Hacks

The hackers behind the cyberespionage attacks on Google and more than 30 other companies three years ago are still going strong and seem to have a steady stream of weapons in their arsenal in the form of rare unpatched vulnerabilities known as zero-days, Symantec researchers said today.

The group has used exploits for four zero-day vulnerabilities in attacks over the past few months against targets across a variety of industries, including energy, aeronautics, and financial, and particularly manufacturers of components sold to defense contractors, the security provider said in a blog post.

"This group is focused on wholesale theft … Read more

Hackers perceive and experience the world differently than mainstream society, for a lot of reasons. Some people have postulated those reasons may be attributed to neurological conditions, such as Asperger's Syndrome.

Other than interviews with convicted hackers (mostly young men in jail), there has been little psychological study done on hackers. This is not surprising, as anyone attempting to learn about hacker culture from the outside will always be met with a predictable wall of mistrust, misinformation, and the subculture's trademark, guarded secrecy.

That didn't dissuade Dr. Bernadette Schell, Psy.D., and her co-researchers from embarking on … Read more

Hacktivist collective AntiSec kicked off the week by publishing one million anonymized Apple UDIDs (Unique Device Identifiers) including device types and associated usernames, saying it was part of a 12 million large database that they'd snagged off an FBI agent's computer.

Online, techies scrambled to see if their devices were in the database dump, and look for clues as to where the alleged larger collection might have come from.

The FBI waited until the end of the day to issue an uncharacteristic, slightly sophomoric Tweet calling AntiSec's allegation TOTALLY FALSE and an oddly worded … Read more

Yesterday a new open-source project was posted on GitHub that contains the source code for a utility to scour a Mac system's memory and list the entire contents of a targeted keychain. While this utility may raise some concern and its approach potentially be used for malicious activities, its abilities do not arise from a vulnerability in OS X.

The utility is a small C program called keychaindump that, with administrative privileges, will scan the system's active memory for the wrapper and master keys to unlock a targeted keychain file; however, the utility will work only on keychains … Read more

Those hoping to see a PlayStation Vita hack could have their wishes answered in a few months. Some anonymous programmers announced they discovered an exploit allowing them application-level (userland) access into the Sony gaming device.

Before you get all excited about the idea of illegally downloading full PS Vita games, you should know that this purported hack can't grant such abilities. However, if the group of developers creates a loader, the hack could open the door for homebrew, and more importantly, emulation. Which means that one day the Vita could play Super Nintendo, Nintendo 64, Nintendo DS, Sega, and many other games, similar to a hacked PSP. … Read more

A group of supporters of WikiLeaks founder Julian Assange claimed responsibility today for hacking into and jamming several Swedish government Web sites, according to the Associated Press.

Initiating a denial-of-service attacks, the hacking group reportedly took down the Web sites of the Swedish government, armed forces, and the Swedish Institute for several hours.

According to the Associated Press, it isn't clear who was behind the attacks but an unidentified group announced responsibility on Twitter and told the Swedish government to take its "hands off Assange."

In response to the findings of a recent vulnerability in Java 7 that was being exploited by malware developers, Oracle has released an official patch that takes care of the problem.

In the past week, a new vulnerability was unveiled in Oracle's Java 7 runtime, which has been used by hackers in targeted attacks on Windows-based systems. Similar to the recent Flashback malware in OS X, this vulnerability allows criminals to create a drive-by hack where the only action needed to compromise a system is to visit a rogue Web page that hosts a malicious Java applet.

Even though … Read more

A group of hackers has released a vast quantity of data from banks, government agencies, consulting firms and many others and promised more data leaks in the future.

"Team GhostShell's final form of protest this summer against the banks, politicians and for all the fallen hackers this year," the group, which calls itself -- you guessed it -- "Team GhostShell," wrote in a Pastebin post titled "Project HellFire" this weekend. "With the help of it's [sic] sub-divisions, MidasBank & the newest branch, OphiusLab. One million accounts/records leaked. We are also … Read more

A new vulnerability was found last week in the latest Java 7 runtime from Oracle. The vulnerability is currently being used by malware developers to exploit systems with runtime installed.

Similar to the Flashback malware seen affecting Mac systems with unpatched versions of Java installed, this latest threat uses a drive-by attack in which simply visiting a malicious Web page will result in the Java applet running and compromising the system.

When the exploit loads, systems may see a blank Web page with no activity, but may also see a brief Java icon with "Loading" text before this … Read more