Tag Archive for ‘Hack’

Hackers Convinced Twitter Employee to Help Them Hijack Accounts ➝

I’m a bit behind on the Twitter hack story, but Michael Tsai does a great job collecting some of the more interesting takes from around the web.

I’m sure this isn’t a unique thought, but having a single, centralized system for publishing and communication is inherently insecure. It would be wise for high-profile individuals to buy a domain, install some publishing software, and start sharing their thoughts on something they completely control.

If one site gets compromised, it will only effect that single individual. And because they’ll own their own platform, they won’t be beholden to Twitter in regards to what security measures can be put in place.

➝ Source: mjtsai.com

Hacked Cameras, DVRs Powered Yesterday’s Internet Outage ➝

Brian Krebs:

At first, it was unclear who or what was behind the attack on Dyn. But over the past few hours, at least one computer security firm has come out saying the attack involved Mirai, the same malware strain that was used in the record 620 Gpbs attack on my site last month. At the end September 2016, the hacker responsible for creating the Mirai malware released the source code for it, effectively letting anyone build their own attack army using Mirai.

Mirai scours the Web for IoT devices protected by little more than factory-default usernames and passwords, and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users.

Setting aside the shoddy security of these devices, yesterday felt incredibly weird. I spent most of my work day without access to Twitter and it was a miserable experience. The service has become an important part of my life, it’s where I communicate with my friends and first hear about important news. Without it, I feel eerily disconnected. I actually had to type a URL into my browser to find out why the service was down.

To Hack an Android Phone, Just Type in a Really Long Password ➝

Jose Pagliery, reporting for CNN Money:

The patch is already available for Google’s own line of phones — the various Nexus models. But there’s no telling when it’ll reach Android devices made by Samsung, LG and others. Blame the Android’s fractured updating system, which is slowed down by phone manufacturers and cellphone network carriers.

The hack is easy to perform and should be very concerning to owners of non-Nexus Android phones. Unless, of course, your device isn’t running Lollipop which is the only affected version of Android and is only installed on about 21% of devices.

(Via Matt Birchler.)

Gawker Comment Accounts Hacked ➝

Matt Brian reporting for The Next Web:

Sensitive information has been exposed, including staff conversations, their private passwords used within the network and passwords also used by people who have registered to comment.

If you’ve ever registered to comment on Gizmodo, Lifehacker, Gawker, or any other Gawker Media website, your account is likely compromised. This is especially a problem for anyone who uses the same password for other websites. I strongly suggest changing your password on any website that shares the same password with Gawker Media.