The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The GTVHacker dev team has won a cash bounty for being the first to successfully root and enable third-party application support on a Google TV device before Google – Google will reportedly be bringing support for Android applications to the platform some time later this year. According to developer Howard Harte, who originally announced the bounty at the end of November last year, the GTVHacker team used a hardware hack, adding serial console support to the UART1 header on the Logitech Revue, to enable root and install third-party apps on Google TV. The reward for hacking a Google TV device was originally set at $1,000 for a software-only approach. In his original announcement, Harte noted that he would give partial consideration ($500) for other methods involving hardware hacks, such as the one used by the five member GTVHacker team. While the bounty is confirmed to have been paid, the final amount of the reward was not mentioned by either party. Instructions on how to root Logit...

Cologne security expert used an Amazon cloud-based service for hacking purposes on the cheap. He plans on making his software public and will describe it more fully at a hacker conference in the US later this month. On Friday, Thomas Roth, a Cologne-based computer security expert told the Reuters news agency that the single password encryption method used by most WiFi network administrators is not as foolproof as they would like to think. By running specialized software on a cloud-based computer he leased from Amazon, the security researcher said he had been able to hack into WiFi networks secured under the Wireless Protected Access (WPA) protocol, which had been previously considered very hard to penetrate. While that might have been true until very recently, Roth has now found an easy and inexpensive way in. His method is via Amazon, from whom it is currently possible to hire cloud-based computers for just 28 cents per minute. By contrast it would cost tens of thousands to bu...

A prominent security researcher said he doubts Microsoft's take down of the Waledac botnet would have any impact on spam levels, as the company claimed. "Waledac just is not a hugely prolific spammer," said Joe Stewart, director of malware analysis at SecureWorks and a noted botnet researcher. "So I don't think it's going to affect spam [volume]. What it does do lately... what it's used for, is to install rogue antivirus software." The UK-based anti-spam service Spamhaus echoed Stewart today. "If [Microsoft's take-down] did affect spam, we haven't noticed," said Richard Cox, the chief information officer at Spamhaus. Like Stewart, Cox also dismissed Waledac's threat as a spam engine. "Waledac was not a high threat, it's less than 1% of the spam traffic," Cox said. "What we're worried about is Zeus, which is a far more damaging botnet, which is creating a substantial amount of spam." Postini, t...

How safe is your cell phone? Thieves are coming up with new ways to hijack the most popular smartphones. ABC Action News investigative reporter Michael George enlisted the help of a hacking expert to find out how these programs work, and how to beat them. Droids, iPhones, and BlackBerries are just the tip of the iceberg when it comes to smartphones. The phones are wildly popular right now. USF student Marilyn Rodriguez says her whole life is on her phone. “I love my phone. It gets me through classes. I keep track of my schedule, my homework assignments,” she said. More and more consumers are using their phones for things they used to do on their home computers. That includes tasks that require private, financial information, like online banking and shopping. The problem is, hackers are starting to figure this out, too. Stratum Security consultant Justin Morehouse is an expert in the methods used by hackers and identity thieves. It’s his job to anticipate what the bad guys will ...

The Data Protection Commissioner is investigating the attack on the Fine Gael website yesterday, after an Evening Herald journalist claimed he was sent data of 2,000 users of the site after the hack occurred. The Data Protection Commissioner said Fine Gael contacted him after their site was attacked by those using the "Anonymous" banner. On Twitter, Kevin Doyle, an Evening Herald journalist claimed the commissioner was informed the data of 2,000 users of the site was stolen by those who attacked it. He previously said it was almost 4,000, however, this was due to repeat posters on the database. Doyle also said the database he received of the site's users contained phone numbers, IP addresses and email addresses. Fine Gael recently revamped its site, letting the public post comments and register their mobile numbers and email addresses in order to receive information on the political party’s upcoming election campaign. However, the site was taken offline and repl...

The government of Tunisia may have chosen an odd way to combat protesters: Hacking into their Facebook accounts.  This appears to have gotten the attention of the hacker group Anonymous, which is siding with the protests. The past month has seen many large-scale uprisings in the North African nation, as protesters gripe about the dictatorship goverment plus economic problems and unemployment. The Tunisian government has responded by partnering with hackers to infiltrate the accounts of dissidents deemed to be inciting riots, according to the Committee to Protect Journalists. The group said: Based on reports of users in the country, Tunisian authorities appear to be modifying web pages on the fly to steal usernames and passwords for sites such as Facebook, Google and Yahoo. Unknown parties have subsequently logged onto these sites using these stolen credentials, and used them to delete Facebook groups, pages, and accounts, including Facebook pages admin...

German security researcher Thomas Roth has found an innovative use for cloud computing: cracking wireless networks that rely on pre-shared key passphrases, such as those found in homes and smaller businesses. Roth has created a program that runs on Amazon's Elastic Cloud Computing (EC2) system. It uses the massive computing power of EC2 to run through 400,000 possible passwords per second, a staggering amount, hitherto unheard of outside supercomputing circles--and very likely made possible because EC2 now allows graphics processing units (GPUs) to be used for computational tasks. Among other things, these are particularly suited to password cracking tasks. In other words, this isn't a clever or elegant hack, and it doesn't rely on a flaw in wireless networking technology. Roth's software merely generates millions of passphrases, encrypts them, and sees if they allow access to the network. However, employing the theoretically infinite resources of cloud computing to ...

Ireland's main opposition party confirms that the personal details of up to 2,000 people have been compromised by the attack Ireland's main opposition party's website has been hacked into by a group which has recently come to prominence for attacks on companies related to the WikiLeaks controversy. Up to 2,000 people's personal details were compromised in the attack by the hackers, known as Anonymous, Fine Gael said. The American internet firm ElectionMall, which reported the cyber attack to US authorities, has informed the party that the FBI is now involved in the investigation. A statement from Fine Gael confirmed that its site, Finegael.com had been compromised by the Anonymous group, which has backed WikiLeaks and its founder Julian Assange against attempts by the United States government to stop the leaking of sensitive American diplomatic cables. Anonymous has launched attacks on the websites of companies such as Visa, Mastercard and Amazon over allegations ...

GFI Software , a leading IT solutions provider for small and medium-sized enterprises, today revealed continuing high levels of Trojan and rogue malware circulating during December, with data revealing a surge in activity, boosted by themed activity around the Christmas and New Year holiday period. The top 10 data is compiled from monthly scans performed by GFI's award-winning anti-malware solution, VIPRE ®  Antivirus, and its antispyware tool, CounterSpy ® , as a service of GFI Labs™. Users were targeted with a variety of infected email, web links and other delivery mechanisms promising festive information, discount offers, Christmas e-cards and free software. The month also saw the big movie release of the season, Disney’s TRON Legacy, targeted by a wide array of SEO poisoned links, unwanted installs and other malware fakery, while a spate of fake iTunes emails caught several people off-guard, resulting in users running afoul of a malicious script that took advant...