Hackers can access a Peloton user's bike camera, microphone and screen, security company McAfee reports. Shannon Stapleton/Reuters hide caption
In a new report , security company McAfee says hackers with direct access to Peloton bikes can gain control of the camera and microphone and can monitor users. The attackers can also add apps disguised as Netflix and Spotify to encourage users to input login credentials for later malicious use.
How New York City's Law Department Got Hacked - The New York Times
New York City's Law Department holds some of the city's most closely guarded secrets: evidence of police misconduct, the identities of young children charged with serious crimes, plaintiffs' medical records and personal data for thousands of city employees.
Officials have not said how the intruder obtained the worker's credentials, nor have they determined the scope of the attack. But the hack was enabled by the Law Department's failure to implement a basic safeguard, known as multifactor authentication, more than two years after the city began requiring it, according to four people with knowledge of the legal agency's system and the incident.
Biden's Red Lines for Russian Hackers - WSJ
No outcome of the Geneva summit was more eye-opening than Joe Biden 's claim to have presented Vladimir Putin with a list of 16 categories of U.S. cyber targets that must remain off-limits to attack.
Mr. Biden's list almost certainly is the same as the one publicly posted by the U.S. Cybersecurity and Infrastructure Security Agency last year. It contains no state secrets. U.S. expectations that Mr. Putin will take a proactive hand against Russia's for-profit hackers are also probably correspondingly low. It would impose costs and risks on Mr. Putin to interfere in a business that's paying off so handsomely for some of his clients, including officials of his own security services.
Worried about hackers? These may be the people you need to call
SPARKS, Nev. (KOLO) -The name of the gathering--a convention at the Sparks Nugget calledd the Wild West Hackin'fest--is enough to raise an eyebrow.
Hacker? In fact--most of these people would answer to that label, but these days probably prefer cybersecurity professional.
"A lot of these people, they've learned the dark arts," says John Strand, owner of Black Hills Information Security, the host of the 'fest. They've learned hacking and they apply that to defend their organizations."
Worst hackers avoid attacking Eastern European countries: reports | Fox News
Some of the most notorious hackers steer clear of attacking organizations in Eastern European countries.
DarkSide, the criminal organization behind the Colonial Pipeline cyberattack, and other high-profile hacking groups bar their partners from installing malicious software on computers using certain languages, according to Krebs on Security, a cybersecurity news site.
This has been going on since the early days of organized cybercrime, and "it is intended to minimize scrutiny and interference from local authorities," Krebs wrote as part of a post pointing out that certain malware will not install on a Microsoft Windows computer that has a Russian or Ukrainian virtual keyboard installed.
A hacker tried to poison a Calif. water supply. It was as easy as entering a password.
On Jan. 15, a hacker tried to poison a water treatment plant that served parts of the San Francisco Bay Area. It didn't seem hard.
After logging in, the hacker, whose name and motive are unknown and who hasn't been identified by law enforcement, deleted programs that the water plant used to treat drinking water.
"No failures were reported as a result of this incident, and no individuals in the city reported illness from water-related failures," the report, which did not specify which water treatment plant had been breached, noted.
Cars, Medicine, Electric Grids: Future hackers will hit much more than networks in an IT/OT
North Korea hackers target S.Korea nuclear think tank - lawmaker | Reuters
SEOUL, June 18 (Reuters) - A North Korean hacking group known as Kimsuky broke into the network of South Korea's state-run nuclear think tank last month, the latest in a series of cyberattacks by the North, a South Korean lawmaker said on Friday.
The breach of the Korea Atomic Energy Research Institute (KAERI) took place on May 14 involving 13 internet addresses including one traced to Kimsuky, said Ha Tae-keung, a member of the parliamentary intelligence committee, citing an analysis by Seoul-based cybersecurity firm IssueMakersLab.
Hackers Behind EA Data Breach Are Selling FIFA 21 Source Code on an Underground Hacking Forum -
Hackers stole Electronic Arts' source code for FIFA 21, the Frostbite engine, and game development tools, according to MotherBoard.
Earlier this week, the hackers behind the EA data breach also announced that they were selling about 780 gigabytes of the stolen game source code and tools on an underground hacking forum.
The threat actors shared screenshots of the stolen source code and directory listings to prove the legitimacy of their claims. Additionally, the hackers claim they have Microsoft’s Xbox and Sony's SDKs and API keys for sale.
Best cybersecurity practices can save companies from hackers' clutches
Companies of all sizes must bolster their cybersecurity defenses as emboldened hackers launch high-profile and costly ransomware attacks like those that hit Colonial Pipeline Co. and meatpacker JBS last month, according to local and national cybersecurity experts.
"The threat surface just keeps growing," said Dave Salisbury, director of the center for cybersecurity and data intelligence at the University of Dayton. "All the devices that attach to the internet, they create new threat surfaces."
Happening on Twitter
Hackers can gain remote access to a Peloton bike's camera and microphone to monitor users, a new report finds. The… https://t.co/PgHd8t79W1 NPR Wed Jun 16 21:00:06 +0000 2021
No comments:
Post a Comment