What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in hack

Apple AirTags hacked again – free internet with no mobile data plan!

by Paul Ducklin Earlier this week we wrote about a jailbreak hack against Apple’s newly introduced AirTag product. In that story, the researcher @ghidraninja was able to modify the firmware on the AirTag itself, despite the anti-tampering protection implemented by Apple’s own AirTag firmware programming. But this “attack” (if that . . . Read more

Apple critical patches fix in-the-wild iPhone exploits – update now!

by Paul Ducklin Apple, rather unusually in today’s cybersecurity world, rarely announces that security fixes are on the way. There’s no equivalent of Microsoft’s Patch Tuesday, which is a regular and predictable fixture in anyone’s cybersecurity calendar; there’s no “new version every fourth Tuesday” as there is with Firefox; there’s . . . Read more

SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack

Former CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group – and have been hired by SolarWinds. SolarWinds, which has been embroiled in a recent, widescale hack, has called in two security powerhouses for help: Former director of the . . . Read more

Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API

Researcher uses an old unCAPTCHA trick against latest the audio version of reCAPTCHA, with a 97 percent success rate. An old attack method dating back to 2017 that uses voice-to-text to bypass CAPTCHA protections turns out to still work on Google’s latest reCAPTCHA v3. That’s according to researcher Nikolai Tschacher, . . . Read more

Ticketmaster Coughs Up $10 Million Fine After Hacking Rival Business

Several Ticketmaster executives conspired a hack against a rival concert presales firm, in attempt to ‘choke off’ its business. Ticketmaster must pay a hefty $10 million fine after several employees utilized unlawfully obtained passwords to hack a rival company’s computer systems – in attempts to “choke off” its business. The . . . Read more

Spotify Wrapped 2020 Rollout Marred by Pop Star Hacks

Spotify pages for Dua Lipa, Lana Del Rey, Future and others were defaced by an attacker pledging his love for Taylor Swift and Trump. In the midst of its popular Spotify Wrapped 2020 playlist rollout of the year’s most popular songs, the streaming service is grappling with a security breach, . . . Read more

Cisco Patches Critical Flaw After PoC Exploit Code Release

A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. A day after proof-of-concept (PoC) exploit code was published for a critical flaw in Cisco Security Manager, Cisco has hurried out a patch. Cisco Security Manager is an end-to-end security management . . . Read more