Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Deloitte's clients secret emails hacked

A global accounting firm Deloitte, which is registered in London and has its branches all over the world, has been targeted by a sophisticated cybersecurity breach that went unnoticed for months.

On Monday, the firm confirmed that hackers have accessed their data of small numbers of clients, and they have not provided very few details on the breach.

In a statement released by the firm, they said that attackers accessed data from the company’s email platform through an “administrator’s account," which gave them unrestricted “access to all areas.”

 Deloitte is one of the largest private firms in the US which provides auditing, tax consultancy, and high-end cybersecurity advice to some of the world’s biggest banks, multinational companies, media enterprises, pharmaceutical firms and government agencies.

So far, the firm has notified six of its clients about the hack. However, their internal investigation about the hack is still going on.

“In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilizing a team of cybersecurity and confidentiality experts inside and outside of Deloitte,” a spokesman said.

“As part of the review, Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators.

“The review has enabled us to understand what information was at risk and what the hacker actually did, and demonstrated that no disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients, or to consumers.

“We remain deeply committed to ensuring that our cybersecurity defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cybersecurity. We will continue to evaluate this matter and take additional steps as required.

“Our review enabled us to determine what the hacker did and what information was at risk as a result. That amount is a very small fraction of the amount that has been suggested.”

According to the reports of the Guardian, the hackers had potential access to usernames, passwords, IP addresses, architectural diagrams for businesses and health information. While some of the emails contain the sensitive attachments too.

Till now it is believed that the breach is concentrated to the US only. 
Read more »

Burger King issues cryptocurrency, Russian persecutors summon management

Less than one month after the fast food giant Burger King launched its blockchain token, the Whoppercoin without Russian regulatory approval, the Izmailovo inter-district prosecutor’s office summoned Burger King to explain the issuance of its cryptocurrency.

Meanwhile, Burger King is confident that it has not broken any laws since there is currently no regulation for cryptocurrency in Russia.

Burger King has so far received two summon notifications from the Lzmailovo prosecutor's office. One summon letter was dated the September 13 while the other was dated September 19, told a Burger King representative to the RNS. In the letters, prosecutors noted that Burger King issued cryptocurrency and began allowing payments to be made with it. The summon letters were also aimed at informing the management of the company in Russa that it is illegal to issue and use any other currency other than the Ruble in Russia.

“On the instructions of the Moscow Prosecutor’s Office, information was checked that we issued a cryptocurrency and started making payments with it. Accordingly, we were summoned to be reminded that within the territory of the Russian Federation the turnover of any currency other than Russian rubles was banned and all details of this project were clarified,” said the representative of Burger King.

Russian investigators also want to know how Burger King's digital coin operates and whether there was a mass issuance of the currency.

The coin is named after Burger King's Whopper sandwich. The digital coin was introduced in late August this year. The coin acts as a loyalty program hosted on the wave platform. Burger King rewards customers with Whoppercoins after they make a purchase. Customers can use the rewards they have received to buy a Whopper sandwich. The digital coins can also be traded for other cryptocurrencies as well as for fiat coins. A customer is issued with one Whopper coin for every Ruble they spend (1Ruble = 0.017US$). A customer will need to accumulate 1,700 whopper coins to redeem a Whopper sandwich.
Read more »

Hackers targeted election voting systems in 21 American states

The U.S federal government told election officials in 21 of 50 American states that hackers attempted to disrupt their election systems last year.

Last year only, the government had admitted that more than 20 states were targeted by hackers who are said to be Russian agents before the 2016's Presidential elections. However, the notification from the Department of Homeland Security was the first official confirmation for many states whether their states were targeted or not.

The  Associated Press contacted every election office, those who confirmed that they were targeted include Alabama, Arizona, Colorado, Connecticut, Illinois, Iowa, Maryland, Minnesota, Ohio, Oklahoma, Pennsylvania, Virginia, Washington, and Wisconsin.

Though the government did not disclose or provided any details about the hackers, election officials in three states said that the hackers could be linked to Russia.

The Wisconsin Election Commission said that their  systems were targeted by “Russian government cyber actors.”

“It is completely unacceptable that it has taken DHS over a year to inform our office of Russian scanning of our systems, despite our repeated requests for information,” California Secretary of State Alex Padilla, said in a statement.

“The practice of withholding critical information from elections officials is a detriment to the security of our elections and our democracy.”

Federal officials said that there was no breach of sensitive data, scanning of computer systems were done as a preparatory activity.  Voter registration system was targeted but not vote tallying software. Most of the attempts to compromise networks but were unsuccessful.

A spokesman for the Colorado secretary of state's office, Trevor Timmons, said the hacking was not quite a breach.

“It's really reconnaissance by a bad guy to try and figure out how we would break into your computer,” said Timmons. “It's not an attack. I wouldn't call it a probe. It's not a breach, it's not a penetration.”

Read more »

CCleaner attack targets telecoms, network hardware providers

An insidious attack trend has started lately. It's called the software supply chain attack.

Originally downplayed as an averted attack on a popular Windows utility program, the CCleaner compromise specifically targeted networking-equipment manufacturers and enterprise-software makers, according to evidence uncovered by investigators and published on September 20.

The malware inserted into CCleaner, a popular system utility downloaded by at least 2.3 million users, is far more serious than originally thought.

An initial investigation carried out by security researchers at Cisco Talos revealed that with this attack, hackers managed to compromise Czech anti-virus maker firm Avast’s CCleaner software servers as well as embed a backdoor and a multi-stage malware payload in two of the software’s versions namely CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 (both are 32-bit versions), which got installed automatically whenever CCleaner was installed. Morphisec, an Israeli cybersecurity startup, had discovered the compromise too.

While Avast—the security firm that acquired CCleaner with its purchase of developer Piriform in July—argued earlier that the shutdown of the malware’s command-and-control (C&C) server and the defensive registration of 11 backup domains had blocked the malware from installing itself on victims’ systems, an analysis of the files on the C&C server has revealed that the malware infected 700,000 systems in four days, between 15th August and 12th September and explicitly targeted at least 20 companies with additional malware.

The scheme goes like this: Hackers compromise a trusted software vendor, subvert its products with their own malicious versions, and then use the tainted formulation to infect customers — thereby bypassing internal security controls and easily spreading malware far and wide. Customers, careful to keep their software up to date, don't think twice about downloading the latest iterations.

Newest detail related to the hack revealed that infected CCleaner software attack is part of a wide-scale state-sponsored cyber-espionage campaign while mainstream tech giants are the real targets of hackers.
Read more »

Iranian hackers gains prowess in cyber world

Iranian hackers probably linked sponsored by the Iranian government has targeted organizations in the United States, the Middle East, and Asia, marking an exponential rise in Iranian cyber-spying.

According to a report released by a private cybersecurity firm, FireEye, the Iranian hacking group is targeting companies involved in the petrochemical industry,  military, and commercial aviation in a different part of the world.

The firm has dubbed the group as  APT33 — APT stands for "advanced persistent threat," and says that the group uses spearphishing emails techniques to target victims.

The security firm believes that APT33 has been active since at least 2013, but they are tracking them since last May only. The main activities of the group are largely focused on spying, but they have also found links in a mysterious piece of data-destroying malware.

"This could be an opportunity for us to recognize an actor while they’re still focused on classic espionage before their mission becomes more aggressive," said John Hultquist, director of intelligence analysis for FireEye.

 "We've seen them deploy destructive tools they haven’t used. We're looking at a team whose mission could change to disruption and destruction overnight," he adds.

The report also suggests that the group's workday is same as the Iran's time zone, and Iran's Saturday to Wednesday work week.

"APT33's focus on aviation may indicate the group's desire to gain insight into regional military aviation capabilities to enhance Iran's aviation capabilities or to support Iran's military and strategic decision-making," the report says.

"Their targeting of multiple holding companies and organizations in the energy sectors align with Iranian national priorities for growth, especially as it relates to increasing petrochemical production. We expect APT33 activity will continue to cover a broad scope of targeted entities and may spread into other regions and sectors as Iranian interests dictate." 
Read more »
Ukrainian Hacker
Breaking News cyber espionage hacker news Ukrainian Hacker

Ukrainian Hacker detained for remotely spying on Politicians



A 23 year old Ukrainian Hacker from Kharkiv City detained by the National Police of Ukraine for hacking into personal computers of Ukrainian Citizens and other states.

According to the local press report, the hacker used a malicious software(probably RAT - Remote Access Trojan) to control the victim's computers for almost two years.  It is said he also observed the activities of victims using web camera. The hacker is said to invaded personal life of about 100 people.

A Search and Seizure warrant was executed at the hacker's home, leading to the video recordings of victims and malicious software used in the Cyber espionage.

The motive of the espionage is not clear.  One of the theory says that he received order from some one to target people and got money.  The theory might be true as some of the victims were also members of Ukrainian political parties.

If convicted, the hacker will face up to six years imprisonment.

- Christina

Read more »

Home Minister Rajnath Singh checks cyber security measures

In view of increasing cyber attacks on government agencies specially on financial institutions, home minister Rajnath Singh asked agencies on Tuesday to keep check on cyber menace and strengthen surveillance and legal structure for to fight against cyber crimes.

On Tuesday a high level meeting was organised for discussion on strategies to be adopted for checking financial cybercrimes. The meeting was  attended by representatives of various government agencies and the Home minister.


The meeting highlighted the steps to be taken to curb increasing trend of cyber crime in the financial sector. it was concluded that both technological and legal steps are needed to fight cyber attacks.

“It has been decided to expedite the implementation of cyber crime prevention initiatives in these agencies towards this end, along with measures required to acquire critical cyber forensics equipment,” the government official said. He further added that the committee aldo decided to form inter-ministerial committee to identify monitoring of action plans and implementation against hacking attempts.

According to a report, in the three years 1,44,496 cyber attacks were observed .

As per information reported by Indian Computer Emergency Response Team (CERT-In), 44,679 cyber attacks were recorded in 2014, 49,455 attacks were observed in 2015 and  50,362 attacks were observed in 2016. The types of cyber attacks included were denial of service attack, phishing, website intrusions defacements, virus attacks or probing/scanning  

Read more »

Invisible network is a major security threat

Hackers today are not only limited to causing financial loss but also a major setback to life.

Sophisticated medical devices and life-supporting systems are all connected through invisible networks, which is exploited could be fatal. These are nightmare situations and worse is that many organisations haven't a clue how many unsecured devices are connected to their networks, cyber-security experts warn.

It was an ordinary day at a busy hospital - doctors, nurses and surgeons rushed about attending to the health of their patients.

For Hussein Syed, chief information security officer for the largest health provider in New Jersey, it was the health of his IT network that was keeping him busy.

RWJ Barnabas Health's 13 hospitals include 30,000 computers, 300 apps, a data centre, as well as all the mobile phones hooking up to the hospitals' wi-fi networks.

But when he called in a specialist cyber-security firm to carry out a full audit, he discovered that there were in fact 70,000 internet-enabled devices accessing the health firm's network - far more than he'd expected.

"We found a lot of things we were not aware of," Mr Syed tells the BBC, "systems that weren't registered with IT and which didn't meet our security standards."

These included security cameras and seemingly innocuous gadgets such as uninterruptible power supplies (UPS) - units that provide backup battery power in the event of a power cut.

Hack into a UPS and you could potentially switch off life-critical machines, he explains. Or hackers could steal patient data, encrypt it, then demand a ransom for its safe return.

On the black market "health data is worth 50 times more than credit card data", says Mr Syed.

With the proliferation of IoT [internet of things] devices, the attack surface for hackers has increased massively. The difficulty is that IoT devices are generally simple, cheap and low-powered, without the capability of running the antivirus programs operated by traditional computers.

This necessitates a different approach to security, a growing number of experts believe.
Read more »

Fake Ministry of Health of Latvia website sells diet pills

Recently the management Ministry of Health of Latvia was very surprised when the office started to receive many calls from citizens with question where they can buy "Mangosteen" diet pill to lose their weight.

The officials saw the fake website after receiving call. The website contained advertisements for the so-called natural diet pills.  In the top of the page,  there was logo of Ministry of Health of Latvia with text "Ministry of Health of the Republic of Latvia" written in Russian.

It is reported that the CERT will not able to remove the fake website as it is hosted in foreign region, saying  it does not reach the level of "diplomatic warfare".

It is said that domain of fake web site is located in Russia, the site is registered to an individual, and its web hosting is located in Ukraine.   Ministry advises citizens to not buy products advertise in that website.

- Christina



 
Read more »

Apache flaw could be exploited to steal secrets

Security researcher Hanno Böck declared on Monday that a program called httpd, probably better known as the Apache Web Server, and officially called the Apache HTTP Server Project, can leak server memory content via a vulnerability called Optionsbleed — tracked as CVE-2017-9798. The vulnerability can allow attackers to access secret data from other customers' hosts on the same system.

By using ‘options’ you can avoid hammering a web server with requests that are never going to work, thus avoiding frustration at your end of the connection, and saving the server from a wasted effort at the other. 

Apache servers can be configured by putting files called .htaccess into the directory tree of content that is stored on the server.

Each .htaccess file sets configuration options for the directory it’s in and all the others below it, unless their settings are overridden by another .htaccess file lower down, and so on.

The vulnerability is similar to other bugs that leak server memory, including Heartbleed, in the way that attackers can query servers and trick Apache in responding with more data than it intended. Heartbleed was exploited by hackers to steal passwords from Yahoo and other sites.

Böck says Optionsbleed is not as severe as Heartbleed because it leaks content processed by the Apache web server process only and not memory content from the underlying machine, including other applications. This means the leaked data is limited to whatever Apache is processing, which is mostly the content of web pages only available to authenticated users.

Fortunately, Apache has patched the vulnerability. According to Yann Ylavic, member of the Apache HTTP Server Project Management Committee, the risk of leaks is limited as affected configurations also see only a few bytes of data leaking. Ylavic told Threatpost that there is no indication yet of any sensitive data having been disclosed.
Read more »

Digital India experiences a rise in cyber attacks

Today, digital services have facilitated the simplification of a number of day-to-day processes, including banking, verifications, entertainment, availing government-led services and researching about any desired product or service online. Indians had spent 150 billion hours on Android phones in 2016, overtaking the U.S. Based on findings by App Annie, India surpassed the U.S. as the second largest smartphone market, spurred by the rise in homegrown smartphone production. Following the launch of subsidized data plans through mobile network Jio in September 2016, India’s monthly wireless data consumption reached 1.3 billion GB in March 2017, up from 200 million GB in June 2016. The easy availability of smartphones and unprecedented affordability of data now ensures that Indians can access the internet with ease, but the ease of access has come at a cost.

Surely, digital technologies, as they are very beneficial, have been a boon for the entire country in one way or the other. But sadly, they are as beneficial for cyber attackers waiting to steal sensitive financial details or compromise the data of a user.

The cyber attacks have taken the world by storm and there is hardly any country left which hasn’t been affected by them. India too has been affected and the extent of online and cyber financial transactions are on a rise. India’s rapid transition to a cashless economy since Prime Minister Narendra Modi’s demonetization drive last year has exposed new avenues for virulent cyber threats across the nation.

India’s rise as a digital power not only requires digital awareness among the burgeoning set of internet users, it also demands the strengthening of the IT infrastructure with regards to security.

Home Minister Rajnath Singh has directed intelligence and security agencies to further enhance technical and legal capabilities to deal with increasing cases of financial cybercrimes especially ones linked to usage of cards and e-wallets. Singh chaired a meeting on the same on Tuesday which was attended by senior officials from the home ministry as well intelligence and security agencies who also gave detailed presentations on the pattern of online financial crimes.

The recent Equifax data breach in the U.S and its aftermath have forced data-rich companies and startups in India to closely review their security protocols, scrutinise potential cyber threats closely and deploy methods that can mitigate growing risks.
Read more »
Subscribe to: Comments (Atom)