7-5-22 SCADA Attacks on Russia
Here is a map of SCADA attacks on Russia purportedly orchestrated by Ukrainian hackers.
4-10-22 The Sad Truth
I was looking through a scam discussion website and saw a post from someone who received a USB in the mail. He wondered if he should take the chance of seeing what was on it. He worried that if he opened this on a company network device he might get fired. This was one expert’s reply.
It’s possible this shows a ramping up to a possible cyberwar. “Hacktivists in Belarus said on Monday they had infected the network of the country’s state-run railroad system with ransomware and would provide the decryption key only if Belarus President Alexander Lukashenko stopped aiding Russian troops ahead of a possible invasion of Ukraine.”
1-11-22 Child Sex Abuse Info Leaked
Consider this a public service. The Distributive Denial of Secrets website has just released information about sexual abuse investigations of the Boy Scouts. Here is their summary,
“Records disclosed in litigation detailing alleged or actual child sexual abuse activities by Boy Scouts of America employees or those applying to work with BSA. Known internally as the “Ineligible Volunteer” files, “perversion files” or “p-files”, they reveal efforts to conceal and manage endemic abuse within the organization. These files were redacted per court order prior to release; removing personally identifying details of abuse victims and anyone not the named subject of a file or a BSA employee. Additionally, these files are not exhaustive and only comprise a small sampling of records held by the organization. Over the course of the case, it was determined that the Boy Scouts were aware of widespread abuse possibly as early as 1914, with formal records being created around 1920. The records released primarily span the late 1970s to early 1990s.”
10-28-21 Possibly the weirdest scam I’ve ever seen
I can’t do better than letting this scammed person speak for themselves.
Zhongzheng Kuwei is a schemer. Zhongzheng Kuwei owns two businesses. One is called American Supernatural & Soulforce Medical Institute, and the other is Soulforce Medicine and Education Institute. The business website is http://www.lingpai.org/. Zhongzheng Kuwei claims that he is an alien from outer space and he sells 200ml of soulsource water for $150. He claims that his soulforce water heals cancer, insomnia, covid-19, broken arm, and all types of diseases. Additionally, he sells his Lingpai for $3,000 to cure diseases. My spouse purchased a Lingpai, which he claims is a mathematical calculation performed by Zhongzheng Kuwei connecting his patient to a dead spirit in the past. Zhongzheng Kuwei also trains patients who desire to become an alien from outer space as well. He now claims that my spouse is an alien. Zhongzheng Kuwei has been preying on my spouse and is scheming for our family money. Zhongzheng Kuwei was detained by the Nanshan, China police and charged with fraudulent money schemes in 2013. He has since been in the United States after escaping from the Chinese authorities and investigations. He is using the same fraud scheme on my spouse, as well as the elderly and vulnerable Chinese living in California, New York, and New Jersey. Zhongzheng Kuwei only receives direct payments to his PayPal account and WeChat money account, he does not provide an invoice for the products and services he provides, and thus he is evading taxes.
The plot thickens. Why is the Chinese government going after Russian companies? Because they’re there. Any information is good information. If they can steal company secrets, the Chinese will. But this sure isn’t going to help their international image much. The sure don’t need another enemy.
Looks like Stuxnet 2.0 to me. The easiest way to put malware on these machines is to have an insider working for Israel. But look for something upstream. Look for hacks on suppliers of components of these centrifuges that could be used to manipulate the machines parameters. The malware seemed to be triggered as soon as the centrifuges were plugged in. This has to be a major setback and a major embarrassment for Iran
Apparently, a guy, desperate for a job, stole someone else’s life and applied for a job at a university. He passed all the screening and qualified for an interview. Only then did the university become suspicious since he looked nothing like his photo and couldn’t answer simple technical questions. You’ve got to wonder what the guy expected. Maybe he hoped to pick up some quick money and then disappear. LinkedIn users beware.
12-20-20 Interesting Response to a Scam
Here is a scam that was reported on reddit with a suggested response.
12-17-20 Something Interesting from the Deep Web
I ran across this ad on a deep web site.
Although I haven’t checked this out completely, the free sample given sure has a lot of information. No trouble taking over someone’s identity with this. Thanks Equifax.
12-9-20 Puppy Scammer in Slammer
Well, at least they got one of them. According to the Pittsburgh Post-Gazette, “Desmond Fodje Bobga, 27, a Cameroon citizen attending college in Romania, is in custody after his arrest last week by Romanian law officers.” It seemed he cheated the wrong person out of $9000 to support an imaginary dog named, Pansy. Mr. Bobga looks like he used his scam income to live a rather high class lifestyle, if his Facebook page is to be believed. Apparently, the fake pet scam has been fueled by people seeking companionship during the continuous pandemic lockdowns. To see more details on how these scams operate, see my post.
7-9-20 And You Wonder Why Companies Get Hacked
I came across this post on the System Administrator’s Forum on Reddit. Now you know why companies need better ways to protect themselves.
If you have employees that insist on acting like idiots, get the protection that will let them do this without harming the company.
Apparently, a bug in Firefox will send any one-word search to a user’s ISP. The company will then have a collection of data on the user. Although this may have been an accident in coding, it is possible for bad actors to direct these searches to their servers. If this is true, then hackers (or even marketers) could use the accumulated information to set up a targeted attack.
You have to wonder at what point this person realized they were being scammed.
3-19-20 Record Amount Paid in Puppy Scam
Now, I can understand how someone could get scammed for a few hundred dollars for a rare breed puppy, but at what point do you think a dog is worth $60,000? According to a post on the Better Business Bureau scam tracker site, this is exactly what one person thought. Here is that post.
My response is, why didn’t you stop them? Why didn’t you do some research first? For those who want to know more about these very lucrative scams, read my post on this topic.
2-13-20 Iranian Internet Knocked Offline
A DDoS attack knocked out 75% of Iran’s internet. Gee, I wonder who could be behind such an attack. But don’t look at the attack itself. Often, especially when orchestrated by nation-states, these attacks are used as distractors. The attack may just be part of a more comprehensive attack to disrupt Iran’s infrastructure. Watch this space.
10-1-19 New Record Set in Pet Scam Payout
Most pet scams end up with victims losing under $1000. By the time the costs get too high, the victim realizes that something is not right. However, a recent post on the Better Business Bureau website claims that a pet scam cost the victim $7000. I can only guess that the victim ordered a large number of “Maine Coon Kittens”, whatever they are. The site that scammed this victim still exists. I am posting what it looks like so that anyone contemplating buying a pet from a similar-looking site will know enough to avoid it. The current site has a URL of prettymainecoons. That may change but the pictures and style will probably remain the same.
I’m happy to hear they caught one of these low lifes. For those of you who think these scams are nothing more than a nuisance, here’s an excerpt from the article. “According to the criminal complaint, one woman committed suicide after wiring $93,710 to the scammers after she believed she would be helping ship back $12 million worth of gold to the U.S. ” He could get 20 years in prison, but that probably won’t be enough.
5-9-19 I told you so. Baltimore City Shuts Down Most of Its Servers After Ransomware Attack
Just read the article I posted this week.
If you have an Asus computer, you should check to see if your MAC address has been compromised. Kaspersky has a tool to help you out. If you don’t know how to find your MAC address, click the link on the page.
The answer is, yes. Tensions between the U.S. and Venezuela have existed for years. It would be no surprise if the U.S. put infrastructure-damaging malware in place in case they ever needed it. And the U.S. has such malware. See my article on Nitro Zeus. Although they could install and trigger the malware remotely, they would seem to have no shortage of cooperative insiders who would be more than willing to help them out. The malware is designed to have important controls malfunction and possibly burn out. If the government has no replacement parts, they would have trouble getting the power grid operable again.
A cyber attack “originating outside the U.S.” affected the operations of Tribune Publishing, a firm responsible for the publication of Los Angeles Times, the San Diego Union-Tribune, the Chicago Tribune, and the Baltimore Sun as well as the West Coast editions of the Wall Street Journal and the New York Times. No details about the manner off the attack is given; however, a spokesperson for the LA Times claimed that “we believe the intention of the attack was to disable infrastructure, more specifically servers, as opposed to looking to steal information.” If this is true, it would appear that the firm was hit by a DDoS (Distributed Denial of Service) attack that may have been politically motivated.
“32% of the businesses surveyed admitted that they had suffered from a cyber attack in the past 12 months due to remote working practices in their firms”. So claims a report by CybSafe. However, it appears that this is the fault of the companies as “30% don’t restrict file access to their remote workers.” In other words, the bad browsing practices of its employees can manage to infect the corporate network. Why didn’t these companies secure their networks? Management felt that their employees were wise enough not to avoid being hacked. Apparently, they were not. Although the study focused on the UK, we can imagine that similar management attitudes prevail else where.
Well, if this is true, it looks like the Facebook hack may have been more serious than Facebook led us to believe. But can you trust anything that’s for sale on the deep web? Actually, you can probably trust it more than most sites. Dream Market, which hosted the sale, runs on an escrow system, which means that those who buy the data (for $3 to $12 a profile) have to be satisfied with it before the seller gets the money. The sellers could make hundreds of millions of dollars from this sale, but they have to sell it fast as it will lose value every day, since people may be changing their passwords.
According to research at a German university, “manipulated audio waves from the sounds of birds chirping could be used to launch an attack against voice assistants”. Apparently, attackers can hide secret messages in bird songs to fool digital tech assistants, like Alexa, to do things you really wouldn’t want them to do. Twittering and tweeting are suspect. So, if in the middle of an Alexa message you begin hearing anything suspicious – animal sounds, mumbling – you may want to unplug your assistant instead of killing your canary. As of this writing, he has not been implicated in the scam.
Here’s a story that should get more attention than it will get. “According to a report from Wired, the firm left 340 million individual records on a publicly accessible server that any person could have gotten ahold of.” If verified, this becomes one of the biggest exposures of personal information in history. Basically, the marketing firm, Exactis, simply left the data exposed on the internet. Oops! “Those records contain a variety of data points, including phone numbers, home addresses, and email addresses connected to an individual’s name. It also included more than 400 characteristics about a person, ranging from if the person is a smoker or not, their religion, if they own any pets, if they have kids, their age, gender, etc. It also included interests like scuba diving and plus-sized apparel”. So if you end up getting more spam than usual, you’ll know why.
That’s right. Your files will be encrypted until you play this new game. Yes, apparently, they will return your files to a normal state if you do so. It’s a disturbing marketing angle. What’s next? Will my files be encrypted until I watch the new Katy Perry video? Will I be forced to read political articles I don’t want to read? Maybe you can force me to like your product or write a positive review of it on Amazon. Let’s see the lengths to which attackers take this new angle.
It was really kind of stupid for Zuckerberg to announce that 87 million Facebook users would be sent emails explaining their privacy policies. This is great news for hackers who would like to take control of your profile by sending you a fake email seemingly coming from Facebook. It’s even better if they could get the original message to make an authentic scam. Just toss in a link to a fake sign in page that asks you to give up your Facebook login information, then, login themselves and change the password and, voila, your Facebook account is now theirs.
The more I research this story, the more I doubt a Russian connection. I am not alone among serious investigators. Mueller happens to be in a unique position in that he has invested much time in tracing down even the most remote connections between the Trump campaign and Russia. If this doesn’t play out. If no collusion is found, it is time he looks into a few points. First of all, he should find out why the FBI decided not to look at the DNC servers. He should also look into the activities of the Ohrs and the Awans. In any event, this article lists the most salient points as to why an investigation is necessary. For a more in-depth look at this issue, check out what I refer to as the Guccifer 3.0 website.
One year ago Uber was hacked. The hackers stole the personal information of 57 million users and 60,000 drivers. They paid the hackers $100,000 not to release the information. The truth is that this payment may have been better than allowing the data to be posted online for every hacker and spammer to use in criminal attacks. The information was stored in a cloud service and it was that which was hacked. Nonetheless, Uber fired the heads of its security staff.
10-25-17 BadRabbit Arrives in a Flash
..in a fake Flash Player update, that is. No one is quite sure whether this is a real ransomware attack or not. It could be like the NotPetya attack which masqueraded as a ransomware attack but was actually an attack on Ukraine’s infrastructure. Since the recent attack has brought down Odessa Airport and the Kiev subway system, this may be the real goal. Still, it has spread beyond the Ukraine’s borders and has reached as far west as Germany. So if you suddenly find yourself on a website telling you that you should update your Flash Player…don’t.
…especially elections that Zuckerberg may be running in. For me, this is just another in the series of campaigns by Zuckerberg to raise his public image for an eventual run for political office; possibly even president. Oh, wait a minute. Isn’t using Facebook as a political tool something he’s complaining about? Let’s see if he discloses influence from China – a country he’s been trying to suck up to as they have banned Facebook from their country.
…and rightfully so. No, not for littering the streets with eggy debris, but for messing with government officials and citizens throughout Russia. The so-called Humpty Dumpty hacking team used or sold the information they hacked to make some good money. Unfortunately for them, it was their hacking of Prime Minister Dmitry Medvedev, President Putin, and other high-ranking government officials that got them in trouble. Besides criticizing Putin, they took over Medvedev’s account and posted that he was resigning to become a freelance photographer. The four group members were sentenced to up to 3 years of hard labor in a penal colony. It is rumored that all of the king’s horses and all of the king’s men will not be able to put Humpty Dumpty together again.
Don’t take this lightly. If true, it is the kind of attack that can affect internet access around the globe. It happened in June. If it happens this time, it will be tomorrow, August 24th. This is because it will mark the anniversary of Ukraine’s independence from Russia. Most cyber attacks on Ukraine originate in Russia. If it doesn’t happen now, there is more malware out there with Ukraine’s name on it.
In a recent post, I wrote on how intelligence agencies could follow leaked documents by inserting beacons into Word documents. Now it appears the Russians did the exact same thing in their spear phishing attack on a voting software provider.
“Two months later, on October 27, they set up an “operational” Gmail account designed to appear as if it belonged to an employee at VR Systems, and used documents obtained from the previous operation to launch a second spear-phishing operation “targeting U.S. local government organizations.” These emails contained a Microsoft Word document that had been “trojanized” so that when it was opened it would send out a beacon to the “malicious infrastructure” set up by the hackers.”
An hour after the publication of this article, federal authorities arrested 25-year-old, Reality Leigh Winner, an NSA contractor. Someone must have leaked information on the leaker.
Only half? My guess it’s much more. Many businesses, especially those hit with ransomware attacks, do not report hacks because it makes their businesses look bad. The report claims that:
“The most common type of attack identified in the report was fraudulent emails, which affected 72pc of companies that experienced a problem. One large wholesale business reportedly receiving 340,000 such emails in a year.
Other incidents involved viruses and malicious software being downloaded onto companies’ computer systems, and employees’ identities being stolen and used in emails or online. The outcome of such attacks for businesses included the temporary loss of files or network access, and systems breaking. “
Yes, it’s the same time-tested vector; get control of an endpoint connected to a company network and leverage it to get into the company network to do whatever you want. One piece of advice: Workplay Technology.
As someone who holds a degree in geology, I’d have to say that this is kind of a stretch. I won’t go so far as call it fake news, just hyped news. I suppose, in principal, a huge explosion next to the magma chamber could produce a fissure which would release the pressure, and magma, inside the chamber, but whether the resulting explosion would cause the death of tens of thousands of people is pure speculation. CNN would be best to covering the news it does best…sports.
This is a problem you will have to keep your eye on. Last year, the Mirai bot brought down major sites around the world. If this Windows version gets organized, it could do far more damage. The last Mirai attack brought down the internet by using the Internet of Things (IoT) and this one will do the same, only it will have more Windows-based devices at its disposal. As the article correctly states, “the fear in the security community is that with the release of the Mirai source code, the rabbit has been let out of the hat; things are going to get worse before they get better.” Just remember that I told you so when you can’t reach your favorite site some day.
This is serious stuff. It looks like the infrastructure of Ukraine is being targeted by a nation-state that doesn’t like it. Hmm, who could that be? This is as close to cyber war as we have seen as this Stuxnet-related malware could launch a devastating attack.
According to the firm that is investigating the attack, CyberX, “Operation BugDrop infects its victims using targeted email phishing attacks and malicious macros embedded in Microsoft Office attachments. It also uses clever social engineering to trick users into enabling macros if they aren’t already enabled.”
For now, it looks like the attackers are positioning themselves within the infrastructure and will wait until they are commanded to begin their operations. It could be a way to thwart advances by the Kiev government into eastern Ukraine.
If this story develops, I will write a more detail post on it’s operations.
As Chris Perry, chief operating officer for Secured Communications correctly points out,”the weakest link in any communication is the end user. You can have all kinds of end-to-end encryption, but in the end, if you aren’t using that piece of equipment and related tools, you are very vulnerable. That’s true in any environment, in government or the private sector.”
If Trump’s Android phone was, indeed, unsecured, it compromised everyone he is connected to and any government agency that these people work for.
If only he and the rest of the government invested in WorkPlay Technology, a poorly secured endpoint would never be a problem again…sad.
Hmm, this seems to be part of a new pattern in which ransomware targets small businesses and organizations which will quickly pay the ransom. Other targets include hospitals and small businesses. It looks like infrastructure could be next. Why? How long can they exist without having access to their network? Luckily for the school, this hacker used the traditional ransomware model in which they really do get the decryption key they pay for. Maybe next time they won’t be so lucky, and, yes, they’ve set themselves up for future hacks by paying the ransom.
Anyone who’s investigated this issue knows that almost every electrical plant in the U.S. experiences attacks on a daily basis. Most attacks are summarily blocked but others have installed malware on parts of the networks. It’s not even news. So why has this one breach (or non-breach) making the headlines? Politics. The Obama administration wants to prove to the average American that Russia is a cyber menace. Well, they may be, and sometimes are, but this is no way to prove that. As Burlington Electric Department General Manager Neale F. Lunderville asserts, “There is no indication that either our electric grid or customer information has been compromised. Media reports stating that Burlington Electric was hacked or that the electric grid was breached are false.” (See my post on Russians in the U.S. power grid for more details.)
I’ve been pointing out the lack of cyber security awareness in lawyers and law firms for years. So it was no surprise to me when I learned that Chinese hackers had compromised two big law firms and taken data which allowed them to make $4 million on insider trading. As the article states, “accounting firms that provide tax advice on mergers, boutique advisory firms, and consultants who weigh in on synergies and downsizing plans are almost certainly on the criminals’ hit list.” Lawyer-client confidentiality soon may be a thing of the past.
If these documents are valid, this is devastating news. What it means is that the government bailed out the banks with taxpayer money which the banks then channeled into the pockets of certain democrats and the DNC. If the fix was in, it means that the democratic administration used taxpayer money to support itself. The amount of the bailout alone is stunning.
This is what is called a pre-emptive strike, and this one smacks of desperation. It’s as if the DNC knows what documents may be leaked and are doing whatever it takes to stop them from impacting the election. The ploy here is to make using the release akin to treason. That is, if the Republicans use this information to advance their cause, it is the same as working for Putin. Good luck pursuing that angle. Pelosi had previously said that she couldn’t have been hacked because she had no PC at the DNC, showing how little she understands cybersecurity.
With only a few hours to go, Trump is leading Clinton in Wikileaks’ poll by a whopping 60 to 16 percent. How is this possible? Well, there has been some question as to whether people will admit to being Trump supporters because of the social stigma that may be attached to this. The greater anonymity associated with online, non-interview polls may make some voters feel freer to express their true opinions. Admittedly, WikiLeaks is no friend to Clinton, however, the social stigma question deserves some exploration. I will be doing just that in my next post.
This is disturbing for a number of reasons. First of all, Guccifer2’s leaks from his DNC hack showed that the Democrats were preparing counter attacks for every speaker. It seemed suspicious to me that they connected Melania Trump’s speech to Michelle Obama’s speech so quickly. It was as if they had access to her speech in advance. Now, it seems that maybe they did. No details are given here but my guess is someone has been hacked and the hackers have access to certain RNC document databases. Yes, this is serious as it would mean that the dems would know all the RNC’s strategies. The RNC needs to call in a good cybersecurity team and consider using hardware separated security, which would prevent this.
The fact that this hack was announced by LeakedSource means it’s probably an old hacked database that’s been revitalized. (see my recent post). There is no anti-Muslim conspiracy as the title seems to indicate. What’s probably happening is that people are members on a number of Muslim dating sites and use the same password on each. It’s good advertising for LeakedSource as they can have you pay for details about the hacked data that they bought, probably in the deep web.
At least that’s what it seems like. Either Twitter has a flaw that’s being exploited or people are using passwords released on the recent Myspace and LinkedIn hacks. That being the case, it means people tend to use the same passwords, or logical variations on them, for all of their sites. That’s what recently happened to Zuckerberg. But if Twitter has a flaw, I would guess it could be in their password retrieval policy. I have no concrete information on this but I know hackers routinely exploit this angle on social media sites. It recently happened to Facebook.
There’s more to this story than is in the headline. Apparently, Iran has traced a recent cyber attack on the Statistics Center of Iran to IP addresses in Saudi Arabia. A country’s statistics center seems like a good place to hack for all of the information it must contain, but tracing an IP address is not so easy. It could be that someone else is hiding behind the Saudi addresses. However, what the title doesn’t tell you is that Iran had recently hacked Saudi sites. Now, Iran plans to have a cyber war games exercise. Sure. What we may be seeing is the beginning of a more extensive cyber war. Keep an eye on this angle.
Here’s the basic story. Why would we (Apple) approve an app that says we have bad security? Our security is perfect, therefore, the app is useless. I would question the app from another standpoint. Couldn’t it be used to penetrate a device? Could it be used or disabled to make someone believe they were safe when they were not?
They could have added the word, ‘again’, to the title of this article. I’ve written about this site being hacked in a previous post. Any site that purports to represent only people it deems ‘beautiful’ is opening itself up for attack; especially since it is filled with so many fake female profiles.
Well, he can refuse to talk about it, I suppose, but that doesn’t stop anyone else from doing so. Okay, there may be some doubts about whether the server was hacked in the 2011 RSA hack, but there is no doubt that Hillary’s email was penetrated. See my recent blog post on this for details.
Law firms have a bad reputation when it comes to cyber security. Whatever you want to say about lawyers, they lack IT savvy. This weakness has been repeatedly exploited but this is the first time that they have been used as a way to get insider trading tips. Apparently, the attacks begin with phishing emails.
“We’ve seen examples of emails [at client law firms] that purport to come from a managing partner to a more junior lawyer directing them to make payments to an account or to send certain information to an address,” Stephen Tester, a partner at CMS (a London law office), told the BBC.
“They can look very much like a regular message.”
Law firms had even reported breaches of their video-conferencing systems, commented Mr Tester.
“There are ways in which people can go into video-based conferencing facilities and literally listen in on meetings,” he said.
I’ll be writing a post on hacking law firms in the near future.
Well, this is embarrassing. BlackBerry used to be famous because it was so secure. So what happened? According to the article, Dutch police were able to break its encryption. “It is believed that the tests – conducted by The Netherlands Forensic Institute (NFI) – were carried out on PGP BlackBerrys, a device advertised as being specifically aimed at keeping data secure.” Looks like time for an all new approach to security if BlackBerry has any hopes to survive.
Why am I not surprised? Here is someone who wants to do away with encryption (or at least make it a law to give the government all the encryption keys) as well as having companies put backdoors on all of their smart devices. Had he used encryption, he may have avoided this mess. In any event, those behind the hack are the same as those who hacked the head of the CIA, John Brennan. They probably used the same methods and will, therefore, probably release some of what they found soon.
12-22-15 American Power Grid Has Been Hacked
It appears that Iranian hackers have set up a way into the US power grid. Researchers in California recently discovered “drawings so specific that experts say attackers could use them to knock out electricity to millions of homes.” I already made a post on Russian hackers in the grid who could exploit a hack at a moment’s notice. The Iranian angle is something new. I suppose the Chinese may also be there but they are better at hiding their antics.
This is interesting because it’s connected to the Office of Personnel Management which exposed 21.5 million user’s credentials to Chinese hackers. Anyone who thinks they may have been compromised can check that out on this new site. The catch? “Users must enter their home address, email address, Social Security number, date of birth and certain other personal details.” Yeah, no worries there. All of this is interesting considering the new revelations from a recent audit of the department which claims a new breach is imminent. See my last post for details.
11-26-15 New Wi-Fi-Enabled Barbie Can Be Hacked, Researchers Say
Well, any product connected to WiFi and the Cloud is vulnerable to hacking. I can imagine that, in the wrong hands, a talking and listening Barbie could be a nuisance or a serious problem. Taken to the extreme, the talking Barbie could be used by attackers to exploit the home’s network and smartphones connected to it. Attackers could use this breach to take full administrative control of a smartphone that may have permissions to use a corporate or government network. I’m looking forward to the headline, ‘Barbie Hacks into White House Computers’.
Here’s an amusing hacking twist. I can see where the Prozac might help but Viagra? I’ll leave that up to your imagination.
If true, then virtually everyone reading this post has had their credentials stolen. That’s more people than the population of the US and Europe combined. This stemmed from a hack on Hold Securities last year and only now has it been learned that this all can be traced back to Russia. My only question is, why isn’t this a bigger story in the media?
11-16-15 Websites brace for cyber attacks
According to this article, France and other countries can expect more ISIS-based cyber attacks after the recent Paris terrorist attack. This is what apparently followed the Charlie Hebdo attack. Also keep your eyes open for scams asking for contributions to help the victims. These are often disguised as email pleas with a link that can infect your computer.
This is more of a story than it might appear to be. It’s not Apple that’s paying for this bug bounty but a private firm that can sell the exploit on to whomever they want. As the writer correctly states, “somebody claimed the $1 million bounty set by the new startup Zerodium, according to its founder Chaouki Bekrar, a notorious merchant of unknown, or zero-day, vulnerabilities. ” Notorious is the operative word here.
The company can get more for this exploit from the right buyers, and the only buyers who have such money are nation-states. I’ll leave the rest up to your imagination for now, but look for a post on this in the future.
Ardit Ferizi, a Kosovo citizen living in Malaysia allegedly stole personal information on more than 1,000 U.S. service members and federal employees and gave it to Islamic State militants. This enabled ISIS sympathizers living in the US to target these individuals.
Ferizi hacked into “an unnamed U.S. company and stole information on 100,000 people, including 1,351 service members and federal employees”.
Had the company been adequately protected with good hardware-separated security architecture, they would not have put these employees in danger. I wonder if they could be implicated if any of these individuals is killed or injured?
Authorities in Malaysia have detained
Here’s a story that can warm the hearts of those in the security business. It also shows the value of training employees to recognize phishing exploits. Basically, they sent the attacker a phishing email to get information on him. He fell for it and clicked on a link in the phishing email, actually logging into his aol account and giving the company more information on him. The FBI is now on the case.
Hotels are a growing target so this story is not all that surprising. The thing about hotels is that you usually get wealthy guests, so when you steal their credit card data, it’s a good harvest. This was a purely financial hack, not like the Darkhotel malware that mainly looks for information.
Look at this title again. These aren’t just regular companies we’re talking about. These are tech companies – companies that should be pretty aware of cyber security. What does this say about normal companies?
The title says it all. The truth is that the text message introduces a video that has been sent you. It’s actually the video that injects the malware behind the scenes. All the attacker really needs to know, therefore, is your phone number. You never even have to look at the video. Google says it has patched the vulnerability but it may take a while for all vendors to install it. The good news is that the discovery was made by security experts at Zimperium and is not being used by hackers…we think.
Those wacky Chinese hackers are at it again. This time, they’ve infiltrated Penn State’s Engineering school. In a somewhat desperate attempt to shut down the attack, the school opted to cut off all internet access. Before doing so, however, they watched the attackers operate for a while to learn more about their methods. Unfortunately, what they learned is that the attack might have begun back in 2012. Why would Chinese hackers want to attack an engineering school? Well, it’s not just the school. It’s who they are connected to. They, like most universities, have a lot of contracts with the US government and, especially, the Department of Defense. With that target in the sites, the school is a perfect launching platform.
I always suspected that more was compromised than we are being told. I would also doubt that no classified information was compromised. “White House officials said that there is no evidence that the president’s email account itself was hacked.” Really? I’m good enough to read your emails but I haven’t hacked your account? How is that possible? Even if this is a man-in-the-middle attack, I probably have your password. Look for more details to slowly emerge on this story.
Hackers claiming to be with ISIS have taken over the Indianapolis Downtown Artist and Dealers Association website.
IDADA is a local art nonprofit. When someone visits its website, the ISIS logo and Arabic writing appear at the top of the page and then music begins playing. The website also has a message in English that says “Hacked by the Islamic State (ISIS). We are everywhere ;)”
Well, they’re everywhere they can easily hack. I predicted this sort of pranksterism in one of my earlier posts. Expect this kind of thing to ramp up a bit as they get better at finding vulnerabilities in websites.
Then look at this: West Hollywood furniture store website hacked by group claiming to be ISIS
West Hollywood furniture store owner Olga Rechdouni woke up Sunday morning to a frightening discovery. Her website, Duroque.com, had been hacked by a group claiming to be the terror group ISIS.
Across the front page of her website read the words, “Hacked by Islamic State (ISIS). We are everywhere. :)”
“I’m scared. I’m really, really scared, because I don’t know what to think. I don’t understand why this happened to us, a small business in West Hollywood,” said Rechdouni, who designs custom furniture and dog beds.
Calm down, Olga. ISIS hasn’t put out a fatwa on dog beds that I know of. Just work more on your cyber security and get a good guard dog.
In fact, today has seen a spate of so-called ISIS attacks across the US and Canada, but all were small businesses or minor organizations who probably never thought they’d be hacked. However, if any of these are connected to larger companies as suppliers or distributors, be careful.
You can expect more of such attacks as ISIS will recruit for an all out cyberwar this year. The message on these compromised websites reads “The Islamic State Stay Inchallah, Free Palestine, Death to France, Death to Charlie.” Yeah, we’ve heard it all before.
11-2-14 This blog changed it’s title to Secure Your Workplace Network to more accurately align itself with the developing goals of InZero Systems and its innovative Workplay Technology.
69% of Americans worry about having their credit card information stolen by hackers, while 62% worry about having their computer or smartphone hacked. These are interesting statistics in light of the apathy found among many about securing their mobile devices. It seems people are worried but that this worry does not give them the motivation to do anything about securing their devices.
I’d like to know how they managed to do this. The fact that they did is somewhat disturbing, however. Could they listen in on phone calls and conversations?
“The official said that the situation was dealt with immediately and work continues, although the new measures have led to temporary outages and loss of connectivity for some White House employees.” This may indicate a breach that used a mobile device connected to the network. Well, if anyone has the malware to infiltrate the White House, the Russians have.
This should be no surprise to anyone. However, exposing the data of 76 million customers is worrying. JP Morgan claims no data was stolen, but, in these cases, it can be hard to tell. It still looks as Russia is behind the attack but the method of initiate it seems a bit unclear. Apps may have been exploited or some sort of whale phishing (getting into a network through an executive’s account) may have allowed the attacker to get to the deepest levels. Check my post on this attack for more details.
It’s official. Chinese hackers repeatedly got into “U.S. airlines, technology companies and other contractors involved in the movement of U.S. troops and military equipment”. Cybersecurity expert Dmitri Alperovitch, chief technology officer with the security firm Crowdstrike, said China had for years shown a keen interest in the logistical patterns of the U.S. military.
No surprise to anyone, really.
The Chinese denied everything. Also no surprise to anyone.
In what is being called a “highly sophisticated” attack, Canada’s National Research Council admitted that employee information and technological secrets may have been taken by government sponsored Chinese hackers. This is a common pattern. Why spend money on research when you can let others do the research for you and then steal it later? Details of the hack were not published, but since NRC president, John McDougall, warned employees not to connect to the network. It’s likely an endpoint was compromised through a phishing attack, which is a common attack profile for Chinese hackers.
So for all of you 600 million Apple device users out there, you’re not as secure as you thought you were. And that includes the U.S. government, which has approved Apple devices for government use. Apple may have built this backdoor into its devices but, it’s there and can be exploited by bad guys.
Well, I suppose everyone knew this was coming. The agency involved, Office of Personnel Management, claimed that no personal information was lost. But why else would you hack into this particular office?
This is deja vu all over again. Health care organizations have been a repeated target for hackers as they contain a wealth of personal information. Check the deep web for people selling information or new credit cards. Just hoping that nothing was taken isn’t going to do it. The report says that the organization receives 17,000 attacks a day. No one could probably survive this.
It’s surprising that we were given any information at all on such a hack as the UK government usually doesn’t report any successful hacking. Who’s behind it? That information is not given…round up the usual suspects. It is interesting that the UK government just approved the use of Samsung smartphones and tablets on its network. Hey, you don’t think that…
So, how much do you want that pizza?
Hackers have stolen data on more than 600,000 Dominos Pizza customers in Belgium and France, the pizza delivery company said, and an anonymous Twitter user threatened to publish the data unless the company pays a cash ransom. How much did they want? 30,000 euros. That’s a lot of pizza.
Customer names, delivery addresses, phone numbers, email addresses and passwords were taken from a server used in an online ordering system.
These guys have everything against them, but continue to succeed in making huge amounts of money. With every one caught, a hundred are still scamming people…but at least they caught this lowlife. The death of the victim was not explained.
See my latest post on this topic. Why are Scots so susceptible? Looks like a good topic for a sociologist to research.
The return of your worse nightmare. If it’s any consolation, this vulnerability seems to be a little harder to exploit. However, questions about the real security of open source code are raised.
“The hacker group Anonymous is preparing a cyber-attack on corporate sponsors of the World Cup in Brazil to protest the lavish spending on the soccer games in a country struggling to provide basic services, said a hacker with knowledge of the plan.” It will be interesting to see what sort of security moves will be made to stop this attack. Who’s going to win this battle?
I wonder if it surprises anyone that you have a 50-50 chance of being a hacking victim. At some point, more people will be hacked than not. “Cyberattacks are growing so numerous that we’re becoming numb to them. Researchers at IT company Unisys say we’re now experiencing ‘data-breach fatigue.'”
5-22-14 eBay Hacked…Two Months Ago
That’s the big problem. Why did it take so long to announce this? My guess is they were uncertain what and how much personal information was lost. Maybe they hoped to fix it first. In the meantime, the stolen personal information could have been used. Look for more anger about this.
5-20-14 Blackshades – More Malware to Worry About
This RAT (Remote Administration Tool) can be use to take complete control of your computer including your camera. Those in control, therefore, can monitor all your computer activity, look through your files, change your settings, and watch while you suffer under their torment. They will get you with a regular email phishing scam where they want you to click on a link. The program can also send the malware to friends and use your social media to make it look like the infecting link was really from you.
Here is the official FBI report on the incident.
Well, this is one that got caught. The problem was that he was selling his services to other students; otherwise, no one may have ever found out. Expect the government and schools to make a big deal about this because such hacking is now running rampant. You can even buy school exploit kits on the deep web. Schools giving tablets to tech savvy students is like giving a fox the keys to the henhouse.
This has been talked about for some time and should be no surprise to anyone following the matter. However, given that these experts are highlighting it now seems to indicate that the chances for such attacks are increasing. Don’t think that the US or the Ukraine will not retaliate.
As the article states, “The browser problem, which affects IE versions 6 through 11, has allowed a well-organized group of hackers to gain access to confidential information from a broad spectrum of defense and financial industry computer systems in a campaign that has been dubbed ‘Operation Clandestine Fox.'” (for more information see my special post)
Once again, a university is hacked. Are you are aware that there are special school exploit kits available on the deep web? The school took the extreme measure of destroying all its servers. Great. But then they installed new software protection, not so great. This will only delay the next hack. Check out InZero’s hardware-based security and put your mind at ease. No more servers to destroy.
Here’s a story that could get more attention as people realize they’ve been hacked. It looks like a phishing attack with a twist. Changing your password doesn’t seem to solve your email being used to send spam. The problem is that this spam message might come from someone you know but contain a link.
According to a new Ponemon Institute study, most businesses are not prepared for a cyber attack. Even worse, 81% say they are having trouble securing endpoints. Listen, if you are among these companies, I encourage you to take a look at the WorkPlay tablet and put your mind at ease.
Fooled by a dummy fingerprint. Well, it had to happen. After all, software is used to translate real-world input( a fingerprint) into digital information and all software is ultimately hackable. The bad news is that once fooled, the system easily lets you in with free access to PayPal. Not good news for security teams.
This is an angle I suggested in my recent post. Not to be brushed aside as a conspiracy theory, as anyone studying internet cyber spying will attest to. This is the first in what may be a string of evidence that could trace the source of this bug. Also see Wired Magazine’s article Has the NSA Been Using the Heartbleed Bug as an Internet Peephole?
“In January, an Israeli cyber security firm said hackers had broken into a Defence Ministry computer via an email attachment tainted with malicious software that looked like it had been sent by the country’s Shin Bet security service.”
You don’t suppose Israel has any malware on Palestinian computers, do you?
Hmmm. Something about foxes and henhouses comes to mind.
4-3-14 This kind of says it all
This is worrying. Somehow, cybercriminals get access to a bank’s network and then install malware that gets customer pin numbers. From there, it’s just a matter of emptying the account and disabling the withdrawal limit. A little too high-profile a crime for the FBI to brush off.
Not sure what’s behind this anti media angle but it should be a heads-up for other outlets. The most important point for me was that two hacking teams worked together on this one. I was wondering when this would happen.
Ireland discovers what everyone else should already know: mobile devices can lead your company into disaster. A company or enterprise is most likely to be destroyed from within, by employees misusing mobile devices.
Apparently, a lot of things. My recent post highlighted the problem of government security and this article gives a few more reasons that government agencies should be concerned.
The word is out, literally. Don’t open any rtf documents you may receive by email until Microsoft gives the okay. Apparently, your computer can even be infected if you preview the document, so be warned.
Once more, proof that universities are easy pickings for hackers. Lots of endpoints connected to the network. Now, 14,000 records are compromised.
Recently, I’ve written about the IRS and the problem of controlling employees and keeping them from compromising data. Here are the two stories wrapped into one.
IRS Commissioner John Koskinen said in a statement that an unencrypted thumb drive containing the information was plugged into an employee’s unsecured home network, making the information potentially accessible to third parties online.
Add this to the possible theories. Is it possible? Some airlines have been worried about this for a while and are working with the federal government for some changes.
Sally Leivesley, science advisor to the Australian government observed: “It is looking more and more likely that the control of some systems was taken over in a deceptive manner, either manually, so someone sitting in a seat overriding the autopilot, or via a remote device turning off or overwhelming the systems.
“A mobile phone could have been used to do so or a USB stick. When the plane is air-side, you can insert a set of commands and codes that may initiate, on signal, a set of processes.”
Users are finding they cannot access some of Apple’s services. It is not clear whether this problem will develop further or will be taken care of, however, if this develops into something, you’ve heard it here first.
If you didn’t already figure this out, it looks like the NSA masked itself as a Facebook site to detour traffic into its own site, thereby allowing them to look through the hard drives of whoever was unfortunate enough to be fooled. Check out my story on how Facebook is used by hackers.
Once again, universities seem to be easy pickings for hackers as the information of 290,000 students and 780 staff members may have been compromised. “All those affected are being offered one year of free identity protection services from AllClear ID.” Hmm, something about barn doors and horses comes to mind.
Is nothing sacred? It seems we should expect more hacks targeting personal information as tax season arrives. According to the article:
“In scenarios such as this, the hackers steal names and Social Security numbers and redirect the refunds to themselves or associates.”
The headline says it all. If you have a Yahoo or Google account, you should be a little nervous. This story has been confirmed by Reuters.
Can anything be done in the name of national security? Those private, intimate video chats you had may have had an eavesdropper called the US or UK government. But they not only listened, they saved screenshots, often of people in various levels of undress. Why not just throw them away? Ever heard of blackmail.
Poor security practices have exposed hundreds of thousands of veteran records with personal data to anyone interested. The agency doesn’t even know if or when the data was stolen, their security was that bad.
2-27-14 Will Healthcare Ever Take IT Security Seriously?
According to the article, apparently not. Expect healthcare breaches to rise sharply this year and a certain amount of panic to spread through the industry, especially when heathcare.gov is hacked. This is not a prediction but a statement of fact.
Oops. For all those considering purchasing iPads or iPhones, beware. It seems these have been found especially vulnerable to hackers who found a way to circumvent Apple’s encryption system. Of course, Apple has applied a patch but we all know the Law of Patches: All patches are temporary fixes.
Don’t think that it is only tablets, smartphones, and computers that allow hackers to gain important patient information by accessing your network. This story points out that many new medical technologies come with the capability to be connected to the healthcare organization’s network. The problem is that most healthcare centers don’t really take the time to configure them against cyber attacks. When this happens, the hacker is into your system and all of your information.
In an interview with Megyn Kelly, cybersecurity analyst Morgan Wright says it isn’t a matter of if the Obamacare website will be hacked, but when. People using it are cautioned. If your identity is stolen, criminals can use your information to get drugs or medical treatments at your expense.
In 2013, for the first time, the healthcare sector experienced more cyber attacks than the business sector did. This amounted to 43% of all hacks. Why? Experts say that healthcare facilities are far behind in their use of security to protect sensitive data.
Microsoft is under pressure once again. This time, hackers have exploited a new flaw in its Internet Explorer 10 browser to redirect browsers to a web page that infects the user’s system with code placed in Adobe Flash software. One of the main targets seemed to be visitors to the VFW (Veterans of Foreign Wars) website. The attack is similar to other attacks that have originated in China.
Although Morgan has admitted using phone hacking in the past because “everybody does it” , meaning that all media outlets use the technique, he seems pretty quiet about what the police are questioning him about. In 2006, he admitted listening to a personal voicemail from former Beatle Paul McCartney to his ex-wife. How did he manage that? If Mr. Morgan is not careful, he may get himself shot.
Hackers did the usual. Got into the site and stole personal information. All those users who registered with these companies are encouraged to change their passwords. Kind of a bit late for that. Expect to see more high profile attacks in the near future as hackers perfect their methods in getting into these high profile sites. For a list of all the recent media sites hacked, see this article, Financial Times, NYT Hit By Hackers
Hackers have discovered that hospitals are easy targets, thus, security has become a major concern. Hospitals can be fined or be sued by clients for bad security. Software solutions are short-sighted in such a case. InZero’s WorkPlay Tablet seems like a perfect solution for such cases.
2-12-14 Employee file sharing practices put corporate data at risk, study finds
Another sobering study for those companies interested in establishing a BYOD (Bring Your Own Device) framework. According to this Globalscape study, nearly half of all employees are ignoring company guidelines for maintaining a secure work environment. For example, 63% use online storage devices for important company information, and 60% use personal email to transfer important work data. What makes these statistics more surprising is that 47% of employees realized there were guidelines in place but simply chose to ignore them. Apparently, when employees bring their own devices, they believe they have the right to use them as they choose.
2-11-14 Hackers Hit Health System’s Server
Approximately 405,000 patients and employees had their personal information stolen by hackers from, what a surprise, China. Why are hospitals targeted? Lots of hospitals have doctors and nurses using tablets to enter data. It only takes one weak point and the server is compromised. Personal information is valuable no matter where it is taken from.
The hacking group known as the Syrian Electronic Army tried to change the domain name of several high profile sites such as Facebook and Amazon. They nearly made it. The SEA’s attack style involves launching spear phishing attacks against employees of the companies they target in order to obtain sensitive credentials. Spear phishing is a targeted form of phishing, which involves tricking people into divulging their login information or installing malicious software. This type of attack can be successful in companies that employ a BYOD (Bring Your Own Device) system. In these cases, BYOD can mean Bring Your Own Demise.
2-5-14: Google Play Exclusive: Security Company Thirtyseven4 Releases Tablet Security Suite for Android
The antivirus company Thirtyseven4 is offering its Android security suite for free for six months through Google Play. This is clearly a PR effort to raise its profile.
Unfortunately, there is nothing in its portfolio to suggest anything besides old-fashioned software-based protection.
1-24-14: Schools don’t think Android tablets are secure enough
Apple heads the education tablet market with Microsoft growing in popularity. Schools would opt for cheaper Android tablets if they could be assured they were secure. Need some good security anyone?
2-2-14: New Devices. Same Old Security Issues?
New devices at Consumer Electronics Show (CES 2014) were criticized for not addressing security issues such as those related to BYOD. As if Samsung didn’t already have enough problems with its Knox security system, the company was singled out for a bad kill switch which would allow hackers to disable a phone or tablet. It was subsequently rejected by “the top four US carriers and their CTIA trade group”. This relates to the following story…
2-7-14: California bill proposes mandatory kill-switch on phones and tablets
2-4-14: Do Windows 8.1 Users Need 3rd Party Anti-Malware Software?
The conclusion is, yes. The included windows protection just doesn’t measure up.