With $3.14159 million in prize money at stake, Google’s Chrome OS has withstood attempts to hack it in the company’s semi-annual Pwnium contest in Vancouver, a Google spokeswoman told The Security Ledger. In a statement Thursday, Google spokeswoman Jessica Kositz said that the company did not receive any winning entries during the day-long contest, but that the company is evaluating work that may qualify for a partial prize: a potentially infinite series of Google Wallet transfers in the amounts: $1 followed by $.50 followed by $.25 followed by $.125 and so on. OK – We made that last part up. Pwnium runs alongside the better known pwn2own contest at CanSecWest. This year, Google is providing funding for both contests. However, in 2012 the company pulled its support for pwn2own, objecting to the lack of a requirement of “responsible disclosure” – in which entrants must disclose the details of their exploits to the […]
Tag: hacks
Android Ecosystem: Still Fragmented, Insecure
The latest data from Google on use of its Android mobile operating systems highlights the challenge facing the company, with just over 16% of Android users running Versions 4.1 or 4.2 – the latest versions of the OS, dubbed “Jelly Bean” more than six months after its release. In fact, fully 44% of Android users are still running the “Gingerbread” release – Versions 2.3.3 through 2.3.7, a two year-old version of the operating system that has known security vulnerabilities. This according to data released by Google on the Android developer blog. The operating system data was culled from Android devices that accessed Google Play, the company’s mobile application marketplace, during a 14 day period that ended on March 4. The diversity of the Android ecosystem is a byproduct of Google’s go-to-market strategy for the mobile OS. Unlike Apple, which controls both the hardware and software for its iPhones and iPads […]
EverNote Latest Site Hacked In Coordinated Attack
The online personal and business productivity service Evernote.com said on Saturday that it is the victim of a hack that exposed encrypted user password information, forcing password resets across a broad swath of the service’s 50 million registered users. The Redwood City, California-based firm revealed in a blog post that its internal security team discovered “suspicious activity on the Evernote network” that “appears to have been a coordinated attempt to access secure areas of the Evernote Service.” The company said it sent password reset messages to its users as a “precaution” but didn’t believe that stored information in users’ accounts or payment information had been exposed. The hack is just the latest of a prominent online firm. In recent weeks, Twitter, Facebook, Apple and Microsoft have all reported compromises of their internal networks. Those intrusions were linked to attacks aimed at developers and relied on exploits of previously unknown “zero day” […]
Craigslist Founder Has Twitter Account Hacked
Craig Newmark, the founder of the massively popular online bulletin board Craigslist, had his Twitter account compromised and used to distribute malicious links, according to a post on Thursday. Newmark, the 60 year-old software developer who launched Craigslist as an online information sharing site in the 1990s, posted three messages through his Twitter account late Thursday after he received messages from some of his 63,000 followers that they were receiving spam messages via Twitter Direct Messages. “Twitter account compromised? Just received this from you: “Have you seen this pic of you? lol,” wrote follower Tristan Justras (@tristanjutras). The post included a shortened link. Newmark’s first post, around 3:00pm Pacific Time Thursday, suggested he initially believed that the problems were due to his Twitter client. “Folks, thanks! I see the problem now, and I’m guessing it has to do with Twitter user tokens from other Twitter clients I’ve used,” Newmark wrote. […]
Bit9: 32 Pieces of Malware Whitelisted In Targeted Hack
The security firm Bit9 released a more detailed analysis of the hack of its corporate network was part of a larger operation that was aimed a firms in a “very narrow market space” and intended to gather information from the firms. The analysis, posted on Monday on Bit9’s blog is the most detailed to date of a hack that was first reported on February 8 by the blog Krebsonsecurity.com, but that began in July, 2012. In the analysis, by Bit9 Chief Technology Officer Harry Sverdlove said 32 separate malware files and malicious scripts were whitelisted in the hack. Bit9 declined to name the three customers affected by the breach, or the industry segment that was targeted, but denied that it was a government agency or a provider of critical infrastructure such as energy, utilities or banking. The broad outlines of the story about the hack of Bit9, which sells […]
