Latest news with #hacking
Yahoo
11 hours ago
- General
- Yahoo
Trump Has Bizarre Retort to Chief of Staff's Phone Hack
President Donald Trump has offered an outlandish rebuttal to reports that one of his top officials at the White House was hacked. A reporter asked the president about a report from the Wall Street Journal that White House Chief of Staff Susie Wiles had not only had her devices hacked, but that the hackers used her phone to send messages and place calls under her name. 'Nobody can impersonate Susie,' Trump shot back. 'There's only one Susie. There's only one.' He added in the exchange Friday evening that he considers his chief of staff 'an amazing woman' and that he has every confidence 'she can handle it.' The White House has responded to the Journal report by insisting that the Trump administration 'takes the security of all staff very seriously, and this matter continues to be investigated.' The incident nevertheless comes hot on the heels of the Signalgate scandal earlier in March, in which The Atlantic's editor-in-chief, Jeffrey Goldberg, was accidentally added to a group chat used by top members of the Trump administration to discuss sensitive details of imminent missile strikes against Yemen. Those officials included Vice President JD Vance, Defence Secretary Pete Hegseth, Secretary of State Marco Rubio, and National Intelligence Chief Tulsi Gabbard, among others. The incident sent shockwaves across Washington, DC, prompting alarm over the apparent severity of informational vulnerabilities at the White House. Those concerns have been further exacerbated in the weeks since following repeated reports into Hegseth's prolific use of the messaging platform, with the Defence Secretary reportedly even bypassing Pentagon security protocols in order to install the app on his computer.
Telegraph
a day ago
- Politics
- Telegraph
No one is safe online – blame these depraved teenage hackers
In October 2020, tens of thousands of people across Finland received an email telling them that some of their most intimate secrets were about to be made public. A hacker had infiltrated the computer files of Vastaamo, Finland's largest commercial therapy provider, and was now blackmailing patients, including children, saying their therapy notes would be published online if they didn't pay a ransom of €500 each. The breach was so shocking that when the hacker, who went by the alias 'ransom_man', posted about the accomplishment on Ylilauta, a Finnish version of the notorious online forum 4chan, he was bombarded with messages from fellow users telling him that this time he'd gone too far. Ransom_man was used to making enemies. His real name was Julius Kivimӓki, and he also went by the aliases 'Zeekill', 'Ryan' and 'The Untouchable Hacker God'. He was a 23-year-old from Finland who, both individually and as part of cyber gangs, had been causing havoc online for companies and innocent people around the world since he was 13. In Joe Tidy's Ctrl+Alt+Chaos, an illuminating and often scary book about teenage hackers, Kivimӓki is cast as the talisman of various groups of young men – and they're almost exclusively men – who delighted in causing damage and cruelty on the internet in the 2010s, sometimes for money but mostly just because they could. The trope of teenage 'hackers in hoodies' sitting in their parents' homes and breaking into companies' online systems is now a little outdated. Businesses and organisations these days are more concerned about ransomware gangs and state-sanctioned hackers. Nonetheless, Tidy writes, from around 2010 to 2015, the world saw 'probably the most active period in history for youth cybercrime gangs' – and Kivimӓki was 'one of the chief architects'. Tidy, the BBC's first ever 'cyber correspondent', aims to use Kivimӓki's career to chronicle the rise of a 'sadistic' culture in which being an 'edgelord' – acting as provocatively and outrageously as possible – took precedence over anything else, including how many victims might be hurt, or how badly. The structure doesn't always work: Kivimӓki, who was sentenced in 2022 for the Vastaamo hack and is in prison until 2026, couldn't be interviewed by Tidy, meaning he remains a somewhat shadowy figure despite being the nominal centrepiece. But as an insight into how very young teenage boys can get lured into a world of cybercrime – and, crucially, seem not to care about the pain they're causing – it's fascinating. Until roughly the early 2000s, most amateur hacking groups cast themselves as ethical: they would, for instance, breach online systems to embarrass greedy corporations. But around 2010, Tidy says, something 'went horribly wrong'. Suddenly gangs weren't hacking for any particular reason beyond causing mischief and receiving their peers' recognition. 'If there was any strategy to our attacks,' one former teenage hacker recalls, 'it was mayhem.' Tidy puts much of the blame on Twitter, which 'gave birth to a new generation of fame-hungry hackers' who could boast about their work to win followers and clout. Groups such as Lulzsec, HTP (Hack the Planet), UG Nazi and Lizard Squad – with all of whom Kivimӓki had some involvement or connection – would engage in 'deliberately cruel' acts just to show how irreverent they were. Sometimes these hacks involved a level of sophistication: one group took down both the Xbox Live and PlayStation Network, used by a combined 158 million people, over Christmas 2014. But often the tactics were so simple as to not be considered hacking at all. Among cybersecurity criminals and experts, these young men were derided as 'script kiddies' – the lowest tier of hackers. One favoured technique of these teenagers, for example, particularly in America, was 'swatting': police would be contacted about a bogus 'emergency' at someone's home, so that an armed Swat team was sent to the victim's door. A particularly distressing case, related by Tidy, is that of a 17-year-old boy from Illinois named Blair Strater, who became the focus of Kivimaki's ire: on more than one occasion, armed police appeared in the night at Strater's and his parents' home. The email and social media accounts of Strater's mother were also hacked by Kivimӓki and HTP, who then wrote anti-Semitic and racist tirades under her name. The adult Straters' marriage fell apart, Strater's mother lost her job during the ordeal. At this point, some other teenage hackers begin to distance themselves from Kivimӓki. 'We started to realise the type of person he was. The way he treated Blair was wrong,' one former hacker recalls. Yet the Straters were comparatively lucky. Another incident led to an innocent father-of-two being shot dead on his doorstep by armed police. Meanwhile, another young wannabe hacker who mouthed off about Lizard Squad – with whom Kivimӓki was also involved – was forced to cut himself dozens of times along his forearm and take a picture of it while holding a card saying 'LizardSquad made me do it', in order to get his online accounts back. 'It was pure sadism,' one participant admits. When caught, because most of the perpetrators were under 18, they often received extremely light sentences. For some, this was enough to set them straight, but for others it just made them feel invincible. One former member recounts how 'making global headlines made him feel like a god'. Tidy does a good job of tracking down and talking to such ex-hackers. Unsurprisingly, what comes out is that, in many cases, these boys were extremely lonely, bullied at school or had a hard home life; they desperately wanted the camaraderie of friendship. Most had found their way into these gangs through obsessively playing computer games and coming across forums that listed cheat codes – then matters spiralled. The first parents knew about it was when the police appeared at their door. They'd thought their son was just playing computer games. While there was no hierarchy within these gangs, Tidy says they were usually led by whoever was most outrageous or most sophisticated at hacking. Kivimӓki sounds like he was a dangerous combination of both. When Finnish police raided his bedroom in 2013, he was just 16, but there was so much illegal activity on his computer that they had to limit their investigations to just the bigger cybercrimes. Antti Kurittu, a Finnish cybersecurity expert and former police detective, says that Kivimӓki hacked a therapy company simply because it would cause distress: 'I don't think he was ever interested in cybersecurity that much. He was just interested in causing mayhem to people's lives… he is uncaring to a degree which is difficult to understand.' The spate of 'edgelord' teenage hackers had appeared to have died away; but at the end of his book, Tidy mentions new groups such as Scattered Spider, who appear to be made up of teenage boys, some as young as 16, who work with notorious Russian ransomware groups and are willing to use offline violence as part of their threats. Scattered Spider is alleged to be linked to the recent hacks of Marks and Spencer, the Co-op and Harrods. Authorities believe that gangs will emerge in new digital spaces such as the metaverse, and that the best way to avoid that will be education: teaching children 'where the lines are' online. If we fail to do that, Tidy writes, we're 'enabling the cyber criminals of the future'.
CNET
a day ago
- General
- CNET
4 Ways to Ditch Your Home Security Devices' Reliance on Wi-Fi
With all the security breaches and hacking going on nowadays, privacy and protection are most people's main priorities when it comes to their well-being and property. Home security systems grew over the past year, with 94 million US households adopting some form of camera, doorbell, alarms and other security devices, according to the SafeHome report. But most of these smart home security gadgets rely heavily on Wi-Fi, which can be a problem when your network goes offline and/or is compromised. If you don't want your home security system to rely solely on Wi-Fi to stay connected, you've come to the right place. Here, you'll be given a guide on the products and protocols necessary to have a security system without Wi-Fi. But first, let's break down the basics to set the right foundation. Can home security systems work without Wi-Fi? Yes. Many home security systems don't need Wi-Fi to work. However, you may be giving up certain features in return for this flexibility. In other cases, add-ons help normally router-dependent home security function even if your Wi-Fi dies, like in a power blackout. Google Are home security systems more vulnerable on Wi-Fi? Hacking home security systems is very rare and is typically only done by acquaintances who already had access to the system. But with poor security habits your wireless network can be vulnerable to hacking. Always enable the highest level of encryption your home devices can support, and create a robust password for your Wi-Fi login. You'll also have to decide whether you want your home security devices online at all. Connecting to the internet in any form can increase certain risks, like getting your info stolen in a large-scale database theft. But it also brings many benefits, including remote monitoring and cloud video storage. How do I know if my security devices can work without a wireless network? Below, we'll cover the best options for security system without Wi-Fi . But looking for cellular, PoE (power over Ethernet) and offline features is the best way to ensure your system doesn't need Wi-Fi, or can keep going if your router goes down. Do home security systems without Wi-Fi cost more? Sometimes, but they can also cost less -- it depends on the type of system you get. An offline camera system is likely to cost less. Cellular backup support will usually cost more. The best home security without Wi-Fi Quit relying on Wi-Fi for your home security management with several effective answers... Option 1: Cellular backup for security systems Arlo's new Security Tag and keypad. Arlo If you want (or already have) a traditional home security system with important features like app alerts and remote live views or controls, your best option is to equip your system with a cellular backup. These backups can replace Wi-Fi with a cell signal, and work in tandem with built-in hub batteries (another common inclusion in modern systems) to keep systems running even when the power is out. The trick is that cellular backups aren't free. In some cases, you'll need to purchase an extra device, like this cellular and battery backup from Arlo ($80). In other cases, your security hub already has the capability. But you'll always have to pay a subscription fee for the service, and cellular support isn't always cheap. Arlo, for example, requires a professional monitoring subscription to get cell and battery backup, which only kicks in at the Premium plan, currently around $20 per month. Ring Alarm starts cellular backup at its Standard plan for compatible systems, which costs $10 per month. Expect similar fees like these to enable cellular backup for essentially any security system. Option 2: PoE (power over Ethernet) devices Reolink's affordable PoE cam is a great budget pick if you have cable options. Reolink PoE systems use a single cable connection to supply both power and an internet connection to a device such as a security camera. That makes them ideal for outdoor cams that are far away from Wi-Fi or that need more reliability. It won't help solve blackout problems, but otherwise it's a hands-off cam that doesn't require battery charging and still provides all the online benefits you want. Reolink stands above most home security brands as one of the best choices for PoE cameras. It offers many options, but one of our favorites is the Reolink 4K RLC-810A outdoor camera. It's a high-res cam that's affordable; has object recognition and long-distance night vision; some smart home support; and is entirely subscription-free when you add a microSD card. Option 3: Closed network NVR system Lorex is an excellent choice for NVR systems that avoid Wi-Fi or stay offline altogether for your privacy. Lorex/CNET Homeowners also have the option to ditch the internet completely with an offline NVR or network video recorder, a favorite option for people who want to keep their home security away from the web, the cloud and any wireless signals entirely. The NVR is connected to a display where it can show multiple feeds at the same time, just like how a security guard monitors cameras in a store. Brands like Lorex or Swann sell a variety of Ethernet cables and shielding to security buyers, and security kits will often come with cables for these kinds of NVR systems. You may also be able to choose an analog setup with a BNC cable, or a wireless setup that skips the router and connects to a compatible home hub (Lorex offers both these options, as well as the ability to turn its more advanced Home Security Center offline). However, an offline NVR setup like this will put your security system back decades. You'll miss out on the most advanced features, including checking live views from a distance on your phone. We recommend staying online if possible: Consider a wired connection that still connects the NVR to the internet for the best of both worlds. Option 4: A noncellular trail cam Trail cams are a rough and ready option if you want to keep watch on a spot without relying on the internet. Founissa/CNET Does managing cables annoy you? You have a final security option that ignores Wi-Fi and can work anywhere, wire-free. These are the same trail cams that capture inquisitive wildlife out in remote areas where cell connections aren't reliable. Trail cams like this model for $80 have far-reaching night vision and lots of battery life so they can last for many months at a time even with 4K resolution and audio. The catch is that if you want to see what the camera picked up, you'll need to manually view it like a digital camera, or take out the SD card for a more lengthy inspection. Still, as a weatherproof set-and-forget option, trail cams have their place. Read more: Top Home Security Tips When You're Renting with Roommates Get a more complete look at your options with our guides to the top DIY home security systems, wireless home security, and security systems that can easily move with you if you're frequently on the go.
Forbes
2 days ago
- General
- Forbes
Learn How To Tell If You've Been Hacked, And What To Do
The more devices and accounts you have, the more likely you are to be hacked, so it's a good idea to ... More stay alert to the warning signs. Most of us now have a number of different devices, accessing a wide spectrum of online accounts and services. Any of these can be hacked, with criminals attempting to use your identity to carry out scams and fraud. So how can you tell you've been hacked? There are a number of signs common to different accounts and devices, including unexpected logins, changes to settings that you didn't make, unauthorized financial transactions and more. We look at the warning signs that your account or device may have been compromised, and the steps you should take to put things right if it has. Hacking is the term for gaining access to a device, account or network by a third party. It isn't necessarily malicious — ethical hackers, for example, do this to check out an organization's potential vulnerability. Dorking, meanwhile, is usually carried out for nefarious means, but can also be a useful technique to improve search results. Generally, though, hackers are criminals attempting to steal data — perhaps your personal information, or even your financial details. They gain access through a number of different methods, from vulnerabilities in the device or service itself, or through techniques such as phishing, where victims are tricked into giving away crucial information. If successful, hackers may use your account to lure in more victims, spread malware or even empty your bank account. Any device that can be connected to the internet is at risk of being hacked — phones, tablets, PCs and Apple computers. It's even possible to hack smart home devices or smart cars. Hackers have a number of motivations. Generally, it's to steal personal data, which can then be sold on the dark web to other criminals, especially if it includes passwords, credit card details or other financial information that can be exploited to carry out scams. Some devices are more at risk than others — Apple, for example, has a reputation for protecting user security well. But whatever the device, it's possible to take measures to minimize the risk. There are a number of signs that your computer has been hacked. Often, the first sign is slow performance, or your computer freezing or crashing. Programs that you didn't install may appear, as may a deluge of pop-up ads; your password may be changed, and you could be locked out of accounts. If you have a website, you may see browser warnings, Google Search Console alerts, slow loading times, and unexpected redirects, along with the sending of spam emails. If your PC or Mac is hacked, your first step should be to unplug your machine and disconnect it from the internet. You should then change passwords and run a full virus scan. Signs that your phone has been hacked include a fast-draining battery or overheating, indicating that it's working in the background for somebody else. Bills may be higher than usual, and new apps may unexpectedly appear, along with unexpected notifications, unrequested 2FA codes or pop-ups. You may find that settings such as camera or microphone permissions have been changed — or even find yourself locked out of your Apple ID or Google account. If you do fall victim, you should start by changing all passwords and running a security scan; if all else fails, you should restore your phone to its factory settings. Hundreds of thousands of routers are hacked every year, with criminals generally exploiting a weak password or taking advantage of unpatched software vulnerabilities. Your browser may keep redirecting you, you may spot increased data usage, slow internet or unusual network activity, or discover that unfamiliar devices have been connected to your wifi. Your login credentials or router settings may have been changed without your knowledge. If you suspect that your router has been hacked, you should disconnect it and give it a factory reset, and change your password. You should then use an anti-virus package to check all your devices for malware. Hacking accounts can give criminals access to valuable data, which they can exploit for financial gain, and allow them to spread malware or scams. Frequent targets include Amazon, Apple ID, email, Google and Microsoft, with signs including passwords that don't work, or unexpected alerts about login attempts, password resets, or two-factor authentication. To minimize the risk and keep your accounts safe, it's a good idea to use a strong password and two-factor authentication. Signs that your Amazon account has been hacked include changes to your address, email, payment information. You may also receive notifications of password reset requests. Other common signs of a compromised Amazon account include purchase activity that you don't recognize, or reviews you didn't write being posted in your name. If you think your Amazon account has been hacked, you should change your password, enable two-factor authentication and run an anti-virus scan. You should also chack for any unauthorized financial activity. The main signs that your Apple ID has been hacked are access by a device you don't recognize or a password change that you didn't make. You may also spot unauthorized purchases on the App Store or iTunes. And if your Apple ID is hacked, it will give the criminals access to all your Apple devices, from a MacBook to an iPad or iPhone. If this happens to you, you should change your password, check your account information is correct, and, if you can't then access your account, go to then for help. Signs that your email account has been hacked include being unable to log in, unexpected or missing emails, unexpected changes to your password or account settings or alerts from your email provider itself. If it happens to you, change your password and run a virus scan. You should be able to recover your account by contacting your email provider and asking for a password reset. Signs that your Google account has been hacked include a password that no longer works, changes to your personal account or an alert from Google that there's been a sign-in to your account from a new device. You should sign into your account if you can, change your password and turn on two-step authentication. Scan for and delete any malware, and visit Google's account recovery page to regain control. There are a number of signs that your Microsoft account may have been hacked, including a notification from the company itself about potentially suspicious activity, for example a log-in from a new location. Emails you didn't write may be sent from your account, or your profile information changed. If your account is hacked, you should change your password, enable multi-factor authentication and update security settings. If you can't access your account, you should be able to recover it here. Signs that your Netflix account has been hacked include an email from Netflix itself, perhaps alerting you that a device has signed in from an unfamiliar location, changes to your payment method or perhaps being locked out altogether. You should immediately change your password and then sign out of all devices, remove any unauthorized payment methods through the Manage payment methods section, and contact Netflix support to report the suspicious activity. Social media accounts are a popular target for hackers, thanks to the vast amount of personal information they hold and the ability to use a compromised account to carry out scams and fraud. All platforms — from X and LinkedIn to WhatsApp and Snapchat — are vulnerable, though Facebook, Instagram, and Xr are the most frequently hacked. Staying safe is a matter of taking basic security measures like having a strong password and two-factor authentication, avoiding giving too much information away on social media and never reusing passwords from one site to another. Signs that your Facebook account has been hacked include messages from Facebook itself, changes to your profile information or strange messages being sent to your contacts. If it happens, you should change all your passwords immediately and tighten up your privacy settings. You should also warn friends and family to avoid engaging with any messages from your account. If you can't access your account yourself, you'll need to go to this Facebook help page, where you'll be led through the process to recover your account. Instagram is one of the most-hacked social media platforms, and it's usually easy to spot if it happens to you. You may discover that you can't log into your account, or posts, reels or stories that you didn't make may appear. If you can still log in, you should change your password and turn on two-factor authentication. If you can't log in, there are a number of steps you can take, depending on your type of account. If you've had a message from Instagram telling you that your email address has been changed, you may be able to fix this by clicking the 'Secure my account' link in the message. You can also ask for a login link or security code to be sent to the email address or phone associated with your account. You may discover that your LinkedIn account has been hacked via a message from the company, or because of suspicious activity on your profile, difficulty logging in or complaints from contacts about strange or spammy messages coming from your account. You should report the problem to LinkedIn here, change your password and review your active sessions to see where you're signed into LinkedIn right now. You should review all the email addresses and phone numbers associated with your LinkedIn account to make sure you can receive password reset messages from LinkedIn. Look out for, and delete, any rogue messages or posts on your account, and let all your contacts know what's happened. Signs that your Reddit account has been compromised include apps on your profile that you don't recognize or unusual IP history on your account activity page. You may start seeing votes, posts or comments that you didn't make, or receive an alert from Reddit itself. If you think your account has been hacked, you should contact the company — although users report that getting your account back can take up to a month. You should also change passwords and alert any other users that you interact with that your account has been hacked. Signs that your Snapchat account has been hacked include spam being sent from your account, new contacts appearing or unauthorized changes to the mobile number or email address associated with your account. You may also get an alert from the company telling you that someone has logged in to your account from an unfamiliar location, IP address or device. If you realize that your Snapchat account has been hacked, you should change your password and enable two-factor authentication. Verify your email and mobile number, and check for any unauthorized linked devices. Signs that your WhatsApp has been hacked include strange activity on your account, such as messages from unknown contacts, unread messages marked as read or receiving unsolicited verification codes. You may spot an unfamiliar device logged into your account or changes to your profile information. Recovering a WhatsApp account is usually pretty straightforward — you just need to sign into WhatsApp with your phone number and you'll be sent a six-digit code via SMS or a phone call to allow you to re-register. Signs that your X account may have been hacked include a password that won't work, unauthorized tweets or direct messages from your account, unexpected actions like follows or blocks and notifications from X itself. You'll need to change your password, make sure that the email address linked to your account is secure, check for viruses and revoke access for any third-party applications that you don't recognize. If you're still having problems, you can contact X's support team here for help. Bottom Line The more devices and accounts you have, the more likely you are to be hacked. It's a good idea to stay alert to the warning signs. But if it does happen to you, it's usually fixable if you know the right steps to take.
TechCrunch
2 days ago
- Politics
- TechCrunch
White House investigating how Trump's chief of staff's phone was hacked
The White House is investigating after one or more people reportedly accessed the contacts from the personal phone of White House chief of staff Susie Wiles, and used the information to contact other top officials and impersonate her. Wiles reportedly told people that her phone was hacked. The Wall Street Journal first reported the hack of Wiles' phone. CBS News also confirmed the reporting. The hacker or hackers are said to have accessed Wiles' phone contacts, including the phone numbers of other top U.S. officials and influential individuals. The WSJ reports that those who received phone calls impersonating Wiles used AI to impersonate her voice and sent text messages from a number not associated with Wiles. White House spokesperson Anna Kelly would not say, when asked by TechCrunch, if authorities had determined if a cloud account associated with Wiles' personal device was compromised, or if Wiles' phone was targeted by a more advanced cyberattack, such as one that involves the use of government-grade spyware. In response, the White House said it 'takes the cybersecurity of all staff very seriously, and this matter continues to be investigated.' This is the second time Wiles has been targeted by hackers. In 2024, The Washington Post reported that Iranian hackers had attempted to compromise Wiles' personal email account. The Journal said Friday, citing sources, the hackers were in fact successful in breaking into her email and obtained a dossier on Vice President JD Vance, then Trump's running mate. This is the latest cybersecurity incident to beset the Trump administration in the months since taking office. In March, former White House top national security adviser Michael Waltz mistakenly added a journalist to a Signal group of top White House officials, including Vance and Wiles, which included discussions of a planned military air-strike in Yemen. Reports later revealed that the government officials were using a Signal clone app called TeleMessage, which was designed to keep a copy of messages for government archiving. TeleMessage was subsequently hacked on at least two occasions, revealing the contents of its users' private messages.
