Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Dropbox Urges Users To Change Old Passwords

(pc-Google Images)
Dropbox has asked its users to change their passwords, if they haven’t done so since the online service’s launch in 2007. This comes as a ‘precautionary measure’ after a spate of hack attacks on an old set of Dropbox credentials in 2012.

In July 2012, Dropbox said its investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of of Dropbox accounts. It said it had contacted the users affected to help them protect their accounts.

The cloud storage service said that the move isn’t any indication that their accounts were improperly accessed.

“Based on our threat monitoring and the way we secure passwords, we don’t believe that any accounts have been improperly accessed,” the company said. “Still, as one of many precautions, we’re requiring anyone who hasn’t changed their password since mid-2012 to update it the next time they sign in.”

Dropbox is also recommending that users use two-factor authentication when resetting their passwords.

Launched in 2007, Dropbox allows users to store, access and share files easily from a variety of devices. It has accumulated 500 million sign-ups to the service.
Read more »

Hackers Steal 12 Million Baht From Thai Bank ATMs

(pc-google images)
In another row of hack attacks, hackers have managed to steal 12.29 million Baht ($350,000) from the Government Savings Banks of Thailand. The bank shut down 3,000 ATMs after 21 machines were hacked. The hacking spree was conducted from August 1st onwards.

According to the Bangkok Post, GSB found that over 20 of its machines across the provinces of Bangkok, Chumphon, Prachuap Khiri Khan, Phetchaburi, Phuket and Surat Thani were targeted.

(pc-google images)
The attack involved targeting of single machines and the malware used to compromise the ATM machines was so advanced that it could not be detected for quite some time. During the hacking campaign, hackers gradually withdrew 40,000 Baht (1154 US Dollar) every time.

Investigators have noted similarities between the malware heist in Thailand and previous attacks in Taiwan and Malaysia earlier this year. Last month, three suspects were arrested in Taiwan using a malware hack to access money from First Bank ATM machines.

Police General Panya Mamen said, “As of now the evidence we have found makes us confident that this group is linked to the gang who committed a similar robbery in Taiwan.”

 Thai police asked citizens to be on the lookout for strange behavior by foreigners at cash machines, noting that the hackers behind the heist spent a long time at each machine, usually late at night.
Read more »

T-Mobile's Data Plan Violates Net Neutrality Rules In US

(PC-google images)
The new unlimited data plan of T-Mobile One is causing serious concerns for people as it may violate net neutrality rules in US.

The Electronic Frontier Foundation believes that T-Mobile's new One plan, which offers unlimited data, calls, and texts, may fall afoul of net neutrality rules due to the restrictions that it imposes on how customers can consume data.

T-Mobile One offers unlimited video streaming at 480p, but getting HD video will cost you an extra $25 a month per line. Many are saying this violates net neutrality, and even the Electronic Frontier Foundation has spoken up.

EFF senior staff technologist Jeremy Gillula told the Daily Dot that, based on what his group has read about T-Mobile One so far, “it seems like T-Mobile’s new plan to charge its customers extra to not throttle video runs directly afoul of the principle of net neutrality.” He added that T-Mobile One’s video throttling could also violate the FCC’s Open Internet Order that says that “ISPs can’t throttle traffic based on its type, or charge customers more in order to avoid discriminatory throttling.”

On accused of violating the net neutrality rules, T-Mobile CEO John Legere gave his clarification.

“Listen, we have made it painfully clear from the beginning, we are pro net neutrality. This is all about customer choice. So if a customer buys this program, we will, based upon the offer itself, deliver them video at standard definition. If they want Ultra HD and they upgrade and pay the $25, we will give them that, too. That’s choice.

“We actually believe that there were questions associated with how we got here, and this is a very strong statement of responding to what we think are the things that are very important from a net neutrality standpoint. I’m glad to have that discussion, but it is clearly not an anti-net neutrality position.”

This isn’t the first time that T-Mobile has been accused of violating net neutrality. In the months following last year’s launch of Binge On, there were several accusations of net neutrality violations.
Read more »

Massive Data Breach Hits Indian Navy's Submarine Maker 'DCNS'


(PC-google images)
French shipbuilder DCNS has suffered a massive data breach as detailed plans for stealth submarines built by the military manufacturer have been leaked.

Tens of thousands of documents detailing the combat capability of France’s Scorpène-class submarine have been revealed, raising fears over the security of multibillion-dollar defence contracts, including with India and Australia.

It is reported that the leak from the French manufacturer included technical manuals and other sensitive information, including details of the submarines’ secret stealth technology, torpedo-launching systems and its many intelligence-gathering systems.

(pc-google images)
The leak contains more than 22,000 pages outlining the details of six Scorpene submarines that DCNS has designed for the Indian Navy.

Both India and France have started investigating the breach.

"I understand there has been a case of hacking," Indian Defence Minister Manohar Parrikar told reporters. "We will find out what has happened."

India’s ministry of defence added that “it appears that the source of the leak is from overseas and not in India”.

DCNS said in a statement that it was aware of the reported leak, and added that it was being “thoroughly investigated by the proper French national authorities for defense security.”

India signed a $3.5b deal for six Scorpene vessels in 2005. They are being built in cooperation with an Indian government-owned shipbuilder in Mumbai.
Read more »

Security Shortcomings Mar Ashley Madison Dating Website

(pc-google images)
The Ashley Madison courting website had "inadequate" security systems and used fake icons to make it safe in front of the users of the site.

A report has revealed that the web page used pretend icons to make people think it was secure.

The Toronto-based firm's security systems were investigated by privacy regulators in Canada and Australia.

Canada's Office of the Privacy Commissioner (COPC) and the Office of the Australian Information Commissioner started an investigation into how Avid Life Media (which owns Ashley Madison) handled customer data soon after the attack.

The report revealed that Avid Life violated privacy laws in both countries due to its negligence as it oversaw data that users surrendered to it when they signed up.

"Privacy breaches are a core risk for any organisation with a business model based on the collection and use of personal information," said Daniel Therrien, Canada's privacy commissioner.

“Handling huge amounts of this kind of personal information without a comprehensive information security plan is unacceptable," added he. The report said that the system passwords were held in plain text on easy-to-access internal servers and in emails and text files that were regularly passed around within the company. Avid also did little to properly authenticate who was accessing its systems remotely.
Read more »

New Linux Trojan Capable Of Creating P2P Botnet

(pc-google images)
Security researchers have discovered a new Linux Trojan dubbed Linux.Rex.1 that is capable of self-spreading and create a peer-to-peer (P2P) botnet.

Researchers at Doctor Web said the Trojan is capable of self-spreading through infected websites and can recruit the infected machines into a P2P botnet.

The Trojan, initially known as Drupal ransomware, was written in the Go programming language and can attack web servers that use various content management systems (CMS), can perform DDoS attacks, send out spam messages, and even distribute itself over networks.

The malware has the ability to hack websites built using Drupal by exploiting a well-known SQL injection flaw.

The analysis published by Dr Web stated “Linux.Rex.1 is a Trojan that can create such P2P botnets by implementing a protocol responsible for sharing data with other infected computers. Once the Trojan is launched, a computer that has been infected starts operating as one of this network’s nodes.” continues the analysis. “The malware program receives directives over the HTTPS protocol and sends them to other botnet nodes, if necessary. When commanded by cybercriminal starts or stops a DDoS attack on a specified IP address.”

“It also searches for network hardware that runs AirOS, and exploits known vulnerabilities in order to get hold of user lists, private SSH keys, and login credentials stored on remote servers. However, this information cannot always be obtained successfully,” reads the analysis.
Read more »

Cisco begins patching of leaked shadowbrokers attack

Enterprise-grade Cisco firewalls began the process of patching a zero-day vulnerability in its Adaptive Security Appliance (ASA) software exposed in the ShadowBrokers data dump.

Researchers at Silent Signal in Hungary yesterday tweeted they had ported the EXTRABACON attack to ASA version 9.2(4), which was released a year ago. The firm expanded the attack range of the ExtraBacon Cisco hack hole revealed as part of the Shadow Brokers cache of National Security Agency-linked exploits and tools. The research after the attack confirmed that the Equation Group exploit for version 8.4(4) of the firewall appliance did indeed provide remote unauthenticated access over SSH or telnet.

The attack was included in a 300 MB file download made freely available by the ShadowBrokers that also included exploits, implants and other attacks against Juniper, WatchGuard, Topsec and Fortinet firewalls and networking gear. Researchers confirmed that there was a connection between ShadowBrokers dump and Equation Group exploits.

The exploit was restricted to versions 8.4 (4) and earlier of ASA boxes and has now been expanded to 9.2 (4).

Users on affected versions of 7.2, 8.0 and 8.7 are requested to upgrade soon to 9.1.7 (9) or later. Newer versions that are also implicated—9.1 through 9.6—are expected to be updated in the next two days.

“We have started publishing fixes for affected versions, and will continue to publish additional fixes for supported releases as they become available in the coming days,” Cisco’s Omar Santos said on Wednesday (August 24) in an updated advisory.

Cisco and Fortinet have confirmed their kit is affected by exploits listed in data cache which included some 300 files circulated online.

The vulnerability lies in the SNMP code in ASA that could allow an attacker to crash the affected system or remotely execute arbitrary code. The attacks can eventually be modified to target any version.

The affected ASA software, Cisco said, runs in a number of its products including Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Cisco ASA 1000V Cloud Firewall, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco Firepower 4100 Series, Cisco Firepower 9300 ASA Security Module, Cisco Firepower Threat Defense Software, Cisco Firewall Services Module (FWSM), and Cisco Industrial Security Appliance 3000 Cisco PIX Firewalls.

Prior to yesterday’s patches, Cisco had provided its customers with IPS and Snort signatures that detect the vulnerability.

The ShadowBrokers data dump happened more than a week ago when the group claimed to have hacked the Equation Group, which is widely believed to be connected to the NSA.
Read more »

France and Germany against encrypted messaging apps

France and Germany  are pushing  for a common rule in  Europe for the encrypted messaging apps such as Telegram to help governments in monitoring  communications between the extremists.

According to the Privacy advocates,  encryption is essential for  online security,especially in banking transactions. Whereas, security experts argues that  encrypted apps are increasingly used by extremists to hide their location, coordinate operations and trade weapons and sex slaves.

Interior Minister Bernard Cazeneuve said "French authorities have detained three people this month with "clear attack plans," but police need better tools to eavesdrop on encrypted text conversations utilizing the kinds of powers used to wiretap phones."

He and German Interior Minister Thomas de Maiziere  are insisting on a ban on encrypted services.However, Cazeneuve said instead of banning the app,  they should work with companies to ensure they can't be abused by militants.

In a joint proposal released on Tuesday, "Encrypted communications among terrorists constitute a challenge during investigations.Solutions must be found to enable effective investigation ... while at the same time protecting the digital privacy of citizens by ensuring the availability of strong encryption."

There were no specific solutions, but the leaders want  to discuss encryption next month during a  summit in Bratislava, Slovakia.

On the other hand, Telegram  wrote on its website that they  blocked terrorist-related public channels but doesn't intervene in private chats.

Read more »

New York Times' Moscow bureau targeted by hackers

Moscow bureau of the New York Times  was being targeted by a cyber attack this month but there is no evidence of the hackers.

Eileen Murphy, Times spokeswoman  told the newspaper that "We are constantly monitoring our systems with the latest available intelligence and tools. We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised."

According to the reports of  CNN, Investigation is being done by  the Federal Bureau of Investigation (FBI) and other U.S. security agencies. However, it is thought to have been carried out by hackers working for Russian intelligence.

"Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said," CNN reported.

 FBI  has declined a Reuters' request for comment.
Read more »

France and Germany lobby to break WhatsApp encyption


European lawmakers have set their sights on a new target in the battle against terrorism: encryption.

France and Germany are going to put pressure over the European Union to let them break one of the most central technologies of the internet by forcing the technology companies to limit encryption used to keep messages private.

Interior minister of France, Bernard Cazeneuve met his German counterpart, Thomas de Maizière in Paris on Tuesday (August 24) to discuss new measures that would limit the use of encrypted communications across the EU. The proposal will be raised in the next month’s EU summit.

“We propose that the EU Commission studies the possibility of a legislative act introducing rights and obligations for operators to force them to remove illicit content or decrypt messages as part of investigations, whether or not they are based in Europe,” said Cazeneuve.

The step is being taken to monitor communications between suspected militants and people who are being investigated.

Measures such as phone taps have long been used by counter-terrorism officials but the growth of online platforms and apps with end-to-end encryption as a standard feature has made it almost impossible to read the private messages on Facebook’s WhatsApp and Apple’s iMessages.

As details of Paris and Brussels attacks have emerged out, it has become evident that such encrypted messages are vital to how jihadis prosecute their violence in Europe. French homeland security chief, Patrick Calvar said the encrypted messages were impossible to be read. The ISIS cell responsible for the November attack used WhatsApp and Telegram which provides end-to-end encryption.

But privacy advocates have repeatedly said that it wouldn’t be possible to weaken encryption only for those that are under investigation. Allowing authorities to read any specific message also stops all of them from being fully private.

Moreover, activists say that such technology is central to keep all behaviour on the internet private ensuring banking transactions and other important and intimate information is secure.

Officials in Washington have bemoaned the spread of encryption since the Edward Snowden leaks in 2013 triggered a backlash against intelligence agencies’ vast and previously secret internet snooping operations.
Read more »

Despite tight security, companies not safe from hacks


With the increasing incidents of data hack every day, companies are on a treadmill to stay ahead of hackers still they are not completely safe.

Last year, private sector companies globally spent more than $75 billion on security software to safeguard their systems and data and now the number is expected to grow by 7% annually. The percentage does not include amounts spent on fraud prevention by banks which is expected to reach into the billions annually.

But even when companies aren’t compromising on security for money, the customer data isn’t completely safe. Data breaches have soared vastly in the last two years and ransomware is one of the biggest emerging problems of the hacking world where hackers demand payment to return sensitive data they’ve stolen or locked up to the rightful owner. Hackers have huge financial incentives to resell employee personal information or corporate secrets.

Hackers are getting smarter with every passing day. They have found ways around existing security software, especially signature-based antivirus (AV) software.

The reason why data breaches are increasing is because companies aren’t deploying security analytics to detect suspicious events. The growth of cloud computing has also put sensitive enterprise data outside the more secure data center. Lack of proper monitoring the security software or setting up sufficient protective cybersecurity policies also ends up in a breach.

“Companies are worse off by 100% compared to 10 years ago because the world is more complicated now,” said Gartner analyst, Avivah Litan.

Meanwhile, Robert Westervelt of market research firm IDC seems more hopeful of the enterprise security future, even though there are many difficulties.

“I don’t think enterprises have gotten worse at cybersecurity, but they are dealing with complexities that they didn’t have to deal with 10 years ago,” said Westervelt.

Similarly many security researchers have been divided on the problem of rising company breaches.

A factor complicating the private sector's cybersecurity dilemma is that companies don’t want to talk publicly about having been hacked, in fear of losing customers or investors. Analysts believe there are much more hacks against enterprises than are being publicly reported. Companies which are performing better in terms of cybersecurity systems don’t tell their achievements in order to avoid any attacks.

Some attacks are widely discussed like the Sony Pictures hack in 2014 and the data breach of retailer Target in late 2013, where PoS malware stole credit and debit card information on more than 70 million customers.

Many other hacks of private sector companies are not detailed in public. A new survey conducted by the Ponemon Institute, an independent research and education group researched on 3,027 IT workers and end-users at U.S. and European organizations found 76% had been hit by the loss or theft of important data over the past two years, a sharp increase from 67% in a similar survey done in 2014.Out of 1,371 end users in the survey, 62% had access to company data that they probably shouldn’t see. IT workers in the survey said negligence by insiders was more than twice as likely to cause the compromise of insider accounts as compared to other factors like external attacks, or actions by disgruntled workers or contractors.

The survey found that data loss and theft was largely due to compromises in insider accounts exacerbated by a far wider employee and third-party access to information than is necessary.Companies continue to fail to monitor and access activity around email and file systems where most of the sensitive data lives.

The level of security varies by industry segment. Healthcare institutions, specifically hospitals mostly have bad monitoring. IDC said in a recent report that hospitals, universities and public utilities rank worst in their security capabilities and practices mostly due to lack of manpower and money.

There is some good news, however, on the front to thwart cyberattacks from nations competing with the U.S. Analysts and companies, such as Duke Energy and Verizon, were encouraged recently when U.S. intelligence officials said they would soon share supply chain threat reports to critical U.S. industries in telecommunications, energy and financial businesses.

Those threat reports will go beyond some of the conventional software means of tracking existing hacks into other companies and locations and hopefully will reveal information about human actors and their potential targets, Litan said.

Keeping up with the ever-evolving, constantly changing cybersecurity is a process private sector will have to keep up with to protect themselves and their customer’s data. Even though companies don’t focus on security, but basic technology must be put in place because all of us live in a really bad world where locks are necessary.
Read more »
Subscribe to: Comments (Atom)