Connor Ball, the 23-year-old bassist of the British pop band the Vamps, was in the shower when he realized something was up. The song he was listening to on Spotify, by the American singer Lauv, had suddenly stopped.
* * *
Asked how he pictured the person choosing the songs , he said, "I'm imagining a 70-year-old bald man in a rocking chair."
That seems to be less true when it comes to music. When a Spotify account gets hacked, the hackee is able to see the music the hacker has chosen (either on the hacker's device, or sometimes, presumably by accident, on the hackee's). A portrait of the hacker often emerges.
Other things to check out:
HackerOne breach lets outside hacker read customers' private bug reports | Ars Technica
As a leading vulnerability reporting platform, HackerOne has paid hackers more than $23 million on behalf of more than 100 customers, including Twitter, Slack, and the US Pentagon. The company's position also gives it access to unimaginable amounts of sensitive data. Now, the company has paid a $20,000 bounty out of its own pocket after accidentally giving an outside hacker the ability to read and modify some customer bug reports.
"HackerOneStaff Access," the community member haxta4ok00 wrote in broken English on November 24. "i can read all reports @security and more program." In a follow-up message, haxta4ok00 wrote: "i found what is you can edit private program (for test) I have not changed anything and not used , all for the sake of hacking." On the same day, the hacker followed up again, writing: "If you need Proof, I can write a message [redacted]."
FBI warns about smart TVs being 'gateways for hackers' - Trending & Viral News - 13 WTHR
If you own a smart TV or are looking to buy one this holiday season, the FBI has some advice for you.
The FBI says smart TVs, which have the ability to connect to the internet, use streaming services and apps and can even talk to people, can be vulnerable to hackers.
Many newer TVs have microphones and cameras built-in, which let you communicate with the TV by shouting at it or using facial recognition. While these features can allow TV manufacturers, app developers and streaming companies to track what you're doing, they can also make your TV a gateway for hackers.
Hackers Trick Venture Capital Firm Into Sending Them $1 Million - VICE
Security researchers at Check Point say the company has uncovered evidence that Chinese hackers managed to hijack $1 million in seed money during a wire transfer between a Chinese venture capital firm and an Israeli startup—without either side realizing anything was wrong.
"Patience, attention to detail and good reconnaissance on the part of the attacker made this attack a success," Check Point said.
In case you are keeping track:
FBI Warning: Hackers Now Targeting US Automotive Industry - CPO Magazine
According to a new FBI warning, hackers are now targeting the U.S. automotive industry. In a Private Industry Notification (PIN) sent out to private sector partners, the FBI's Cyber Division warned that malicious cyber actors have been active since late 2018. They appear to be stepping up their activities to include ransomware infections, data breaches, phishing attacks, and corporate espionage activities.
The FBI warning, which was obtained by media outlet CNN, offered both a high-level view of the types of cyber threats facing the automotive industry, as well as a specific look at the types of attacks that have been carried out over the past 12 months. While the FBI warning did not name any specific cyber actors responsible for these attacks, it did note that the U.S. automotive industry has become an attractive target for both nation-states and cybercriminals.
Vulnerabilities in Microsoft Azure Lets Hackers Control Azure Accounts
Security analysts from cybersecurity firm CyberArk recently found a critical vulnerability in Microsoft Azure that allows attackers to take control over Microsoft Azure user accounts.
OAuth is a commonly used protocol for authorization for end-users to grant websites or applications access to their information. Most companies use OAuth to permit users to share information about their accounts with third-party applications.
OAuth 2.0 is the next generation of the OAuth protocol that allows third-party applications to grant limited access to an HTTP service.
Iran Has Launched 'Malicious' New Malware That Wipes Windows Computers, Warns IBM
Iranian hacking groups are now demonstrating a tenacity and an increasingly sophisticated set of cyber weapons to target strategic industries. And while U.S. commercial entities are definitely in the crosshairs, the Middle East is seen as a softer target. The twist here is that this latest attack included multiple tools deployed by different Iranian threat groups to bypass system security layers, brute force network credentials and plant the wiper malware—a major concern to the industry.
Special Report: 2020 U.S.
(Reuters) - In 2016, the U.S. Census Bureau faced a pivotal choice in its plan to digitize the nation’s once-a-decade population count: build a system for collecting and processing data in-house, or buy one from an outside contractor.
* * *
Three years later, the project faces serious reliability and security problems, according to Reuters interviews with six technology professionals currently or formerly involved in the census digitization effort. And its projected cost has doubled to $167 million — about $40 million more than the bureau’s 2016 cost projection for building the site in-house.
Happening on Twitter
Let's Go Undercover 🕵️ Latest Kali #Linux 2019.4 release includes a new 'Undercover Mode' which turns your hackis… https://t.co/CwuzVVXpQR TheHackersNews (from The Internet) Wed Nov 27 06:38:57 +0000 2019
Are tech companies hacking your brain and destroying free will? The reality is that they can't even convince you t… https://t.co/RjcK22hWvM sapinker (from Boston, MA) Wed Nov 27 15:27:43 +0000 2019
This should concern (and, frankly, scare the heck out of) every Tennessean. Demand that your county's #voting mach… https://t.co/BDn7kSqioH JRClemmons (from Nashville) Sun Dec 01 21:33:43 +0000 2019
No comments:
Post a Comment