Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

ATMs under attack spit out cash!

(pc-Google Images)
ATM machines are now under attack and a recent hack in systems in at least 14 countries including the UK and the Netherlands have been remotely hacked by an organised gang to spit out cash for rapid collection by the attackers.

Russian cyber security firm IB Group said that perpetrator of this ‘jackpotting’ of cash machines was an Eastern European hacking group known as Cobalt. ATMs in Malaysia, Belarus, Armenia, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, Poland, Romania, Russia and Spain were also affected. The company, however, declined to name any specific banks.

Named 'touchless jackpotting', the technique employed does not involve any physical change to ATMs. There are no card skimmers or modifications made to the machine. Instead, bank systems are infected using tools that are apparently widely available in public sources.

Group IB said in its report: “To make ATMs give out cash, criminals launch malware using the Extensions for Financial Services (XFS) standard. On command from the bank's internal network, the program starts dispensing notes until machines are empty.”
Read more »

Book on Human Mind in Cybersecurity


Author, James Bone has come out with a book titled, ‘Cognitive Hack: The New Battleground in Cybersecurity’. In an interview with the Forbes, Bone said that the book is in the form of two narratives which shows the rise of hacker industry and explains why billions spent on cyber security fail to make us safe. Through the narratives, the author explains how simple it is for hackers to bypass defenses and now when the battle is shifted more towards the human mind, it is the human behavior which acts as the weakest link in the cybersecurity armor. The book focuses on the importance of building cognitive defenses at the intersection of human-machine interactions which will need a new way of thinking about security, data governance and strategy. “The purpose of Cognitive Hack is to look not only at the digital footprint left behind from cyber threats, but to go further—behind the scenes, so to speak—to understand the events leading up to the breach,” says Bone.

On being asked about the potential of IoT to increase technological efficiency and broaden cyber vulnerabilities, Bone mentioned to recent internet outrage of October which used a million connected devices and gave a perfect example of IoT’s power and stealth adding that hackers have been experimenting with IoT with more complex and damaging ways. Security researchers over the time have been warning with examples of DDoS attacks which use connected smart devices.

Bone advised that IoT manufacturers must put measures to detect the threats and disable the devices once an attack starts and communicate the risks.

Talking about the cognitive risk framework for cyber security proposed in the book, Bone said it’s an “overarching risk framework that integrates technology and behavioral science to create novel approaches in internal controls design that acts as countermeasures lowering the risk of cognitive hacks.” The book points out the principles and practices of cognitive informatics security, machine learning, artificial intelligence (AI) and behavioral and cognitive science, among few others that are still evolving.

The Cognitive Risk Framework for Cybersecurity revolves around five pillars: Intentional Controls Design, Cognitive Informatics Security, Cognitive Risk Governance, Cybersecurity Intelligence and Active Defense Strategies and Legal “Best Efforts” considerations in Cyberspace.
Read more »

Teenager admits of hacking TalkTalk

A teenager has admitted to seven hacking charges, two of the charges belongs to the TalkTalk data breach in October 2015.

For legal reasons the name of the teenager has not been published,has been pleaded guilty to all seven offenses under the Computer Misuse Act at Norwich Youth Court.  He targeted Cambridge and Manchester University's website  before using hacking tool software to identify TalkTalk’s vulnerabilities.

He posted the details of the hack online as a result, TalkTalk lost  £60 million affecting 157,000 customers, their details stolen, including bank account numbers, sort codes, and dates of birth.  And the worst was that the chief executive was blackmailed via email.

He will be sentenced on 13 December for also Manchester University Library and Cambridge University Library, and much more.

 According to Sky News, he told the court: "I didn't really think of the consequences at the time. I was just showing off to my mates."

Chris Brown, who soften his case,told the court that vulnerabilities in the TalkTalk had been in talks before this and this was not solely his fault, “what happened at TalkTalk lies solely at his door”.

"That vulnerability was seized upon by someone who a matter of days previously had found a way of hacking another type of business," said Mr Brown. "That company had its customer database seized, those customers were threatened with requests for money so their details weren't sold on the dark web, and the company was asked to pay a ransom to prevent that happening.

"That's not [the teenager]. That's someone acting completely apart from him. That person used the vulnerability in TalkTalk days later to demand things and emailed the chief executive of TalkTalk with similar blackmail efforts."
Read more »

Locky ransomware distributed through mails


A new Locky campaign has been discovered which is being distributed through fake ISP complaint e-mails stating that spam has been detected from the computer.  These emails contain a subject of Spam mailout and contain a zip attachment with a name like logs_[target_name].zip. Inside this ZIP file is a JS file that when opened will download and execute the Locky ransomware.

An encrypted DLL will be downloaded after the attachment is executed which will decrypt into %Temp% folder of the machine.  This DLL file will then be executed using the legitimate WINDOWS program called Rundll32.exe in order to install Locky on the computer.

Once Locky installed onto the computer, it will scan the system for certain file types and encrypt them  after which a ransom note will be displayed providing information on how to pay the ransom.

Security researcher, Derek Knight discovered that Locky had also changed the extension for encrypted files to .AESIR from Thor extension. The infection also creates an updated set of ransom notes named “([random_number])-INSTRUCTION.html” and “([random_number])-INSTRUCTION.bmp” to provide victims with a data decryption walkthrough.

The .Aesir Locky Ransomware is one of the newest active strains that is believed to be a part of the Locky malware family and it is still under investigation.

The filename tweaking principle is exactly the same as before: the ransom Trojan still replaces the original values with 5 groups of hexadecimal characters, the number thereof amounting to 32.

This ransomware can be removed with the help of an anti-malware tool or manually, though the latter would be difficult for many users who do not have enough computer knowledge.

It is not possible to decrypt the files but maintaining a backup can prove useful.
Read more »

Three Mobile's database hacked, data of millions at risk

One of UK's biggest mobile carrier company, Three Mobile has  suffered a major cyber-security breach that has reportedly affected millions of customers.

According to the various media outlets, the hackers has hacked into the Three UK's customer upgrade database using an employee's login details.

The hacked database contains the Name, Phone Numbers, addresses, and date of birth details.  However, it doesn't contain any kind of financial information.

A spokesman for Three said: "Over the last four weeks Three has seen an increasing level of attempted handset fraud. This has been visible through higher levels of burglaries of retail stores and attempts to unlawfully intercept upgrade devices.

"We’ve been working closely with the Police and relevant authorities. To date, we have confirmed approximately 400 high-value handsets have been stolen through burglaries and eight devices have been illegally obtained through the upgrade activity.

"The investigation is ongoing and we have taken a number of steps to further strengthen our controls.

"In order to commit this type of upgrade handset fraud, the perpetrators used authorized logins to Three’s upgrade system.


Three Mobile  and the National Crime Agency (NCA), had admitted about the cyber-security breach.  According to the reports of Telegraph, more than two-thirds of the company's nine million customers could be at risk.

The company confirmed the breach but declined to say whether customers' data was stolen or how many have been affected.

The National Crime Agency is investigating the breach and till now they have arrested  three people, two for computer misuse and one for perverting the course of justice.

A spokesman for the National Crime Agency said: "On Wednesday 16 November 2016, officers from the National Crime Agency arrested a 48-year old man from Orpington, Kent and a 39-year old man from Ashton-under-Lyne, Manchester on suspicion of computer misuse offences, and a 35-year old man from Moston, Manchester on suspicion of attempting to pervert the course of justice.

“All three have since been released on bail pending further inquiries. As investigations are on-going no further information will be provided at this time”.

Read more »

Hatred on social media platform


In last week’s Tech Tent of BBC, it asked the raging question if the social media platform was making our lives worse?

Great names like Google, Facebook and Twitter have been accused of becoming vehicles of lies and hatred after the US presidential elections which is damaging their reputation and commercial future.

Twitter agreed that it had a problem with hate speech and abuse and introduced new measures to allow users to mute certain words and to report the abusers more effectively. The BBC held talk with Sinead McSweeney, the woman in charge of making Twitter a safer place for its European users where she said that the high profile members of some of America’s right-wing groups were suspended only when they broke rules by directing hate towards individuals.

Sinead, who came to the social network after heading communications for the police said, she found it depressing that instead of getting involved in an amiable debate, people have resorted to downright snarkiness and abuse on the platform but she still hopes for a better future of the internet.

Last week, Google was also drawn into the debate of fake news after a story falsely stating that Donald Trump had won the popular vote in the presidential election came top in a Google News search.

On November 15, Google's chief executive Sundar Pichai told the BBC that this was "a learning moment” and that "there should be no situation where fake news should be distributed". Similarly, Facebook also got embroiled in the fake news controversy.

Yann LeCun, a towering figure in the recent history of artificial intelligence tells about a future where intelligent bots schedule our days and can engage in ever more sophisticated conversations with us.

From now on we may be more inclined to ask whether the algorithms behind virtual assistants and other AI developments are quite as benign and objective as their creators claim.
Read more »

Sony denies PlayStation hack amid complaints

The worst dream of a gamer is that they are locked out of their online accounts.  And for past two days,  more than 100 PlayStation Network members have complained  Sony  about the lock of their online account.

Most of the complaints came via twitter, where customers complained that they suspect that their logins had been hijacked. While some of them said that their funds were now missing.
However, Sony denied all the allegations when they were contacted by the BBC. While they pointed out this problem may be due to some other potential causes.

"We routinely monitor for irregular activity, and if such activity is detected, we may sometimes reset passwords of affected accounts to protect users and their account information," Sony said.

"We strongly advise users to keep a close eye on their accounts for unusual activity and avoid entering your username/password into unofficial sites looking to phish credentials based on fake promotions."

While they took to twitter to apologize for  the delay in reinstating accounts and says that the company helpline is "particularly busy at the moment".

According to Cybersecurity expert Prof Alan Woodward if there had been any  breach in reality then it would have definitely  appeared elsewhere.

"There are two ways this could happen: either someone has got into Sony's central systems, which have been compromised before, or people's individual systems have been compromised," he told the BBC.

"If there had been some kind of central breach, the dark web would have been alight with it and we in the industry would be aware of it by now, I have not seen anything.

He said that  if  accounts had been breached and the company has reset their passwords then users would expect to be notified by email.

"The fact they haven't suggested that usernames and passwords have been given away unintentionally," he said.

"Clearly if someone is spending money it is criminal activity."

Sony was unable to clarify that how many people are affected by this. 
Read more »

PDS website in Kerala hacked, affected over 34 million people

 An Indian hacker living in Tokyo hacked the Public Distribution System's website  of the  Indian state of Kerala and published them on Facebook. The breach has affected over  34 million people of the state.

The breach was informed  when the hacker hacked the Kerala government’s civil supplies department website and published the  confidential data of all of Kerala’s 8,022,360 Public Distribution System (PDS) beneficiaries and their family members on Facebook.

The hacked database reveals names, addresses, birth dates, gender, monthly incomes, electoral card details, consumer numbers of power and cooking gas connections. This leak is considered as the biggest breach in the world.


According to the cyber security expert in Dubai,“The data could be used to duplicate SIM cards or reset net banking passwords. It’s very serious.”

The hacker is working with a Tokyo-based IT consultant N.T.R. He hacked the website (civilsupplieskerala.gov) to  expose the security flaws in the site after  he got tired  to draw the attention of officials  towards the flaws in the website. The website is designed, developed and hosted by India’s National Informatics Centre (NIC).

“I wrote to the NIC several times pointing to the vulnerabilities and even called the civil supplies office warning them about a possible breach, but they ignored me. I had no option but to make the information public in a Facebook post,” N.T.R., a native of Thiruvananthapuram, said from Tokyo.

According to reports, the Kerala government had put the list online so that residents could verify their personal data and apply for corrections before new ration cards are printed in 2017.

“It was foolish on their part to put all ration card numbers on the website. All I had to do was make a data set of these numbers and then fetch the corresponding data for each number. It was simple as the security methods on the website were primitive. It took me just one week to access and transfer around 100GB of data. I am appalled no one raised the red flag despite the fact that I used the same IP address to make over 30 million requests,” said N.T.R.

Read more »

Cybersecurity incidents on rise in India


Cyber attacks in India have risen drastically and cybersecurity watchdog Indian Computer Emergency Response Team (CERT-In) has tracked that around 39,730 cyber incidents have taken place this year till October.

The information was provided by IT and Law Minister, Ravi Shankar Prasad on Wednesday (November 16) in the lower house of the parliament where he commented that over the period the nature and pattern of cybercrime have become more sophisticated and complex which include phishing, scanning and probing, website intrusions and defacements, virus and malicious code, Denial of Service attacks among others.

Though the CERT-In report suggests that there has been a decline in cyber security incidents from 2014 which had 44,679 incidents to 2016; the NCRB data reports an increase in registered cyber crime cases from 2013-5,693 cases to 2015-11, 592 cases.

"As per current trends, the cyber attacks observed on networks/systems in Indian cyberspace are observed to be directed from cyberspace of different countries including Pakistan," said, Prasad.

Junior Minister of IT and Law, P.P. Chaudhary said that in order to imminent the threats from other countries, “periodic scanning of cyberspace is carried out” adding that various other steps in the form of legal framework, emergency response, awareness, training, legal framework and implementation of best practices to prevent occurrences of cyber breaches are being carried out.

In order to implement the preventive steps, “the government has initiated the setting up of National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cyber security threats and enable timely information sharing for proactive, preventive and protective actions by individual entities. In addition, the CERT-In is also setting up a Botnet Cleaning and Malware Analysis centre for detection of malware infected systems and notify, clean and secure systems of end-users to prevent further infections.
Read more »
Hacking News
Government websites hacked Hacking News

Ministry of External Affairs thanks hacker for Inputs on Vulnerabilities


Kapustkiy, the hacker who hacked into 7 Indian Embassies and also hacked into Indian embassy in New York wrote to E Hacking News. In exclusive email he says he was in for a surprise when a senior Indian government official sent him an email.

Kapustkiy claims "They have started to fix everything one by one, and thanks all media for the support", he claims he had no malicious intent and only wanted to show that these vulnerabilities existed. He resorted to posting on pastebin only because the Embassy Officials did not respond to him.

Kapustkiy sent a screenshot of email(to E Hacking News), he received from the joint secretary in MEA. The Senior MEA officially has appreciated kapustkiy's efforts to bring forth the vulnerabilities. He requested the hacker not to post further hacks into pastebin. 

Kapustkiy was pleasantly surprised by this email from Ministry of external affairs.

"Corporate India should learn from this incident, how Government of India has responded to such an incident where they appreciate the hacker and take steps to fix the vulnerabilities. Most Indian corporates cover up security breaches in India, maybe they should take a page from the Indian Government" says J Prasanna, Director, Cyber Security and Privacy Foundation Pte Ltd.
Read more »

Hack In Paris: Registration open

The  Seventh Edition of Europe's leading I.T security Congress,  Hack In Paris is scheduled to be held from June 19, 2017 to June 23, 2017 in DinseyLand.

Confernce will focus on  topics related to Internet of Things (IoT), Modern reverse engineering, Vulnerability research and exploitation, Penetration testing and security assessment, Malware analysis and new trends in malicious codes, Forensics, IT crime & law enforcement, Privacy issues: LOPPSI, HADOPI, Low-level hacking (console security & mobile devices), Risk management and ISO 27001, BYOD, Social Engineering, but don't hesitate to submit your research paper if your topic of research is not in the list.

They have opened registration for  speakers and trainers  to share their experience. The time limit for the speaker is 45min + 10min of Q&A, you can fill and send it to cfp@hackinparis.com. All submissions will be reviewed by the  program committee. Authors will be notified of acceptance of their talk.

 For registration details please visit the website (https://hackinparis.com/).  The last date for submitting the application is  March 6th, 2017.


Here  is the whole schedule of the program:
* November 16th - CFP/CFT announced
* March 6th - Submission deadline
* March 13th - Booking opening
* March 26th - Talks & Trainings program announcement
* June 19th to 23rd - Hack In Paris
* June 24th to 25th - Nuit Du Hack

The 6th edition of Hack In Paris was held in France, at la Maison De la Chimie, Paris, and was attended by more than 400 attendees around the world.

Hack In Paris attendees aims to discover the realities of hacking, and its consequences for companies. The program includes state of the art IT security, industrial espionage, penetration testing, physical security, forensics, malware analysis techniques and countermeasures.



Read more »
Subscribe to: Comments (Atom)