Hasta La Gadget!

Anonymous has released 14GB of data it acquired about Bank of America, Thomson Reuters, ClearForest, Bloomberg, and TEKSystems, an intelligence firm. It did this via a press release on the website Par-AnoIA, including a link to the hacked data and a rundown of the relevant details for those who don’t have the time to look at 14 gigs of info. The data concerns the spying habits of Bank of America and other corporations, which are said to include a log of data on hundreds of thousands of employees and executives at various corporations around the world.

According to Anonymous, it considered this information to be newsworthy for several reasons, including the insecure way it is stored and the rather disconcerting fact that it contains information about “hundred [sic] of thousands” of both employees and executives of many corporations globally, with that information including data about the individuals’ salaries. The data on individuals was named “Bloomberg” and tagged as “reuterscompanycontent,” and comprised a total of 4.8 gigabytes.

The point about the data being stored insecurely is underscored not just by the fact that the hackers accessed it, but also by how they did it – without hacking. The amassed data is reportedly stored in Tel Aviv, where ClearForest is based, on an open server that is misconfigured, meaning that just about anyone can get it with a little bit of elbow grease.

Says the hackers, the information gathered is of a poorly researched nature, meaning that portions of it may not even be correct. The information being gathered is coming from IRC channels, social media, forums, and other such Internet locations, and has a focus on targeting activist movements and Anonymous. The spying utilizes an apparent keyword list with in excess of 10,000 entries used to find content on Twitter, IRC, and other Internet locations. Most of the entries are Wikipedia references, with 1,125 believed to be actual, relevant keywords.

Says Anonymous, it has released the data it found to raise awareness and make a point.

[via Paranoia]

Anonymous releases 14GB of data on the spying habits of Bank of America and more is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

If you start wasting somebody’s time at NASA, this is how they’re going to get you out of their office. Or, it’s how JPL engineer Mark Rober will, anyway. This hacked Nintendo console will definitely put you on notice. More »

Earlier today, Ronald Prince sent out a tweet stating that NBC.com had been infected with malware and that users should avoid visiting. This prompted others to look into the issue, with HitmanPro and Sucuri both confirming the issue, stating that a trojan and exploit links were present. In light of this, NBC released a simple statement confirming the problem while assuring users that their information hadn’t been compromised.

Visting the website in Chrome would prompt it to block access, warning users of malware that could infect their computer. According to the folks over at HitmanPro, NBC’s main domain was serving visitors with the Java and PDF exploits and infecting with the Citadel trojan. This is the result of the RedKit Exploit Kit.

A little while later, Sucuri chimed in saying that it wasn’t only NBC.com that had be compromised, but also some of its other websites, including that of Jimmy Fallon and Jay Leno. Examples include the website’s Shows, Video, Schedule, Sports News, and Extras sub-pages, where it is reported that malicious iframes are loaded.

According to NBC, this attack has not affected its NBC News Digital, which includes NBCNews.com, where it confirmed the attack. NBC says that it has “identified the problem and [is] working to resolve it.” Visiting the website in Chrome and Firefox no longer returns any warnings, and some are reporting that the compromise was only present for about 15 minutes. Users who believe they were infected are encouraged to download and run a malware removal program.

[via NBC News]

NBC websites hacked and compromised with malware is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

It’s happened again, folks. Another verified Twitter account was hacked this week, the latest victim being automobile manufacturer Fisker, who’s Twitter account was hacked by what seems to be a group of diet and exercise fiends, or just a couple of hackers wanting to post some spam. Either way, this marks the fourth time that a verified Twitter account has been hacked this week alone.

Previously, Top Gear star Jeremy Clarkson was hacked on Monday by what appears to be the same hackers as today. Burger King and Jeep were also hacked earlier this week, making today’s Fisker hack the third automotive-related Twitter hack this week. We’re not sure what exactly is going on, but there’s a Twitter hacking spree going around, that’s for sure.

Fisker’s Twitter page has been brought back to normal, with the company addressing the hack, saying that “the fans and followers of Fiskerauto don’t need to lose weight” in a recent tweet. Today’s hack doesn’t appear to be linked to Burger King’s or Jeep’s hack, though, which saw both Twitter pages with changes to the branding.

Twitter has addressed its hacking problem in the past, and they’ve been sending out friendly reminders to its users to change their password every once in a while to avoid being hacked. However, there’s only so much they can do really. Sure, they could hire a work force of security engineers, but it seems hackers will always figure out a way in.

[via Jalopnik]

Fisker Twitter account hacked by diet aficionados is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Last week, Facebook was attacked by a zero-day Java exploit. While the social network said that no personal data was stolen, it’s never too comforting when companies and services get hacked. This week, however, Apple was the target this time around, saying that a “small number” Mac computers have been infected.

Apple has confirmed the news to Reuters and say that they’re currently working with authorities to investigate the attacks, but luckily the Cupertino-based company says that “there was no evidence that any data left Apple.” Apple also plans to release a tool later today that will protect Mac users against the software used in the attacks.

UPDATE: Apple has released a new version of Java meant to plug up the vulnerability. It’s available now on Apple’s support page or through the Software Update tool on OS X.

However, the exploit was said to be spread from a website for software developers, so it seems regular consumers are okay at this point. Apple ended up identifying a small number of systems that were infected, but isolated them immediately to prevent further spreading of the bug. Since newer Macs ship without Java installed, most users shouldn’t worry, but the removal tool should provide a sense of ease anyway,

Similar attacks also targeted The Wall Street Journal, The New York Times, and Twitter just recently. All companies affected said that no critical information was stolen, but of course, that didn’t make the situation much better. Twitter says that 250,000 accounts were hacked, resulting in conscience users to change their passwords right away.

Apple targeted by Java zero-day bug [UPDATE] is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.