Search Results for “BBC News”

April 21, 2017
Matt Weaver / The Guardian

Matt Weaver / The Guardian  
Teen Hackers See Hacking as ‘Moral Crusade,’ Money Not a Big Factor

Teen hackers are not motivated by financial reasons when they take up the hacking game but rather are spurred by idealism and a sense of a “moral crusade,” according to a study by the UK’s National Crime Agency. The law enforcement agency interviewed teen hackers, some as young as twelve, and found they were unlikely to be involved in older hacker crimes such as theft, fraud or harassment. The report also found that free hacking tools found on the web and gaming websites and forums serve as gateways into hacking activities for young people.

October 26, 2017
Brian Krebs / Krebs on Security

Brian Krebs / Krebs on Security  
Dell PC Data Recovery Domain Stolen By Probable Malware Purveyor After Expiration

A domain central to PC maker Dell’s customer data backup, recovery and cloud storage solutions may have been hijacked for a few weeks this summer by malware makers. The domain was snatched away from longtime Dell contractor for a month and exposed to some questionable content. There is some evidence the domain may have been pushing malware. Dell confirmed that the loss of control over the domain was due to the domain expiring on June 1 and was subsequently purchased by a third-party.

April 25, 2018
Andy Greenberg / Wired

Andy Greenberg / Wired  
Security Researchers Find Method That Creates Master Key Card for Hotel Rooms Worldwide

Researchers at F-Secure discovered a technique that clones the keycard RFID codes in electronic locks made by a company called Vinguard and used by hotels worldwide. The cloned codes can then be used to make a master key that can open any rooms in those hotels. They plan to demonstrate at the Infiltrate conference later this week how a $300 Proxmark RFID card reading and writing tool, any expired keycard pulled from the trash of a target hotel, and a set of cryptographic tricks can  vastly narrow down a hotel’s possible master key code. The attack works only on Vingcard’s previous-generation Vision locks, not the company’s newer Visionline product. But even with that limitation, the attack can work on 140,000 hotels globally.

Related: Digital Trends, BBC News, Gizmodo, ZDNet, Gizmodo, Alphr,, Boing, Fortune, TechSpot, Engadget, Infosecurity Magazine ,The Register,,, Slashdot

Digital Trends:  Security researchers uncover exploit affecting locks in 40,000 hotels
BBC News: Hotel door locks worldwide were vulnerable to hack
Gizmodo: Hackers Designed a ‘Master Key’ to Unlock Millions of Hotel Room Doors
ZDNet: Hackers built a ‘master key’ for millions of hotel rooms
Gizmodo: Hackers Designed a ‘Master Key’ to Unlock Millions of Hotel Room Doors
Alphr: Flaw found in hotel room keys could have given hackers access to ANY room anywhere in the world Hotel Rooms Worldwide Can Be Unlocked With This Hack
Boing Boing: In 60 seconds, security researchers can clone the master hotel-room keys for 140,000 hotels in 160 countries Security firm says key flaws allowed access to hotel rooms worldwide
Fortune: Millions of Hotel Rooms Are at Risk of ‘Master Key’ Hack
TechSpot: Cybersecurity researchers discover a way to use old key cards to access every room in a hotel
Engadget: Researchers create device that opens hotel doors with old key cards
Infosecurity Magazine: Keep Hackers Locked Out of Hotel Rooms
The Register: Hotel, motel, Holiday Inn? Doesn’t matter – they may need to update their room key software
TechRepublic: Hackers’ hotel ‘master key’ could be big risk for business travelers
Techradar: Hotel door locks could have been easily hacked by fake master keys Device Can Generate Master Keys From Valid or Expired Hotel Keys Hackers built a ‘master key’ for millions of hotel rooms
Slashdot: Hackers Built a ‘Master Key’ For Millions of Hotel Rooms

April 28, 2018
Ian Cobain / The Guardian

Ian Cobain / The Guardian  
UK High Court Rules That Mass Surveillance Law, Snooper’s Charter, Violates EU Law

The UK’s High Court of Justice has ruled that the British government must rewrite its mass data surveillance legislation because it is incompatible with European law. The court gave the government six months to amend some of the data-retention measures of the Investigatory Powers Act, otherwise known as the Snooper’s Charter. EU laws dictate that authorities should only access retained data in cases related to combating “serious crime” and that retained data should only be accessed following “prior review by a court or an independent administrative body.” The high court agreed with human rights groups who brought the legal challenge that the Snooper’s Charter is in conflict with EU law in these two respects.

Related: The Canary, IT Pro, TechCrunch, The GuardianTHE INQUIRER, BBC News, The Register, The Times, The Law Society Gazette, Gizmodo, Computer Weekly, Public Technology

August 16, 2018
Thomas Fox-Brewster / Forbes

Thomas Fox-Brewster / Forbes  
FBI Demanded Google Provide Location Data, Identities and Account Activity on All Users Within Vicinity of Robberies

As it investigated a spate of armed robberies across Portland, Maine, the FBI requested location data from Google covering 100 acres to find all users of its services who’d been within the vicinity of at least two of nine of those robberies, according to FBI warrants discovered by Forbes. The FBI also demanded personal information on affected users, including their full names and addresses, as well as their Google account activity. The feds further wanted all affected users’ historical locations. Google did not supply the requested information and the feds found their suspect nonetheless. The FBI filed an application for the data in March but waited five months before suspending its request. The attempted but ultimately failed demand for the location data is particularly concerning given recent revelations that Google retains users’ location data for Android users even when the users supposedly turn it off.

December 18, 2015
David Curry / Digital Trends

David Curry / Digital Trends  
WhatsApp service has been restored in Brazil, but more Internet trouble is still on the way

A judge had ordered a 48-hour ban of the popular messaging app in the country, after months of lobbying by telecom firms to ban the “unregulated” and “illegal” service. But Judge Xavier de Souza said the service should be restored immediately, as it was “not reasonable that millions of users be affected by the inertia of the company,” according to the BBC.

March 30, 2015
Glyn Moody / Ars Technica

Glyn Moody / Ars Technica  
Europe’s law enforcement chief joins in crypto panic

The director of Europol, the European Union’s law enforcement agency, has warned about the growing use of encryption for online communications. Speaking to BBC Radio, Rob Wainwright said: “It’s become perhaps the biggest problem for the police and the security service authorities in dealing with the threats from terrorism.”

December 1, 2015
Mark Savage / BBC News

Mark Savage / BBC News  
Adele tickets: Fans claim personal data has been breached

Fans buying tickets for Adele’s tour have told the BBC they were shown the address and credit card details of customers other than themselves.

October 11, 2016
Gordon Corera / BBC News

Gordon Corera / BBC News  
Russian Hackers Aimed to Destroy Equipment in TV5Monde Attack, Report

A massive successful cyberattack aimed at French broadcaster TV5Monde on April 8, 2015, which has been attributed to Russian hacking group APT28, was designed to not only bring down the networks’ operations but also physically destroy hardware, the BBC reports. If an engineer hadn’t unplugged a single box, the station’s infrastructure might have been permanently incapacitated.

December 17, 2019
Gareth Corfield / The Register

Gareth Corfield / The Register  
Chinese E-Commerce Site LightInTheBox Exposed 1.3TB of User Data Through Unsecured, Unencrypted Elasticsearch Database

A data breach affecting 1.3TB of web server log entries held by Chinese e-commerce website VPNMentor researchers Noam Rotem and Ran Locar discovered. The data was “unsecured and unencrypted,” accessible from a regular web browser, and was held on an Elasticsearch database, a web server log with a history of page requests. The server’s logs included user email addresses, IP addresses, countries of residence, and pages each visitor viewed on LightInTheBox’s website. It also contained data from the company’s subsidiary sites, including The company closed the breach shortly after being informed of it.