Cybercrooks use DDoS attacks to mask theft of banks' millions

Distributed denial of service attacks have been used to divert security personnel attention while millions of dollars were stolen from banks, according to a security researcher.

At least three US banks in recent months have been plundered by fraudulent wire transfers while hackers deployed "low powered" DDoS attacks to mask their theft, Avivah Litan, an analyst at research firm Gartner, told SCMagazine.com. She declined to name the institutions affected but said the attacks appeared unrelated to the wave of DDoS attacks last winter and spring that took down Web sites belonging to JP Morgan , Wells Fargo, Bank of America, Chase, … Read more

Twitter: No accounts breached in OAuth token 'hack'

Twitter has denied claims by a hacker that he downloaded user data, including passwords, from its databases, saying there has been no such breach of its security.

The hacker, going by the name "Mauritania Attacker," understood to be in the West African country, said he had in his possession "the entire database of users on Twitter," according to Indian site Techworm who spoke to him on Tuesday.

But security researchers were quick to suggest that Twitter was not the victim of an elaborate hack -- or any hack for that matter. A third-party app is … Read more

League of Legends is hacked, with crucial user info accessed

Hackers have breached the system of one of the world's most popular online video games: League of Legends.

Riot Games, which developed League of Legends, announced Tuesday that some usernames, e-mail addresses, salted password hashes, first and last names, and even some salted credit card numbers have been accessed. The salted data is somewhat protected, but if users have easily guessable passwords, their information could be susceptible to theft, Riot Games warned.

The affected users are only those who live in North America. While the accessed credit card information is alarming, it pertains only to records from 2011 and … Read more

Google confirms Android flaw that led to Bitcoin theft

Google has confirmed a flaw in Android's operating system, which could make Bitcoin digital wallets vulnerable to theft.

Android security engineer Alex Klyubin penned a blog post on Wednesday outlining the root cause of the vulnerability.

"We have now determined that applications which use the Java Cryptography Architecture (JCA) for key generation, signing, or random number generation may not receive cryptographically strong values on Android devices due to improper initialization of the underlying PRNG," Klyubin wrote. "Applications that directly invoke the system-provided OpenSSL PRNG without explicit initialization on Android are also affected."

The flaw was … Read more

The 404 1,321: Where we fake it til we make it (podcast)

Don't forget to leave a comment on this blog post to win your very own Powerrocks Rose Stone 6000mAh charger!

Leaked from today's 404 episode:

- Japanese photographer shows how to pretend you have a girlfriend on Instagram.

- "Spreadsheets" app gamifies your sexual experiences.

- Scum of the earth: Hackers overtake baby monitor camera, "shouts abuse" at baby.

- Would you buy a 'Useless plastic box'? Mysterious item appears in L.A. stores.

- Microsoft dumps Kinect link requirement for Xbox One.… Read more

Attention, parents: Baby monitor hacked; default password to blame?

Parents with baby monitors might want to listen up.

A Houston couple on Tuesday revealed to ABC News that earlier this month, the baby monitor they use for their daughter was hacked. Upon taking control over the monitor, the hacker reportedly shouted obscenities at their sleeping 2-year-old daughter. Before the parents could unplug the monitor, the hacker also shouted at them.… Read more

The 404 1,314: Where we don't give it away for free (podcast)

Leaked from today's 404 episode:

- A luxury toilet controlled by a smartphone app is vulnerable to attack.

- Tooth sensor stops you from lying to your dentist.

- How twerking on Vine sent years old rap songs up the iTunes charts.

- Meet the voice of "damn son, where you'd find this?" DJ drop.… Read more

Car hacking code released at Defcon

LAS VEGAS -- You may hate parallel parking, but you're going to hate it even more when somebody commandeers control of your car with you in it.

That was the scary scenario painted over the first two hours at the 21st annual Defcon hacker conference.

"Car hacking is definitely coming," said Zoz, of Cannytophic Design, who presented on how to hack autonomous cars.

Zoz's talk on vulnerabilities that autonomous autos will face followed a fast-paced explanation by well-known computer security experts Charlie Miller and Christopher Valasek of how they spent the past 10 months hacking the … Read more

FBI said to be taking a hacker approach to spying

While the National Security Agency has gotten most of the recent flak for spying on people via the Internet and cell phone records, the Federal Bureau of Investigation appears to be doing some cyber spying of its own.

According to a report by the Wall Street Journal, the FBI has been allegedly developing surveillance tools that work much like what hackers use to collect information on suspects -- including Trojans, spyware, and malware. Supposedly, the FBI created some of these tools internally, while others were purchased.

The FBI "hires people who have hacking skill, and they purchase tools that … Read more