blog trackingRealtime Web Statistics Hackers Archives | Page 10 Of 90 | Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant - Part 10

Posts Tagged ‘Hackers’

How These Mormon Women Became Some of the Best Cybersecurity Hackers in the U.S.

mom“People see it as a good thing, but it’s still kind of surprising.” Sarah Cunha and Laura Wilkinson, two seniors at Brigham Young University, didn’t make it to graduation this year. Instead, the two women spent their grad weekend, April 22-24, fighting hackers and defending a network from malware attacks at the 2016 National Collegiate […]

The post How These Mormon Women Became Some of the Best Cybersecurity Hackers in the U.S. appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Researcher Finds Hackers’ Traces On Facebook Server

hacking-with-a-laptop-in-hotel-roomTaiwanese researcher finds evidence of an earlier data breach whilst participating in Facebook’s bug bounty programme A security researcher participating in a Facebook bug bounty programme said that after penetrating the security of a server belonging to the social network he found evidence that at least one other hacker had already been there, and had […]

The post Researcher Finds Hackers’ Traces On Facebook Server appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Bomb-makers, hackers wanted: US seeks public help to prevent attacks

bombThe U.S. government is recruiting hackers and bomb-­makers to help strengthen American defenses in hopes of defusing possible terrorist attacks. The Defense Advanced Research Projects Agency, or DARPA, announced in March that its Improv program was soliciting research proposals — with an emphasis on creativity — for prototypes and systems that could “threaten current military […]

The post Bomb-makers, hackers wanted: US seeks public help to prevent attacks appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Female Hackers Still Face Harassment at Conferences

1461176219779681

Security and hacking conferences provide platforms for cutting edge research into computer vulnerabilities, exploitable systems, and new defensive measures. These often vast events also let researchers and hackers rub shoulders with their friends and peers, network, and blow off steam.

But a lingering problem remains for some women at a number of conferences: harassment and prejudice.

In a recent example, women were targeted at an after-party of internet and human rights conference Rightscon, which took place between March 30 and April 1 in San Francisco.

“There were incidents of sexual harassment at last night’s CloudFlare party,” tweeted RightsCon, adding that the conference has a zero tolerance policy for this sort of behavior.
Matthew Prince, CEO of cybersecurity company CloudFlare, added in a tweet on March 31, “Not just us. Pervasive at tech industry events. Men who perpetuate it need to be called on it.”

But harassment at conferences doesn’t always make it into the tweets of a high-profile CEO. Motherboard spoke to several established women in the information security and digital rights sectors about their own experiences of harassment, and other incidents they knew about. Many of them spoke to Motherboard on the condition of anonymity, either because they weren’t authorized by their employers to talk about such issues publicly, or because they did not want to face further harassment. Some also asked not to name the specific conferences, where this would likely identify them.

“More times than I can count, strangers have totally dismissed me as an infosec professional’s girlfriend”
Ass grabbing, verbal insults, and being inappropriately hit-on all came up. One common complaint was the suggestion that women were just there to help out men, who were, people assumed, the actual security researcher giving a talk.

“I was setting up my laptop to speak at an event, and a man walked up to me and remarked that it was sweet of me to set up my boyfriend’s laptop for his talk,” said security researcher Jessy Irwin.

Another woman in the industry described something similar: “More times than I can count, strangers have totally dismissed me as an infosec professional’s girlfriend.”

“I’ve had enough crappy experiences at security conferences that I no longer attend them alone,” said Leigh Honeywell, a security engineer. “I’m lucky to have a solid network of friends in the field, but it makes me sad for women who don’t have an established network.”

It’s hard to know how many women have come across this sort of thing, because it’s likely many incidents go unreported, and conferences don’t always have a good mechanism in place for handling complaints of this nature.

“I think that it is a small percentage, but it’s also very difficult to measure because frequently there is no place to report it to, and people have different ideas about what qualifies as harassment,” Eva Galperin, global policy analyst at the Electronic Frontier Foundation, told Motherboard in a phone call. “We can’t really know.”

“You think you’re going to a professional conference and instead you get hit on by six guys in the lobby of a hotel”
Harassment doesn’t just have an immediate effect. Several people said it was a real possibility that women, in particular those new to the industry, could be discouraged from attending conferences or continuing to work in their industry because of bad experiences.

“If women don’t feel safe in the areas where their profession grows and learns and shares intelligence, they are left behind. This is a huge problem in terms of professional advancement, and it sucks,” said Irwin.

“Since networking, training, and name recognition in information security are crucial, avoiding conferences can be career-damaging,” said another female infosec professional.

Of course, conferences can be very different from one another. For example, Black Hat and RSA are more corporate affairs than the grassroots Defcon and Chaos Computer Congress. One is not necessarily better than the other in terms of gender issues, but they can offer different challenges..

“Not all hacker conferences are created equal,” Galperin said. “There are people who go to these conferences with the expectation that this is serious business, where you go to present your research and rub shoulders with the people in the industry who can get you a job.”

“And then there are people who are there to party and drink,” she continued. “Sometimes these are even the same people. Both Black Hat and Defcon are located in Las Vegas, which is all about encouraging you to drink as much as possible and not take responsibility for your actions … You think you’re going to a professional conference and instead you get hit on by six guys in the lobby of a hotel.”
Most conferences contacted by Motherboard did not respond. Steve Wylie, general manager for hacking conference Black Hat, said in an emailed statement that, “The sexual objectification and harassment of women (or anyone) at our conferences will not be tolerated.”

Positive changes have been made at certain conferences, especially after raised awareness from members of the wider community. After the 2014 RSA conference, Chenxi Wang, chief strategy officer at Twistlock, co-authored a blogpost calling for an end to booth babes—scantily-clad women used by security companies in an attempt to lure in customers. The following year, booth babes were banned from RSA.

“We were at least an influence,” Wang told Motherboard in a phone call.

“We’re in a norm building phase when it comes to addressing sexual harassment and other forms of abuse at conferences, and so it comes down on everybody who is involved in organizing them to be out in front on that,” Josh Levy, advocacy director at Access Now, which organizes Rightscon, told Motherboard in a phone call.

Changes that can be made include reliable ways for women to report incidents, and an effective form of enforcement.

“In my experience, the organizers of a con make a huge difference. If they make it clear they have zero tolerance for harassment or assault, and enforce this policy from the start, it’s a big help,” said one woman from the infosec industry.

But beyond codes of conduct, it’ll take more fundamental changes for harassment of women to really dissipate from hacking and security conferences.

“I think what broadly needs to change is really the culture of the industry,” Wang said. “The security industry has a little bit of a problem where it’s not only male dominated, but it’s dominated by a particular kind of personality.”

Bug bounty and vulnerability disclosure consultant Katie Moussouris offered an additional solution: “Promote women’s work, not their gender, and more women will view security as a career path that recognizes and rewards their hard work.”
Source:http://motherboard.vice.com/read/female-hackers-still-face-harassment-at-conferences

Related Post

The post Female Hackers Still Face Harassment at Conferences appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

US General says : North Korean hackers among world’s best

hackers

North Korea’s asymmetric warfare potential is being bolstered by one of the world’s best and most organised cyber attack capabilities, according to the Army general nominated to command United States forces in South Korea.
“This is an area of growth,” Army General Vincent Brooks told the Senate Armed Services Committee during his nomination hearing on Tuesday. “While I would not characterise them as the best in the world, they are among the best in the world and the best organised. What they are experimenting with” and “what they are willing to do” has shown boldness and capability, he added.
Although Brooks, the former head of Army Pacific forces, touched on North Korea’s cyber attack skills, he declined during the public hearing to discuss US offensive cyber capabilities against Kim Jong-un ‘s reclusive regime.
FBI Director James Comey said in early 2015 that his agency had “high confidence” that North Korea orchestrated a 2014 attack against Sony that led to the leak of information on the company’s employees, internal e-mails and future movies. North Korea’s Reconnaissance General Bureau was behind that hack, James Clapper, US director of national intelligence, also said in 2015. North Korea rejected the accusations.
Source:http://www.scmp.com/news/asia/east-asia/article/1937359/north-korean-hackers-among-worlds-best-says-us-general

Related Post

The post US General says : North Korean hackers among world’s best appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Hackers Target 88 Web Domains in Three Days

shutterstock_78762358-684x513

A group of hackers recently targeted 88 web domains as part of a three-day hacking spree and pro-Daesh propaganda campaign.

Steve Ragan of Salted Hash reports that a group of ISIS/ISIL sympathizers known as “Team System DZ” spent much of last week defacing dozens of web domains hosted in the United States, the United Kingdom, France, and Israel.
One of the targets of the pro-Daesh hackers was a group of websites operated by Richland County in Wisconsin. The offensive marks the third time in one year Team System DZ has hit these particular websites.

Last week’s attack affected the websites for a number of public service departments connected to Richland County, including the Sheriff’s Department, the Department of Veterans’ Services, the Department of Emergency Management, and Health and Human Services.

Each defaced website associated with Richland County played an audio file whenever the page loaded and displayed a message along the following lines:

“I Love You Jihad & Islamic State. hello Richland Center. get back. Remember these words well. The Islamic state will not show mercy will not be tolerated on any drop of blood. bleed every Muslim in Iraq. Or in any Muslim country. The glory of the State Islamic. Despite paying tribute will Anevkm and you forcibly. It started the war of the Muslims if you and your people have endured losses. Us back, God willing, on the ground.”
Variations of that message were displayed on affected websites hosted in the United Kingdom, Israel, and France.

Mirror copies of the Wisconsin hacks are available for viewing here, but an entire archive of Team System DZ is also available.

News of these defacements follows approximately one year after a group of pro-ISIS hackers took 11 channels belong to TV5MONDE, a French-language television network, off the air and commandeered both its website and its social media accounts.

Related Post

The post Hackers Target 88 Web Domains in Three Days appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Using just your phone number hackers can spy your calls texts track your movements

1457884066-2504

German security experts say hacking into a smartphone is much easier than one would think giving digital thieves the ability to potentially track a person’s calls, texts and whereabouts. To demonstrate their findings, a team of experts spied on a phone used by US Congressman Ted Lieu from California, a member of the House Oversight and Reform Subcommittee on Information Technology, who agreed to use an off-the-shelf iPhone knowing it would be hacked.

In an interview with “60 Minutes” correspondent Sharyn Alfonsi, Berlin-based Karsten Nohl of Security Research Labs and a team of hackers highlighted how digital pickpockets can exploit mobile phones using a flaw in a global mobile network called Signalling System Seven (SS7) — a little-known, but essential network that connects mobile phone carriers across the globe
Using the congressman’s phone number, Nohl, who has a doctorate in computer engineering from the University of Virginia, was able to exploit that flaw to intercept and record calls, view his contacts, read his texts and even track his movements.

“Any choices that a congressman could’ve made, choosing a phone, choosing a pin number, installing or not installing certain apps, have no influence over what we are showing because this is targeting the mobile network,” said Nohl.

They also automatically logged the number of every phone that called Congressman Lieu as well. Lieu said this list, in a typical congressman’s phone, could include other members of Congress and elected officials.

“First, it’s really creepy. And second, it makes me angry,” said Lieu. “They could hear any call of pretty much anyone who has a smartphone. It could be stock trades you want someone to execute. It could be calls with a bank. Last year, the president of the United States called me on my cellphone. And we discussed some issues. So if the hackers were listening in, they would know that phone conversation. And that’s immensely troubling.”

A significant risk to political leaders, business executives and high-ranking officials whose private phone conversations could fetch a high price in the Dark Web, Nohl says the SS7 flaw is actually an open secret among the world’s intelligence agencies. He also notes that the key flaw lies in the mobile network itself.

“Mobile networks are the only place in which the problem can be solved,” said Nohl. “There is no global policing of SS7. Each mobile network has to move — to protect their customers on their networks. And that is hard.” According to Nohl, all phones are the same and no one phone is more secure than the other.

Hacker and co-founder of the mobile security company Lookout, John Hering, also assembled a group of ace hackers in a hotel room with the 60 Minutes team. The group of hackers who were in Las Vegas for Defcon — one of the largest hacker conferences in the world — try to identify security vulnerabilities in order to protect the public.

They created a “ghost” version of the hotel’s Wi-Fi, which Alfonsi connected to, through a process called “spoofing”. Once she was connected, they were able to access her email, pull her phone number, credit card information, recent purchases and track her movements using ride-sharing app records. They could also take control of her phone’s camera.

Hering does note that while the average person isn’t likely to be exposed to these types of attacks, it is important to be aware of the possibility of such security breaches.

“Our goal was to show what’s possible,” said Hering. “So people can really understand if we don’t address security issues, what the state of the world will be. We live in a world where we cannot trust the technology that we use.”

These findings come amid rising concerns about the growing threat of cybercrime that ranges from identity theft and high-profile security breaches to cyberwar and cyberterrorism. According to the 2015 Identity Fraud Study released by Javelin Strategy & Research, as much as $16bn (£11.2bn) was stolen from 12.7 million US consumers in 2014 which means there was a new identity fraud victim every two seconds that year. Business on the Dark Web is also booming, according to a report by Dell, where “customer-friendly” hackers offer a variety of illicit goods and services on the cheap.
Source:http://www.ibtimes.co.uk/hackers-can-spy-your-calls-texts-track-your-movements-using-just-your-phone-number-experts-say-1555386

Related Post

The post Using just your phone number hackers can spy your calls texts track your movements appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Hackers are in your car

car priva

If you have a newer car, there’s a good chance it’s connected to the Internet. That’s great, if you need directions or want to stream music on the go.

But we’ve told you several times that hackers can hack into your car and take it over. In fact, Chrysler recalled more than 1.4 million cars last year because of its cars’ security gaps.
Fortunately, so far, most hackers taking over cars have been the good kind. They expose security holes so companies can fix them. Unfortunately, the federal government has issued a frightening new warning about your Internet-connected car.

Terrorists and state-sponsored hackers can take over cars and cause your family serious harm. And, just think about this, what if a terrorist group hacked a fleet of 100,000 cars? That could trigger a war.

“There is no Internet-connected system where you can build a wall that’s high enough or deep enough to keep a dedicated nation-state adversary or a sophisticated criminal group out of the system,” warned John Carlin, U.S. assistant attorney general for national security, according to Bloomberg. Carlin was speaking at an automotive conference.

“This will be the next battlefront,” he said. “Right now, what we have is this combination of carrots and sticks, and there’s not a one-size-fits-all protocol that’s been mandated by statute.”

The government is trying to motivate car makers and cybersecurity firms to strengthen security systems for connected cars. That’s an urgent need. By 2025, it’s estimated there will be more than 220 million Internet-connected cars, including driverless cars.
Source:http://www.komando.com/happening-now/354812/government-warning-hackers-are-in-your-car

Related Post

The post Hackers are in your car appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Using zero-day exploit revealed by professional hackers, FBI reportedly hacked San Bernardino iPhone

2016-04-13-image-6

After several weeks of demands, and on the eve of the trial, the FBI said it no longer required Apple’s help to crack the San Bernardino iPhone last month after the government firm was aided by a “third-party.”
According to the Isreali media, this unnamed entity was Cellebrite, a mobile forensic company based in the Middle Eastern country. But according to a report from the Washington Post, this wasn’t the case.
The site claims that the FBI paid a group of professional hackers for providing information regarding a previously unknown security flaw that helped the government agency break into Syed Rizwan Farook’s iPhone.
The Post claims that the hacking group, which hasn’t been identified, brought the government agency “at least one” zero-day exploit capable of circumventing the iPhone’s brute-force protection features: the automatic wipe function that activates after 10 failed pin entries, and the gradual increase in the delay between pin attempts.
It appears that the vulnerability was specific to the iPhone 5c when running iOS 9, and wouldn’t have worked on later models/operating systems. We don’t know the exact nature of the vulnerability, and the government is still debating whether to reveal it to Apple.
Once the FBI had the new information, it was able to use custom-built hardware to brute-force the four-digit password and access the contents of the phone without the risk of triggering the security measures.
Source:http://www.techspot.com/news/64434-fbi-reportedly-hacked-san-bernardino-iphone-using-zero.html

Related Post

The post Using zero-day exploit revealed by professional hackers, FBI reportedly hacked San Bernardino iPhone appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Hackers paid by FBI to get cell data

0

WASHINGTON — The FBI cracked a San Bernardino terrorist’s phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter.

The new information was then used to create a piece of hardware that helped the FBI to crack the iPhone’s four-digit personal identification number without triggering a security feature that would have erased all the data, the individuals said.

The researchers, who typically keep a low profile, specialize in hunting for vulnerabilities in software and then in some cases selling them to the US government. They were paid a one-time flat fee for the solution.

Cracking the four-digit PIN, which the FBI had estimated would take 26 minutes, was not the hard part for the bureau. The challenge from the beginning was disabling a feature on the phone that wipes data stored on the device after 10 incorrect tries at guessing the PIN code. A second feature also steadily increases the time allowed between attempts.

The bureau in this case did not need the services of the Israeli firm Cellebrite, as some earlier reports had suggested, people familiar with the matter said.

The US government now has to weigh whether to disclose the flaws to Apple, a decision that probably will be made by a White House-led group.

The people who helped the government come from the sometimes shadowy world of hackers and security researchers who profit from finding flaws in companies’ software or systems.

Some hackers, known as ‘‘white hats,’’ disclose the vulnerabilities to the firms responsible for the software or to the public so they can be fixed and are generally regarded as ethical. Others, called ‘‘black hats,’’ use the information to hack networks and steal people’s personal information.

The individuals who helped the FBI in the San Bernardino, Calif., case fall into a third category, often considered ethically murky: Researchers who sell flaws to governments, companies that make surveillance tools, or groups on the black market.

This last group, dubbed ‘‘gray hats,’’ can be controversial since critics say they might be helping governments spy on their own citizens. When selling exploits to governments or on the black market, researchers do not disclose the flaws to the companies responsible for the software, as the exploits’ value depends on the software remaining vulnerable.

In the case of the San Bernardino iPhone, the solution found by the hackers has limited shelf life.

FBI Director James B. Comey has said that the solution works only on iPhone 5Cs running the iOS 9 operating system.
Source:https://www.bostonglobe.com/news/nation/2016/04/12/fbi-paid-hackers-get-cell-data/Xg8rhIETyJYK6UB4XZXHMN/story.html

Related Post

The post Hackers paid by FBI to get cell data appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

. . . . .

View full post on Are You Hacker Proof

Page 10 of 90« First...«89101112»203040...Last »

My Twitter

  • RT @GregoryDEvans: #galaxylife #samsung4life Website/IP https://t.co/WygYaCLSIs may be hackable #hacked, #WGH, #USA, #hackerproof https://t…
    about 12 mins ago
  • RT @GregoryDEvans: #galaxylife #samsung4life Website/IP https://t.co/WygYaCLSIs may be hackable #hacked, #WGH, #USA, #hackerproof https://t…
    about 16 mins ago
  • RT @GregoryDEvans: Ex-Miami-Dade detective gets 2 ½ years’ prison for fraud https://t.co/SxKe6ujlcK https://t.co/7t4zVNQi7Z
    about 52 mins ago
  • RT @GregoryDEvans: Website/IP https://t.co/WygYaD3tA0 may be hackable #hacked, #WGH, #USA, #hackerproof https://t.co/H8dA8XecYd
    about 57 mins ago
  • RT @GregoryDEvans: Website/IP https://t.co/WygYaD3tA0 may be hackable #hacked, #WGH, #USA, #hackerproof https://t.co/H8dA8XecYd #security #…
    about 57 mins ago

AmIHackerProof.com By Gregory D. Evans

Hacker For Hire By Gregory Evans

Gregory D. Evans On Facebook

Parent Securty By Gregory D. Evans

National Cyber Security By Gregory D. Evans

Dating Scams By Gregory Evans