citadrianne writes with news that security startup Zerodium has just paid a group of hackers $1 million for finding a remote jailbreak of an iPhone running iOS 9. Vice reports: “Over the weekend, somebody claimed the $1 million bounty set by the new startup Zerodium, according to its founder Chaouki Bekrar, a notorious merchant of unknown, or zero-day, vulnerabilities. The challenge consisted of finding a way to remotely jailbreak a new iPhone or iPad running the latest version of Apple’s mobile operating system iOS (in this case iOS 9.1 and 9.2b), allowing the attacker to install any app he or she wants app with full privileges. The initial exploit, according to the terms of the challenge, had to come through Safari, Chrome, or a text or multimedia message. This essentially meant that a participant needed to find a series, or a chain, of unknown zero-day bugs.” Read more of this story at Slashdot.
Continued here:
Somebody Just Claimed a $1 Million Bounty For Hacking the iPhone
An anonymous reader writes: It appears that most pharmacies in the US are interconnected, and a breach in one leads to access to the other ones. A security advisory released [Friday] shows how a vulnerability in an online pharmacy granted access to prescription history for any US person with just their name and date of birth. From the description linked above: During the signup process, PillPack.com prompts users for their identifying information. In the end of the signup rocess, the user is shown a list of their existing prescriptions in all other pharmacies in order to make the process of transferring them to PillPack.com easier. … To replicate this issue, an attacker would be directed to the PillPack.com website and choose the signup option. As long as the full name and the date of birth entered during signup match the target, the attacker will gain access to the target’s full prescription history. Read more of this story at Slashdot. 
The only thing that sucks worse than doing taxes is a hacker stealing your identity, doing your taxes for you, and then depositing your return in a random bank account, where it can later be transferred to Nigeria. Sound impossible? It’s not, according to the story of an unlucky man named Michael Kasper. Read more… 
The only thing that sucks more than spam are the greedy people who send it to you. That’s why the Department of Justice charging three spam kingpins responsible for one of the largest data breaches in history is so exciting. Finally, Feds are taking down the spam kingpins—or at least trying. Read more… 
A federal judge just sentenced journalist Barrett Brown to 63 months in prison and ordered him to pay nearly $890, 000 in restitution for charges related to the 2011 hack of Stratfor Global Intelligence. Brown’s supporters maintain that the young writer and activist was “merely linking to hacked material.” For that, he’ll spend about five years behind bars. That sucks. Read more… 
Need to do some digital breaking-and-entering but don’t really have the skills? Don’t worry: Hacker’s List provides a space for you to find your dream hacker, ready to undertake your computer crimes for you Read more…