The FIFA website was (and, stunningly, remains) replaced with footage of protesters marching then meeting a vicious police response:

Continue Reading...

Many of the hacks perpetrated by Anonymous are pretty straight-forward. Whether you agree with the hacktivist group’s methods or not, they are at least comprehensible. The latest “op” however really is baffling.

LulzSec Albania, a group of Albanian hackers associated with the LulzSec group of Anonymous allies, have hacked the Swiss Chamber of Commerce in Canada. Nope. You didn’t just have a stroke.

The website of the Swiss Canadian Chamber of Commerce, which was developed using PHP, had a vulnerability to a confirmed SQL injection flaw, which is how the hackers struck.

They stole a database containing names and login information, which the group released on Pastebin.

What was the motivation? The hackers themselves say “for the lulz.”—but what lulz?

Continue Reading...

With China seeking to grow its economy and expand its technology base, companies like Facebook, Apple, Google and Twitter are inviting targets. In fact, all have been attacked and all point the finger at China, which has denied any role.

The U.S. government has stepped up efforts to thwart cyber-attacks, but those efforts are mainly focused at protecting its own secrets, especially regarding military operations and technologies.

Paul Rosenzweig, a former Department of Homeland Security official whose Red Branch Consulting provides national security advice, said the responsibility for preventing attacks in the private sector lies with the U.S. innovators who created the technology that's being hacked in the first place.

"To some degree, they were getting a pass," he said. "If a car manufacturer made a car that was routinely able to be stolen, they'd be sued. If software is made with gaps that are a liability, they bear some responsibility, and in recent years there's been a sea change in high tech firms accepting that responsibility."

Continue Reading...

The Soviet Union may be a thing of the past, but its domain isn’t. Think of it as a clubhouse for the new Russian kleptocracy.

.SU, assigned to the then-Union of Soviet Socialist Republics (U.S.S.R.) in 1990, a year before its dissolution, is now a refuge for criminal hackers, according to the AP’s Raphael Satter.

The domain has “turned into a haven for hackers who've flocked to the defunct superpower's domain space to send spam and steal money.”

The migration to .SU began in 2011, when the officials overseeing Russia’s .RU domain tightened their rules.

Group-IB, a Russian Internet watchdog agency has found the number of malicious websites hosted on .SU doubled that year, then again in 2012, “surpassing even the vast number of renegade sites on .ru and its newer Cyrillic-language counterpart.” Perhaps the most well-known site is Exposed.su, which allegedly published credit records belonging to Michelle Obama, Mitt Romney, Donald Trump, Beyonce and others.

Continue Reading...

PayPal, eBay’s popular online payment service, has a robust relationship with developers. It has a dedicated developer site and personnel, with APIs and SDKs available, and for several years has sponsored an event called CharityHack in London.

Now, it’s globalizing that relationship by launching Battle Hack.

Battle Hack is a “world series of hackathons,” to be held in 10 cities over the next six months. It starts in June in Berlin and ends with a championship in Silicon Valley in November.

“Every city will battle it out to select their local champion who we will fly to the world finals for one last hack-off,” according to the Battle Hack website.

Continue Reading...

The pseudonymous hacker “Guccifer,” whose list of hacking victims includes President George W. Bush and former secretaries of state Hillary Clinton and Colin Powell, has recently seemed to veer into surprising territory, hitting Sex and the City creator Candace Bushnell and journalist Carl Bernstein.

But now, tanned, rested and ready, he has returned to his old stomping grounds, the email accounts of political figures.

Continue Reading...

Dozens of U.S. energy providers face "daily, constant or frequent" attempted cyber attacks, according to a new Congressional review of power grid safety. In an extreme case, one utility provider said it was the target of more than 10,000 attacks a month.

These numbers are intended to highlight the growing threat of cyber attacks to the nation's infrastructure, but some utility companies are calling the report alarmist and an effort to bolster congressional arguments for enhanced federal cybersecurity authority.

Earlier this week Rep. Henry Waxman (D-Ca.) and Rep. Edward Markey (D-Ma.) released a 35-page report entitled Electric Grid Vulnerability. Waxman and Markey gauged the threat to utility providers by sending a 15-question survey to 115 energy companies around the country. 112 of those companies responded and their answers revealed that the U.S. power grid is a prime target for cyber attackers using a variety of tactics and operating under a range of motives.

Continue Reading...

Via the WSJ:

U.S. officials consider this set of Iranian infiltrations to be more alarming than another continuing campaign, also believed to be backed by Tehran, that disrupts bank websites by “denial of service” strikes. Unlike those, the more recent campaigns actually have broken into computer systems to gain information on the controls running company operations and, through reconnaissance, acquired the means to disrupt or destroy them in the future, the U.S. officials said.

In response, U.S. officials warn that Iran is edging closer to provoking U.S. retaliation.

“This is representative of stepped-up cyber activity by the Iranian regime. The more they do this, the more our concerns grow,” a U.S. official said. “What they have done so far has certainly been noticed, and they should be cautious.”

The U.S. has previously launched its own cyberattacks against Iran. The Stuxnet worm, developed and launched by the U.S. and Israel, sabotaged an Iranian nuclear facility.

Continue Reading...

Chinese officials have continuously denied that their military is connected to cyberattacks against the U.S., while the White House has warned China against continued data theft attacks.

Via the Times:

Continue Reading...

Via Reuters:

Continue Reading...

Not so long ago, hackers often perceived themselves as standing in opposition to authority and governments. Moreover, the subcategory of hackers who specialized in discovering and publicizing security vulnerabilities -- referred to as "exploits" in the security trade -- did so out of a belief that the best way to improve the integrity of our communication systems was by publicizing dangerous security holes.

Times have changed. As Joseph Menn documented in a breakthough special report for Reuters last week, today's security-minded hackers often end up working directly for defense contractors, hand in hand with the U.S. government. Identifying exploits and selling them off to the highest bidder has become a lucrative business. Worst of all, the buyers of these exploits aren't interested in improving security, but instead often plan to deploy these vulnerabilities for their own purposes.

Continue Reading...

You might be wondering why people are making Bitcoin jokes in your Twitter stream. Simple: When a unit of currency rises in value from $13 in January to $147 in April we are witnessing the very definition of a speculative bubble. And when that currency is the preferred denomination for libertarian hackers who believe passionately that they have finally found a tool that will allow them to "starve the beast" of big government, well, it's hard to resist rubbernecking.

Continue Reading...

"Fanatics have their dreams, wherewith they weave/ A paradise for a sect; the savage too/ From forth the loftiest fashion of his sleep/ Guesses at Heaven ..." So begins the epic -- an appropriately grandiose reading for the hacker-cum-troll to choose. Keats' poem tells a story of transcendence, in which poets and dreamers are challenged, persecuted and deified. And Auernheimer (his tongue ever wedged in his cheek) is asking for a little deification too. He is the latest victim in the government's harsh crackdown on hackers -- and he wants you to know it.

Continue Reading...

Russia Today reported:

Continue Reading...

The full list of victims, according to the hacker's Web site:

 Michelle Obama, Kim Kardashian, Joe Biden, Robert Mueller (FBI Director), Hillary Clinton, Eric Holder (U.S. Attorney General), Charlie Beck (LAPD Chief), Mel Gibson, Ashton Kutcher, Jay Z, Beyonce, Paris Hilton, Britney Spears,Sarah Palin, Hulk Hogan, Donald Trump, Arnold Schwarzenegger

Continue Reading...

The online community of RAT operators, "ratters," Ars Technica notes, is almost exclusively male. They share the fruits of the computers they compromise -- largely intimate images of women swiped from computer files or caught on webcam -- on aboveground hacker forums. They call the women they spy on "slaves."

RAT technology is not new, but has become vastly more sophisticated and undetectable by victims. As Ars Technica noted, ensnaring "slaves" is the easy part:

Continue Reading...

I skipped them both, and I'm glad I did. My favorite session yet was a 15-minute-long mini-talk by a guy named John Biehler: "How 3D printing changed my life."

Biehler is a hobbyist. He didn't have a company to pitch or a world-changing ideology to share. He just wanted to tell his story, how he ordered a kit to build a MakerBot 3D printer a couple of years ago, and became completely obsessed with making stuff.

The room he spoke in was small but packed with attentive, appreciative listeners. If there's anything that can reasonably be discerned as a theme of SXSWi 2013, it's that hardware is the new software and making real things is the bees knees.

Continue Reading...

So if you are fond of the contemplative life by Walden Pond, it's not for you. But if you like bright lights and the big city, and are willing to submerge yourself in the flow, like a salmon swimming upstream against the rapids into the rush of a snow-melt-fed mountain river downpour, you'll be fine.

With any event that metastasizes to this level, there's always an undercurrent of naysayers whispering sellout. This is not wrong. The corporate entanglement that reaches through every nook and cranny of SXSW makes the gathering seem like the second coming of COMDEX, the legendary computer expo that used to be the 800-pound gorilla of the tech sector social season. When you see bicycle-powered pedicabs rolling by with ads for Game of Thrones and Google and Oreo, or venture into one of the huge tents in which watered down drinks are handed out in exchange for the opportunity to mingle with a bunch of corporate communication specialists, it can be a little dispiriting.

Continue Reading...

According to Reuters, the sophisticated attacks are believed to have originated in China:

Facebook revealed on Friday that unidentified hackers traced to China had staged a sophisticated attack by infiltrating its employees' laptops, but no user information was compromised.

Apple, which is working with law enforcement to track down the hackers, told Reuters that only a small number of its employees' Macintosh computers were breached, but "there was no evidence that any data left Apple."

The iPhone and iPad maker said it would release a software tool later on Tuesday to protect customers against the malicious software used in the attacks.

Earlier Tuesday an exhaustive report flagged by the New York Times from security firm Mandiant alleged that "an overwhelming percentage of the attacks on American corporations, organizations and government agencies” originate from one unit of China's People’s Liberation Army based in the outskirts of Shanghai. Whether the attacks on Facebook and Apple have links to the Chinese military is unknown.

Continue Reading...

Anonymous also claims to have distributed encrypted government files through the hacked website, threatening to release the decryption codes (revealing the as yet unknown information held on the stolen files) if the government fails to comply with demands to reform flawed cybercrime laws -- the laws under which Swartz was persecuted. The released files were named after Supreme Court justices. "A line has been crossed" with the zealous pursuit of charges against Swartz, the hackers' statement noted.

Continue Reading...