hacking posts on CNET - Page 9

hacking

Apple promises to fix iOS 7 lock screen hack

The passcode lock screen on iOS 7 suffers from a bug that allows anyone with direct access to the iPhone or iPad to bypass the lock screen and open apps.

The bug, discovered by 36-year-old soldier Jose Rodriguez, who lives on the Canary Islands off the coast of Spain, is remarkably simple to exploit, reports Forbes. Swipe up from the lock screen to access the new Control Center, then open the alarm clock app.

Hold the phone's sleep button, but instead of swiping to power down the phone, tap cancel and double-tap the home button to access the multitasking … Read more

No joke, iPhone 5S Touch ID faces hack bounty

The iPhone 5S won't hit the streets until tomorrow, but there's already more than $16,000 in cash offered to the first person to hack its Touch ID fingerprint sensor.

IsTouchIDhackedyet.com is the brainchild of Nick DePetrillo, an independent security researcher whose last major public research was 2010's Carmen San Diego Project.

Soon after DePetrillo promoted the Touch ID site on Twitter, he was joined by Robert David Graham, a security researcher at Errata Security who created one of the first personal firewalls, and most recently the sidejacking technique for "eavesdropping" on browser cookies. … Read more

Piano keyboard hacked to play Doom

We've seen 1993's Doom running (slowly) on an E Ink display, but this is a new one. A team of indie developers got together at an arcade jam hosted at the London Hackspace and modified an old $48 upright piano to work as the controller input for Doom.

According to team leader David Hayward, the group used three I-PAC controllers to let the keyboard communicate with the PC running the game and covered the piano hammers with copper tape, soldering the piano strings to a common ground. A whole mess of wiring later, and the piano keys work to control the game. … Read more

New Tibet malware variant found for OS X

A new variant of the Tibet malware for OS X has been found. This variant uses a recently patched Java exploit to install a backdoor service in targeted systems and allow a remote hacker to log in and steal files.

While OS X has been affected relatively minimally by malware, the platform has been periodically plagued by a few attempts that, when active, have undergone several variant revisions in attempts to bypass security updates and known detection methods.

One of these has been an ongoing targeting of Uyghur ethnic groups via spam and other means, where various tricks and security … Read more

'Topiary' tells all: Prison, activism, and LulzSec's beginnings

LulzSec, a group of pranky hackers that ran amok starting in 2011, disbanded shortly after a high-profile cyberattack spree -- but in a world where such attacks are only becoming more common, the inside perspective is an intriguing one.

Jake Davis, a member who goes by "Topiary," took to the site ask.fm to answer questions about the group's formation and his work as LulzSec's social media wiz. Davis was arrested by the British authorities and sentenced to two years in prison, though he was let out early.

The group caused a lot of trouble at … Read more

FTC and TrendNet settle claim over hacked security cameras

The US Federal Trade Commission filed a complaint against security camera maker TrendNet for allegedly misrepresenting its software as "secure." The complaint came after hackers breached TrendNet's Web site and accessed videos from 700 users' live-camera feeds -- many of these videos were published on the Internet.

TrendNet agreed to settle the claim on Wednesday, according to Reuters.

The company's wireless cameras are basically Webcams that beam live and motion-captured video to users' laptops or phones. These cameras can be mounted wherever people need a video feed. According to TrendNet, the cameras are used to monitor &… Read more

Dad hacks wheelchair to let 2-year-old explore the world

Most 2-year-olds are toddling around, getting into everything they can reach. A little boy named Alejandro has the same desire to explore as any other kid, but his movements are limited by Spinal Muscular Atrophy, a degenerative genetic disease. He is a bright and social child, but his condition has left him physically very weak.

Health insurance hasn't been much help, saying Alejandro will have to wait five years to get a powered wheelchair. That wasn't acceptable to his parents, so dad Shea took matters into his own maker hands. "Our best option was to for me to try to build something myself," Shea writes in his Hacking SMA blog documenting his family's experience.… Read more

Syrian Electronic Army implicated in Twitter, New York Times attacks

The Syrian Electronic Army apparently took control over the Twitter.com Web site address record Tuesday, the hacker group's latest attack on high-profile Internet sites.

The Twitter.com whois record, which lists the owner of the Web address names called domains, listed the owner's e-mail address as sea@sea.sy. The site continued to function, however.

The New York Times' Web site went down on Tuesday afternoon, and the SEA is a suspect there, too. "Our initial assessment is that this is most likely the result of a malicious external attack," the Times said in a … Read more

The 404 1,328: Where Ballmer bids bye-bye to developers developers developers (podcast)

Leaked from today's 404 episode:

- Microsoft CEO Steve Ballmer to retire within 12 months.

- Update: Homeless guy accepted the NYC programmer's offer to learn how to code.

- "Boyfriend Tracker" app raises stir in Brazil.

- Whole Foods debases itself with social-media flash sales.

- Whole Foods has a record store now. Oh no?

- Whole Foods hack: Employees can give you free stuff at their discretion.

- The sleep-texting epidemic.… Read more

Cybercrooks use DDoS attacks to mask theft of banks' millions

Distributed denial of service attacks have been used to divert security personnel attention while millions of dollars were stolen from banks, according to a security researcher.

At least three US banks in recent months have been plundered by fraudulent wire transfers while hackers deployed "low powered" DDoS attacks to mask their theft, Avivah Litan, an analyst at research firm Gartner, told SCMagazine.com. She declined to name the institutions affected but said the attacks appeared unrelated to the wave of DDoS attacks last winter and spring that took down Web sites belonging to JP Morgan , Wells Fargo, Bank of America, Chase, … Read more