According to the US Attorney’s Office of the Southern District of New York, a Minnesota man has been charged with hacking Major League Baseball’s computer systems and trying to extort $150,000 from them.
According to court documents, 30 year old Joshua Streit sent emails to an MLB executive threatening to publicize the vulnerability he discovered and used to access the website the MLB uses from streaming live games before asking for the $150,000.
Allegedly Streit renewed his extortion attempt in September, when the MLB was under increased stress building up to upcoming playoff season.
Many news outlets contacted a Twitter accounted listed in the criminal complaint as being Streit’s, but the account has not yet responded to any requests for comments. James Beckcer, the attorney listed as Streit’s in court documents as also not responded to requests for comments.
The charges listed against Streit, aka Josh Brody, include illegally hacking a computer to commit fraud, wire fraud and sending threats over state lines with the intent to extort. Streit/Brody could face anywhere from 2-20 years in prison for each charge.
New Smart TV on your Christmas list? Be careful of what features you get on your TV. Specifically the ones with cameras or microphones built in. They could be used to spy on you according to the FBI.
Smart TVs connect to the Internet in order to update, download apps, connect through the apps. Some of the newer ones have built-in cameras for facial recognition so they can suggest your favorite programming. Microphones are generally used for voice control for the remotes to change channels.
If your Smart TV is unsecured, hackers can listen and watch you as well, or take control of the TV. If you can’t turn off the camera, consider using black tape over the lens. Make sure to keep the software updated.
If you are victimized by any fraud on the Internet, contact the IC3 (Internet Crime Complaint Center).
The Victor crew found this article about passwords. There have been so many breaches in recent history. There have been 13 big data breaches this year alone (so far).
This article breaks down why passwords really don’t matter in light of the way hackers are performing their breaches. It is from a Microsoft tech using stats collected from Azure Active Directory connected accounts. The data is broken down by type of attack and how they are performed.
Once you cut through all the techese, the bottom line is to choose passwords with at least 8 characters, use a password manager and let it generate the password for you, try using multi-factor authentication for that extra step.
The Victor crew has written about car hacking before. It seems to have escalated to apps being used to hack some cars now. Breaking into certain GPS Tracking apps, the hacker claims to have the ability to even stop engines, as reported by MotherBoard.
The apps he has hacked, called iTrack and ProTrack, are two apps where companies can monitor and manage their fleet vehicles. The hacker found that the apps have default password of 123456 when they sign up. The hacker said he was trying to target the companies, not the users.
Both apps are made in China.
Jody Victor‘s crew wants to warn everyone that you need to be careful if you are considering buying
smart toys for children. Our warning is 2-pronged.
First is that any toy that can go online via WiFi has the potential to be hacked. There are already some instances of this.
The Hello Barbie doll was found to be able to be a surveillance device.
VTech, based in Hong Kong, had a vulnerability that allowed private information including names, addresses, email addresses, download history, secret questions to be compromised.
HereO watch, a GPS-enabled watch, had a vulnerability that allowed stalkers a way to track and send messages posing as their parents.
Fisher Price’s Smart Toy Monkey had a vulnerability that could leak owner information.
These are just a few toys we know of so far.
The second prong to this problem is this: Will these be new avenues for our (or any) government to track us? Will any toy or device equipped with a camera and/or microphone allow government agencies to spy on us or for them to confiscate them for investigation?
We might need to think twice before purchasing these items.
(Reuters) A couple of white-hat hackers (those who are hired to find software vulnerabilities) set out to hack some cars. They were able to force a Toyota Prius to brake when it was going 80 miles per hour, jerk its steering wheel, or accelerate its engine. They can disable the brakes on a Ford Escape at slow speeds so it keeps moving no matter how hard the driver tries to stop.
They were actually doing this sitting in the cars with a laptop on their laps hooked to the network of the cars. They didn’t do it remotely, but this did uncover security flaws.
The two hackers, Charlie Miller and Chris Valasek, will detail their findings ans publish the techniques they used in a 100-page white paper. This research was conducted with a grant from the U.S. government. They will also release the software they built to do this at this week’s Def Con hacking convention in Las Vegas.
~ Jody Victor