Hacks

Online note service Evernote latest firm to get hacked

Yet another company has fallen victim to a hack, with attackers breaking into systems at Evernote, maker of a Web-based note-taking application used by about 50 million people.

The company said in a security notice that some user data had been accessed and that Evernote was requiring all users to reset their passwords. Apparently, though, no sensitive financial information was stolen, and no user content was affected:

"In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost," the company said in the statement, which was … Read more

Dropbox users getting spammed, might be from earlier hack

It looks like Dropbox may be grappling with some leftover issues from hackers' access into the system last July.

Over the past 24 hours, users have been posting on the file-sharing site's forum, saying that they're being hit with spam e-mails sent to e-mail accounts used only for Dropbox.

"My Dropbox specific email has been receiving spam since the 20th of February," Daniel B. wrote today. Richard F. wrote, "I have an internal to my company email address that I used for Dropbox only and I am getting the same fake paypal scam emails. This … Read more

China blames U.S. for most cyberattacks against military Web sites

China has accused the U.S. for most of the cyberattacks launched against its military networks.

In a statement released today, China's Ministry of National Defense said that cyberattacks against its military sites have increased over the past few years. Based on checks of IP addresses, the Defense Ministry claimed an average of 144,000 cyberattacks per month last year, according to Reuters.

And it fingered the U.S. for almost 63 percent of them.

The allegations from Beijing come hot on the heels of a recent report from U.S. security firm Mandiant, linking the Chinese army to cyberattacks … Read more

Overseas hackers nab more than 1TB of data daily

The idea of governments waging futuristic cyberbattles and online espionage campaigns actually isn't too farfetched. A new study released today by Team Cymru basically says as much.

The study, shared exclusively with The Verge, says that overseas hackers are stealing as much as one terabyte of data per day from governments, businesses, militaries, and academic facilities. Apparently, the hackers are using a network of 500 computer servers.

According to a lengthy article by The Verge, Team Cymru concludes that the hackers are so sophisticated and are running such massive campaigns that they must be state-sponsored. "This is Internet … Read more

Add Microsoft to list of hacked companies

Updated to include Microsoft comment Security software companies must be smiling ear to ear as they read the news briefs coming off the transom. Microsoft said today that an undetermined number of computers in its Mac software business unit got infected with malware. The company said the number of infected PCs was small but that there was no indication customer data had been compromised.

In a blog post late Friday, Matt Thomlinson, who directs the company's Trustworthy Computing Security program at Microsoft, wrote:

Consistent with our security response practices, we chose not to make a statement during the initial … Read more

NBC Web site back up after hack attack

NBC's Web site is up and running again after being knocked offline by a cyberattack for several hours yesterday.

The NBC site was the victim of a form of malware known as the Citadel Trojan. This specific strain targets companies in an attempt to steal usernames, passwords and other sensitive data. People who visit sites infected by the trojan can find their own PCs infected as well.

In the past, Citadel typically attacked banks and financial firms but has since expanded its reach to a wider range of organizations.

NBC, which is part of cable giant Comcast, is still trying to figure out how the attack occurred, … Read more

Zendesk hack snares user data from Twitter, Tumblr, Pinterest

At a time when it seems no company is immune from hackers, user information from three high-profile social-networking sites has been compromised due to a hack at another company.

Customer support service Zendesk revealed today that it had been the victim of a security breach and that information from three of its clients had been downloaded. As first reported by Wired, those three clients are Twitter, Pinterest, and Tumblr.

Zendesk revealed the hack in a company blog post today that said the vulnerability was immediately identified and patched:

Our ongoing investigation indicates that the hacker had access to the support … Read more

Twitter aiming to slash phishing e-mails sent from 'Twitter.com'

If you get an e-mail saying it's from Twitter, the social-networking company wants to assure you that it's really from Twitter and that there's no need to worry that someone's out to steal your password.

At least, it's almost certain that the e-mail you just got from a Twitter.com address is not a phishing attack, the company said in a blog post today.

Twitter said it has adopted a new security protocol known as DMARC that was designed by a consortium in order to cut way down on phishing attempts.

DMARC solves a couple … Read more

Forum site gives more details on Apple and Facebook hacks

The popular forum site that hackers used to access employee computers at Apple and Facebook gave more details today on how the cyberattack happened.

The site's owner Ian Sefferman confirmed previous reports that hackers injected JavaScript into his site, iPhonedevsdk, and were then able to use a previously unknown exploit to access certain user's computers. He also said that the cyberattack most likely ended on January 30, 2013.

Apple revealed yesterday that hackers targeted computers used by its employees, but that "there was no evidence that any data left Apple." In a statement, the company said … Read more