boggling number. There are no reports that any military information was compromised, but it seems that hackers aren't the only truth-seekers visiting the site. The site's editor, Ji Guilin, told the state-run newspaper that 1.25 billion people -- many from the U.S., U.K., Australia, Singapore, and Japan -- have visited the site to search topics like "military photos," "top military leaders," "high-level events," and "military power."

This can't be comforting news for the Chinese government, which is notorious for limiting its citizens' Web access. We can only hope that China won't step back from free-flowing information and shut down the site as a result of the attacks. Our more rational minds, though, are pretty sure that once a hacker successfully cracks the site (and one will), it will get yanked faster than an Olympic gymnast on her 16th birthday. [From: BBC News and Al Jazeera]

Tags: china, defense military, DefenseMilitary, hack, hackers, military, security, web

Web

80-Percent of Cyber Attacks Could Be Prevented, Says NSA

by Caleb Johnson (RSS feed) — Nov 19th 2009 at 3:32PM

While the Federal government might throw a hundred million dollars at cyber-attacks, the real solution to the problem is much easier and cheaper -- at least that's what National Security Agency information assurance director Richard Schaeffer told the U.S. Senate Tuesday. According to Wired, Schaeffer says about 80-percent of the attacks could be prevented if network administrators were to simply adhere to conventional configuration policies and closely monitor the networks. If this occurred, Schaeffer believes, it would deter hackers from making attacks because their chances of being caught would be much higher.

Tags: common sense, CommonSense, hack, network, nsa, security, senate, top, web

Web

Scientology Hacker Convicted, Heading To Jail

by Amar Toor (RSS feed) — Nov 19th 2009 at 1:41PM

With old-fashioned, barbaric crusades having gone the way of the Pet Rock, it seems people have started to take their religious beefs from the war-grounds to the Web. The most recent cyber-attack, though, might be the most confusing yet.

As the Huffington Post reports, Dmitriy Guzner, a 19-year-old from New Jersey, has been sentenced to a 366-day term in federal prison for participating in a cyber-attack on Church of Scientology Web sites back in January of 2008. According to the charges, Guzner and his hacker lackeys conducted a massive denial of service attack on the sites, rendering them inaccessible to other users. The cyber-assassin plead guilty to computer hacking charges in May, and will serve an additional two years of probation upon his release from prison.

The head-scratcher? Prosecutors claim that Guzner was operating as part of a covert anti-Scientology hack team called "Anonymous," (Ed. Note: Not just Scientology, but "Anonymous" is part of a larger hack group) which protests the Church on the grounds that it promotes Internet censorship. So their logic, if we heard correctly, was to combat censorship with malicious, vigilante... censorship? Nope, no unsound reasoning here. [From: Huffington Post]

Tags: cyberattack, denial of service, DenialOfService, hack, religion, scientology, top

Video Games

Feds Using PlayStation 3 to Catch Predators

by Amar Toor (RSS feed) — Nov 18th 2009 at 1:40PM

While the PlayStation 3 is often the object of crime, police authorities are now using the device as a means to fight ne'er-do-wells, too.

When trying to track down the cyber footprints of a criminal, federal authorities typically use a complex and expensive system of computers to crack open a suspect's password-protected files. Now, however, according to Kotaku, agents have discovered that they can do the same thing by networking a group of PS3 consoles together -- at a fraction of the cost. And as it turns out, all the processing power that goes into producing those complex graphics is perfectly suited for cracking passwords. And though any gaming console can fill the same function, authorities have chosen the PS3 in particular because it allows them to use Linux, an open-source operating system. (Tragically, the newest PS3 Slim doesn't allow open-source systems, although police have turned to eBay to troll for older versions.)

Tags: hack, police, ps3, top, videogames

Web, Social Networking

Facebook Groups Hacked by Protesters

by JP Mangalindan (RSS feed) — Nov 12th 2009 at 6:10PM

Being the top social networking site also means that Facebook is a primo target for hackers, as we've seen time and time again. For the first time, though, a spate of Facebook hacks have come from hijackers claiming they did it for educational purposes.

Earlier this week, a group of disgruntled Facebook users created fictional accounts and took advantage of a loophole that allows any member of a small group without an administrator to take control of it. The hackers appropriated over 280 groups in that way, renaming each of them 'Control Your Info.' According to CNN, once the band took over a group, they would post on its Wall a message that read, "Think about the safety in your social media life to the same extent you do in your real life."

The 'Control Your Info' pranksters promised to restore the groups' names and to leave them by the end of next week. But Facebook went ahead and did it for them. The site's administrators also deleted several of the hackers' accounts. "In the rare instances when we find that a group has been changed inappropriately, we will disable the group, which is the action we plan for these groups," said Facebook, as reported by MSNBC.

Think the stunt is refreshing? Tell that to the affected groups. After all, one user's prank is another's headache. [From:CNN, MSNBC, and Control Your Info]

Tags: facebook, facebook groups, FacebookGroups, hack, privacy, top

Computers, Visionaries

Ultrasound Could Protect Pacemakers From Hackers

by Caleb Johnson (RSS feed) — Nov 11th 2009 at 4:01PM

You never want your wireless device open to attacks, but if that device is implanted inside your body, security becomes even more important. With pacemakers and other medical devices being controlled and monitored from afar, scientists say it's time to step up protection. Those concerns in mind, a group of researchers from the Swiss Federal Institute of Technology and the French National Institute for Research in Computer Science and Control have developed a new safety net.

According to Technology Review, the system uses ultrasound waves to measure the distance between a medical device and the wireless reader trying to communicate with it. This could prevent potential hackers from wirelessly gaining access to private information stored on the device, draining its battery, or causing it to malfunction. With the ultrasound system, access to the device would be restricted to the physical proximity of the communicator. In the plan proposed by senior researcher Claude Castelluccia and his team, you'd need to go through a series of authentication steps and be within 10 meters of the device in order to gain access.

Tags: hack, health, medical, pacemaker, research, science, security, top, ultrasound, wireless

Hackers Charged for Stealing Over $9M From ATMs

by Caleb Johnson (RSS feed) — Nov 11th 2009 at 3:10PM

After running an elaborate scam that netted about $9 million, eight men were indicted by a federal grand jury Tuesday for their alleged roles in a massive ATM hacking scheme. While similar heists have been pulled before, this one is impressive not only because of the large chunk of cash, but because of the sheer scope of the crime, as well.

According to Threat Post, hackers discovered a way to bypass RBS WorldPay's payroll debit card encryption system sometime last November. After doing so, they created 44 debit cards and increased the limit on each one. Within 12 hours, they had withdrawn $9 million from 2,100 ATMs in 280 different cities. Now, that's some day of work! The alleged hackers -- most of whom are from Eastern Europe -- were busted when, prosecutors say, they failed to cover their tracks on the card-processing network. RBS WorldPay noticed suspicious activity and reported it to authorities. According to a statement from the Justice Department, each of these men faces what amounts to a lifetime sentence for various counts of fraud and identity theft. Some could be given heavy fines, too.

They might not be totally dumb criminals (They did beat the encryption system.), but didn't they consider spacing out the withdrawals? Even if it is worldwide, that's a lot of money for a mere 12-hour period. [From: Threat Post and U.S. Justice Department]

Tags: atm, criminal, dumbcriminal, hack, money, security, top

Computers, Web

Lazy Passwords Leave 21K Routers, Cams, Phones Open to Attack

by Evan Shamoon (RSS feed) — Oct 28th 2009 at 4:58PM

In the "yet another thing to be paranoid about" category comes a report that nearly 21,000 routers, webcams and VoIP products are wide open to remote attack, simply because their owners have committed the ultimate sin: failing to change the manufacturer's default password for the devices.

The study was performed by Ang Cui, a grad student at Columbia University's Intrusion Detection Systems Laboratory, which has sponsored the likes of DARPA and the Department of Homeland Security. Researchers have now scanned over 130 million IP addresses, and discovered nearly 300,000 devices to be remotely accessible. And the 21,000 devices with default passwords are, of course, the most vulnerable -- "runts of the litter", if you will.

Tags: hack, hacker, password, router, security, top, wifi, wireless

Computers, Web

Atheists Fall Victim to Cyber Attack

by Amar Toor (RSS feed) — Oct 22nd 2009 at 4:15PM

Months before the Global Atheists Convention is held in Melbourne this March, a couple of major atheist Web sites have been forced to shut down due to coordinated, denial-of-service attacks. The Sydney Morning Herald reports that the Atheist Foundation of Australia (AFA) and the Global Atheist Convention both had their sites paralyzed by the attack, which overloaded both sites with traffic. At that point, the Global Atheists Convention had already sold over 1,000 tickets, with the AFA hailing it as the largest gathering of atheists in Australian history. Yesterday's attack, though, put a sudden stop to the sales, and, as of Thursday morning, both sites had still not yet regained full consciousness.

Tags: atheism, cyberattack, denial of service, DenialOfService, hack, religion, security, top

Web

After Phishing Attempt, Wife Bans FBI Head From Online Banking

by Caleb Johnson (RSS feed) — Oct 8th 2009 at 12:35PM

Don't feel bad if you've recently fallen for an e-mail scam. They're not always easy to identify. Just ask FBI Director Robert Mueller. Mueller received an e-mail from his bank asking him to verify some account information. After entering said information, Mueller says he realized that the e-mail was part of a phishing scam. According to CNET News, he immediately changed his passwords and breathed a sigh of relief.

The FBI chief avoided the wrath of phishers, but not his wife (video after the break). She nixed online banking in their household and said, "It is our money. No more Internet banking for you!" During a speech Wednesday in California, Mueller said that he'd tried to explain to his wife, promising that he'd learned his lesson and calling the near slip-up a "teachable moment." He was taught a lesson, alright, and one he should have learned long ago, at that. "If Mama ain't happy, ain't nobody happy." [From: CNET News]

Tags: banks, expire-images:2010-10-8, fbi, hack, money, online banking, OnlineBanking, phishing, scam, web

Computers, Web

Hotmail Scam Reveals Most Common Password: 123456

by Caleb Johnson (RSS feed) — Oct 7th 2009 at 1:11PM

It's never fun to be on the wrong end of a hack. But often, we can use them as learning experiences So, what did we learn when around 10,000 Hotmail, MSN, and Live.com account passwords were revealed on PasteBin last weekend? Either people are lazy or our memories have withered away to nothing in this digital age. According to Wired, the most common password on the list was "123456." That's right, a series of consecutive numbers was the password to 64 e-mail accounts on the list.

Bogdan Calin from the security site Acunetix analyzed the password list and found other disturbing trends, too. For example, just 6-percent used passwords that mixed numbers and letters. Nearly 42-percent of the passwords used only lowercase letters. What's truly scary is that the list only included addresses beginning with the letter 'A' or 'B,' which means we're only seeing a small small sampling.

Tags: email, hack, hotmail, msn, password, security, top, web

Car Tech, Web

Scammers Expose Thousands of Hotmail Passwords, Microsoft Confirms

by Lee Bains (RSS feed) — Oct 5th 2009 at 5:12PM

Just today, news broke that an anonymous user of PasteBin.com, a legitimate site marketed to software developers, posted more than 10,000 Hotmail addresses and passwords to the site last Thursday. According to NeoWin, most of the addresses appear to belong to European users, and all seem to be authentic. As shocking as it may be to find out that a benign site like PasteBin could host (albeit unwittingly -- reports have come in suggesting that the PasteBin user account was hacked) such grossly illegal content, TheNextWeb tells us we shouldn't be particularly surprised. A recent blog post on the site reports that a quick Google search will yield several PasteBin posts containing the passwords for thousands of Hotmail, Yahoo!, and even Gmail accounts.

NeoWin has alerted Microsoft to the problem and PasteBin has taken down the original Hotmail posting. Still, we should all stay on our toes. Today would be a good day to change that e-mail password. It'll only take a couple minutes, and might save you a lot of grief. [From: NeoWin, via TheNextWeb]

Tags: email, gmail, hack, hotmail, security, top, YahooMail

Web

Woman Finds Bank Account Hacked, With $27k Extra

by Lee Bains (RSS feed) — Oct 5th 2009 at 1:29PM

In a strange twist on a now familiar story, an English woman last May found that her bank account had been accessed by criminals and that the money therein had increased. Amanda Fothergill, 40, of Darlington, received a phone call from a stranger who claimed to have deposited a substantial amount of money in her account. Shocked, Fothergill checked her balance only to discover a brand new deposit of £17,200 (around $27,500). The crook, who would call in ensuing weeks as frequently as once a day, tried to convince Fothergill to transfer £14,000 to another account, leaving her with £3,000 for her trouble. For her part, Fothergill wasted no time in notifying both the police and her bank, Abbey. Sadly enough, her prompt honesty was not exactly rewarded.

Tags: banks, hack, identity theft, IdentityTheft, security, top

Web

Malware Robs Your Bank Account and Then Covers Its Tracks

by Caleb Johnson (RSS feed) — Sep 30th 2009 at 2:18PM

You might want to keep a closer eye on those bank statements. Hackers have developed a sophisticated and scary program that quickly alters online bank statements in order to hide exactly how much money cyber-crooks have been siphoning from the account.

According to Wired, the malware, called URLZone, infects a computer when the user visits a compromised site, or a site set up by hackers. Then, the program steals the user's bank account log-in information and begins draining funds that it then sends to other designated accounts. However, the victim doesn't realize the money is missing because the program rewrites the text in the html code. So, when the browser displays the page, it looks like either no money has been stolen or just a small amount has been transferred.

Tags: banks, browser, hack, malware, money, online, scam, security, top, web

Most Emailed Stories

Editors' Picks

Deals of the Day

http://xml.channel.aol.com/xmlpublisher/fetch.v2.xml?option=expand_relative_urls&dataUrlNodes=uiConfig,feedConfig,entry&id=758444&pid=758443&uts=1256672453

http://cdn.channel.aol.com/cs_feed_v1_6/csfeedwrapper.swf

'Black Friday' Deals to Watch For

Getty Images

Black Friday' Deals to Watch For

Traditionalists might balk, but the holiday shopping season is already underway. Skeptical? Head to your local department store and you'll be inundated by Christmas trees and ornaments. Bargain hunters, though, know that the real deals are more than a month away.

Black Friday, traditionally, is when retailers truly slash prices. Early birds can save hundreds, if not thousands, of dollars off of their holiday bills. Switched.com checked with a few elves, who gave a sneak peek at what you can expect deal-wise this year.

Blu-ray Players and Movies: Blu-ray is shaping up to be the biggest door buster of this year's Black Friday. de Grandpre expects at least one retailer will offer a Blu-ray player for just $49. Look for bargains on Blu-ray films as well, with last year's hit titles (such as "Iron Man") to fall as low as $5.

Laptops: With the proliferation of Netbooks this year, it's never been easier to find affordable portable computing, but Dan de Grandpre, CEO of DealNews.com says it will get even cheaper on Black Friday. Look for well-equipped Netbooks to sell for $199 – and basic 15" laptops to go for as little as $249.

HDTVs (Pretty big): The holidays are typically the best time to buy a new TV – and Black Friday is the time to do it. If you're looking for a normal sized set, you're in luck. Piper Jaffrey analyst Mitch Kaiser says he expects to see 32-inch LCD sets for as low as $299. GottaDeal.com is estimating 37-inch plasma and LCD sets will fall to $399 or less.

HDTVs (Really big): Need something bigger? How about a 46-47 inch LCD set for $599 – a 25 percent savings? Or a 52-inch LCD for $999? Dealnews says you can expect both. Plasma deals will be a little harder to come by, but a 50-inch set should run roughly $899.

HD Camcorders: You've wanted to shoot your child's school play in HD for a while, but haven't been able to spring for the pricey camcorder. This might be the year. Low-end, flash-based 720p models could drop as low as $60 (though you won't be able to zoom with those). Expect a high quality 1080p HD camcorder for $349.

GPS: While navigation systems have dramatically expanded their reach this year – even making it onto the iPhone – there's still a market for car-based systems. Dealnews predicts you'll be able to find a no-name entry-level system for $49, while a Garmin or Tom-Tom brand will be as low as $69.

Digital Picture Frames: Showcasing your digital pictures consistently gets cheaper. This year, skip the 7-inch screens and focus on the 8- or 9-inch ones, which should be available on Black Friday for as little as $30.

Monitors: Computer monitors might not be the sexiest of gifts, but they're usually welcomed with open arms – and they'll be cheap this year. Name brand 22-inch LCD models may go for as low as $99, while 24-inch models will drop below $150.

Memory: Don't know anyone who needs a monitor? External hard drives are always popular, since they're an easy way to back-up data. Dealnews expects a 1TB drive to fall as low as $49 this year. Gottadeal is looking for 8GB flash drives to hit $15.

Latest Reviews from CNET.com

CNET provides the latest tech news, unbiased reviews, videos, podcasts, software, and downloads, making tech products easy to find, understand and use.

Top Product Reviews

Home Audio Reviews
9.0 out of 10
Definitive Technology BPX
Works great with Dolby Pro Logic and Dolby Digital. Full Review
9.0 out of 10
Denon AVR-4306 (black)
Incredibly well-featured 7.1-channel receiver; excellent sound quality; three HDMI inputs; converts analog video to HDMI output; upconverts analog video to 720p/1080i HD resolution; iPod and USB MP3 player connectivity; Internet radio and MP3/WMA streaming audio via built-in Ethernet port; XM Satellite Radio compatible; touch-screen remote; multizone, multisource operation; browser-based control via home network; accurate autocalibration routine. Full Review
8.8 out of 10
KEF KHT3005 (black)
The KEF KHT-3005 is one compact, beautifully designed speaker package with solid aluminum satellites that feature unique driver technology to produce incredible clarity. Meanwhile, the equally astounding dual 10-inch, 250-watt powered subwoofer delivers ultradeep bass. Full Review
Cell Phone Reviews

8.7 out of 10
SignalBoost Mobile Professional Amplifier Kit
The Mobile Professional Amplifier delivers a powerful signal boost to your cell phone. Also, it offers a compact design and easy setup. Full Review
8.6 out of 10
Wi-Ex zBoost YX510-PCS-CEL cell phone signal extender
The Wi-Ex zBoost YX510-PCS-CEL significantly boosts your cell phone reception and is easy to operate. Also, it uses a wireless connection to your phone. Full Review
8.3 out of 10
LG VX6000 (Verizon Wireless)
Compact and stylish; impressive battery life; solid audio quality; sharp color screen; built-in camera; USB ready; affordable. Full Review
Digital Camera Reviews

9.3 out of 10
Canon EOS 1D Mark III
Extremely fast, 10-megapixel continuous shooting; very low noise; highly customizable; well-designed body with weather sealing; 3-inch LCD; abundant optional accessories. Full Review
9.3 out of 10
Nikon D3 (body only)
Full-frame sensor; well designed, pro-level weather-sealed body; very low noise, even at extremely high ISOs; fast. Full Review
9.0 out of 10
Canon EOS-1Ds Mark III
Very low noise, high quality images; 21.1 megapixels; live view shooting; pro-level build-quality and performance. Full Review
Desktop Reviews

8.9 out of 10
Velocity Micro Edge Z30 (Intel Core i7)
Best value among midrange gaming PCs; Velocity Micro's consistently high build quality; compact case makes few sacrifices; second graphics card slot previously uncommon at this price. Full Review
8.5 out of 10
Apple iMac (24-inch, 2.8GHz)
A minor specification update results in some significant performance gains; graphics upgrade an option on this 24-inch model; sleek, polished design didn't receive an update, but we won't start clamoring for a new design until the current one is at least 12 months old. Full Review
8.4 out of 10
Velocity Raptor Signature Edition Gaming PC
One of the fastest PCs we've tested; a PCI Express RAID card helps media encoding performance; typically immaculate Velocity Micro assembly; strong, three-year warranty. Full Review