Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

China denies allegations of cyberattacks in the US linked to Guo Wengui

China has denied responsibility for alleged cyber attacks in the United States appearing to target exiled tycoon Guo Wengui, who has levelled corruption allegations against senior Communist Party officials and applied for political asylum.

The Ministry of Public Security said late Saturday that it investigated and found no evidence to support allegations that China’s government was behind two reported cyber attacks.

Washington think-tank Hudson Institute was to host a public event on Tuesday with fugitive tycoon Guo Wengui, a high-profile and controversial critic of the Chinese government but it suddenly cancelled the event while US law firm was helping him with his political asylum application.

The law enforcement agency, according to a statement it provided to Caixin, also provided the U.S. government with evidence that Guo fabricated documents used to support his claims. It asked the U.S. government to investigate documents Guo released at a news conference on Thursday in Washington, D.C. 

“The falsified official documents and the false information he fabricated are sensational and outrageous,” the ministry said in a rare English-language statement.

The ministry said reports of alleged hacking of the computer systems of Guo’s lawyer and Washington-based Hudson Institute came from a non-traditional mainstream media outlet in the U.S. The publication is known as the Washington Free Beacon. The ministry characterised the media outlet’s reports about China as often “totally irresponsible and groundless accusations.”

The ministry asked the U.S. government to give it information on the alleged incidents so that it could help “identify the real source of such hacking.”

The press release was issued after Chinese Minister of Public Security Guo Shengkun visited the United States this week, and just ahead of the Communist Party’s most important political event later this month. 

Guo denied the documents were forged and said the Ministry of Public Security’s statement should not be believed.
Read more »

17.5 million users of Disqus affected by a security breach

Comment hosting and management service Disqus has announced that they had suffered a major security breach in 2012 that affected 17.5 million of its users.

An independent security researcher, Troy Hunt, alerted them about the breach on October 5 this year. The company has confirmed that a snapshot of its database from 2012, which contains information dating back 2007, was breached.

Data was exposed in plain text and includes email addresses, sign-up dates, Disqus usernames, and last login dates in plain text.

“Right now there isn’t any evidence of unauthorized logins occurring in relation to this. No plain text passwords were exposed, but it is possible for this data to be decrypted (even if unlikely). As a security precaution, we have reset the passwords for all affected users. We recommend that all users change passwords on other services if they are shared,” the company wrote on their blog.

“As a security precaution, we have reset the passwords for all affected users. We recommend that all users change passwords on other services if they are shared. At this time, we do not believe that this data is widely distributed or readily available. We can also confirm that the most recent data that was exposed is from July 2012,” it added.

Since the hackers have exposed the email addresses of the victims in plain text, the company has expressed their fear that the affected users may have received spam emails. “At this time, we do not believe that this data is widely distributed or readily available.  We can also confirm that the most recent data that was exposed is from July 2012,” it added.



Read more »

Kiev Police detained a CyberCriminal for stealing and selling air tickets

Kiev Cyber Police detained a 40-year-old suspect, who is accused of illegally obtaining Ukrainians air tickets and selling them in his website.

It is reported that the hacker exploited a vulnerability in one of the most common systems for booking air tickets.  Without paying money, he was able to book tickets in various airlines for traveling to Europe and and United States of America.

According to the local report, the suspect sold tickets from almost 40,000 to 180,000 hryvnia(around 23,400 to 440,000 in Indian Rupee).

It is noted that the hacker managed to sell about 30 tickets for a total of 1.5 million hryvnia.

Several companies, who have suffered damage from the actions of the attacker, given statements to the police.  Criminal investigations into the matter were officially instituted.  if convicted, he will face up to 8 years imprisonment.

- Chrisitna

Read more »

Iranian hackers target Deloitte’s cybersecurity employee

As America frets over Russians running rampant on Facebook, other adversaries have been exploiting the social network as a way into some of the world's biggest businesses.

A team of Iranian hackers used Facebook to target Deloitte, one of the Big Four accounting firms.

An employee at Deloitte fell victim to a fake Facebook account in October 2016, the same time the firm's email server was compromised which affected Deloitte data in Microsoft's Azure cloud-hosting service. Hackers may have accessed personal details of the company’s countless blue-chip clients.
Cybersecurity firm SecureWorks believes that the attacks were believed to have been perpetrated by Iranian government spies. The hacking group known as OilRig, which as Forbes pointed out in July were believed to have been working for the Iranian Regime, created a fake Facebook profile for a beautiful, charming woman using the name Mia Ash.

In July 2016, Mia's puppeteers targeted a Deloitte cybersecurity employee who used to assist clients with their digital defences, but it’s startling that he himself fell victim to the attack. The hackers engaged him through the social network in conversations about his job, Forbes learned from sources with direct knowledge of the attack. As the online relationship grew, the employee offered to help his new friend Mia set up a website for her alleged business. Eventually, the entity behind Mia exploited the positive rapport to convince the Deloitte employee to open a malicious document sent by Mia on his work computer. Though it's not believed that particular malware infected the wider company network, according to the sources, it illustrated the ability of the puppeteers to gain the employee’s trust.

Despite providing cybersecurity advice to the world’s largest corporations, banks and government agencies, Deloitte was unable to evade a cyber attack that compromised confidential information relating to its clients. The attack was uncovered in March but due to the highly sensitive nature of the breach, only a select number of Deloitte’s lawyers and partners were made aware that it had even occurred. So far, investigators think that hackers entered Deloitte’s global email server through an administrator’s account, which will have potentially given them unlimited access to 5 million emails to and from the firm’s 244,000 staff. It is unknown how much information was taken, but six of Deloitte’s clients have so far been told that their information was “impacted” by the incident.
Read more »

All Yahoo accounts were compromised in 2013

Yahoo says all of its 3bn accounts were compromised by 2013 hacking attack, contrary to what company previously said last December that only 1 billion accounts were affected by the hacking incident.

Last December, Yahoo which is now part of Verizon Communications, said that data of about 1bn yahoo account holders were compromised by hackers in 2013 attack. Yahoo said it will alert accounts that were not alerted before about the incident. They have also updated account security page.

“It is important to note that, in connection with Yahoo’s December 2016 announcement of the August 2013 theft, Yahoo took action to protect all accounts. The company required all users who had not changed their passwords since the time of the theft to do so. Yahoo also invalidated unencrypted security questions and answers so they cannot be used to access an account,”

The hack has been costly for Yahoo and its executives. Company's top lawyer, Ronald Bell, resigned from the company and Marissa Mayer, Yahoo's former CEO, had to give p her 2016 cash bonus.

There were 43 consumer cases against Yahoo with Securities and Exchange Commission.

After the hacking incident, Verizon in February lowered its original offer by $350m for Yahoo assets.Verizon finally paid $4.48bn for Yahoo's core business.

Read more »

Russian Hackers Stole NSA Data Using Russian Antivirus Software

Hackers working for the Russian government stole details of how U.S penetrates into foreign networks and defends against cyber attacks after a National Security Agency's contractor took the classified material home and put it on a personal computer, according to Wall Street Journal report.

The newspaper published the story on October 5, in which they cited multiple unnamed individuals with knowledge about the theft. According to the paper,  the employee had taken the classified material to their home to work on his personal computer apparently his use of Russian antivirus software Kaspersky enabled hackers to detect some sensitive data. Once the hackers pointed out the machine, they obtained a significant amount of data.

However,  the Russian company Kaspersky has denied any kind of involvement in the theft, which occurred in 2015, but was discovered last spring.

The infosec firm’s founder, Eugene Kaspersky, called this allegations “like the script of a C movie."

Mr. Kaspersky denied all allegations against his company's active role in any kind of breach, “We never betray the trust that our users put into our hands. If we would do that a single time that would be immediately spotted by the industry and our business would be done.”

Meanwhile, the NSA declined to comment on the breach. 
Read more »

More than 6,000 Indian organisations could be affected by a data breach: Quick Heal

City-based security wing of Quick Heal Technologies, Seqrite Cyber Intelligence Labs, has detected a data breach that could have potentially affect over  6,000 Indian organizations including Unique Identification Authority of India, Reserve Bank of India, Bombay Stock Exchange and Flipkart.

Unique Identification Authority of India (UIDAI)  has clarified on Wednesday that there has been no security breach of any kind after a report by a security firm.

"We have alerted the government authorities well within time. If someone gets control over this massive data that is currently up for sale on DarkNet, the above-mentioned organizations and enterprises can get affected," Rohit Srivastwa, a Senior Director, Cyber Education, and Services at Quick Heal.

In a statement released by the Seqrite Cyber Intelligence Labs,  the hackers did not reveal their identity, has asked for 15 Bitcoins (around Rs 41.89 lakh) for the information and is threatening to take down their network for an unspecified amount.

"Along with the access, the hacker is also selling credentials and various contractual business documents and claims to have access to a large database of Asia Pacific Network Information Centre (APNIC)," the statement further said.

After a detailed investigation, researchers found out that the hackers attacked Indian Registry for Internet Names and Numbers (IRINN), which comes under National Internet Exchange of India (NIXI). IRINN is the national internet registry agency which is responsible for  IP address allocation, and other internet resources across the country.

"This could impact various content delivery network (CDN) and be hosting providers as well. If the hacker gets an interested buyer, then an attack on the system could disrupt Internet IP allocation and affect Internet services in India," Seqrite said.

The companies that might be affected y this hack include UIDAI, DRDO, RBI, ISRO, EPFO, Idea Telecom, Aircel, BSNL, Hathway, Sify, Tikona, BSE, Mastercard/ Visa, SBI, HDFC, ICICI Prudential Mutual Fund, BNY Mellon, IDBI Bank, Canara Bank, Flipkart, Ernst & Young, TCS, Wipro, VMWare, among others.

Read more »

‘Despite having enormous talent and tools, India can’t tackle cyber-attacks’

A top executive from global IT security firm Sophos said, despite having talent and resources to safeguard its systems against data breaches, India fails to curb some cybercrimes like 'WannaCrypt' or 'Petya'.

Sophos' John Shier shared India has well-trained, educated IT fraternity.

"India has well-trained, well-educated and capable IT people. The country has got access to all the tools it needs to secure its systems. Yet, in the case of a big cyber attack, India is still unprepared," John Shier, Senior Security Expert at the Abingdon, UK-headquartered Sophos, told in an interview.


"It is the time to look at the procedures and make sure they are implemented to secure the data. Firstly, it is needed to see that the things are done. Secondly, it needs to be checked if the things are done correctly and thirdly, test it repeatedly to makes sure what has been done is done right," Shier noted.

Few Indian firms were recently affected by WannaCry, Petya ransomwares.

A recent IBM study conducted by Ponemon Institute found that while the average cost of a data breach in 2017 saw a 10 percent decline globally when compared to 2016, for the Indian enterprises, it grew 12.3 percent from Rs 97.3 million in 2016 to Rs 110 million in 2017.

Malicious or criminal attacks were the cause of data breach for 41 percent of companies surveyed. Nearly 33 percent experienced a data breach as a result of system glitches and 26 percent breaches involved an employee or contractor negligence.

Shier says, while you cannot entirely eliminate cyber risks, you can reduce it to a very low level if you have well-configured security measures to check the intrusion.

"The systems that are being compromised by cyber-attackers are owing to the poor security of the system itself or the protections around it," he said.
Read more »
Telegram
Information Security National Security Privacy Telegram

Pavel Durov says they are Not closing Telegram service in Russian and Iran


Just a few days ago, Russian and other media reported that Telegram CEO Pavel Durov is ready to close his business in Russia or Iran. However, Durov denied in his VKontakte(VK) account that it is an incorrect information.

In the VK post, he said that Telegram will to continue to provide a secure messaging service in problem markets like Russia and Iran, despite the pressure of regulators and the threat of blocking. But, the media came up with different headlines saying "Durov announced his readiness to close Telegram", "Durov threatened to close Telegram in Russia". However, Durov said that some Russian media like Meduza, Vedomosti, DP.ru has provided correct information.

"Russian media often quote inaccurate translations of what I publish on Twitter and my channel." Durov said in VK.

Recently, Iran opened a criminal case against Telegram CEO stating that the Telegram is being used by pedophile for distributing child pornography.

"I am surprised to hear that. We are actively blocking terrorist and pornographic content in Iran. I think the real reasons are different." Durov responded to the accusation in his twitter account.

Recall that just a few weeks ago, the Russian Federation threatened to block Telegram and reported that this encrypted messenger was actively used by Islamic radicals during the preparation of the bombings in Saint-Petersburg subway. The head of the Ministry of Communications and Mass Media said: "Telegram will be blocked, if it will work not in accordance with the current Russian legislation".

Durov hopes that the legal situation in the Russian Federation and Iran will change in future.

- Christina

 
Read more »

It’s risky for Trump to abandon the Iranian nuclear deal

U.S. defense secretary James Mattis said on Tuesday it is not in the country's national security interest for President Donald Trump to abandon the landmark deal clinched between Iran and six world powers of Britain, China, France, Germany, Russia and the US after decade-long negotiations in July 2015 to curb Iran’s nuclear programme.

Mattis’ remarks at a congressional hearing came at a time when Trump is weighing whether to abandon the deal negotiated during the Obama administration.

“The point I would make is, if we can confirm that Iran is living by the agreement, if we can determine that this is in our best interest, then clearly, we should stay with it,” Mattis testified at a Senate Armed Services Committee hearing on the "Political and Security Situation in Afghanistan" on Capitol Hill in Washington. “I believe, at this point in time, absent indications to the contrary, it is something the President should consider staying with.”

Trump has lately suggested that he may refuse to certify to Congress that Iran is complying with the landmark 2015 accord.

If Trump walks away from the pact, cybersecurity experts say it is likely Iran could resume its attacks against Western targets should Trump actually follow through with his threat.

Over the last two years, U.S. banks and government agencies have enjoyed a notable respite from malicious Iranian cyber activity. The timing of this drop-off happens to coincide with the signing of the nuclear deal with Iran in 2015.

“The story that I’m concerned about now is if the nuclear deal were to fall apart or get rescinded, what would be Iran’s reaction and what would they consider effective retribution against Western targets?” said Adam Meyers, vice president of intelligence at CrowdStrike, a cybersecurity company.

Congress would get the opportunity to vote on reimposing sanctions on Iran if Trump refuses to certify Iran this month.
Read more »

Google reconsiders security for high-profile accounts

Amid the politically motivated cyber attacks, sophisticated, state-sponsored hackers targeting politicians worldwide, ongoing Russian hacking investigations and fallout from the massive Equifax breach, Google is is proposing a better, stronger, and old-school security solution for a select few.

The company is working on new security tools for Gmail, data that will block third-party apps, hacks and replace its two-factor authentication system with a pair of physical security keys — but it might not be available to everyone.

Especially designed for high-profile corporate executives, politicians and other high-profile figures, Google’s reported “Advanced Protection Program” will offer a number of additional features to these accounts.

The Gmail messages of John Podesta, Hillary Clinton’s 2016 campaign chairman, were famously hacked last year, along with the databases of the Democratic National Committee. Podesta met with the House Intelligence Committee in June to discuss the hack.

Citing two people familiar with the matter, Bloomberg reports that the Alphabet Inc. company will launch its Advanced Protection Plan next month. Whether it will also be available to ‘regular' users is unclear.

“Over the past year, Google has refurbished its account security systems several times,” Bloomberg reported these new security features citing two people familiar with the company’s plans. “The upgrades come as the company pitches its Gmail and document apps to business clients.”

Replacing the two-factor authentication system with a pair of physical security keys is an important feature, but not the first time that Google will be marketing it. The device was first introduced in 2014 as a measure to improve security measures. Google introduced support for universal 2nd factor (U2F) USB security keys in 2014 (Facebook, Dropbox, and Salesforce also offer support). It improves security by requiring a dongle be inserted into a computer — along with a standard password — to access Google accounts such as Gmail. The method removes the need to type in codes from a phone and offers better protection from phishing sites.
Read more »
Subscribe to: Comments (Atom)