Facebook was down for five hours last week. What happened and what do DNS and BGP have to do with it?
Thingiverse, a website dedicated to sharing user-created digital design files, has reportedly leaked a 36GB backup file that contains 228,000 unique email addresses and other personally identifiable information, confirms Troy Hunt, creator of the Have I Been Pwned data breach notification service, citing the circulation of this data set on a popular hacking forum.
What just happened? A hacker appears to have leaked the entirety of livestreaming service Twitch, from the source code and user payouts to encrypted passwords. It’s recommended that all users change their passwords, enable two-factor authentication, and reset their stream key.
A 4Chan user posted the 125GB torrent link on the forum earlier today, saying it was to “foster more disruption and competition in the online video streaming space” because “their community is a disgusting toxic cesspool.”
According to Bleeping Computer, cybercriminals have found a new way to hide malware in graphics cards memory. This method of utilizing graphics card memory instead of system memory is undetectable by the antivirus software, the original advertisement on hacking forums claims.
The malware uses graphics memory allocation space, from where the code is executed. The technology uses OpenCL 2.0 API on Windows operating system, no other systems are affected by the malicious code.
The hacker confirmed that the code has been tested on Intel UHD 620/630 graphics as well as Radeon RX 5700 GPU and GeForce GTX 740M and GTX 1650 discrete cards. It is unclear if other graphics cards are affected, but assuming that this method uses OpenCL 2.0, it is very likely to be compatible with other modern GPUs.
In this video we look at reverse engineering a basic firmware format of a commonly found IoT camera – and then creating a backdoored firmware that calls back to our command & control server and allows us to remotely control it!
The Story of how a simple USB device defeated Security on the Sony PlayStation 3 and how it works
Written in Rust, Open Vehicle Diagnostics aims to reach feature-parity with expensive manufacturer-specific ECU management solutions.
Undergraduate student Ashcon Mohseninia has released a Rust-based open source tool, created for a final year project at the University of Reading, designed to offer engine control unit (ECU) diagnostics: Open Vehicle Diagnostics (OVD).
“I know there are some open source diagnostic software suites out there that work on Linux,” Mohseninia writes of the project. “However they are focused on the ELM327 adapter and OBD2, whereas this is focused more on the more advanced diagnostics, essentially building a utility which could have feature parity to OEM diagnostics software such as Daimler’s Veidmao/Xentry/Das or VW VAG software.”
How a simple toy, found in a cereal box, hacked AT&T’s phone lines.
The USB device is outfitted with a pair of removable EEPROM chips that store credentials using AES-256 encryption.
It’s not uncommon for most PC users to have multiple accounts and passwords for a host of different sites and applications. Trying to remember all of those credentials can be a pain or a downright disaster if passwords are forgotten, not to mention hackers could steal any sensitive information. To that end, the safest and easiest way to manage website passwords and other credentials are to store that information offsite, rather than locally or in the cloud.
This isn’t a hacking tutorial but we will take a look at the anatomy of a DOS and DDOS attack to get an idea of how a small IOT device like an Arduino with an Ethernet Shield can be used to cause a server to do massive amounts of work.