Hacking

Hacking | News, how-tos, features, reviews, and videos

Bitcoin cryptocurrency falling.
Feature

Lack of trust will doom crytpocurrency

CSO > Botnet > Robots amid a blue binary matrix
Feature

What is a botnet? When armies of infected IoT devices attack

rambleed ram memory card hardware hack breach binary by 13threephotography getty
News

Rowhammer variant RAMBleed allows attackers to steal secrets from RAM

Unlike Rowhammer, which only allows for data corruption, the newly discovered RAMBleed vulnerability provides a way to grab data such as encryption keys from memory.

8 getting breached is bad for business
News Analysis

From phish to network compromise in two hours: How Carbanak operates

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here's a detailed analysis by Bitdefender of an attack on one bank.

CSO > breakthrough / penetration testing / hammer breaking binary glass
Feature

10 penetration testing tools the pros use

Penetration testing is a simulated cyber attack where professional ethical hackers break into corporate networks to find weaknesses ... before attackers do.

CSO > Phishing attacks that bypass two-factor authentication
News Analysis

Phishing attacks that bypass 2-factor authentication are now easier to execute

Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.

russian hacking us election putin voting fraud hacked
News Analysis

2016 election hacking in Florida: Russian emails, hidden tracks

The Mueller Report says the Russians planted malware on at least one Florida county system, and Florida's governor announces that two counties were hacked in 2016. Experts believe the problem could be bigger.

An engineer reviews strategy framework data.
How-To

How to implement and use the MITRE ATT&CK framework

The MITRE ATT&CK framework is a popular template for building detection and response programs. Here's what you'll find in its knowledgebase and how you can apply it to your environment.

julian assange wikileaks 1
Virtual CISOBy
IDG Contributor Network

Julian Assange arrested: Hero of transparency and privacy, or villain against nations?

Just because you can take something doesn’t mean you should...or that it’s the right thing to do.

succession brain sharing intellectual knowledge sharing
Feature

How threat intelligence sharing can improve the security posture of whole industries

UBS and industry peers conduct joint cyber war games to improve security posture and incident response of the whole sector.

binary code matrix
News Analysis

Inside the 2014 hack of a Saudi embassy

According to documents seen by CSO, an unknown attacker took control of the official email account of the Saudi embassy in The Netherlands and demanded a ransom of $50 million for ISIS.

Guy Fawkes mask hidden in landscape / Anonymous / hacker / protest
Feature

9 top hacker movies and TV shows of all time

Movies and TV shows have long influenced how lawmakers and society think about information security. We all have our personal favorite we're obsessed with. What's yours?

binary code matrix broken / breached / failed / hacked / security risk / threat / vulnerability
Feature

What is Metasploit? And how to use this popular hacking tool

Metasploit is a widely used penetration testing tool that makes hacking way easier than it used to be. It has become an indispensable tool for both red team and blue team.

Slack logo/wordmark [2019]
News

Hackers use Slack to hide malware communications

A watering hole attack used Slack for its command-and-control communications to avoid network and endpoint detection.

team of hackers / organized attack / group of threat actors
Feature

What is Mimikatz? And how to defend against this password stealing tool

Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets.

financ stock market skyline
Privacy and Security FanaticBy

Dow Jones watchlist of high-risk businesses, people found on unsecured database

A Dow Jones watchlist of 2.4 million at-risk businesses, politicians, and individuals was left unprotected on public cloud server.

learn basics of ethical hacking
Feature

What is ethical hacking? How to get paid to break into computers

Ethical hacking is legally breaking into computers and devices to test an organization's defenses. Here’s what ethical hacking entails and the certifications and training you need to become an ethical hacker.

alone at night along a dimly lit path / security / suspicious / threat / hacker
Privacy and Security FanaticBy

Meet the man-in-the-room attack: Hackers can invisibly eavesdrop on Bigscreen VR users

Flaws in Bigscreen could allow 'invisible Peeping Tom' hackers to eavesdrop on Bigscreen VR users, to discreetly deliver malware payloads, to completely control victims' computers and even to start a worm infection spreading through...

A hooded man in a halloween mask raises a finger to his lips to encourage silence.
Privacy and Security FanaticBy

North Korean hackers target Russian-based companies

The North Korean Lazarus APT group is going after the Russians. Russian hackers, however, needed less than 20 minutes in 2018 to completely pwn an organization.

capture the flag hackathon face off
Feature

Top tools and resources for running a capture the flag competition

Capture the flag competitions can help improve security skills and identify talent. Use these tools and frameworks to design and run your own CTF event.

Load More