News Posts matching "hack"

Return to Keyword Browsing

Yet Another Speculative Malfunction: Intel Reveals New Side-Channel Attack, Advises Disabling Hyper-Threading Below 8th, 9th Gen CPUs

Ouch doesn't even begin to describe how much that headline hurt. As far as speculative execution goes, it's been well covered by now, but here's a refresher. Speculative execution essentially means that your CPU tries to think ahead of time on what data may or may not be needed, and processes it before it knows it's needed. The objective is to take advantage of concurrency in the CPU design, keeping processing units that would otherwise be left idle to process and deliver results on the off-chance that they are indeed required by the system: and when they are called for, the CPU saves time by not having to process them on the fly and already having them available.

The flaws have been announced by Intel in coordination with Austrian university TU Graz, Vrije Universiteit Amsterdam, the University of Michigan, the University of Adelaide, KU Leuven in Belgium, Worcester Polytechnic Institute, Saarland University in Germany and security firms Cyberus, BitDefender, Qihoo360 and Oracle. While some of the parties involved have named the four identified flaws with names such as "ZombieLoad", "Fallout", and RIDL, or "Rogue In-Flight Data Load", Intel is using the PEGI-13 "Microarchitectural Data Sampling (MDS)" name.

Crypto Exchange Binance Hacked, $40M+ Stolen in Bitcoin

This is a pretty high-profile heist, as heist come, since Binance is actually the rworld's biggest crypto exxchange in terms of traded volume. The act was reported by Binance as a well-conducted orchestra, with hackers using seemingly unconnected accounts at the most opportune time to achieve a single, high-value withdrawal of $41M (roughly 7,000 Bitcoin at current pricing) - only 2% of Binance's total value in their so-called "hot wallet".

The hackers also took away with several information on users' accounts: a large number of user API keys, 2FA codes, and "potentially other info" were taken besides the cool $41M in Bitcoin. Binance CEO Changpeng Zhao warned that the hackers could still be controlling enough relevant accounts that could allow them to influence pricing and make even more money.

Kaspersky: Most Cyber Attacks Directed at Microsoft Office in Q4 2018

Having the world's most pervasive operating system (or office suite) is sure to leave a big mark on any company when it comes to exploitation attempts from hackers. It's a simple equation: aim your efforts at a software that runs in millions (if not billions) of machines and even a light chink in the armor could be enough to cause a cascading effect through that many users.

This principle applies to almost everything: a small effect across a billion users usually provides greater returns than a large effect on one or two players. Kaspersky labs on its security report, presented at the Security Analyst Summit, reported that the favorite target for cyber attacks was Microsoft's Office suite - a 70% figure suggests an incredible attention given to Office, really. These Office-related cyber attacks don't directly relate to the suite itself; there are other, OS-integrated components that can be targeted, or simply that Office file extensions are used as clever, headache-inducing ways of disguising malware as the second greatest evil in the world - spreadsheets.

New Exemptions To The DMCA Allow Users To Hack And Repair Their Phones (And Their Tractors, too)

You know that iPhone you bought? Or that home appliance? Or that tractor? They're not yours. Not completely, I mean, because if something breaks, you'll have to repair them through the official repair services of the hardware maker. You can try to repair them by yourself, but you'll probably have a lot of trouble doing it or even getting an unofficial technical service to do it. Oh, and until now it even wasn't legal for you to try. Companies such as Apple, Microsoft, Samsung or John Deere have turned repair control into an art form. The DRM they impose on their products is becoming more and more complex, and there are lots of devices that are very complicated to open to try to repair.

Agencies like EFF have long been fighting for the so-called "right to repair" movement to try to fight these kinds of strategies, and these days those efforts have paid off. The Librarian of Congress and US Copyright Office have adopted "exemptions to the to the provision of the Digital Millennium Copyright Act ("DMCA") that prohibits circumvention of technological measures that control access to copyrighted works". This means that from now on, users will be able to hack the software and fix the hardware on (some of) their devices in order to repair or maintain them. The new rules apply to smartphones, "home appliances" and "home systems", but they go beyond there and will allow users to repair cars, tractors and other motorized land vehicles (no boats or planes, though) by modifying their firmware.

Newegg Compromised by Magecart Assault; Potential Data Theft for Over a Month

Magecart is a relatively new online exploit group that has been in the news recently for affecting British Airways, and Ticketmaster in the recent past months. This hithero-unrecognized group uses a web-based card skimmer script by injecting a precious few lines of malicious code in a website, to then steal sensitive data that customers enter in the payment sections of said affected websites. Two large digital threat management outfits, RiskIQ and Volexity, today released their reports on how Newegg was similarly affected during the time period of August 13, 2018 through September 18, 2018, and what this means to users who may have performed a transaction on the website during this period.

In particular, Newegg.com was affected when the criminals behind Magecart registed the neweggstats.com domain (now inactive) via domain provider Namecheap. As RiskIQ points out, this was soon changed to navigate to the 217.23.4.11 IP address, which is a Magecart server that was used to receive and store all collected user data from the compromise that happened since. A fake certificate was issued to add a layer of legitimacy to the domain, as seen below. Be sure to read past the break to find out more details, and also what the bottom line is for affected users.

Snail Mail Malware: Chinese Hackers Go Old School

In today's world, data breaches, phishing attacks, malware, and exploits are a daily occurrence. We are all familiar with the typical phishing emails that grace our inbox day in day out. You might even get a phone call from a fake Microsoft tech support employee, who attempts to gain access to your system. However, in our always-online world, it is a bit surprising to hear about hackers that would decide to use snail mail. In what will likely elicit a few giggles, U.S. state and local government agencies, along with the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued an alert, in what I can only describe as an attack from the stone age; malware infested CDs.

CTS-Labs Posts Ryzen Windows Credential Guard Bypass Proof-of-concept Video

CTS-Labs, following up on Tuesday's "Masterkey" exploit proof-of-concept video, posted a guide to bypassing Windows Credential Guard on an AMD Ryzen-powered machine. We once again begin in a privileged shell session, of an AMD-powered machine whose Secure Processor that has been compromised using admin privileges, by exploiting it using any of the 13 vulnerabilities chronicled by CTS-Labs. Mimikatz, a tool that is used by hackers to steal network credentials, should normally not work on a machine with Windows Credential Guard enabled. Using a modified version of Mimikatz, the CTS-Labs researchers are able to bypass Windows Credential Guard (which relies on hardware-level security features present on the processor), leveraging the AMD Secure Processor malware microcode they wrote.
The proof-of-concept video follows.

Japanese Crypto Exchange Coincheck Hacked, Biggest Heist in History of the World

In what amounts (for now) to the biggest heist in the history of the world, Japanese cryptocurrency exchange Coincheck, which handles about 3% of the total cryptocurrency transactions, has apparently been on the receiving end of a $500 million hack to its crypto vaults. The heist, which seems to have particularly over the NEM cryptocurrency, took some $532 million worth of the cryptocurrency from the exchanges' coffers. This news comes after Coincheck halted all NEM transaction on its exchange starting this morning, without previous warning, which raised red flags on the NEM investor community and Coincheck users. Additionally, it's being reported that there was an additional $123 million worth of Ripple cryptocurrency taken, as well.

For now, Coincheck has only issued an update saying that "Depositing NEM on Coincheck is currently being restricted. Deposits made to your account will not be reflected in your balance, and we advise all users to refrain from making deposits until the restriction has been lifted", so, there's no confirmation of the heist as of now. However, Nikkei is reporting that Coincheck has reported the theft to the local Financial Services Agency and the police. If confirmed, this is easily the biggest heist in the world's history, and not coincidentally, the biggest in crypto history as well.

Mining "Renting" Service Nicehash Hacked; $68M Routed From User Wallets

Another high-profile hack has hit Bitcoin, as cryptocurrency mining pool Nicehash has confirmed that they've suffered a hack which has rendered users' wallets with the service to be emptied. The heist, currently valued at more than $68M, transferred 4,736.4281 BTC in total to the unknown party's (the perpetrator's, almost certainly) wallet. A single transaction of 4,655.25349748 BTC was the most high-profile one to take place, and has left Nicehash users in the cold.

In a post on Reddit, Nicehash representatives confirmed the heist, stating that "Unfortunately, there has been a security breach involving NiceHash website. We are currently investigating the nature of the incident and, as a result, we are stopping all operations for the next 24 hours. Importantly, our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen. We are working to verify the precise number of BTC taken."

Where's My Bitcoin? "Cerber" Ransomware Starts Stealing Cryptocurrency Wallets

"Where's my Bitcoin?" is a question no miner, investor or mere user in the cryptocurrency ever wants to have to ask. There's always someone willing to take advantage of someone else's hard work or subjection to risk in order to increase their own value; and if there's something years of cyber security have told us, is that hackers seldom lag in picking up new sources of undeserved revenue. So it was only a matter of time before general purpose ransomware started seeing updates so as to take advantage of the newer trends in valuable assets. Enter cryptocurrency. And you can probably guess the rest of this piece.

The new, updated Cerber ransomware routine now not only encrypts a user's files, it also looks for some specific, known Bitcoin wallet applications (namely, and as of time of writing, Bitcoin Core, Electrum, and Multibit), copies them to an external server controlled by the hackers, and proceeds to delete them from the user's PC. Naturally, Cerber also has a routine that handles copying passwords that are stored in your browser of choice. The wallet stealing and copying isn't much of a concern per se; there are additional security measures in any given wallet before the hackers can access their potential treasure trove of cryptocurrency. However, many people also keep files with passwords or some such on their computers; and could be doing a disfavor to themselves by not keeping another copy of their wallets on a secure, non-internet connected hardware wallet, or even USB pen. Naturally, a user who kept the password for their wallet on their system is vulnerable to the entire "ransomware" portion of the Cerber malware; and if someone doesn't even have another copy of their wallet but keeps an ungodly amount of value in it, could very well be facing losses towards the entirety of their wallet. Definitely not a good place to be.

AMD Confirms its Platform Security Processor Code will Remain Closed-Source

Since the launch of AMD Ryzen, a small piece of hardware that handles basic memory initialization as well as many security functions has been the center of some controversy. Called the Platform Security Processor (the "PSP" for short) it is essentially an arm core with complete access to the entire system. Its actions can be considered "above root" level and are for the most part invisible to the OS. It is similar in this regard to Intel's Management Engine, but is in some ways even more powerful.

Why is this a bad thing? Well, let's play a theoretical. What happens if a bug is discovered in the PSP, and malware takes control of it? How would you remove it (Answer: you couldn't). How would you know you needed to remove it? (answer, unless it made itself obvious, you also wouldn't). This scenario is obviously not a good one, and is a concern for many who asked AMD to open-source the PSPs code for general community auditing.

Petya/NotPetya: The Ransomware That Wasn't Actually Looking to Ransom Anything

You've heard of the Petya ransomware by now. The surge, which hit around 64 countries by June 27th, infected an estimated 12,500 computers in Ukraine alone, hitting several critical infrastructures in the country (just goes to show how vulnerable our connected systems are, really.) The number one hit country was indeed Ukraine, but the wave expanded to the Russian Federation, Poland, and eventually hit the USA (the joys of globalization, uh?) But now, some interesting details on the purported ransomware attack have come to light, which shed some mystery over the entire endeavor. Could it be that Petya (which is actually being referred to as NotPetya/SortaPetya/Petna as well, for your reference, since it mostly masquerades as that well-known ransomware) wasn't really a ransomware attack?

Intel Patches Remote Execution Flaw on Its CPUs - Active Since 2008

A bug in Intel's AMT (Active Management Technology), ISM (Standard Manageability) and SBT (Small Business Technology) firmware versions 6 to 11.6 sits unpatched since 2008 - a bug which allows "an unprivileged attacker to gain control of the manageability features provided by these products." Potentially, this could have led systems to be exploited for remote control and spyware infection (and maybe it did lead to that, and we just don't know about it.) Through this flaw, hackers could log into a vulnerable computer's hardware - outside the security features of the OS and any anti-virus suites - and silently install malware and other thriving pieces of malevolent coding. AMT having direct access to the computer's network hardware ensures this could have been done outside of local tampering. The vulnerable AMT service is part of Intel's vPro suite of processor features, so it's catering more to businesses and server boxes than for the usual consumer-based products - though we all know some hardware enthusiast's usage of this kind of processors in their personal rigs. If you don't have vPro or AMT present at all, you are in the clear. However, some outlets report that Intel systems are vulnerable to direct hardware access even if their AMT, ISM, or SBT implementations aren't provisioned - it's just the network access that doesn't work.

These insecure management features have been available in various Intel chipsets for nearly a decade, starting with the Nehalem Core i7 in 2008, all the way up to this year's Kaby Lake Core parts. Luckily, this "feature", which is present in millions of Intel chips and potentially provides a "backdoor-esque" entry point to equal millions of systems, appears to be able to be addressed through a microcode update. However, this update will have to be pushed by your system manufacturer, and you can probably begin to imagine by now how such a process will linger on, and how hard it will be for this to happen to every affected system.

NSA's Windows Exploit "DoublePulsar" Being Actively Utilized in the Wild

The "DoublePulsar" exploit exposed recently as part of the leaked NSA-derived hacking toolkit posted online, is set to become one of the more significant issues related to the leak. Not because it is unpatched, because it has been patched for roughly a month, but rather because according to a threatpost.com report, few users are as up to date as they should be.

Intel's Skylake and Kaby Lake-based Systems Vulnerable to USB Exploit

At this year's CCC hacker congress, researchers from Positive Technologies have released information, which documents vulnerabilities in Intel's Skylake and Kaby Lake series processors' handling of USB 3.0-based debugging - which could be used to attack, corrupt, and even subvert a user's system.

This vulnerability allows attackers to bypass typical security mechanisms - both at the hardware and at the OS level - by using a new debugging interface, which could allow them to install malware and/or rewrite the system's firmware and BIOS. The exploit is currently undetectable using existing security tools, and according to the researchers, this mechanism can be used on a hacked system regardless of the OS installed.

Steam and Linux on the PS4 - AMD's "Bonaire" GPU Register Reference Found

While trying to hack the PS4 in order to make it run Linux (in a bid to get Steam and possibly other programs running on the PS4's hardware), hackers hit a snag: they couldn't get the PS4's GPU to display any kind of output or process any kind of graphics. Like any good researcher would, when hit with a snag, the hackers turned to scouring the Internet in hopes of finding any kind of documentation that could help them harness the PS4's Pitcairn-based GPU.

Epic Games Forums Hacked; Over 800,000 Passwords Stolen

The official discussion board for Epic Games, frequented by developers and gamers of Unreal Engine, "Unreal Tournament," and soon "Paragon," was hacked, exposing dates of birth, IP addresses, registration dates, registration e-mail addresses, and allegedly passwords, of over 800,000 users, reports The Hacker News. The hackers reportedly got their hands on the data by exploiting a vulnerability in the outdated version of vBulletin that Epic Games uses.

Epic Games, however, denies that the hackers got their hands on passwords. "We believe a recent Unreal Engine and Unreal Tournament forum compromise revealed email addresses and other data entered into the forums, but no passwords in any form, neither salted, hashed, nor plaintext," the company stated. ZDNet reports that a larger portion of the vBulletin database, which includes user posts and private-messages, could also have been stolen.

NSA Hides Spying Backdoors into Hard Drive Firmware

Russian cyber-security company Kaspersky Labs exposed a breakthrough U.S. spying program, which taps into one of the most widely proliferated PC components - hard drives. With the last 5 years seeing the number of hard drive manufacturing nations reduce from three (Korean Samsung, Japanese Hitachi and Toshiba, and American Seagate and WD) to one (American Seagate or WD), swallowing-up or partnering with Japanese and Korean businesses as US-based subsidiaries or spin-offs such as HGST, a shadow of suspicion has been cast on Seagate and WD.

According to Kaspersky, American cyber-surveillance agency, the NSA, is taking advantage of the centralization of hard-drive manufacturing to the US, by making WD and Seagate embed its spying back-doors straight into the hard-drive firmware, which lets the agency directly access raw data, agnostic of partition method (low-level format), file-system (high-level format), operating system, or even user access-level. Kaspersky says it found PCs in 30 countries with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.

Does NVIDIA Display Driver Service Make Your System Vulnerable?

An [ethical?] hacker going by the Twitter handle @peterwintrsmith discovered a gaping security hole in NVIDIA's display driver service that allows ordinary local and remote users to gain administrator privileges in Windows. Mr. Winter-Smith posted a description and details of the exploit, in which he describes the NVIDIA Display Device server (NVVSVC) as listening on a pipe (a means by which different processes talk to each other) "\pipe\nsvr," which has an null/empty discretionary access control list (DACL, a security whitelist for users/groups), letting ordinary logged in local and remote users (firewall permitting, and the remote admin has a local account) to gain administrator rights to the system. In our opinion, the exploit is plausible, and could cut short winter breaks of a few in Santa Clara.

Blizzard Servers Hacked, User Data Compromised

Online gaming giant Blizzard Entertainment reported unauthorized access to its servers. The security breach was detected earlier this week, and the company claims that the hackers may have accessed user data such as e-mail addresses of Battle.net users, their personal security questions, and information related to mobile and dial-in authentications.

Blizzard claims that the information compromised is not enough for anyone to gain access to the Battle.net accounts, and that there was no evidence to suggest that more vital bits of user data, such as real names, credit card information, or billing addresses were accessed. Users' Battle.net passwords, which are cryptographically-scrambled, may have been accessed. Since SRP (secure remote protocol) is used to protect the passwords, it is extremely difficult to unscramble them. Blizzard strongly recommends users to change their passwords as investigations into the security breach are on.

OUYA: A Hacker-Friendly Android Console

A new Kickstarter project is making waves, by proposing an open-source, hacker-friendly platform using Android as its backbone. "OUYA" merges the "satisfying" experience of a console with the developer-friendly nature of the Android marketplace. The project is seeking nearly a million dollars in funds, but it's already managed to reach more than half its lofty goal within just a day. The project's goal is $950,000, a figure it's likely to hit. It's been less than a day, and it's hit more than $590,000. That's no doubt because the higher dollar amounts, $95 and $99, offer the console itself as a reward. So far, the project hasn't outlined any stretch goals, but they seem likely. The funding will go towards converting the prototype to production models with approvals from regulatory agencies, development kits, production orders, and possibly some first-party game development. It also claims that games will be required to offer a free element, be it a demo or the full game with microtransactions. OUYA has already specified its technical specs, including a Tegra3 quad-core processor, 1 GB of RAM, 8 GB of flash storage, an HDMI connection, and Android 4.0. The controller looks fairly standard for consoles, with eight action buttons, two analog sticks, a D-pad, and the addition of a touch pad.

Max Payne 3 Multiplayer Pits Cheaters Against Cheaters

Playing against hackers and cheaters in multiplayer games is rarely fun, so now Rockstar is showing them just how it feels. It's hit upon a cruel and unusual punishment for cheaters in Max Payne 3's multiplayer: forcing them to play in a "Cheaters Pool" filled only with other hoodlums. "Anyone found to have used hacked saves, modded games, or other exploits to gain an unfair advantage in Max Payne 3 Multiplayer, or to circumvent the leaderboards will be quarantined from all other players into a 'Cheaters Pool', where they'll only be able to compete in multiplayer matches with other confirmed miscreants," Rockstar explains in a blog post. They'll also be cut from the leaderboards. Rockstar could deign to allow these rapscallions to rejoin civilised society, but will permaban them for a second infraction. Lets hope that one day all online games will adopt such measures.

Diablo 3 Declared 'Fastest Selling PC Game' Ever

From the launch day server meltdown to the way everyone you know seems to be playing, it's pretty clear that Diablo III is quite popular. But just how popular? Blizzard announced today that it sold 3.5 million copies within the first 24 hours, which supposedly makes it the fastest-selling PC game of all time. On top of those 3.5 million copies were another 1.2 million doled out free to World of Warcraft Annual Pass subscribers. After a week, Blizzard says, Diablo III was up to 6.3 million players--not including South Korean game rooms, where it's estimated to have a 39% share. "We're definitely thrilled that so many people around the world were excited to pick up their copy of Diablo III and jump in the moment it went live," CEO Mike Morhaime said in the announcement.

"We also regret that our preparations were not enough to ensure everyone had a seamless experience when they did so. I want to reaffirm our commitment to make sure the millions of Diablo III players out there have a great experience with the game moving forward, and I also want to thank them for their ongoing support." As well as rolling out sneaky little balance updates, Blizzard is investigating reports of nasty hacks, and preparing to launch the real-money auction house on May 29.

Diablo 3 Launch Overloads Servers

Shacknews is reporting Diablo III is pretty popular. So popular, in fact, that the servers have been overloaded by the flood of clickmaniacs trying to play when it launched at midnight. As Diablo III requires players be online to play, even by themselves, there are a lot of sullen faces around this morning, staring glumly at 'Error 37' messages. Still, some are able to play. There's a little good D3 news in that Blizzard is helping out Australian fans who pre-ordered from GAME, after the failing retailer said it wouldn't honour their orders but would keep their money.

"Due to high concurrency the login servers are currently at full capacity. This may cause delays in the login process, account pages and web services," a Blizzard representative said of Error 37. "We apologise for any inconvenience this may cause and thank you for your patience while this is being resolved." A message on the login screen notes, "We're also aware of issues affecting character creation and are working to resolve them at this time." Hang in there, then. As for the land down under, after GAME entered administration earlier this week, it told Diablo III pre-orders that they wouldn't receive their game, but nor could they get a refund. Blizzard kindly stepped in to save them, explaining that those with proof of preordering can buy a digital copy through Battle.net then submit their GAME receipt for a refund. You'll need to buy before May 21, and send your receipt in by June 30, though.

Wolfenstein 3D Celebrates 20th Anniversary with a Browser Edition

This month is the 20th Anniversary of Wolfenstein 3D. To celebrate id Software and Bethesda have given us all a free browser-based version of its seminal shooter. John Carmack has also given a director's commentary, full of the usual fascinating Carmackchat. You can play the snazzy HTML 5 version of Wolf 3D if you're browsing in Firefox 10, Chrome 16, Internet Explorer 9, Safari 5, or newer. Fingers crossed that your work computer is updated vaguely frequently. id Software got distracted by Doom and Quake after the release of a Wolf 3D prequel, but the series returned in 2001 with Return to Castle Wolfenstein from Grey Matter and Nerve Software. Splash Damage followed this with the superb free multiplayer spin-off Wolfenstein: Enemy Territory, then the last entry in the series was Raven's Wolfenstein in 2009. The iOS version is also going temporarily free in the App Store some time later today. Here is the Link
Return to Keyword Browsing