VeriSign Inc. is responsible for the integrity of web addresses ending in .com, .net and .gov, directing traffic for half the world’s internet users and on Thursday it revealed that company systems were hacked towards the end of 2011 with hackers gaining access to several servers inside the company’s network.

In responding to the attack VeriSign executives said they ”do not believe these attacks breached the servers that support our Domain Name System network.”

It’s that DNS network that ensures users land at the right numeric Internet Protocol when typing in a url such as Facebook.com.

Taking down VeriSign would deal a critical blow to internet companies, the organization currently serves more than 50 billion queries daily and gaining access to its DNS server could allow hackers to redirect users to any website they choose. For example typing Google.com could take users to a scam survey. Access could also allow hackers to steal government and corporate emails and potentially steal government data through secure channels.

In hearing the new Stewart Baker, former assistant secretary of the Department of Homeland Security exclaimed to Reuters:

“Oh my God. That could allow people to imitate almost any company on the Net.”

News of the successful hack arrived in the company’s quarterly filing with the U.S. Securities and Exchange Commission in October in which the agency promised to deliver better reporting of security breaches to investors.

While the DNS side of the company’s business appeared to remain untouched VeriSign is also known for protecting customer sites and managing their traffic. It’s hard to take a “Protected by VeriSign” logo seriously when they can’t protect their own servers.

Along with DNS and customer protection the company also houses the information for thousands of small, medium and large scale customers.

At this time VeriSign executives are denying interview requests and employees have been given almost no information pertaining to the data breach.

Luckily in August 2010 VeriSign sold it’s Secure Sockets Layer certificates business to Symantec. If hackers had figured out how to crack that system they could gain access to https accounts, for example they could break a banks certificates and gain access to bank accounts around the world. The VeriSign brand name is still connected to those certificates but they are no longer managed by the company.

Symantec spokeswoman Nicole Kenyon revealed:

“There is no indication that the 2010 corporate network security breach mentioned by VeriSign Inc was related to the acquired SSL product production systems.”

In the meantime VeriSign admitted in their filing that they are often the subject of ”the most sophisticated form of attacks” that are “virtually impossible to anticipate and defend against.”

Do you think VeriSign is doing a good job of protecting website and user data the best they can in a market full of new and sophisticated attacks?

VeriSign Servers Hacked, Very Few Details Reviewed In SEC Filing is a post from: The Inquisitr

A Romanian hacker by the name of Razvan Manole Cernaianu, also known by his nickname TinKode, was arrested after he hacked into NASA and Pentagon. Governments take hacking very seriously as for one, confidential information is hidden on servers and two, if it’s known that they can be hacked, well, that opens them up to even more attacks.

The guy was known for hacking into US government and military websites and exposing security issues in their systems.

To go after computer systems such as NASA and the Pentagon, you’ve got to have some serious guts. Or be stupid, one of the two. Sooner or later, you will be caught. Just ask infamous hacker Kevin Mitnick or give his recent book, Ghost In The Wires, a read.

Via PCMag:

“The accused hacker, Razvan Manole Cernaianu, accessed high profile computer systems without authorization, including those belonging to the Pentagon and NASA, then posted evidence of his attacks online, the Romanian Directorate for Investigating Organized Crime and Terrorism, said in a statement Tuesday. Cernaianu, a 20 year-old IT student from Timisoara, Romania, broke into servers belonging to the U.S. Army and stole confidential information, which he published on his blog, authorities said.”

That’s likely where he went wrong which is posting the evidence online. Sooner or later, someone screws up and leaves clues that help authorities track them down even further or, expose them completely. On the plus side, at least white hat hacking helps improve the security of systems and makes them less prone to these kinds of attacks in the future.

How long of a sentence do you think the hacker should have to spend, or should he not serve any time at all?

Hacker Arrested After Stealing Confidential Information From NASA And Pentagon is a post from: The Inquisitr

Anonymous, a hacker group that’s gained quite the buzz and reputation lately, denied that they will be taking down Facebook this weekend on January 28th. Rumors have been spiraling all over the Internet after a video surfaced on Youtube talking about taking down the social network.

The hacker group denied the rumor on their Twitter account. Lately, the group has went after a number of websites in relation to the SOPA and PIPA protests all across the Internet. Thankfully, SOPA was pulled from Congress and the vote for PIPA was delayed.

In regards to the fake video uploaded, here’s some details:

“An online war has begun between Anonymous, the people, and the government of the United States,” the video narrator says. “While SOPA and PIPA may be postponed from Congress, this does not guarantee that our Internet rights will be upheld.”

“The video goes on to say that taking down Facebook would be the “greatest Internet protest and first official cyber war.” The voice scoffs at the idea that Facebook is too big to destroy. “While it is true that Facebook has at least 60,000 servers, it is still possible to take it down.”

“The video also tells viewers that “there is no way you can get caught. Hundreds of thousands of us … will all be participating. They cannot take down that large of a group.”

When something is popular, some people tend to latch on and milk it for what’s worth, or cause problems. While this is one of many rumors, it’s definitely not the last.

What do you think about Anonymous and what they’re doing?

Anonymous Not Shutting Down Facebook Despite Rumors is a post from: The Inquisitr

Previously we mentioned hackers targeting a South African bank and it looks like this time, hackers went after a United Arab Emirates bank and Arab Bank. While no money was stolen in this case or user accounts compromised, they managed to completely shut down the websites.

No one knows the names of the people behind the attack except that it is the work of Israeli hackers who operate under the name ‘IDF Team’. The hacker group had mentioned the day before their plan to shut down the central bank website as well as the website of Arab Bank.

Via Financial Times:

“Both sites were inaccessible on Thursday. UAE Central Bank officials brushed aside the significance of their site being compromised, saying talks with the European delegation, which included Mr Draghi and a number of ECB governors, were their top priority.”

“We have been busy here,” said Sultan bin Nasser al-Suwaidi, governor of the UAE Central Bank, when asked about the hack. “There are IT technicians who will take care of it.”

As to how they pulled off the attack and took both websites down, it became very clear.

“The sites are likely to have been hit by denial-of-service attacks, which use a network of computers to flood the system running a website with requests, causing it to break down. Often the computers used for such attacks have been infected by viruses that allow hackers to control the machines remotely, without the knowledge of their owner.”

Hackers and various groups have been taking down sites and causing disruption for years and doesn’t seem to be ending anytime soon.

What would you do if your website got taken down by hackers?

Hackers Attack Two Banking Websites And Bring Both Offline is a post from: The Inquisitr

Hackers continue to plug away and a recent case didn’t involve worms or compromising customer data, but stealing cold hard cash. A group of hackers over a three day period, managed to get away with $6.7 Million from Postbank in South Africa, the nation’s post office service.

One has to wonder how they managed to pull it off over a three day period and why no alarms were made. The group pulled it off over a holiday weekend which is one reason why. Here’s how the attack went down:

“Once the offices were closed for the New Year holidays, the gang put their plan in motion. They accessed the computer from a remote location and used it to break into Postbank’s server system and transfer money from various accounts into the ones they opened.”

“Having also raised the withdrawal limits on those accounts, money mules had no problem withdrawing great amounts of money from ATMs in Gauteng, KwaZulu-Natal and the Free State during the next few days, stopping completely when the offices were opened again on January 3.”

Had they had more time, they could have potentially got away with Millions more. While the fraud detection system should have worked, well, it clearly didn’t. Postbank’s fraud detection didn’t work period and was one of the biggest reasons why the hackers got away with all the money.

Upon further investigation, it’s no surprise says a banking security expert considering their network and security systems are very outdated and in a serious need of an upgrade. Thanks to insurance, they will likely get their money back, but it’s not something you want to have happen in the first place.

What would you do if you had Millions of dollars in the bank and some people stole it?

Hackers Get Away With $6.7 Million From South African Bank is a post from: The Inquisitr

Israel is taking hacking quite seriously after a hacker with the name “OxOmar”, said he had posted 11,000 credit card details online Thursday. This was also behind him saying that ”greatest Saudi Arabian hacker team” posted details of a whopping 400,000 credit cards earlier in the week.

Israel said that they “will respond to cyber-attacks in the same way it responds to violent “terrorist” acts, by striking back with force against hackers who threaten the Jewish state.”

Hacking continues to be a problem for countries and companies with various movements such as Anonymous and also hackers focused on exposing information for personal financial gain, such as what happened with the over 400,000 credit card details.

The good part is that despite the leak of such information, Israel’s three largest credit card companies reported only 6,050 of the 11,000 exposed being affected and just 14,000 of the 400,000 had been exposed.

Cyber attacks are starting to be viewed as a terrorist act and whenever you throw that word around, the consequences can become even more serious. Granted, no one is being killed in the process, but that doesn’t matter in the eyes of the government.

With that said, if the hacker “OxOmar” along with these supposed Saudi Arabian hackers are caught, they could face some serious jail time and won’t be touching a computer for a long time, that’s for sure.

“Hackers stand warned, Deputy Foreign Minister Dany Ayalon said. “They are putting themselves in danger and that they will not benefit from any immunity against reprisal actions from Israel.” Cyber-attacks amount to “terrorism that must be treated as such. In cyberspace, we have active capacities and we can hit those who try to hit us.”

Israel To Hackers: “We’ll Respond The Same Way We Do To Terrorist Acts” is a post from: The Inquisitr

Using the Skype messaging and calling system can inadvertently allow users to share their physical location from people they may want to hide that information from.

Researchers at New York University’s Polytechnic Institute tracked the activities of 20 volunteers and 10,000 other users over a two week period and through their testing they were able to tell where each user had placed their calls and examine their peer-to-peer (P2P) file-sharing activity.

In a news release Keith Ross, professor of computer science at NYU-Poly noted:

“A hacker anywhere in the world could easily track the whereabouts and file-sharing habits of a Skype user – from private citizens to celebrities and politicians – and use the information for purposes of stalking, blackmail or fraud.”

Researchers also found that logging out of Skype wasn’t enough to stop information from being revealed since that info was made available for up to 72 hours.

The hack also allows users who are not on a persons contact list to track their location and data pulls and that information could be gathered even when a user blocks calls from non-contact members.

With more than 600 million people currently using the Skype service it’s likely Microsoft will quickly attempt to remedy the issue, especially after spending $8.5 billion to buy the service just seven months ago.

Skype currently controls 20% of all overseas calls.

Skype has admitted that such IP information can be obtained and they say that any service that connects through an IP address offers the same risks and a Skype rep told the FinancialPost:

“Through research and development, we will continue to make advances in this area and improvements to our software.”

Will you stop using Skype until a fix for the current hack is discovered?

Skype Vulnerability Exposes User Locations Without Permission is a post from: The Inquisitr

An FBI and US homeland security probe has been launched after a cyber-attack suspected of originating in Russia caused a water utility pump outside of Springfield, Illinois to be shut down for a short period of time.

The hacking of the water pump did not effect water supply in Central, IL however it did signal the first publicly known case of a foreign hacker successfully penetrating a US industrial facility.

The hack occurred on November 8 when a technician for the facility announced the attack.

The system was compromised when a hacker obtained supervisory control and the facilities data acquisition (Scada) software. During the hack the Scada system was turned off which in turn burned out the water pump.

In the meantime Homeland security spokesman Peter Boogaard  has not confirmed that the shutdown was necessarily the result of an attack since no critical infrastructure entities were targets and no threat was made to the public’s safety.

If the Scada system was compromised it could pose a greater risk to the public in the future since the software is used to control water treatment facilities, railway switches, chemical plans, gas pipelines and even nuclear reactors.

Concerns have been raised over the system in the past, last year Iran’s uranium enrichment facility was attacked by the virus Stuxnet which also targeted Scada systems.  When attacking the Iran facility the virus sped up uranium centrifuges while shutting off warning and safety systems.

The FBI and US Homeland Security continue to investigate the incident to determine the exact cause of the system failure.

Russian Hacker Temporarily Shuts Down Water Supply In Illinois, FBI Probe Launched is a post from: The Inquisitr

If you happen to be logging into your Facebook account today, especially from work or school we have a message for you, user beware! It turns out that a group of hacking pranksters have been sending malicious links to users which in turn has posted various pornographic images into their news feed.

How bad is the porn? One Twitter user tweeted:

“I saw a dead dog, Justin Bieber sucking a d***, and a naked grandma. Time to delete Facebook.”

The images are coming as users click on what appears to be valid links from their friends and other subscribers, most often telling their followers to check out a funny YouTube video or a funny picture from other sites. One example that Forbes found had the message:

“Wow, I can’t believe you did this in this video. I LOLed.”

Facebook was quick to respond to the spammy links and told ZDnet they are

“Aware of these reports” and “investigating the issue.”

While the hacking group Anonymous has been blamed for the attacks by some groups they have not yet come forward to claim responsibility although the supposed “humor” in the message sounds more like something LulzSec would attempt to accomplish.

Have you found unwanted pornographic images and videos in your Facebook feed or the feed of friends today? Remember to reset your Facebook password the moment you realize you have been hacked and always check your Facebook feed after you have clicked on links, even if they come from your most trusted friends.

Porn Hackers Attack Facebook, Users Beware is a post from: The Inquisitr

The Pentagon’s research arm, the Defense Advanced Projects Research Agency, recently announced plans to boost cybersecurity spending by up to 50% over the next five years.

At least some of that extra cash will be devoted to boosting the US Military’s cyber arsenal, allowing our military to be just as effective in cyberspace as they are on the ground in offensive attacks. Additionally, DARPA wants to beef up their defenses, admitting that their security isn’t exactly where they want it to be.

“Modern warfare will demand the effective use of cyber, kinetic, and combined cyber and kinetic means,” said agency director Regina Dugan, speaking before a DARPA ‘cyber colloquium’ held at a hotel in Virginia. “We need more options, we need more speed, and we need more scale. We must both protect its peaceful shared use as well as prepare for hostile cyber acts that threaten our military capabilities.”

Dugan was speaking to a collection of what she referred to as “visionary hackers” and various academics and cybersecurity experts at the event. DARPA is essentially reaching out to the cyber community for help in light of growing concerns about the security of government networks.

She admitted that while security of sensitive government infrastructure network has grown over the past several years, the reality is that it’s still too easy to gain access to the networks. Just last week, the Office of the National Counterintelligence Executive, a branch of the US government, told Congress that China and Russia are using cyber attacks to steal trade and technology secrets from the US. (source: Chicago Tribune)

“We are losing ground because we are inherently divergent from the threat,” Dugan explained. “Such divergences are the seeds of surprise, and this [size disparity] is a striking example of why it’s currently easier to play offense rather than defense in cyber. This is not to suggest that we stop doing what we are doing in cybersecurity. But if we continue only down the current path, we will not converge with the threat.”

via Wired

[Image credit: US Air Force]

DARPA to increase cybersecurity research spending, boost cyber arsenal is a post from: The Inquisitr

Police investigating the News of the World phone hacking scandal say they have uncovered 11,000 pages of notes from professional snooper Glenn Mulcaire. In those notes investigators say Mulcaire spied on 5,795 potential victims of the phone hacking scandal.

If that number is true it would be nearly twice the estimated number of hacked phones originally reported by The Guardian two years ago.

Police at this time are cautioning that an exact number of hacked phones is hard to determine and they believe their numbers will be revised in the future as their investigation continues to move froward.

If increasing numbers of phone hacks isn’t bad enough news for News Corp. (owners of the now closed NOTW) a Sun employee has been arrested on suspicion of bribing police. The new arrest was made as part of Operation Elveden a wide sweeping investigation into the corrupt nature of News International’s bribery attempts which has already witnessed the arrests of Rebekah Brooks and Andy Coulson.

It should be noted that those numbers do not include an ongoing investigation also underway in the United States in which News Corp. employees allegedly spied on the victims of 9/11, their families and other people involved with the tragedy.

Do you think given the severity of these cases that investigators need to go after top level executives at News Corp., specifically the Murdoch family?

[Image via dutourdumonde / Shutterstock.com]

News Of The World Hacked At Least 5,795 Phones [Evidence] is a post from: The Inquisitr

News Corp. has reached a settlement in one phone hacking scandal. The company has agreed to pay the family of a murdered girl at the center of the case the sum of $4.8 million.

Under the agreement the family of Milly Dowler will receive $3.2 million with the rest of  the settlement being donated to a charity.

Dowler’s phone was hacked by employees at the now defunct News of the World, a scandal that led to further accusations and investigations around the world, including in the United States where News Corp. is accused of hacking phones that belonged to 9/11 victims and their families.

In a statement released to the press News Corp. founder and CEO Rupert Murdoch said:

“When I met with the Dowlers in July, I expressed how deeply sorry I was for the hurt we had caused this family.”

Murdoch also revealed:

“The behavior that the News of the World exhibited toward the Dowlers was abhorrent and I hope this donation underscores my regret for the company’s role in this awful event.”

According to reports Murdoch was directly involved in arranging the settlement for the Dowler family.

The settlement also comes just as News Corp. holds their shareholders meeting in Los Angeles.

Do you believe that a $4.8 million settlement makes up for the company’s violation of trust with their readers? With more investigations launched, falling stock prices and distrust around the globe that sum is only a small part of what the company has and will lose in the future.

News Corp. Settles One Phone Hacking Scandal For $4.8 Million is a post from: The Inquisitr

Symantec announced that a new, malicious virus, called Duqu, has been discovered, and it may have ties to the Stuxnet virus.

Symantec made the discovery alongside an unnamed research lab. The company states that it appears whoever wrote Duqu had access to the source code of the Stuxnet virus. Whereas Stuxnet was designed to infiltrate and destroy industrial software, however, Duqu is an intelligence-gatherer. Researchers say that Duqu may be looking for intelligence to launch an even larger, more successful attack.

“Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT),” the company said. The threat does not self-replicate. Our telemetry shows the threat was highly targeted toward a limited number of organizations for their specific assets. However, it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants.”

The report goes on to say that the Duqu virus was digitally signed using a stolen key from a legitimate, Taiwan-based company, allowing relatively easy infection of the virus’ targets when combined with exploitation of a number of system vulnerabilities. Symantec owns the VeriSign authentication service that controlled the stolen certificate, so Symantec was able to revoke its security privileges (via Tech News World).

“It’s an intelligence operation,” Michael Sconzo, a senior security officer at RSA, told Fox News. “We still aren’t sure of all the things it looks for yet but it is a likely precursor to an attack. It is a Trojan horse.”

Source: Symantec

Stuxnet creators suspected to be behind new Duqu virus is a post from: The Inquisitr

FBI officials have arrested one suspect in the celebrity hacking ring which has placed naked pictures of actresses online for the world to see.

The arrest comes several weeks after the phone of Scarlett Johansson was hacked and naked photos of the A-List actress were published online.

The FBI Operation “Hackerazzi” has not named which celebrities had been hacked and a news conference is scheduled for sometime Wednesday afternoon where more information will be released.

FBI officials have been investigating a possible Hollywood hacking ring for more than a year however the issue heated up after the Johansson photos surfaced on the internet and hackers continued to mock their victims.

When FBI officers began their probe they were searching on behalf of actresses and other Hollywood figures who believed their information had been compromised.

While a single group has come forward to claim the hacking breaches officials warn that those claims have never been verified. What we do know is that reports have surfaced in which other unnamed celebrities have been victimized by the hackers even though their compromising photos have not yet been leaked to the press.

If there’s one thing I’ve learned from LulzSec and other recent hacking scandals it’s that most hackers get caught, especially when they practically throw themselves into the public spotlight.

FBI Officials Arrest Celebrity Hacker Suspect is a post from: The Inquisitr

Cody Kretsinger, 23, a suspected member of the hacking alliance LulzSec was arrested on Thursday in connection with the hacking of Sony Pictures Entertainment.

The young hacker was charged with conspiracy and unauthorized impairment of a protected computer after he used “SQL injection” to grab data from the studio’s computers and then share it with the outside world.

After stealing data from the Sony computer network Kretsinger posted the names, addresses and passwords for thousands of Sony contest entrants.

If found to be in connection with the group Cody’s confession has already been greatly publicized after LulzSec’s own website posted the following message:

“From a single injection we accessed EVERYTHING,” while adding “Why do you put such faith in a company that allows itself to become open to these simple attacks?”

At this time Kretsinger has been released and is only allowed to use a computer at work; he must also remain in one of three court mandated states.

If found guilty of the attack Cody could face up to 15 years in prison.

As has been the case with other LulzSec attacks I wouldn’t be surprised to hear of a new attack or warning message from the group in retaliation for their members arrest.

What type of punishment do you believe would be fitting against Cody Kretsinger and any other LulzSec members who are discovered and put on trial?

LulzSec Suspect Arrested In Arizona, Believed To Be Sony Pictures Hacker is a post from: The Inquisitr

Anonymous is at it again, but this time the hacker collective is taking their online campaign to the real world, urging citizens in San Francisco to wear red on Monday evening at BART’s Civic Center Station.

The Bay Area Rapid Transit system was responsible for the denial of freedom of speech recently according to Anonymous members who posted:

“In the Bay Area, we’ve seen people gagged, and once more, Anonymous will attempt to show those engaging in the censorship what it feels like to be silenced.”

Anonymous has asked that the protest remain peaceful and that those participating carry video cameras to “record further abuses of power by the police and to legitimize the protest. The media will certainly spin this in an attempt to make our actions appear to be violent or somehow harmful to the citizenry at large.”

Jim Allison, a BART spokesman told the SFGate that his agency is aware of the project and that

“The safety of our customers is our No. 1 priority, and we’re going to do what we can to keep people safe,” while adding, “We’re just going to leave it at that.”

Allison would not say whether or not cellular service would once again be shut off at the station if protests occur, a fact in itself that puts passengers in danger as they lose the ability to contact emergency services.

If you are unfamiliar with the reason behind the original phone shutoff, a protest was planned on Thursday against the July 3 fatal shooting by BART police, however upon learning of those plans the organization turned off access to their underground cell phone numbers in downtown San Francisco.

After learning of the shutdown State Sen. Leland Yee, D-San Francisco noted:

“I am shocked that BART thinks they can use authoritarian control tactics,”  while he added, “BART’s decision was not only a gross violation of free speech rights; it was irresponsible and compromised public safety.”

According to Anonymous plans:

“We will be wearing ‘blood’ stained shirts for remembrance to the blood that is on the hands of the BART police.”

Will you be attending the protest?

Hacker Group Anonymous Calls For Monday Protest Against BART is a post from: The Inquisitr

Hacking group Anonymous has announced that on November 5 they will destroy Facebook, “the medium of communication you all so dearly adore.”

Posted in a YouTube video the group says they will “kill” Facebook on Nov. 5 while claiming they are doing it for “Your own privacy”, while adding, “Facebook has been selling information to government agencies and giving clandestine access to information security firms so that they can spy on people from all around the world.”

The group continues:

“Everything you do on Facebook stays on Facebook regardless of your ‘privacy’ settings, and deleting your account is impossible,” while adding,  “One day you will look back on this and realize what we have done here is right.”

Apparently the groups plans don’t sit well with at least part of their group who have begun publicly distancing themselves from the “kill Facebook” campaign.

Facebook programmers vs. Anonymous hackers? This could easily turn into a pay per view event that could rival top UFC fights.

Here’s the official Anonymous Facebook Attack Announcement:

I know Anonymous likes to think they are doing everything for the good of society, but I know my privacy is being sold and I could care less, users who don’t like Facebook can simply disconnect and if enough users take that route Facebook won’t be killed by some lines of programming code, it will be killed because the people have spoken.

Anonymous Says They Will “Kill Facebook” On November 5 is a post from: The Inquisitr

Hacker groups AntiSec and Anonymous have hacked nearly 70 law enforcement websites around the United States this week, claiming retaliation for last months arrest of more than a dozen hackers from around the world.

According to the group they have downloaded  ”a massive amount of confidential information that is sure to (embarrass), discredit, and incriminate police officers across the US.”

All together hackers from the collective gathered nearly 10 gigabtyes of information and posted that information online during the early hours of Saturday morning. information posted included officer emails, credit card numbers, and reported tips.

In true AntiSec, Anonymous fashion they also managed to humiliate victims of crimes, including the postings of teenage girls in swimsuits which were part of an ongoing investigation.

The groups work seems to have come mostly from Arkansas, Kansas, Louisiana, Missouri, and Mississippi where a small media hosting company handles the hacked accounts.

According to Anonymous they posted the information to “demonstrate the inherently corrupt nature of law enforcement,” while one security analyst said it was nothing more than a lazy hacking attempt by the group since “It seems to me to be low-hanging fruit” based on lousy security by the hosting firm.

Anonymous, AntiSec, LulzSec and others continue to hack company’s, governmental agencies and others to “teach them a lesson” in the meantime the United States, UK and other countries are now considering hacking acts of terrorism, acts which could place every captured and convicted hacker behind bars for the rest of their lives with no chance of parole.

Anonymous and AntiSec Retaliate, Hack U.S. Law Agencies is a post from: The Inquisitr

On one side of the coin conferences like  Black Hat and Defcon  that are going on right now in Las Vegas are really cool because it lets us see what creative minds can do with technology. On the other side of the coin though they can be pretty frightening events that show us just how badly our technology can be misused.

A perfect example of this was the presentation by Jerome Radcliffe where he showed how easy it is to hack an insulin pump and for all intents and purposes turn it into a murder weapon. What Radcliffe did was reverse engineered the pumps and their wireless connectivity to the point where he could command the pump to do what he wanted without anyone knowing.

There was no encryption, since that requires more complicated processing and would make the battery for the device run out faster. The sensor has to run on a 1.5-volt watch battery for two years. Adding encryption also makes the device more expensive. Once Radcliffe, who has used insulin pumps for a while and has been a diabetic since he was 22, understood how the devices worked, it was relatively simple to figure out how to hack them.

“I can get full remote control” of someone else’s insulin pump, Radcliffe said. “If I were an evil hacker, I could issue commands to give insulin, without anyone else’s authority. This is scary. And I can manipulate the data so it happens in a stealth way.”

via VentureBeat

This is truly scary but if something like an insulin pump can be hacked to this degree one has to wonder how safe our other modern medical devices are.

Hacking the unthinkable: Insulin pumps a potential murder weapon is a post from: The Inquisitr

It is getting harder and harder to think of things that are truly from the world of science fiction and not have someone be able to create those things today with even run of the mill technology.

Such is the case with the WASP; or as Richard Perkins and Mike Tassey call it the Wireless Aerial Surveillance Platform. Where once something like WASP might have been relegated to fanciful futuristic spy movies these two gentlemen plan on showing a working model at this year’s Black Hat and Defcon conferences.

Building off of an old Air Force drone they packed the miniature aircraft with a  tiny Linux powered computer, hacking software, a 4G T-Mobile card, an HD camera, and 32 GB onboard storage.

Just what does WASP do with those gigabytes? Originally, it was designed for Wi-Fi penetration — cracking network passwords while loitering above a target area. But the newly upgraded WASP can now trick GSM phones into connecting with its 4G card as if it were a standard cellphone tower. Once connected, the WASP quietly records any phone conversations or text messages while connecting the call via VOIP, thus giving the mark the impression that the call went through normally.

Keep in mind that nothing on the WASP is particularly new. The password cracking techniques have been around for quite some time, and the phone-spoof is based off a trick shown off at Defcon last year. But by placing them on a flying platform, Perkins and Tassey have shown that consumer technology and hacking techniques have progressed to the point where once untouchable targets are now vulnerable.

via Geekosystem

And we use to think stuff like this was only found in the movies.

WASP: the WiFi and 4G flying snooper that anyone could make is a post from: The Inquisitr