Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Sharp dip in China based hackings


According to a new report from a prominent cybersecurity firm hired to investigate breaches, Chinese hacking of U.S. government and corporate networks and other countries has sharply declined since 2014

Hackers operating out of China were linked to between 50 and 70 incidents that the cybersecurity company FireEye Inc. was investigating on a monthly basis in 2013 and the early part of 2014. Starting in October 2015, however, this tally dropped below 10 incidents and hasn't recovered. FireEye observed only a handful of network intrusions attributed to Chinese groups in April of this year.

FireEye rival CrowdStrike Inc. says that it, too, has noticed a drop in China-based hacking incidents. Chief Technology Officer and co-founder Dmitri Alperovitch said the decline may be accounted to sweeping reorganization of China’s military, announced earlier this year.

The shift is likely the result of a confluence of factors, including public scrutiny and pressure from the U.S. government but it is not solely the result of a September anti-hacking pledge struck by President Obama and Chinese President Xi Jinping.
Chinese military hackers attempted to steal troves of confidential information from the U.S. Office of Personnel Management in 2014 and failed. But China got the data anyway. It passed the job to contractors -- a group code-named Coldcuts by the U.S. -- who worked on their own or for private companies to conduct a dragnet for sensitive data from government, airlines and health insurers.
The new information about those incursions, confirmed by two people involved in the investigation who asked not to be identified because the details remain confidential.
When China’s expansive hacking operations began to come into the public eye, the U.S. was able to muster the political support to confront China directly on its cyber espionage tactics — indicting five Chinese military officers in 2014 on charges of stealing trade secrets and striking the anti-hacking pledge. None of those charged has appeared in the U.S.
That’s a success for the Obama administration and September deal is thought to be the reason behind it but researchers found that the drop was noticed before the deal was made.
Military reforms within the Chinese government also played a role. Since taking power in late 2012, Xi has implemented a series of significant military reforms aimed at centralizing China’s cyber elements that may also be a factor.
Ahead of a visit to the U.S. by Chinese President Xi Jinping in September 2015, news leaked that President Barack Obama was considering sanctions against Chinese companies that benefited from hacking. China’s top security czar flew to Washington to hammer out an agreement, later announced by the two presidents, that China would stop supporting cyberespionage for commercial purposes.
Though Chinese hackers are still targeting some private-sector U.S. firms but that data could be used both for military applications and commercial ones. This suggests that the intrusions could be traditional intelligence-gathering, which is not prohibited by the September agreement.
But it seems the battle may be moving to another front.

That shift makes the question over whether China is keeping a promise that it won’t hack U.S. companies for technology and personal data a challenge to answer or is it turning the battle to another front.
Read more »

Hackers post explicit images on U.S. athletic conference’s twitter account


Hackers took over the official twitter account of Southeastern Conference (SEC) and posted a couple of images of scantily clad women on Saturday (June 25) morning.

SEC is an American college athletic conference whose member institutions are located primarily in the Southern part of the United States.

While its micro blogging site’s handle was hacked, a social media nightmare became a reality.

One tweet showed a woman dressed in a bra and underwear with the following message: “Hey! Dear, do you want to see me naked boobs? Meet me here,” followed by a link. Another showed a photo of a scantily clad woman apparently rummaging around under a desk with the message, “Hi! Sugar, do you want to watch my private videos? go on,” followed by another link.

SEC spokesman Herb Vincent said in a statement, "We became aware of it when we saw some retweets."

The company removed the images, changed the password and notified Twitter about the incident as soon as breach was known.

The tweets, which were sent out to the account has 325,000 followers.

Soon after the posts were deleted, Commissioner Greg Sankey apologized for the posts which were the result of a hack.


SEC isn’t alone with its social media issues. Earlier this month, the National Football League's twitter account was hacked with three unauthorized messages appearing in the league's timeline, including a statement that Commissioner Roger Goodell had died who was in fact alive.
Read more »

DoD's attack on Health and Human Services

Recently Department of Defense has hacked into Health and Human Services website to check the website's vulnerability. Called by the name "Hack the Pentagon " bounty program was a good hit and had impact such that Health and Human Services has started to look at it .

HHS officials mentioned that DoD's recent bounty program paid bounties to hack into various systems to exploit cyber security issues in health care.

Lucia Savage , Chief privacy officer at HHS's office of the National Coordinator for health Information Technology, said that the practice showed whether HHS could meet scaled up health care needs.

Recently ethical hacking has been hot topic at the recent Federal Drug Administration workshop focussing medical devices and their vulnerabilities.

“This is a struggle for devices as well,” she said. “You can’t hack something in the field, because what if the hacker disrupts the operation of the device. Similarly, health data and EHRs, we may not want to have the hacker accessing your live data because that might cause other problems relative to your obligation to keep that data confidential.

“Given that space and given the need to improve cyber security, is there something that ONC can do to improve that rate at which ethical hacking occurs in health care?” savage said her office was working on plans to see how effectively applied to various medical devices sector.

“I think that this is a technique that has been found highly valuable in the rest of industry,” she said. “One of the things we are thinking about is how to get this to take root as a security hygiene process within the health care system.”

Dr. Dale Nordenberg, CEO of Novasano Health and Science and a Health IT standards committee member, said that hacking medical devices could prove difficult because every medical device is hackable, leaving weaknesses and solutions to be worked out with a litany of detail.

“The issue is that once a vulnerability is identified, the industry is highly resistant to exposing to the public that specific vulnerability because the manufacturer has to get engaged,” he said.

Savage added that her office and FDA are continuing to identify details like intellectual property issues and identifying who remedies a vulnerability, but with the Internet of Things and interoperability moving forward, these devices are becoming more interconnected.
Read more »

Acer Data Breach Exposes Credit Card Details


(pc-google images)

Acer online store has recently been hacked and the breach has exposed the credit card details of users accessing the website over the past 12 months.

Acer has sent a letter informing all users of its online store in the US warning that their personal records were drawn off from its store by crooks between May 12, 2015 and April 28, 2016.

The lost data includes customer names, addresses, card numbers, and three-digit security verification codes on the backs of the cards. Acer did not say how many customers had their details swiped.

"Based on our records, we have determined that your information may have been affected, potentially including your name, address, card number ending in [insert], expiration date and three-digit security codes. We do not collect Social Security numbers, and we have not identified evidence indicating that password or login credentials were affected," the letter reads.

Acer has urged its customers who suspect their card numbers being used for fraudulent charges to file reports with the police.

"If you suspect that you are a victim of identity theft or fraud, you have the right to file a police report. In addition, you may contact your State Attorney General’s office or the US Federal Trade Commission to learn about steps you can take to protect yourself against identity theft”, said the letter from Acer.
Read more »

An Anonymous hacks pro-ISIS accounts, gives them a gay makeover


The hacker-activist group Anonymous hacked into dozens of Twitter accounts of pro-Islamic State militants, decorating them with gay pride symbols, pro-LGBT slogans and links to gay pornography in response to the deadly attack in Orlando’s Pulse nightclub which killed 50 people and left 53 others wounded.

It’s been an incredibly tough week for the LGBT community after the horrific mass murder. It is the deadliest mass shooting in the modern history of U.S.

While the rest of the world mourned the vile attacks, ISIS celebrated.

U.S. claims, the gunman, Omar Mateen, a New York-born Florida resident and U.S. citizen, who was the son of Afghan immigrants, was inspired by ISIS.

A hacker, who goes by the name WauchulaGhost, draped some accounts with the rainbow flag and messages like "I’m Gay and I’m Proud." The hacker vigilante claims to have taken over 200 Twitter accounts belonging to ISIS supporters in retaliation for the group’s public praise of the mass shooting at the gay nightclub.

WauchulaGhost has been hacking pro-ISIS accounts since at least March 2016, but possibly earlier. Around June 7, WauchulaGhost account was posting pornography-related images and slogans such as "I love porn" and Anonymous to pro-ISIS accounts. Anonymous also frequently tweets the pro-ISIS accounts' IP addresses, which included users in Turkey, the United Kingdom, Iraq, Jordan, Oman and elsewhere.

In a post on June 12, the hacker said twitter had deleted the accounts after they were altered by him.
The pro-ISIS accounts that were hacked were all renamed "Jacked by a Ghost" and most linked to CIA.gov.

The militant organisation’s homophobia is well documented – it’s outlawed, punishable by death, and there are grim videos of ISIS members publically executing LGBT people.

It’s not going to bring down the caliphate, but it is funny as hell.


So in a small, moral victory the Anonymous gave them a wonderfully gay makeover.
Read more »

Carbonite Online Service Warns Users To Change Passwords


(pc-google images)

A day after remote desktop service GoToMyPc accounts were hacked, online backup service Carbonite has suffered the same fate. Carbonite has, therefore, issued a warning that hackers are attempting to break into its users accounts, and are prompting all users to change their passwords.

“As part of our ongoing security monitoring, we recently became aware of unauthorized attempts to access a number of Carbonite accounts. This activity appears to be the result of a third party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked. The attackers then tried to use the stolen information to access Carbonite accounts”, read the statement issued by the online service.

The company claims its own systems haven't been compromised.

“Based on our security reviews, there is no evidence to suggest that Carbonite has been hacked or compromised”.

“While we will continue to monitor and investigate the matter, we have determined that usernames and passwords are involved. Additionally, for some accounts, other personal information may have been exposed.”

Carbonite hasn't yet imposed two-factor authentication as a default, but it does "strongly encourage" its customers to use 2FA.

Most Carbonite users should receive an email from the company in the coming days, but they'll be prompted to reset their password as soon as they try to use the service anyway.

“Look for an email from Carbonite with instructions for resetting your password. We highly recommend all customers use “strong” unique passwords for Carbonite and all online accounts. Learn more about strong passwords at www.carbonite.com/safety. If you use the same or similar passwords on other online services, we recommend that you set new passwords on those accounts as well”, the company added in the statement.










Read more »

Connecting with people on LinkedIn might help hackers

Connecting with people you don't know on LinkedIn? According to the Intel Security research if you connect with unknown people, this may help hackers to steal your company data.

Research done by Intel Security revealed that Brits allow hackers to harvest the information whom people do not know.

Respondents of Intel's survey said they accept "I'd like to connect with you on LinkedIn" requests from people they do not know.

"When a person in a similar industry to us, or a recruiter, requests to connect on LinkedIn, it may look harmless, but hackers prey on this as a means to target senior level professionals and ultimately the corporate network," said Raj Samani, CTO of EMEA at Intel Security.

"Social networking sites are a treasure trove of data used by malicious actors in order to research potential targets for attacks, not only requesting to connect with senior executives but as many junior or mid-level employees at a company as possible," said Samani.

"They then target senior level execs, using their existing connections with colleagues as proof of credibility by leveraging the principle of social validation," he added. "Once these connections are in place they can launch a targeted phishing campaign."

According to the FBI such attacks are on the rise, saying criminals send fake invoices, request wire transfers and so on using accurate looking but false emails.

Most respondents to the survey said their employer hadn't "made them aware" of any corporate policies around social media.

“Businesses must educate all members of staff on how to avoid common scams, including making them aware of the risks of opening unknown attachments in messages or clicking on unknown links,” said Samani.
Read more »

GoToMyPc accounts hacked, users need to reset passwords




(pc- google images)
It is now time to reset your passwords if you are using GoToMyPC remote desktop access service and there’s a reason for that. The GoToMYPC service has been targeted by a very sophisticated password attack and the security team has recommended resetting all customer passwords immediately.

In a statement on the GoToMyPC status page, the company says:

“Unfortunately, the GoToMYPC service has been targeted by a very sophisticated password attack. 
 To protect you, the security team recommended that we reset all customer passwords immediately.

Effective immediately, you will be required to reset your GoToMYPC password before you can login again.

To reset your password please use your regular GoToMYPC login link.

Recommendations for a strong password:
·         Don’t use a word from the dictionary
·         Select strong passwords that can't easily be guessed with 8 or more characters
·         Make it Complex – Randomly add capital letters, punctuation or symbols
·         Substitute numbers for letters that look similar (for example, substitute “0” for “o” or “3” for “E”.

(pc-google images)
GoToMyPC is recommending customers enable two-step verification which will mean any potential hackers will need more than your password alone to access your account.

Citrix, the company behind GoToMyPC, is still investigating the hack and has posted on Twitter : “We've reached out to find out more about what has happened, and we'll update this post when we hear something.”










Read more »

Teen hacker praised for hacking Defense Department website

It is near to impossible when  the head of US Defense Department praises hacker for hacking the department website.

A high school student David Dworken was praised by Ash Carter, Secretary of Defense, for hacking the US Defense Department website.The 18-year-old used to spend 10 to 15 hours between classes on his laptop, hacking the websites.

“We know that state-sponsored actors and black-hat hackers want to challenge and exploit our networks … what we didn’t fully appreciate before this pilot was how many white hat hackers there are who want to make a difference,” Carter said at a ceremony where he also thanked Craig Arendt, a security consultant at Stratum Security.

Defense Department has launched a pilot project this year in which more than 1,400 participants took part, and found 138 valid reports of vulnerabilities, the Pentagon said. The pilot project was restricted  to public websites and the hackers are not allowed to access highly sensitive areas.

The U.S. government blamed China and Russia, saying they have tried to access government systems in the past.

According to the Pentagon they paid a total of about $75,000 to the successful hackers. The pilot project cost $150,000, including the reward money, and several follow-up initiatives

Teen hacker Dworken, who graduated from Maret high school in Washington, D.C., said he reported six vulnerabilities, but received no reward because they had already been reported.

However, he had already been approached by recruiters about potential internships.

“It’s not a small sum, but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us more than $1 million,” Carter said.
Read more »

$50 million of digital money stolen

A hacker has stolen more than $50 million of digital money  from an experimental virtual currency project, known as the Decentralized Autonomous Organization.

It had been the most successful crowdfunding venture ever. According to the reports, it took one-third of the venture's money but also the hopes and dreams of thousands of participants who wanted to prove the safety and security of digital currency.

After all, this it is likely an end of the project, which had raised $160 million in the form of Ether, an alternative to the digital currency Bitcoin.

However,  the computer scientists involved in the project are aiming to tweak the code that underpins Ether in a way that will recover the money.

"This is one of the nightmare scenarios everyone was worried about: someone exploited a weakness in the code of the DAO to empty out a large sum," Emin Gün Sirer, a computer science professor at Cornell who co-wrote a paper pointing out problems with the project, said.

This incident has reminded everyone of how the code can be just as vulnerable to human greed and mistakes as paper bills.

The project was funded by investors from around the world using Ether, which has become popular over the last year. But in May, computer scientists pointed out several vulnerabilities in its codes.

"The DAO is being attacked," Griff Green, a community organiser with the company that wrote the project's software, Slock.it, wrote on a chat channel for the project. "This is not a drill."

The money that the hacker moved appeared to be frozen on Friday as a result of a safeguard previously built into the code. Coders working on the Ethereum network, which hosts Ether, were debating on whether to make a one-time change to the code to recover the frozen money.

"The strength of blockchain tech is that it is a ledger, a statement of truth," Bruce Fenton, a board member with the Bitcoin Foundation, wrote on Friday. "That ledger is only as good as its resistance to censorship, change, demands or attack."
Read more »

Lone Hacker Guccifer 2.0 Takes Responsibilty For DNC Cyber Attack



(pc-google images)
A lone hacker known as Guccifer 2.0 has claimed the sole responsibility for the for a cyber attack on the U.S. Democratic National Committee, revealing a series of documents allegedly extracted from DNC servers. This contradicts the initial DNC reports that Russia was behind the attack.

Guccifer 2.0 posted several confidential files on a Wordpress blog as well as claimed to have sent "thousands of files and mails" to Wikileaks which he says will "publish them soon."After an evident opposition file containing research on Donald Trump leaked earlier this week, Guccifer 2.0 has followed it up with alleged financial information on the Democratic Party and its donors.

The hack was initially reported to be the work of the Russian government agencies on Tuesday by CrowdStrike, the cybersecurity firm hired by the DNC to investigate the data breach.

In the post, Guccifer 2 has mocked the cybersecurity firm saying that, "CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by 'sophisticated' hacker groups. I'm very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy."

CrowdStrike is standing by its analysis that it was Russian government hackers. It had posted earlier stating: "On June 15, 2016 a blog post to a WordPress site authored by an individual using the moniker Guccifer 2.0 claiming credit for breaching the Democratic National Committee. This blog post presents documents alleged to have originated from the DNC.”

"Whether or not this posting is part of a Russian Intelligence disinformation campaign, we are exploring the documents' authenticity and origin. Regardless, these claims do nothing to lessen our findings relating to the Russian government's involvement, portions of which we have documented for the public and the greater security community."


Read more »
Subscribe to: Comments (Atom)