Hacks

Gary McKinnon, the British hacker who allegedly broke into NASA's computers, will not be extradited to the U.S., ending his 10-year fight against the process.

Home Secretary Theresa May blocked the extradition on human rights grounds, saying she has "carefully examined the medical evidence" and concluded that his extradition would "give a high risk that he would end his life," the BBC reports.

Whether McKinnon will now face trial for the crime in the U.K. will be determined by the the director of public prosecutions Keir Starmer.

Hack into Google Chrome, and you could win $60,000, at least if you do it through Google's Pwnium 2 competition.

That's just what happened to a hacker dubbed Pinkie Pie, who won the award on Tuesday by exploiting a security hole in Chrome.

In an effort to shore up its browser's defenses, Google holds the competition to challenge hackers to hack their way through Chrome's security to find previously unknown holes. Tuesday's Pwnium 2 contest was held at the Hack in the Box 2012 event in Kuala Lumpur, Malaysia.

"We're happy to … Read more

The White House has confirmed that one of its internal computer networks -- reportedly a military office in charge of the president's communications -- has been targeted in a successful "spearphishing" attack.

An article yesterday published by the conservative FreeBeacon.com Web site said that hackers with ties to China's government had recently breached an unclassified "system used by the White House Military Office for nuclear commands," including the so-called nuclear football.

Spearphishing means an attacker is targeting a specific person or group, typically by sending fake e-mail that masquerades as legitimate correspondence.

The … Read more

Telvent Canada says someone sneaked past its internal firewall, installing malicious software and stealing files related to control software it makes that's used to manage the electric grid in various countries.

The company warned customers last week that it learned of a breach of its network on September 10, according to the KrebsOnSecurity blog. Project files associated with the firm's OASyS SCADA (supervisory control and data acquisition) software were stolen, the post says.

"Although we do not have any reason to believe that the intruder(s) acquired any information that would enable them to gain access to … Read more

It's just a proof of concept for now, but a newly revealed Java vulnerability could have very widespread repercussions.

Security research company Security Explorations has issued a description of a new critical security flaw in Java SE 5 build 1.5.0_22-b03, Java SE 6 build 1.6.0_35-b10, and the latest Java SE 7 build 1.7.0_07-b10. This error is caused by a discrepancy with how the Java virtual machine handles defined data types (a type-safety error) and in doing so violates a fundamental security constraint in the Java runtime, allowing a complete bypass of the Java … Read more

Wells Fargo is the most recent mega-bank to be hit by a distributed denial-of-service attack. According to the Wall Street Journal, roughly 220 customers filed complaints of outages on its Web site today saying they had problems logging on.

"The amount of bandwidth that is flooding the websites is very large, much larger than in other attacks, and in a sense unprecedented," chief executive of private security firm CrowdStrike Dmitri Alperovitch told the Wall Street Journal.

Last week, similar attacks happened on J.P. Morgan Chase and Bank of America's Web sites. Users would try to log-on … Read more

A friend of mine recently sent me a direct message on Twitter, it said "lol u didnt se them taping u" and had a link to Facebook. I hadn't remembered being taped in the past few days and I'd never seen my friend use this type of Twitter-shorthand, along with typos. To me, it was obviously spam.

I'm not the only one to be getting these spammy direct messages on Twitter that lead to bogus Facebook links. Apparently a lot of people have been complaining of these messages, according to Sophos analyst Graham Cluley who … Read more

Dutch and British hackers compromised an iPhone 4S and a Samsung Galaxy S3, respectively, in separate gambits as part of a mobile Pwn2Own contest at a security conference in Amsterdam this week.

Joost Pol, chief executive officer of Dutch research firm Certified Secure, and colleague Daan Keuper created an exploit that allowed them to hijack the address book, photos, browsing history and videos from a fully patched iPhone 4S at the EuSecWest conference, according to CNET sister site ZDNet. And that effort has implications for Apple's new iPhone 5.

"We specifically chose this one because it was present … Read more

Swedish police arrested Gottfried Svartholm Warg today as soon as he stepped off the plane from Cambodia.

Warg, one of the founders of The Pirate Bay, one of the best known file-sharing services on the Web, is accused of hacking into the servers of a company that supplies IT services for some of Sweden's tax services and making off with records belonging to thousands of people, according to Swedish news publication Aftonbladet.

Up until late last week, it was believed that Warg had been detained by police in Cambodia because of his conviction in Sweden on copyright charges. In … Read more