Researchers Demo Physical Attack via Car Wash Hack

LAS VEGAS – BLACK HAT USA – Researchers have created proof-of-concept (PoC) exploits to demonstrate how hackers can cause physical damage to vehicles and injure their occupants by remotely hijacking a connected car wash. The attack was detailed in a presentation at the Black Hat security conference this week by WhiteScope founder Billy Rios, a…

WikiLeaks Details Mac OS X Hacking Tools Used by CIA

The latest round of documents published by WikiLeaks as part of a leak dubbed by the organization “Vault 7” describes several tools allegedly used by the U.S. Central Intelligence Agency (CIA) to target Mac OS X and other POSIX systems. The tools, said to be part of a CIA project named “Imperial,” are called Achilles,…

Hacking the Wind

BLACK HAT USA – Las Vegas – Gaping security holes in wind energy control networks make them vulnerable to cyberattacks for extortion and physical destruction purposes, a researcher showed here today. Jason Staggs, a security researcher at the University of Tulsa, has spent the past couple of years crisscrossing the US and hacking away at…

‘AVPass’ Sneaks Malware Past Android Antivirus Apps

Researchers at Black Hat USA will release a toolset that studies and then cheats specific Android AV apps. A team of researchers from Georgia Tech built an Android hacking tool that snuck past nearly all of 58 Android AV antivirus programs in tests conducted via VirusTotal. Their AVPass toolkit includes a query function that vets…

UK Spy Agency Warns of State-sponsored Hackers Targeting Critical Infrastructure

The U.K. Government Communications Headquarters (GCHQ), Britain’s secret eavesdropping agency, warns that ‘a number of [UK] Industrial Control System engineering and services organisations are likely to have been compromised’ following the discovery of ‘connections from multiple UK IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors.’ The warning comes from a National Cyber Security Centre…

Russia Jails Head of Notorious Hacker Group

A Moscow court on Thursday jailed the leader of a notorious hacking group for two years for breaking into the accounts of high-ranking Russian officials. Vladimir Anikeyev headed the Shaltai Boltai collective — Russian for “Humpty Dumpty” — believed to be behind high-profile hacks, including into the Twitter account of Prime Minister Dmitry Medvedev. Anikeyev…

Al-Jazeera reportedly hit by systematic hacking attempts

Al-Jazeera, the Doha-based broadcaster owned by the ruling family of Qatar, says the websites and digital platforms of Al Jazeera Media Network, its parent company, “are undergoing systematic and continual hacking attempts.” “These attempts are gaining intensity and taking various forms. However, the platforms have not been compromised,” the broadcaster said in a statement that…

Russian hackers use OAuth, fake Google apps to phish users

The Russian hacking group blamed for targeting U.S. and European elections has been breaking into email accounts, not only by tricking victims into giving up passwords, but by stealing access tokens too. It’s sneaky hack that’s particularly worrisome, because it can circumvent Google’s 2-step verification, according to security firm Trend Micro. The group, known as…