There is a critical remotely exploitable vulnerability in Cisco’s Secure Access Control Server which allows a remote attacker to take complete control of a vulnerable server. The bug results from a bad implementation of the EAP-FAST protocol and it affects a number of versions of the Cisco ACS.

Anonymous Hacker Claims FBI Directed LulzSec Hacks: Sentencing for former LulzSec leader Hector Xavier Monsegur, better known as Sabu, has again been delayed. Monsegur was scheduled to be sentenced Friday morning in New York federal court. But in a letter to the court, the U.S. attorney general’s office requested that Monsegur’s sentencing be delayed “in light […]

Bad news for DDoS mitigation methods: A new version of an infamous distributed denial-of-service (DDoS) toolkit can check victims’ networks for DDoS mitigation methods so it can circumvent those defenses.

Hacker can take out phones in an area: The USENIX Security conference has been warned that by tweaking the firmware on certain kinds of phones, a hacker could make it so other phones in the area are unable to receive incoming calls or SMS messages. The hacker modifies the baseband processor on some Motorola phones and […]

Spoofing WiFi AP based geolocation: [Pierre Dandumont] just finished up a little project that will give Google Maps’ location feature a run for its money. It’s a technique that spoofs WiFi networks in order to relocate the positional data reported via WiFi networks. He starts with an explanation of the different ways modern devices acquire location […]

U.S. spy agencies mounted 231 offensive cyber: Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed “covert implants,” sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of […]

Tesla cars ‘hackable’ says Dell engineer: Slack authentication in Tesla’s Model S REST API exposes the electric car to a variety of non-safety but non-trivial attacks, according to a Dell engineer and Tesla owner. In this post over at O’Reilly, Dell senior distinguished engineer and executive director of cloud computing George Reese says the “flawed” authentication […]

Interestingly, F-Secure noted that the code within the trojan includes a class called “USSDDumbExtendedNetworkService” — a component that was assigned a seemingly arbitrary variable that F-Secure researchers said was probably either associated with a French Canadian concrete company or the Twitter handle of a young Russian whose Google+ page lists employment as “Android developer”.

Chinese Internet hit by biggest cyberattack in its history: Internet users in China were met with sluggish response times early Sunday as the country’s domain extension came under a “denial of service” attack. The attack was the largest of its kind ever in China, according to the China Internet Network Information Center, a state agency that […]

Government agencies around the world demanded access to the information of over 38,000 Facebook users in the first half of this year, and more than half the orders came from the United States, the company said on Tuesday.