Feds charge Evil Corp, Russia-based creators of Dridex malware, in $100 million bank hacking spree

The most on-brand name since “Fraud Guarantee.” Read the rest

Judge says Facebook users entitled to better security but not $ damages

In a decision released late Tuesday night, a federal judge ruled that up to 29 million Facebook users whose personal info was stolen in a September 2018 data breach are not entitled to sue Facebook as a group for damages -- but the users may be entitled to demand better personal data security at Facebook. Read the rest

T-Mobile says recent 'criminal hack' got personal data of some prepaid wireless customers

T-Mobile today admitted that a recent "criminal hack" accessed personal data of some prepaid wireless customers' accounts. Read the rest

How to add LEDs to a track jacket

The project starts with finding the exact right jacket:

The jacket I picked is the adidas Originals Superstar Track Jacket. I wanted this one because it features the iconic trefoil logo and calls back to the 80’s b-boy b-girl era. What we’re really looking for is how the stripes are attached. The white stripes are sewn on top of the black base jacket using two parallel rows of stitches 8mm apart. This creates a fabric tube that we can insert our LEDs into.

Click through for instructions on creating your own robust glowing jacket.

The group looked great at the Neotropolis Bar in Los Angeles:

(Via John Wiseman.) Read the rest

WhatsApp fixes security bug that let hackers take over with a GIF

A spokesperson for the Facebook-owned WhatsApp says the company has fixed a security vulnerability that let hackers take control of the messaging app by way of a malicious GIF. Read the rest

Malicious websites that hacked into iPhones over 2-year period targeted Uyghur Muslims in China: Report

A number of malicious websites that were recently reported to have been secretly hacking into iPhones over a two-year period were in fact targeting Uyghur Muslims, Zack Whittaker of TechCrunch reports today. Read the rest

@Jack Hacked

The incompetence horrowshow is on Twitter right now! It's lasted a few minutes; to my shame was I there to see it and wonder how long it would last, and it has not ceased yet.

UPDATE, 1:02 p.m. Eastern Time: It has ceased. Read the rest

Broken tail light replaced with red sports drink

A trucker replaced a broken tail light with a red sports drink, reports the Denver Channel. His ingenuity earned him police attention in Longmont, Colo., but they let him go without a ticket.

While we appreciate the ingenuity of this tail light, this is not a permanent solution,” Longmont Fire, Police and OEM wrote in a Facebook post. “Working tail lights prevent accidents.”

Photo: Longmont PD Read the rest

Arts&Crafts: bypass a fingerprint scanner with glue and tinfoil

I recently wrote about how much I enjoyed testing the OnePlus 7 Pro. One of the nicer things about it was the fact that its in-display fingerprint reader, unlike the one in the last-gen OnePlus handset, works in a timely manner. Too bad that, no matter how quickly it can read a fingerprint, it still isn't smart enough to stand up to a bit of arts and crafts from a determined security hacker.

Now, before anyone goes and loses their minds over this hack, it's important to note that in order for it to work, a digital interloper would need to get hold of the fingerprint belonging to the handset's owner in order to copy it. The best way to secure your phone against a hack like this, or being forced to unlock your smartphone for the authorities is to lock it down with an alphanumeric code.

While using biometrics to unlock your hardware might be convenient, when push comes to shove, it won't keep your digital life secure from professional snoops for long. Read the rest

After hack and attempted shakedown, Radiohead posts hours of demos

Some 15 hours of Thom Yorke's demo recordings, dating back to the OK Computer era, were accessed and downloaded by a hacker who then attempted to extort $150,000. Rather than pay up or lose control of the media, Radiohead released it all online instead. Bandmate Jonny Greenwood wrote that the sessions were "only tangentially interesting" and would be offered for the next 18 days, with an optional $18 price tag that would be passed onto Extinction Rebellion, a climate change protest group.

MINIDISCS [HACKED] by Radiohead Read the rest

Asus unwittingly pushed malware to 500k laptops after hack

Kim Zetter reports that Taiwan tech giant Asus unwittingly installed backdoors on half a million of its own customers' computers after hackers compromised its software update servers.

The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems. The malware searched for targeted systems through their unique MAC addresses. Once on a system, if it found one of these targeted addresses, the malware reached out to a command-and-control server the attackers operated, which then installed additional malware on those machines.

Why hack the consumer when you can hack the manufacturer and get all the consumers for free?

Alt headline: "Republic of Gamers Publicly Owned" Read the rest

Smart hack to easily hang a picture using a fork

Genius! A serving fork would be useful for taller frames.

(Creative Ideas via Kottke) Read the rest

Keytar made out of a Commodore 64

Enjoy this completely perfect keytar made from a Commodore 64. The pickups send sound via an FPGA to the original SID chip to allow a variety of chiptastic effects, applied using the computer's keyboard. Read the rest

SMS text two-factor authentication "bypassed at scale"

Gmail's text-message two-factor authentication is not only insufficiently secure, but "bypassed at scale", reports Joseph Cox.

A new Amnesty International report gives more insight into how some hackers break into Gmail and Yahoo accounts at scale, even those with two-factor authentication (2FA) enabled.

They do this by automating the entire process, with a phishing page not only asking a victim for their password, but triggering a 2FA code that is sent to the target’s phone. That code is also phished, and then entered into the legitimate site so the hacker can login and steal the account.

I use Authy. Read the rest

Marriott admits hack exposing "as many as 500 million" travelers

Stayed at a Starwood hotel in the last five years or so? Every one of you and more—as many as 500 million people, says owner Marriott—are implicated in what would be the second-largest hack of all time.

The company said Friday that credit card numbers and expirations dates of some guests may have been taken. For about 327 million people, the information exposed includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date and communication preferences. For some guests, the information was limited to name and sometimes other data such as mailing address, email address or other information.

Yahoo holds the record, with 3bn accounts breached. The only other breach in the same league as these would be the 412m accounts dumped from Adult Friend Finder. Marriott and Starwood merged two years ago, but open season at Starwood's servers apparently continued until September this year. Read the rest

Equifax engineer gets 8 months house arrest for $75,000 insider trading spree

An internet engineer at Equifax who coded parts of a breach portal for the credit agency has been sentenced to 8 months of house arrest for insider trading. He was convicted of using insider information about the Equifax breach to make more than $75,000. Read the rest

Facebook: Hackers got (very) personal data from 29M users. FIND OUT if your info was breached.

The good news: Facebook downgrades the number of accounts hit in the breach they disclosed two weeks ago to 29 million, down from 50 million. The bad news: Uh, that's still a LOT. And if you were one of those 29 million Facebook users, A LOT of your intimate personal data was stolen. Read the rest

More posts