Thursday 31 December 2015
What Will Anonymous Do In 2016? Steven Avery’s Case Won’t Be The Only Issue Taken On By The “Hactivists”
Well that was fast, no? Another year is nearly in the books, and it’s kind of been a rough one, as far as the news goes. Millions of people throughout the world have faced war, displacement, terrorism, and, of course, “collateral damage.” And in the United States, specifically, you’ve got a wild-eyed demagogue leading in the Republican presidential primary, the scourge of black Americans being killed by police officers, and more mass shootings than there were days in the year. So what will Anonymous do in 2016?
Sorry if your neck whipped from that segue, but it’s not as odd a question as it might initially seem. Plenty of folks don’t usually think about the possible implications of skillful, coordinated hackers working toward ostensibly common goals. And that makes sense, really; whether you’re not quite tech-literate enough to get a grasp on those kinds of stories or you perceive Anonymous as an inherently chaotic, unpredictable group, it’s easy to feel lost when you try to familiarize yourself with their plans. But on the basis of what they’ve done recently, and where the United States and the world is headed in the coming year, here are a few predictions for what Anonymous will be getting up to in 2016. For the full article click here
from hacker samurai http://ift.tt/1Omid4T
via IFTTT
Russian hackers blamed for power outages in Western Ukraine
Power outages on Christmas Eve in Western Ukraine have been blamed on Russian special services hackers.
The Security Service of Ukraine (SBU) said that malware was discovered in utility networks that corresponded with a “telephone flood” at tech support departments of utility plants. The SBU apparently hindered another attempt by the Russianhackers to access electric utility company computer networks.
It is believed that there has not yet been a cyber-attack to successfully take out an electricity grid. Animals, such as squirrels, pose more of a threat. For the full article click here
from hacker samurai http://ift.tt/1Omid4P
via IFTTT
You will now receive alerts if state-sponsored hackers attack your Microsoft Account [Updated]
Whenever you access the internet, you are under attack. There are tons of evildoers out there just waiting to hack or scam you. Between malware and social engineering, it can feel like the wild west on the web. In other words, bad guys are everywhere — be cautious.
While some of these hackers are merely amateurs looking to wreak havoc or profit monetarily, there is something far more devious. State-sponsored hackers and terrorists could be targeting you with more sophisticated techniques. This could be for political reasons, such as espionage, or even stealing corporate secrets. Starting today, if Microsoft suspects sate-sponsored attacks on your Microsoft Account, it will let you know. This includes both Outlook.com email and OneDrive cloud storage. For the full article click here
from hacker samurai http://ift.tt/1IFEw59
via IFTTT
‘Absolutely easy’: Global train systems are vulnerable to hacking, warn security researchers
Over the weekend, Russian security researchers told attendees of a hacker convention in Germany that there are gaping holes in the security of global railroad systems, making them vulnerable to hackers.
“It’s absolutely easy” for hackers to exploit certain vulnerabilities in railroad infrastructure, researchers Sergey Gordeychik and Aleksandr Timorin of SCADA StrangeLove said on Sunday at a security conference called the Chaos Communication Congress in Hamburg, Germany, according to Vice Motherboard. For the full article click here
from hacker samurai http://ift.tt/1P1IDVK
via IFTTT
Wednesday 30 December 2015
“Vote Donald Trump” on California Freeway Sign Blamed on Hackers
It would be real great if the Hacker turned out to be Donald Trump in his lair high above 5th Ave. ‘Hack the Planet!”
For the full article click here
from hacker samurai http://ift.tt/1ksedUe
via IFTTT
ISIL Hackers Take Aim at US Power Grids, Aviation Electronics
Politico reports the Islamic State is seeking the ability to launch cyber attacks against U.S. government and civilian targets in a potentially dangerous expansion of the terror group’s Internet campaign.
Crippling attacks remain beyond the reach of the Islamic State of Iraq and the Levant–also known as ISIL–for now. However, U.S. officials say ISIL’s hackers have tried to penetrate computers that regulate the nation’s electricity grid. On shadowy Internet forums, ISIL sympathizers post photos and videos of airplane cockpits and discuss wanting to crash passenger jets by hacking into onboard electronics.
According to the New York-based threat intelligence firm Flashpoint, fellow extremists debate triggering a lethal radiation release by sending rogue commands to nuclear power plants. For the full article click here
from hacker samurai http://ift.tt/1mhYSHO
via IFTTT
ISIS hackers are coming after your Twitter passwords.
The Islamic State is, in some ways, looking more and more like an honest-to-goodness state these days. Earlier this month, The Guardian reported that the extremist group has hundreds if not thousands of bureaucrats working to establish rules and regulations, with official departments overseeing things like public health and natural resources. Yesterday, Reuters added that ISIS has a department to handle “war spoils.” And now, Politico reports that ISIS has been launching cyber attacks against the United States, in an effort to take down the country’s electrical grid.
Thankfully, the group’s cyber capabilities appear to be limited. So far, they’ve mainly been going after low-hanging fruit,Politico reports, like seizing control of the U.S. Central Command’s Twitter feed and other social media accounts. For the full article click here
from hacker samurai http://ift.tt/1kseerh
via IFTTT
Open Source Software’s Role in Breach Prevention and Detection
Security professionals are increasingly acknowledging an uncomfortable truth: No network is secure from a sufficiently skilled and determined attacker. So while every effort should be made to prevent intruders getting on to the corporate network, it’s important that you can quickly spot an intrusion and minimize the damage that can result.
Anton Chuvakin, a security expert at Gartner, points out that if hackers are made to work hard to find what they are after, intrusion prevention and detection systems have a far greater chance of spotting them before they can do too much damage.
“What companies need to be doing is switching away from trying to prevent hackers from getting in to their networks,” Dr Chuvakin said. “Thinking about how they can slow hackers down so they can catch them is much more sensible. If hackers steal your encrypted data but then have to spend three days searching for your encryption keys, then you have a much better chance of detecting them.” For the full article click here
from hacker samurai http://ift.tt/1Ug7ppe
via IFTTT
Tuesday 29 December 2015
CORONA: Hackers change construction alert to pro-Trump message
Motorists driving the 15 in Corona on Christmas Day were given a political directive from a roadside construction alert.
“Vote Donald Trump,” the sign instructed, according to a video posted on Facebook by a passer-by.
The video shows the sign informing drivers that the “Inland Empire supports Donald Trump” and wished them a “Merry Xmas.”
Turns out, the sign was hacked.
The sign, which faces northbound drivers between El Cerrito Road and Ontario Avenue, was supposed to show a road closure alert, said Riverside County Transportation Commission Deputy Executive Director John Standiford.
The message quickly made it to social media and the transportation commission began to receive calls about it, Standiford said.
The Trump-friendly message remained for about 12 hours before it was changed back Saturday, he said. For the full article click here
from hacker samurai http://ift.tt/1YL5eR2
via IFTTT
What hackers? Ashley Madison membership jumps 4 million since data theft
Some 39 million users of Ashley Madison, the notorious dating website for cheaters, had their personal information exposed in a data breach in August. However, despite the massive scandal, the site’s subscription has somehow jumped to 43.3 million.
Some believed that the controversial cheating service would be ruined when Ashley Madison’s user database was leaked in August. However, as early as August 31, they were reporting an increase in membership.
So how did they gain 4 million users in under six months? A spokesman for Avid Life Media, Ashley Madison’s parent company, has declined to comment, leaving the masses to speculate. For the full article click here
from hacker samurai http://ift.tt/1ZyW5rL
via IFTTT
Journalist says PayPal’s ‘lazy’ security practices let hackers link him to terror group
PayPal has been accused of failing to adopt adequate security measures by a journalist who says his account was taken over twice in 20 minutes recently by hackers who attempted to siphon funds to a slain recruiter for the Islamic State terror group.
Virginia-based security journalist Brian Krebs claimed in a blog post on Monday that one of the world’s largest online payment companies is unnecessarily exposing its users to security and privacy threats, the likes of which he experienced first-hand last week when his account was repeatedly compromised by hackers on Christmas Eve. For the full article click here
from hacker samurai http://ift.tt/1YL5bVw
via IFTTT
Adobe updates Flash amid ‘malvertising’ concerns; flaw allowed hackers to attack computers via online ads
“These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system,” the company said in a statement.
“Adobe recommends users update their product installations to the latest version.”
But some websites and services have been abandoning Adobe for security reasons.
Facebook this month said it was switching software for its embedded videos while adding that “we are continuing to work together with Adobe to deliver a reliable and secure Flash experience for games on our platform.”
Apple notably dropped the use of Flash in its iPhones several years ago, and earlier this year Amazon said it had stopped accepting advertising in Flash format.
Google also blocked Flash ads from its Web browsers this year by converting the content to a different format known as HTML5. For the full article click here
from hacker samurai http://ift.tt/1YL5bVq
via IFTTT
Monday 28 December 2015
CONGRESS OF THE CCC: HACKERS AMONG THEMSELVES
12,000 of Internet activists and computer experts to meet in Hamburg of the chaos computer club’s annual Conference. The scene wants to share knowledge and discuss – she has a tough year behind him politically.
It was a lousy year for the hackers and network activists, is now celebrated. To the annual Conference of the chaos computer Club (CCC) Center Hamburg besides the auditoriums is built up in the Congress a huge party zone with disco balls and many bars, as the one or the other IT specialist may need a strong drink after this year.
Politicians decided 2015 things is continuously fought against that in the scene for years. Things where all good arguments of the experts apparently unheard by those in power. Data retention was reintroduced in Germany, net neutrality has been limited to European level, and rather than finally drain the swamp of intelligence in the third year after Snowdens first revelations, which seems to be deeper. For the full article click here
from hacker samurai http://ift.tt/1TmsjTl
via IFTTT
TECHWhen Wi-Fi Passwords Get Confusing Tempers Flare
Wi-Fi passwords are important. They should be strong and complex enough to thwart any prying hackers or war drivers from trying to access your network. While no password is really unhackable maintaining a strong one will keep hackers moving on to easier targets. It’s amusing to think of but the truth is many people still use simple easily hacked network passwords like (password).
These simple passwords are easy enough to remember but they’re a large reason why people are losing their private data to hackers. While you want to make your password complex and strong you also want to make it easy enough for users of your network to remember. But sometimes you can make things too simple and end up confusing those very users and when that happens, tempers flare as our friends from RocketJump demonstrate. For the full article click here
from hacker samurai http://ift.tt/1ZwLhKE
via IFTTT
Top 10 High-Profile Global Hack Attacks of 2015
In 2014, the high-profile hacks of Sony, the U.S. Postal Service, JP Morgan Chase and iCloud (for celebrity nude photos) dominated the IT security news. Sadly, 2015 wasn’t any better for cyber-security. The volume of hacking attacks that took place this year is becoming more worrisome, and the damage caused by the hack attacks continues to be shocking. Most of the hackers remain at large, which means there is a good chance that they will strike again—or show others how to strike. And what about the thousands of hacks about which the public doesn’t hear? Here’s a scary metric: The average time it takes for an unprotected PC to get hacked after connecting to the Internet is 60 to 90 seconds. Enterprises must think laterally about security in 2016. As hackers exploit weak or stolen passwords in more than 90 percent of security breaches and simply log in as normal users to avoid detection, having multifactor authentication in place is a good way to take security to the next level. In this eWEEK slide show, using industry information from security specialist SMS Passcode, we present the company’s annual Top 10 Global Hack Attacks list, which recalls some of the most high-profile hacks of this past year. For the full article click here
from hacker samurai http://ift.tt/1PsuDsY
via IFTTT
Chaos Computer Club: Europe’s biggest hackers’ congress underway in Hamburg
Some 12,000 hackers are challenging the power of Google, Facebook and Youtube to filter information and shape users’ view of the world. One of them demonstrated how to hack into VW’s cheating software.
The four-day event, which kicked off on Sunday, has the slogan “Gated Communities” – symbolizing limitations on transparency and free speech in the digital word. The organizers want to point out that users view the world as filtered by Google, Youtube, Facebook – and therefore see only part of the world.
“Google News decides what is newsworthy, YouTube decides what you may watch, Apple decides which apps are available in the AppStore” speaker at the congress Dirk Engling said, according to the German Spiegel magazine. For the full article click here
from hacker samurai http://ift.tt/1ZwLiyr
via IFTTT
Saturday 26 December 2015
Anonymous Hacks Costa Rican Website Associated With Jurassic Park Island
On Christmas Eve, Egyptian hackers associated with the Anonymous Rabaa Team have defaced the website of the Ministry of the Environment in Costa Rica, and more specifically, two pages with details about the System of Conservation Areas and the Isla del Coco (Cocos Island), the inspiration for Isla Nublar from the Jurassic Park movies.
The hack is a simple website defacement, with no database breach, and shows a simple video about the Rabaa Square Massacre in Cairo, Egypt from August 2013.
Underneath the video, a written statement was also provided, along with the names of the hackers and hacking crews involved in the defacement: Dr.AFN[D]ENA, Freedom Cry, Mr.Moshkela, Dr.Mezo0, Almagek Kabo, X-Pr0 Altrsana, Alarg53, Dr.No0oS, Blood Injcetor_ps, and HectorMan.
A link to the Anonymous Rabaa Square Facebook page is displayed as well, where the group involved in this operation posted various materials about the Rabaa Square incident For the full article click here
from hacker samurai http://ift.tt/1mFvriR
via IFTTT
Popular holiday gifts susceptible to hackers
It is no surprise to anyone that gadgets like smart watches, drones, and fitness trackers are a part of the hottest gifts for the holidays.
Those same gifts also made Intel Security’s list of “Most Hackable Gifts” because of their accessibility to Wi-Fi and Bluetooth.
Online Safety Expert Stacey Conner said, “often times cyber criminals can impersonate a Bluetooth device or connection to gain access to all the information you might have.” For the full article click here
from hacker samurai http://ift.tt/1OlHCXZ
via IFTTT
‘Anonymous’ hackers hit Turkey banks
(MENAFN – Arab News) ANKARA: Turkish banks reported sporadic disruption to credit card transactions on Friday as hackers stepped up a two-week barrage of cyber attacks believed to be the worst the country has seen.
Local media have suggested that the bombardment of public and financial websites could be coming from Russia after a sharp worsening of tensions between Moscow and Ankara or staged by hacking group Anonymous. But no clear evidence has emerged and authorities have avoided pointing the finger.
Officials at several Turkish ban including Isbank Garanti and state lender Ziraat Bank confirmed the attacks saying they had caused intermittent disruption. Bank shares were unmoved by the news. For the full article click here
from hacker samurai http://ift.tt/1OlHF6d
via IFTTT
China, the Toothless Dragon, Is Gaining Hacker Traction in Cyberspace
By, Jason Straus
Painstakingly, feverishly and continuously we fight the Chinese cyber-threat. The full gravity of the Chinese migrating and oozing over our virtual boarder is here. The conspiratorial lunacy has proven to be correct as the sheer volume of Chinese breaches in the US grows exponentially, daily. Few have the capacity to truly comprehend the devastation the Chinese have had on the US and European economic landscapes. Most people cannot fully appreciate the rampant moral decay, ID theft, corporate and governmental espionage China has propagated against the average American citizen.
Nation State warfare aside, American’s and western Europeans have yet to fully embrace the truth that China’s government has waged full-fledged war on the unsuspecting citizens that populate the American and European nations. Look at the facts. China is a gigantic monstrosity with zero non-toxic natural resources. Their air is thickened with aero-vomit; cancer is an epidemic due to the carcinogens bursting at the seams of the very molecular structure of their water. The Chinese have absolutely devastated any and every usable natural resource they have. They now head south to Africa and construct artificial islands in the China Sea, they are taking over eastern Europe and leaving a trail of devastation and political corruption behind them.
China has kept their country from falling apart through fear, imprisonment and intimidation (Yes, the same way the US and European governments have kept modern revolutions from erupting, but the Chinese conundrum is a bit different.) As corrupt as the governmental aspects of the US and EU are and have been, they still had a strategy for general order. China, has zero plan for civil order and will, through the sheer number of their population throw people at any problem they face. We are seeing this reality take shape as the age of cyberwar develops.
The Chinese are the least sophisticated, yet most destructive element in cyberwar. The United States currently owns this space with their highly evolved NSA hacking teams and bleeding edge technology and know-how. A close second are the stealthy Russians who approach this new cold war like chess, manipulate and dominate and by all means, do it methodically. China is a player only because of their desperate need to catch up and the number of troops they can throw at this challenge.
Adversaries will rarely discover American state sponsored hackers in their system unless a contractor or other third party knows exactly what to look for and where to look. Russian hackers are equally complicated in their stealth. Chinese hackers are kind of like the retarded cousin who lives in his grandmother’s basement; he’s always around, getting in the way, you try to ignore them but they just keep showing up every time your grandmother comes with her cookies. Chinese hackers severely lack sophistication. You can find them in your network almost instantly if you have user behavioral analytics and multi factor authentication. The problem is, most targets are even less sophisticated and don’t detect the Chinese threat exfiltrating data from their network until someone on the outside discovers it during a penetration test.
The Chinese wreak havoc wherever they go in cyberspace. Their non-state sponsored hacker teams are the originators in many of the fake anti-virus and ransomware scams (surpassed only by India, the scam central of cyberspace). And just as in state sponsored havoc, the Chinese cause millions upon millions of dollars in losses with their scams and ID theft affecting thousands of American and EU companies.
The laughable lack of sophistication can be seen by their lack of capability to cover their tracks. Basic, I mean ‘The’ most ‘Basic’ forensics will easily display the perpetrator’s time zone, type of keyboard, cut and paste code and more. The Chinese know they are stupid. They are waiting to get caught and when they are finally caught, they simply cut and paste from a different script, downloaded for free on some script kiddy forum that only wannabe’s and ten year olds visit on the deep web.
Right now the Chinese are doing what they’ve always done, supplement for ingenuity by stealing. They absolutely have zero capacity to create. Their education system is purely analytical and memorization. As a China-man to think his way out of a shredded paper bag and you’ll bring him to tears. Right now it’s all about espionage and black market capitalization. Fortunately, even the blackest hat hacker cringes when attempting a transaction with a Chinese cybercriminal because they cannot be trusted. Some of the most trust worthy people I’ve ever met have been on deep web forums because they don’t want to screw up their hacker credibility so the criminal code is strict. Screw even one person over intentionally and you’ll never run from it even if you change your handle. The Chinese don’t yet understand this and they try to steal even from other hackers.
What will happen when the Chinese gain sophistication? Currently North Korean hackers are trained in China and Russia and other places in the eastern bloc. The best Chinese hackers used to go to Russia but now found an easier place to train and learn the most sophisticated coding from the most brilliant minds in the world, America. In less than 5 years you’ll start seeing breaches with pure recklessness and immaturity that is notorious for Chinese hackers, yet with the sophistication of the Americans and the brilliant stealth of the Russians. This is when we will have a problem.
Call me racist, call me an imperialist, but you’ll never be able to say that anything that I’ve written above is wrong. When the Chinese have even a fraction of the techno-capability of Russia or the US, you will see a cyber Armageddon unlike anything you can currently fathom. Instead of malware that exfiltrate data from damns by the adversary, we’ll have damn modules manipulated to cause catastrophic flooding. Instead of a Stuxnet initiation with a Project Cleaver retaliation, we’ll have the modules manipulated on our energy grid for blackouts and nuclear fallout.
Right now, if you’re a hacker reading this you’ll come from one of three different camps: the old guard, cyberpunk and pure wannabe. The old guard will read this, bite their lip and sigh because they know its coming. Get ready people. It’s going to happen when no one is expecting it. Like flipping a switch, China will see the light and will become impregnated hacker capabilities and with their track record, they will stop at nothing until they’ve destroyed everything.
from hacker samurai http://ift.tt/1PoAtcM
via IFTTT
Friday 25 December 2015
The Chinese Virus Plagues the Shores of America
By Tom Blane
China is a virus and it is parasitically entwining its toxicity into western nations. Don’t be naïve, those of us on the front lines protecting our Nation’s cyber infrastructure know that China is number one in corporate espionage, ID theft, credit card theft, PII theft, health record theft and zero day/malware invasion. These eastern parasites have contaminated and destroyed the soil and air of their crusty nation and now their eyes focus on us for their corrosive talons to sink into. They used to just want your job, now they want your way of life and your identity.
The Chinese virus lacks oil so they economically entwine their nation into the threads of developing eastern European countries like a shylock. They have militias throughout Africa to extend their toxic users to compromise natural resources such as oil, diamonds, gold and water. They have destroyed their country’s soil to the point of impossible use therefore they are raping nutrients from the soil of their host, just like a parasite, and sending what they grow back to their mother land for distribution. They leave nothing for the locals whose agricultural community they rape and pillage. They started this in Africa and, well who cares about Africa, but they are now moving west.
China can buy from us all day long as the trade deficit will always yield in their favor. The deficit isn’t something that I’m interested in debating at this time rather the toxicity of their cyber intrusion is what I want to focus on. Notorious for breeding like flies their reproduction was temporarily under control for a short time, now they are back to breeding like live stock which means they need economic capacity to survive with an altered population. They haven’t the capacity to create, therefore they are addicted to theft. They will steal anything and everything digital that can be sold, compromised and re-engineered for economic gain. They invade virtually the same way they fought Korea, by sheer volume. They fought Korea by giving millions of human parasites a hand full of bullets and a gun, most died but those who could knock off an enemy troop or two before they died made the volume of troops work in their favor. They hack innocent corporations in the same manner.
Let’s face it, for the most part the Chinese are pretty stupid. Don’t mistake the few Chinese who do well in our schools and then go to college for success. The key is to look at them 10 years from now. What are they doing in ten years? Working at Hop Sang’s take out, Little Beijing Dry Cleaners etc. The few that are pseudo productive will be working as a general rate employee, basic salary and no frills, these are the insects you need to be careful of.
The China-man’s loyalty is not and never will be to the United States, England, Ukraine or anywhere their virus spreads, it’s always to the motherland. This heaving, pulsating mound of maggots sends economic assassins like missionaries who, one day, will simply plug a USB drive into the port of a computer at work and export that day and ongoing everything and anything your company innovates. They will read your emails for social engineering ammunition, they will update Trojans and RATS to seek out and exfiltrate and compromise sensitive data and this is just scratching the surface. They laugh as they are doing it and claim racism when they are caught. Those of you who think I’m being harsh are already or soon to be victims and you’ll get yours. If you hire them you are a fool, if the Chinese toxicity has already infiltrated your company, good luck, all you can do is monitor them so you catch them when they turn on you.
To keep from being a victim by the ultimate victimizer from the sickly east, you will need to do a few things. First, simply don’t hire them. If you’ve made the mistake in hiring them, all you can do is watch them and let them know that you are watching them. Perform forensics on their systems and the systems that their toxic hands touch regularly. Don’t tell others what you’re doing or why, they will try to play the race card (even though being Chinese is an Asian ethnicity and not a race and they are far more of a majority than we ever will be). Know full well that they will never assimilate into the American way of life but they will steel what they can before shipping themselves and their familial maggot mounds to another man’s shores to start the invasion and theft all over again.
Make no mistake, the Chinese are America’s most devious and severe nation state enemy, they’d cut off the head of your first born if they thought his neck possessed a business plan in which they could steel. They are disloyal and cannot be trusted, anything they touch initiates its demise and know this, all it takes is one click and your pwned. Malware is the gift that keeps giving after a China-man leaves our organization. They will steel, compromise and sell your data so fast your head will spin, take it from me, my company was just compromised by two Chinese interns we got from a local university. They had great grades and their professors vouched for them 100%. But after only 2 months they compromised our networks and those of our clients, sold client information for ID and financial theft on deep net forums and locked us out of our networks for 2 days. Total damage? $3.2 million! Like I said, steer clear of the Chinese cockroach!
from hacker samurai http://ift.tt/1RK5tHF
via IFTTT
Hyatt Hotels computers infected with malicious sofware code
SAN FRANCISCO: Hyatt Hotels revealed that it recently discovered malicious computer code on computers used for processing payments at locations it manages.
In a short statement, Hyatt did not disclose what, if anything, the cybertattack accomplished but said that the company immediately “launched an investigation and engaged leading third-party cyber security experts.”
Hyatt also said it strengthened the security of its systems and that “customers can feel confident using payment cards at Hyatt hotels worldwide.”
The hotel group advised customers, as a precaution, to watch payment card account statements for unauthorized charges.
Cyber threats blogger Brian Krebs at KrebsonSecurity.com said in an online post that “Hyatt joins a crowded list of other hotel chains similarly breached in the past year.” For the full article click here
from hacker samurai http://ift.tt/1miqZpP
via IFTTT
100M hacked health care records make 2015 the sector’s worst year yet for cybersecurity
Hackers managed to compromise more than 100 million health care records in 2015, making this year the worst on record for the industry with respect to cybersecurity, new government data suggests.
In addition to the major Anthem breach in March that affected nearly 80 million customers of the health care insurer, new numbers put out by the U.S. Department of Health and Human Services indicate that incidents suffered by Premera Blue Cross, Excellus Health Plan and others this calendar year put the total number of individuals impacted by industry-related cyber breaches at over 100 million. For the full article click here
from hacker samurai http://ift.tt/1miqZpN
via IFTTT
Many holiday gifts this year could be susceptible to hackers
(NBC News) – As no surprise to anyone that gadgets like smart watches, drones, and fitness trackers are a part of the hottest gifts for the holidays.
Those same gifts also made Intel Security’s list of “Most Hackable Gifts” because of their accessibility to Wi-Fi and Bluetooth.
Online Safety Expert Stacey Conner said, “Oftentimes cyber criminals can impersonate a Bluetooth device or connection to gain access to all the information you might have.” For the full article click here .
from hacker samurai http://ift.tt/1RK5tHz
via IFTTT
Thursday 24 December 2015
#WikiLeaks attacked by Our_Mine: Our_Mine attacked by AnonyInfo of #Anonymous
OurMine, it turns out (and they freely admit) have been doxed before, multiple times. Their enemiesTeamBudyBear make something of a theme of it on their Twitter account, complete with screenshots. In addition to DDoS attacks, several months ago OurMine had claimed to have defaced Anonyinfo.com, which naturally did not go over well.
We spoke with @AnonyInfo to get some background on the attacks, both on WikiLeaks and the retaliatory dox by AnonyInfo. The “deface” it turned out was nothing more than an opportunistic seizure of an expired domain AnonyInfo was no longer using. AnonyInfo had no prior knowledge of OurMine. “No, only when they claimed to hack/deface our website. It was July, 8th. We immediately responded and exposed their lies. Most likely it was for publicity, yet if they continue to do these type[s] of attacking they’ll have us to worry about.”
AnonyInfo first of all denied OurMine had the skills or the botnet to do this themselves. “They’re probably using someone, using a booter. There’s no way they’re using a botnet.” In other words, they don’t run an army of enslaved zombie computers, they’re just renting time on someone else’s to get this done. And given WikiLeaks’ history with DDoS attacks and protection (including being the victim of the largest DDoS in history, back in the day), it has to have been pretty powerful. “These skids have 0 skills. Most tangodownthat are happening are a result of booters. Turkey/SA just got tango down’d by a booter. It was @AR_Talents.” Talents has publicly claimed to have taken Syria offline as well and is leading the charge of #OpDDoSISIS. For the full article click here
from hacker samurai http://ift.tt/1NDQVVW
via IFTTT
Secret shaggers, rejoice! Now you can blame that Hyatt credit card bill on hackers
Encrypted communications represents one of the great national security challenges of our time. Asked about allegations that the terrorists who hit Paris used encrypted communication tools to plan their carnage, Clinton argued that the government needs an easier way of monitoring militants’ communications.
“A Manhattan-like project,” Clinton said in a debate last weekend, “would bring the government and the tech communities together to see they’re not adversaries. They’ve got to be partners.”
Other presidential candidates have been far more blunt in their demands that the private sector make it easier for the government to monitor encrypted communications. “We should be able to penetrate the Internet,” Republican front-runner Donald Trump declared during a national security-focused CNN debate this month. For the full article click here
from hacker samurai http://ift.tt/1NDQVFI
via IFTTT
Secret shaggers, rejoice! Now you can blame that Hyatt credit card bill on hackers
Hyatt Hotels Corporation says it “recently identified malware on computers that operate the payment processing systems for Hyatt-managed locations.”
The hotelier says “As soon as we discovered the activity, we launched an investigation and engaged leading third-party cyber security experts.”
The chain’s asking customers to keep an eye on their credit card bills, on the off-chance that the folks responsible for the malware injection have gone on a room-booking spree.
And that’s about all the chain is saying, but it has erected a site called ”Protecting our customers” on which it pledges to keep customers updated on the situation. For the full article click here
from hacker samurai http://ift.tt/1PlZp4S
via IFTTT
Hands up, Santa: hackers hijack parcel confirmation emails
What with Christmas coming, scammers are upping their seasonal game and hijacking parcel confirmations for online shoppers.
PhishMe calls itself the “leading provider of threat management for organisations concerned about human susceptibility” and warned consumers earlier this week to be on guard for suspicious looking delivery notifications arriving into email inboxes. That might be harder to spot, especially at this time of year, when people flock online to get their Christmas shopping done in a timely manner and guards are down when looking out for potential scams. For the full article click here
from hacker samurai http://ift.tt/1PlZndh
via IFTTT
Wednesday 23 December 2015
How to have yourself a merry cyber-safe Christmas
In 2000, Scott Culp wrote a terrific essay on computer security.
It was entitled the 10 Immutable Laws Of Security.
Fifteen years is a long time in cybersecurity, so it seemed like a good time to revisit these “laws” and put them in the a context you might encounter this Christmas – a time when there’s often a spike in attacks.
Observing them could prevent a festive season you’d rather forget. For the full article click here
from hacker samurai http://ift.tt/1SaPZvr
via IFTTT
UK Blames Saudi Arabia After Hackers Trace ISIS Accounts To UK Gov’t
MINNEAPOLIS — A group of anonymous teen hackers traced a group of terrorists’ social media accounts to the British government, but further investigation revealed the accounts are actually tied to Saudi Arabia.
Calling themselves VandaSec, the group communicates primarily through social media and targets child predators online in addition to Daesh (the Arabic acronym for the group also known as the Islamic State, ISIS or ISIL). On Dec. 14, they told The Daily Mirror that they’d traced at least three Daesh Twitter accounts which they hacked back to IP addresses belonging to the Department of Work and Pensions, the division of the British government which administers unemployment and disability assistance. For the full article click here
from hacker samurai http://ift.tt/1V6EFjy
via IFTTT
Gamers Vs. Hackers — For The Holidays
Planning on doing any gaming this Christmas?
You won’t be able to if a certain hacker collective gets its way (as one did last year).
Microsoft and Sony are gearing up to defend their Xbox Live and PlayStation Network (PSN) servers, respectively, in light of threats from a group calling itself Phantom Squad to shut them down for the holiday.
On Dec. 9, Phantom Squad posted the following tweet (since deleted):
“We are going to shut down Xbox live and PSN this year on christmas. And we are going to keep them down for one week straight #DramaAlert”
Before the Twitter account attributed to Phantom Squad was suspended, the group posted a series of follow-ups to its threat, including attesting that the purpose of bringing down the networks would be to draw attention to the weakness of both Microsoft’s and Sony’s online security. A Dec. 13 tweet from Phantom Squad stated outright that “cyber security” at the two companies “does not exist.” For the full article click here
from hacker samurai http://ift.tt/1On7kSc
via IFTTT
Yahoo now warns users if they’re targets of state-sponsored hackers
Bob Lord, the company’s newly appointed chief information security officer, said in a blog post that it will notify users if it suspects suspect that their account may have been targeted by a state-sponsored actor.
“We’ll provide these specific notifications so that our users can take appropriate measures to protect their accounts and devices in light of these sophisticated attacks,” said Lord.
Yahoo’s security team, dubbed the “Paranoids,” will provide notifications to targeted users with “specific actions” so that they can ensure their Yahoo accounts are safe and secure.
Of the numerous safety steps on offer to to the user, in part thanks to Lord’s predecessor, Alex Stamos, who left earlier this year to work for Facebook, includes two-factor authentication and verifying account recovery information is valid and up-to-date For the full article click here
from hacker samurai http://ift.tt/1MvHnbR
via IFTTT
Tuesday 22 December 2015
Assange: US Trying to Oust Assad Since 2006
WikiLeaks founder Julian Assange reiterated that the United States had been planning to oust Syrian President Bashar Assad since at least 2006.MOSCOW (Sputnik) — According to Assange, WikiLeaks had published information alleging that the United States was planning to oust Assad since 2006. This strategy was implemented partially by provoking the Assad government, the whistleblower said in a documentary that was broadcast Sunday, on Rossiya 1 television channel.
Assange stated that Washington was trying to make the Syrian government paranoid and get it to “overreact,” as well as to create tensions between Sunni and Shia Muslims.
Assange claimed that members of the US, UK and French air forces met with representatives of Stratfor, a global intelligence company, prior to December 2011. The officials said that there had already been special agents acting in Syria, but they needed more public outrage and bloodshed for a significant pretext to attack the country’s air defense systems. For the full article click here
from hacker samurai http://ift.tt/1V14zVS
via IFTTT
Top Story: Foreign hackers had ‘a master key’ to government systems for 3 years
When set up properly, modern computer networks are actually very hard to hack. That’s why hackers have learned to avoid the direct approach, such as guessing passwords, and come at the problem from another direction.
One way they like to attack is by using phishing scams to trick critical information out of employees who use the network, or to get them to download viruses. With a well-crafted phishing attack, a hacker can get full access to anything they want. However, there’s another way around network defenses, and that’s creating a backdoor in the network hardware itself. For the full article click here
from hacker samurai http://ift.tt/1keifzJ
via IFTTT
Security Researcher Uncovers Iranian Hackers Working to Cut Off U.S. Electricity
A new Associated Press investigation published today offers an eye-opening reminder of just how susceptible America’s power grid is to a little something called malicious infiltration.
In the report, we meet Brian Wallace, a researcher at Cylance cybersecurity, and learn how he uncovered — somewhat by chance — an in-progress Iranian hacking operation. The information these hackers have access to enables them to literallyfight the power — they could cut off the electricity on which millions of homes run.
Yet, here in the United States., we have not seen such an attack. We have seen harbingers of such a threat for years, including that book written by Ted Koppel— but the electricity keeps flowing. It may be that these hackers are biding their time, amassing more material so as to create a more devastating attack, or it may be that they have the information but not the particular and considerable expertise that a full-scale attack would require. For the full article click here
from hacker samurai http://ift.tt/1keifzw
via IFTTT
Oracle Settles FTC Charges That Java Software Left PCs Open to Hackers
Oracle Corp. has settled allegations by the Federal Trade Commission that it failed to notify customers about unaddressed hacking dangers when it released security updates for the estimated 850 million U.S. computers with Java SE software.
The FTC alleged that Oracle promised consumers that its updates would make the software “safe and secure.” In fact, the agency said, the updates removed some of the problematic software but left behind older versions of Java which were vulnerable to being hacked.
Many consumers aren’t aware they use Java, which comes pre-installed on many PCs and helps with the operation of many web-based functions, including online calculators, games, chatrooms and even viewing 3D images. For the full article click here
from hacker samurai http://ift.tt/1keifzu
via IFTTT
Monday 21 December 2015
Head of major liberal PR firm that worked with likes of Wikileaks and Chelsea Manning shuts down business after ‘avalanche’ of sexual harassment claims from female workers
The head of a major PR firm has shut down his business after ‘an avalanche’ of sexual harassment claims from female workers.
Married father-of-three Trevor FitzGibbon, president of FitzGibbon Media, allegedly asked an interviewee if she was open ‘to having any fun’ and asked her to send him risque photographs of herself.
She refused and after speaking out, several other women at the company came forward claiming that they too had experienced sexual harassment but had stayed quiet in fear of losing their jobs.
They clubbed together and last night FitzGibbon shut down his company – plunging his entire staff into redundancy – saying that ‘an irreconcilable difference’ had emerged between him and his employees.
FitzGibbon Media is a liberal PR firm and has represented causes such as Wikileaks, Chelsea Manning, Amnesty International and The Guardian newspaper. For the full article click here
from hacker samurai http://ift.tt/1TZd4zP
via IFTTT
Cybersecurity touches clients, staff
As technology progresses at a rapid pace, financial services firms are faced with a host of cyberthreats, including email hacking, outdated digital signature models and third-party vendor breaches.
“This information age creates new opportunities for people who are very innovative in crime,” said Aaron Spradlin, chief information officer at United Planners Financial Services.
Cyberattacks have become more common recently, with big names like Sony, Target and even the federal government getting caught in the cross hairs of hackers. The fear among financial services companies is what may happen when cybercriminals target the financial advisory industry. After all, advisory firms are not only the holders of substantial private information, but they are indirectly holding on to assets as well. For the full article click here
from hacker samurai http://ift.tt/1TZd4zL
via IFTTT
Controversial entrepreneur Martin Shkreli has Twitter account hacked
A series of tweets from the controversial entrepreneur’s account appeared to be sent by someone other than Shkreli, who gained notoriety this year when he hiked the price of a drug used to treat AIDS by 5,000 per cent.
One of the tweets said: “Anyone want free money? Willing to donate hundreds of thousands to charities before I go to prison …”
Another read: “I am now a god”, while as others contained expletives. For the full article click here
from hacker samurai http://ift.tt/1TZd4zJ
via IFTTT
Hackers Threaten Steam And Minecraft Takedown On Christmas
It seems like hackers want to spoil the fun for everybody over Christmas, the holiday that many look forward to just because they have time off to play games for as long as they want, it all went horribly wrong last yearwhen Xbox Live and PSN were taken downby a group called Lizard Squad. Now there’s a group going by the name SkidNP threatening to take down Minecraft and Steam servers over Christmas, less than a week from today.
The threat follows one made by another group called Phantom Squad which claimed that it will hit PlayStation Network and Xbox Live with a distributed denial of service attack over Christmas, essentially overloading servers so they crash and nobody is able to play online. For the full article click here
from hacker samurai http://ift.tt/1S45Lbt
via IFTTT
Saturday 19 December 2015
Newly discovered hack has U.S. fearing foreign infiltration
Washington (CNN)A major breach at computer network company Juniper Networks has U.S. officials worried that hackers working for a foreign government were able to spy on the encrypted communications of the U.S. government and private companies for the past three years.
The FBI is investigating the breach, which involved hackers installing a back door on computer equipment, U.S. officials told CNN. Juniper disclosed the issueThursday along with an emergency security patch that it urged customers to use to update their systems “with the highest priority.”
The concern, U.S. officials said, is that sophisticated hackers who compromised the equipment could use their access to get into any company or government agency that used it. For the full article click here
from hacker samurai http://ift.tt/1If6FQl
via IFTTT
Why network resiliency is so hard to get right
The new chairman of the Joint Chiefs of Staff thinks the July hack of his organization’s unclassified email network showed a deficiency in the Pentagon’s cybersecurity investment and a worrying lack of “resiliency” in cybersecurity in general.
It was an embarrassing event for sure. The hackers, suspected to be Russian, got into the network through a phishing campaign and, once in, reportedly took advantage of encrypted outgoing traffic that was not being decrypted and examined. Gen. Joseph Dunford, who took command Oct. 1, said the hack highlighted that cyber investments to date “have not gotten us to where we need to be.”
As a goal, resiliency is a fuzzy concept. If it means keeping hackers out completely, then Dunford is right – the Defense Department has a problem. If it means being able to do something once hackers get in to limit or negate the effects of the hack, then he’s off the mark.
Best practice in the security industry is now to expect that even the best cyber defenses will be breached at some point. The effectiveness – or resiliency — of an organization’s security will ultimately be judged on how it deals with that breach and how efficiently it can mitigate its effects. For the full article click here
from hacker samurai http://ift.tt/1TVDxhJ
via IFTTT
Hackers amenazan a Xbox y PlayStation
La historia del año pasado se vuelve a repetir, y es que Xbox LIVE y PlayStation Network han sido amenazadas por un grupo de hackers, quienes prometen derribar estas plataformas durante Navidad, y mantenerlas asà durante una semana. Y este año podrÃa haber más lágrimas, ya que un nuevo colectivo de piratas informáticos ha a amenazado con lanzar otro ataque esta navidad. “Si LizardSquad ataca a PSN y Xbox esta Navidad, ¡estaremos furiosos!”, tuiteó la semana pasada Dotcom. Al dÃa de hoy cuenta en la red social ya se encuentra suspendida.
Asà pues, Phantom Squad utilizó Twitter para informar que tiene planeado atacar los servidores de juegos como Call of Duty: Black Ops III, Star Wars: The Old Republic, y Grand Theft Auto V. “No… asà que hasta que abran sus ojos, Xbox Live y PSN permanecerán vulnerables”, tuiteóPhantom Squad el miércoles. For the full article click here
from hacker samurai http://ift.tt/1If6DrL
via IFTTT
‘Rogue Code’ Found in Juniper Networks Software
Breach may have let hackers snooping on encrypted communications.
(Reuters) – The U.S. government is investigating unauthorized code inserted in software from Juniper Networks, which experts warned could be a “back door” used to spy on the networking equipment maker’s customers, an official told Reuters on Friday.
A senior U.S. official who declined to be named because of the sensitivity of the matter said the Department of Homeland Security is working with Juniper as it investigates the issue. For the full article click here
from hacker samurai http://ift.tt/1TVDuSV
via IFTTT
Friday 18 December 2015
Ecuador agrees to let Swedish investigators quiz Wikileaks’ Julian Assange
Ecuador agrees to let Swedish investigators quiz Julian Assange inside their London embassy over rape expenses
Sweden and Ecuador have reached a deal by which might see some long-awaited progress within the case of WikiLeaks founder Julian Assange.
Assange, 44, continues to be needed for questioning over a rape allegation made by a Swedish lady 5 years in the past, and has been holed up contained in the Ecuadorian embassy in London since being granted political asylum in 2012.
The brand new deal might see Assange interviewed by Swedish authorities contained in the embassy, probably ending his three-year residency.
Assange was initially arrested within the UK 5 years in the past, after being needed for questioning over two counts of sexual molestation and one rely of illegal coercion, alleged to have been dedicated towards two ladies throughout a go to to Sweden in August 2010. For the full article click here
from hacker samurai http://ift.tt/1OArFxI
via IFTTT
Schools, iPhones and the IoT: WatchGuard Predicts New Hunting Grounds for Hackers in 2016
SEATTLE, December 17, 2015 – WatchGuard® Technologies, a leader in multi-function firewalls, today revealed its full list of 10 new information security predictions for 2016. WatchGuard’s security research highlights new and emerging threat trends that include: advanced ransomware moving on to alternate platforms; an increase in targeted iOS attacks; and a new hunting ground for criminals to find data that leads to identity theft. “The security threat landscape is constantly changing, as cyber criminals deploy old and new methods to expand their reach, exploit users, and gain access to valuable data,” said Corey Nachreiner, chief technology officer at WatchGuard. “To play better defense, we recommend following security best practices; training employees about threats and targeted social engineering techniques; and deploying the latest network security technologies so organisations identify security issues in real-time to address the majority of attacks we anticipate in 2016.” 1. Ransomware Reaches New Platforms: Ransomware has grown up, with new strains of file encrypting malware being so good that many victims have paid ransoms. To date, ransomware primarily targets Windows. Next year we expect cyber criminals to make very effective ransomware for alternate platforms including Android mobile devices and Mac laptops. 2. Social Engineering Keeps People as Your Biggest Threat: Recent advanced network breaches have one thing in common, they all started with spear phishing the user. Cyber criminals target specific users with customised social engineering tactics to trick trusting users into giving up their access privileges. We recommend dedicating budget each year to provide employees with security awareness training that includes the latest social engineering techniques For the full article click here
from hacker samurai http://ift.tt/1NBbW1p
via IFTTT
Hackers Threaten Xbox Live, PSN DDoS on Christmas (Again)
Remember last year, when hackers known as Lizard Squad took Xbox Live and the PlayStation Network offline on Christmas Day, leaving your brand-new Xbox One or PlayStation 4 largely inoperable? It might happen again.
A new group calling itself Phantom Squad is threatening to do the exact same thing this year. In a now-deleted tweet, the group pledged to “shut down Xbox live and PSN this year on christmas [and] keep them down for one straight week.”
Phantom Squad claims to operate independently of Lizard Squad, arguing on Twitter that the rival hacking group “cant touch us.” Nevertheless, they both have the same target, Phantom Squad explained in a series of tweets: For the full article click here
from hacker samurai http://ift.tt/22cJQn5
via IFTTT
Facebook roundup: Outages, Apple, HQ, hackers, awards, Ceglia, Bing and more Observer Gazette
Facebook offers small information on outages — Facebook went down for many users over the course of several hours Thursday, but the company won’t share the extent of the outage or what caused it. Facebook said in a statement that some users had “issues loading the site,” but it would not confirm whether its social plug-ins or other platform features were functioning during this time. The company told TechCrunch that the outage was not the result of an attack, despite rumors that the hacker group Anonymous might have been involved. Apple CEO hints Facebook integration could be imminent — Apple CEO Tim Cook told the audience at AllThingsD’s D10 Conference to “stay tuned” regarding possible collaboration between Facebook and Apple. Many expect the company’s next iteration of iOS to integrate Facebook, similar to how it presently integrates Twitter. Observer Gazette For the full article click here
from hacker samurai http://ift.tt/1NBbT5L
via IFTTT
Thursday 17 December 2015
ISIS to unleash TENS OF MILLIONS of jihadi hackers on West in blitz worse than NUCLEAR WAR
John McAfee said the jihadis are hoping to take down the Internet and cause a global meltdown of services after developing a sophisticated mobile phone application which allows any of their warped followers to launch devastating cyber attacks.
The computer security expert, who invented the McAfee anti-virus software, claimed “fifteen to 25 percent” of the world’s 1.6 billion Muslims are extremists, meaning ISIS could have an army of 400 million fanatical followers ready to strike at any minute.
Computer boffins at the terrorists’ headquarters in Raqqa have developed a secret smartphone application designed to spread Islamist propaganda and help followers carry out terrorist attacks from the comfort of their own homes.
A team which may have included British hacker Junaid Hussain invented a feature which allows even the most computer illiterate of jihadis to launch sophisticated Distributed Denial of Service (DDoS) attacks against websites. For the full article click here
from hacker samurai http://ift.tt/1PaEL9E
via IFTTT
A single email can give hackers access to the entire network
Google researchers find code-execution bug in FireEye threat-prevention devices which can give hackers complete access to networks
Almost all companies install cyber security solutions to safeguard their networks against malicious vectors like hacking, spamming etc. Imagine what happens if there is a vulnerability in once such security device meant to protect your network.
Now, researchers say they have uncovered a critical vulnerability in such a product from security firm FireEye that can give attackers full network access. For the full article click here
from hacker samurai http://ift.tt/1ma1kzr
via IFTTT
Non-profits assail IRS rule
Non-profit groups are assailing a proposed rule from the Internal Revenue Service, warning the regulations could dry up donations and leave them vulnerable to hacking.
The IRS is proposing new requirements for non-profits to collect the social security numbers of their donors.
Currently, non-profits send donors a form verifying their contributions, which they use for tax purposes. However, the IRS is proposing changes that would require these non-profits to collect the social security numbers of their donors to provide directly to the agency.
But this could put a bull’s eye on non-profits, critics say. For the full article click here
from hacker samurai http://ift.tt/1ma1hDR
via IFTTT
Wednesday 16 December 2015
Cyberthreat analysis and intelligence: Innovators 2015
Securonix is heavy on the threat analysis piece. And not just a particular threat. This is a product that really enjoys drinking from the Big Data fire hose. Lest you think that we have succumbed to marketing hype and are tossing around buzz phrases, such as “Big Data,” let us assure you that we mean it in the strictest sense. Big Data usually is defined by the four Vs: high velocity, variability, volume and veracity. That means that this Innovator can ingest lots of data that is rapidly changing and is being delivered and ingested at wire speeds all while losing none of its integrity. So, the next question is what can the tool do with this data? The answer is just about anything you want.
The reason for this very directed approach is that Securonix started out as analytics specialists and built from that basis of expertise. They believed that there was a big hole in most security programs. These programs start by looking at everything on the enterprise in terms of identity. They realized that since they were attaching the right ID to everything on the enterprise, there might be a lot more that could be done to protect the network. So they added behavioral analytics, making them the only pure-play security analytics provider.
The system creates baselines, understands what “normal” is, and picks out anomalies. It does not rely on signatures or policy-based analysis because those things, by themselves, don’t work. The Securonix platform is very heavy on anomaly detection and assessing outlier behavior. Then it correlates discovered behavior with many threat intelligence feeds and brings in contextually rich information.
View the original content and more from this author here:
from hacker samurai http://ift.tt/1OwBBbi
via IFTTT
Mysterious WikiLeaks-style group is ‘targeting major European football clubs’
When you think about it, all football is really lacking is a good spy scandal.
Well it turns out it already has one.
The New York Times has revealed there is a Wikileaks-style group intent on hacking the living daylights out of the world’s top clubs.
The mysterious group, known only as Football Leaks, seeks to expose the dodgy financial dealings of the world’s top clubs. For the full article click here
from hacker samurai http://ift.tt/1OvK6mZ
via IFTTT
Mysterious WikiLeaks-style group is ‘targeting major European football clubs’
When you think about it, all football is really lacking is a good spy scandal.
Well it turns out it already has one.
The New York Times has revealed there is a Wikileaks-style group intent on hacking the living daylights out of the world’s top clubs.
The mysterious group, known only as Football Leaks, seeks to expose the dodgy financial dealings of the world’s top clubs. For the full article click here
from hacker samurai http://ift.tt/1OvK6mZ
via IFTTT
City of Seattle pays for friendly hacking to reveal credit card system security issues
A new report released by the Office of the City Auditor shows that test found 25 vulnerabilities. Some of them were deemed high-risk, indicating “significant security issues.”
“The test found there were definitely some areas we should focus on pretty quickly, and we did that,” City of Seattle Chief Technology Officer Michael Mattmiller said.
The simulated attack, called a penetration test, was done by Coalfire Labs for $72,093.
Mattmiller said once the city received the findings, it For the full article click here
from hacker samurai http://ift.tt/1O869pF
via IFTTT
Tuesday 15 December 2015
ICIT 2016 Predictions: Embedded Systems & Collaboration w/Fellow Jerry Davis
ICIT Fellow Jerry Davis (NASA Ames Research Center) shares his views on the top threats facing critical infrastructure sectors and how organizations can respond to these threats, with a focus on embedded systems and government / industry collaboration.
from hacker samurai http://ift.tt/1NuAtoS
via IFTTT
ICIT 2016 Predictions: NextGen Cybersecurity & IoT w/Fellow Stan Wisseman
ICIT Fellow Stan Wisseman (www.hpe.com) shares his views on the top threats facing critical infrastructure sectors and how organizations can respond to these threats, with a focus on NextGen cybersecurity.
from hacker samurai http://ift.tt/223VkZY
via IFTTT
ICIT 2016 Predictions: Behavioral Analytics Spotlight w/Fellow Stewart Draper
ICIT Fellow Stewart Draper (www.Securonix.com) shares his views on the top threats facing critical infrastructure sectors and how organizations can respond to these threats, with a focus on behavioral analytics.
from hacker samurai http://ift.tt/1UtlEru
via IFTTT
ICIT 2016 Predictions: Breach Detect & Response Spotlight w/Fellow Ashok Sankar (Raytheon Websense)
ICIT Fellow Ashok Sanakr (Raytheon Websense) shares his views on the top threats facing critical infrastructure sectors and how organizations can respond to these threats, with a focus on prevent, detect and respond technologies.
from hacker samurai http://ift.tt/223VkZW
via IFTTT
ICIT 2016 Predictions: Access Management Spotlight w/Fellow Greg Cranley (Centrify)
ICIT Fellow Greg Cranley (www.Centrify.com) shares his views on the top threats facing critical infrastructure sectors and how organizations can respond to these threats, with a focus on user credentials and access management.
from hacker samurai http://ift.tt/1UtlErj
via IFTTT
Hackers trace ISIS Twitter accounts back to internet addresses owned by Department of Work and Pensions
Hackers have claimed that a number of Islamic State supporters’ social media accounts are being run from internet addresses linked to the Department of Work and Pensions.
A group of four young computer experts who call themselves VandaSec have unearthed evidence indicating that at least three ISIS-supporting accounts can be traced back to the DWP’s London offices.
Every computer and mobile phone logs onto the internet using an IP address, which is a type of identification number.
The hacking collective showed Mirror Online details of the IP addresses used by a trio of separate digital jihadis to access Twitter accounts, which were then used to carry out online recruitment and propaganda campaigns.
At first glance, the IP addresses seem to be based in Saudi Arabia, but upon further inspection using specialist tools they appeared to link back to the DWP. For the full article click here
from hacker samurai http://ift.tt/1O21gs0
via IFTTT
Hackers Rack Up Credit Card Charges After Data Breach at Dry Cleaners
A chain of dry cleaners in Connecticut is warning customers about a potential data breach.
Swiss Cleaners, which has eight locations in Connecticut, alerted customers that hackers accessed cardholder names, card numbers, expiration dates and verification codes.
“We believe that an unauthorized person was able to install a program on a server in our payment card system that was designed to make a copy of payment card data as it was being routed through our system to our payment process,” the company said in an online statement.
The data breach affects all eight Swiss Cleaners locations in Connecticut. The company warned that any card used at any of their locations between December 2014 and October of 2015 “could have been captured.” For the full article click here
from hacker samurai http://ift.tt/1NQPQf5
via IFTTT
Hackers actively exploit critical vulnerability in sites running Joomla
Attackers are actively exploiting a critical remote command-execution vulnerability that has plagued the Joomla content management system for almost eight years, security researchers said.
A patch for the vulnerability, which affects versions 1.5 through 3.4.5, was released Monday morning. It was too late: the bug was already being exploited in the wild, researchers from security firm Sucuri warned in a blog post. The attacks started on Saturday from a handful of IP addresses and by Sunday included hundreds of exploit attempts to sites monitored by Sucuri.
“Today (Dec 14th), the wave of attacks is even bigger, with basically every site and honeypot we have being attacked,” the blog post reported. “That means that probably every other Joomla site out there is being targeted as well.” For the full article click here
from hacker samurai http://ift.tt/1Z9B9Ya
via IFTTT
Hackers threaten to briefly stop gamers
Hackers have threatened to ruin Christmas for gamers hoping to spend time playing ever-popular Xboxes and PlayStations for the second year running.
The anonymous threat comes from a group known as the Phantom Squad who have posted a tweet in recent days announcing plans to disrupt Xbox live and PSN networks for a week this Christmas. For the full article click here
from hacker samurai http://ift.tt/1RP0OTV
via IFTTT
Monday 14 December 2015
Sweden to question Julian Assange
Sweden reached an agreement Sunday with Ecuador to allow the country to question Wikileaks founder Julian Assange over rape allegations.
Swedish police will be able to question him inside the Ecuadorean Embassy in London, where Assange has taken refuge since June 2012 to avoid extradition to Sweden after he has been accused in 2010 of sexual assault against two women. Assange denies the claims. For the full article click here
from hacker samurai http://ift.tt/1YerxZU
via IFTTT
Hackers in ‘white hats’ join effort to thwart the bad guys
Commuters in the Israeli port city of Haifa fumed during a particularly tedious traffic jam two years ago, never guessing that the logjam was caused not by an accident or some other relatively customary event — but reportedly by cyber attack.
It shut the city’s Carmel tunnel for eight hours, with the Associated Press later reporting a cyber attack, although the authorities never confirmed this. A hacker used a “Trojan horse” — a malicious computer programme — to shut down the security cameras monitoring the tunnel, the report said. For the full article click here
from hacker samurai http://ift.tt/1Y9wrwm
via IFTTT
Are PUST students potential North Korean hackers?
Pyongyang University of Science and Technology by its nature attracts controversy, even without hacking allegations.
At the university, founded by evangelical Christian Korean-American James Kim, a select group of North Korean students study under the direction of foreign teachers, many of whom are Christians and all of whom do so without pay. The administrators and supporters of the school highlight that it exposes North Koreans to outsiders and new ideas, while detractors question the usefulness of the program, and the school’s role in amplifying North Korea’s structural inequalities by teaching to such an “elite” core group.
And some allegations are more serious: At the end of November, two North Korean defectors, one of whom is believed to have worked in cyber warfare for the regime, alleged that PUST graduates are being recruited by the Korean People’s Army to work in cyber terrorism, and called on supporters of the university to cut ties with it. For the full article click here
from hacker samurai http://ift.tt/1YerxsP
via IFTTT
Twitter warns some users of potential state-sponsored hackers
Twitter Inc. issued an alert to some users warning them that state-sponsored hackers may have tried to obtain sensitive data from their accounts, the company said, the first such warning by the micro blogging site.
The notice said there was no indication the hackers obtained sensitive information from what it said were a “small group of accounts” targeted.
It did not provide additional information about the attack or possible suspects in its investigation.
Twitter’s notice is the latest amid concern about cyberattacks by state-sponsored organizations. Government agencies, businesses and media have all been hacked.
Motherboard, a tech news site, and the Financial Times earlier reported on Twitter’s warning. For the full article click here
from hacker samurai http://ift.tt/1Y9wrfX
via IFTTT
Saturday 12 December 2015
Local gun dealer defends Century Arms after terrorist’s weapon linked to Delray Beach company
The gun used in the Paris terror attacks and traced back to Century International Arms in Delray Beach was an assault pistol, which is a derivative of the AK-47 assault rifle, and, in its original form, was legal, according to gun dealer Joe Rice, of the Palm Beach Shooting Range and Gun Shop.
You got to understand, Century Arms is a big company. They deal with a lot of products. They sell all over the country. So, however that gun ended up in Paris, your guess is as good as mine,” said Rice.
The guns used by Islamic militants in the Paris attacks were automatic, so Rice said that means someone first snuck the gun into Europe and somewhere along the way converted it from semi-automatic to automatic, which is illegal.
“Converting a gun, 10 years in prison. It’s a federal fine, $250,000 dollar fine. Oh, yeah, it is a major serious weapons violation,” said Rice. For the full article click here
from hacker samurai http://ift.tt/1Nhygz5
via IFTTT
Public, private organizations unite in fight against hackers’ onslaught
WASHINGTON – State officials said hundreds of thousands of web attacks batter Arizona agencies every day, not to mention attacks on private businesses, adding up to millions of attempted hacks in a given month.
In the face of those threats, public and private organizations in Arizona have joined forces in one of the nation’s first information-sharing alliances to combat criminal hackers and their “increasingly sophisticated” techniques to steal data.
The ensuing battle between “black hat” hackers and “white hat” cyber security officials “reflects the reality that we are in a Cold War,” said Frank Grimmelmann, president and CEO of the Arizona Cyber Threat Response Alliance. For the full article click here
from hacker samurai http://ift.tt/1QCIKeE
via IFTTT
JPMorgan Hackers Go Undetected for Years
For three years, a group of five men managed to hack into the highly secure servers of some of the world’s largest financial institutions, run an illicit payment processing scheme, and, for a shorter time period, take over a credit union that was generating $30 million a month in ACH payments.
So how did they fly under the radar for so long?
Federal prosecutors and federal regulators are staying mum on the topic due to criminal indictments against Yuri Lebedev, Anthony R. Murgio, Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein, who operated a sprawling criminal enterprise that raked in hundreds of millions of dollars in illicit proceeds, according to recently released court documents.
The NCUA declined to comment on when it became aware of the unusually high ACH payment processing volume at Helping Other People Excel Federal Credit Union of Jackson, N.J., which had just $290,000 in assets and 96 members. For the full article click here
from hacker samurai http://ift.tt/1Nhyfes
via IFTTT
TED KOPPEL DETAILS BIGGEST UNTACKLED U.S. SECURITY THREAT – A POWER GRID HACKING – IN NEW BOOK
With every mass shooting and terrorist attack the occurs, we expect our government will increase security to keep us safe. We see it at airports and public gatherings, but according to Ted Koppel, one of the world’s most experienced and respected journalists, there’s one place that no one is looking. He first heard about the national security weak spot years ago. He looked into whether it was real. Then he checked what the government was doing about it. It all led to his new book.
“Darkness. Extended periods of darkness, longer and more profound than anyone now living in one of America’s greatest cities has ever known.” Those are the opening words of Koppel’s new book “Light’s Out.”
“It’s the hardest thing I’ve ever done,” he said about the two years he spent writing it.
Koppel retired after 42 years at ABC News — 25 of those years at the helm of the program Nightline — and has been investigating what would happen if cyber hackers got inside our nation’s power grids. For the full article click here
from hacker samurai http://ift.tt/1QCIJYm
via IFTTT
Friday 11 December 2015
FBI admits it uses hacker tools to investigate crimes
If the FBI had to choose between telling you about a security hole on your computer or using it to snoop on bad guys, guess what? You’d be left open to hackers.
And apparently, that’s been the case for a while.
The agency confirmed to The Washington Post on Wednesday that FBI agents use special hacking code to take advantage of known holes in software and further their investigations. They’ll continue using these so-called zero-day exploits, but now there could be further scrutiny of the practice.
The exploits are controversial, and using them involves a trade-off that could end up making some members of the public less safe. So what exactly are these tools, and what does it mean that the FBI uses them? For the full article click here
from hacker samurai http://ift.tt/1IJ4B2Y
via IFTTT
Hackers Threaten to Put Bullet in Researcher’s Brain
One target of the group was mysteriously shot in the head at the beginning of the year.
Researchers at the Citizen Lab, an Internet watchdog group based at the University of Toronto, published a deep diveon Monday about a seven-year hacking campaign against South American political dissidents, journalists, and others. During the investigation, the cyber spies engaged with the researchers directly, issuing a series of taunts, jabs, and threats on the screens of their infected machines.
“We are going to analyze your brain with a bullet and your family too,” one attacker said in Spanish in a pop-up window that appeared on a researcher’s computer screen. (Original: “Vamos a analizar tu cerebro con una bala y en la de tu famila.”) For the full article click here
from hacker samurai http://ift.tt/1SROxMF
via IFTTT
Digital Asia links: ISIS recruits in Chinese, South Korean hackers, Indonesia tech and more
The Asia Pacific is the most dynamic digital landscape in the world, home to the fastest adopters of new technologies and the largest concentration of mobile and social media users. An escalation in online activism, changing cyber dynamics, developments in digital diplomacy and the exploitation of big data are shaping the region’s engagement with the world.
- In order to counter North Korean cyber attacks, South Korea’s government is attempting to recruit the country’s best young programmers by offering full university scholarships in cyber-defence in return for seven years of military service.
- ‘Liking’ the wrong picture on Facebook can get you 32 years of of prison in Thailand.
- ISIS has extended its recruitment efforts into China with this digital recording of a Mandarin Chinese-language song glorifying jihad. China’s strict internet censorship means the song is unlikely to travel far.
- Myanmar’s rapid leapfrogging from no telephony to widespread use of VoIP apps (like Viber) and Facebook messenger is discussed in this podcast.
- Indonesia is fast becoming a destination for tech entrepreneurs and investors. So what did Indonesia’s tech ministry do this year to facilitate this investment? (Hint: not much.) For the full article click here
from hacker samurai http://ift.tt/1QA6Kzc
via IFTTT
Expert explains potential security risks of wearable tech
LEHI — This holiday season, trendy wearable devices are flying off the shelves.
While fitness trackers, smartwatches and even smart clothing can make for fun presents, experts say consumers should keep the devices’ potential security weaknesses in mind while shopping. Most wearable devices connect to the Internet or are Bluetooth enabled, meaning they could be vulnerable without safeguards like data encryption and authentication.
Jason Sabin is the chief security officer at Utah-based Digicert, which provides SSL certificates — recognizable as the padlock that shows up on secure websites — for organizations that include Facebook, PayPal and NASA. He said that as an avid runner he likes the idea of a lot of wearable devices, but that as a security expert the lack of protection scares him.
“A lot of these companies are trying to produce these devices, these features on top of their wearables, and a majority of the time they’re actually not thinking about security or privacy for the individual at all,” he said. “For example, there was a recentlypublished study in July that went and actually found that the top 10 smartwatches all had significant security problems.” For the full article click here
from hacker samurai http://ift.tt/1SROxwp
via IFTTT
Thursday 10 December 2015
Assange to take part in RT panel on security & surveillance on Thursday
Julian Assange will take part in a discussion dedicated to information privacy and security in the digital age, organized as part of an RT conference on media and politics. The WikiLeaks founder will tune in on Thursday from the Ecuadorian embassy in London.
The session, titled ‘Security or Surveillance: Can the right to privacy and effective anti-terror security coexist in the digital age?’ will also be attended by former counter-terrorism specialist and CIA military intelligence officer Philip Giraldi, whistleblower and former MI5 intelligence officer Annie Machon, noted CIA whistleblower Raymond McGovern, and historian, author, and strategic analyst Gregory Copley.
The discussion will be moderated by Thom Hartmann, host of RT America’s political discussion program ‘The Big Picture.’
Assange will be speaking from the Ecuadorian embassy in London, where he has been holed up for over three years after being granted asylum in order to avoid extradition to Sweden, where he faces sexual assault allegations. From Sweden, the WikiLeaks founder fears he would be extradited to the US for publishing classified US military and diplomat documents in 2010 – a move which amounted to the largest information leak in United States history.For the full article click here
from hacker samurai http://ift.tt/1IWFkgx
via IFTTT
FBI Official Acknowledges Using Top Secret Hacking Weapons
A top agency official acknowledged that it uses secret software vulnerabilities in investigations.
The Federal Bureau of Investigation recently made an unprecedented admission: It uses undisclosed software vulnerabilities when hacking suspects’ computers.
Amy Hess, head of the FBI’s science and technology arm, recently went on the record about the practice with theWashington Post. “Hess acknowledged that the bureau uses zero-days,” the Post reported on Tuesday, using industry-speak for generally unknown computer bugs. The name derives from the way such flaws blind side security pros. By the time attackers have begun taking advantage of these coding flubs, software engineers are left with zero days to fix them.
Never before has an FBI official conceded the point, thePost notes. That’s noteworthy. Although the news itself is not exactly a shocker. It is well known among cybersecurity and privacy circles that the agency has had a zero day policyin place since 2010, thanks to documents obtained by the American Civil Liberties Union and published earlier this year on Wired. And working groups had been assembled at least two years earlier to begin mapping out that policy, as a document obtained by the Electronic Frontier Foundation privacy organization and also published on Wired shows. Now though, Hess, an executive assistant director with the FBI, seems to have confirmed the activity.
from hacker samurai http://ift.tt/1XYtA9F
via IFTTT
77,000 Steam accounts are highjacked every month
Steam has introduced a couple of new security measures on trading. Unless you have the two-factor authentication app activated on a second device, and have had it for seven days, you’ll have to wait three days for any goods you’ve traded away to be delivered. If you’re trading with a friend of one year or more, you’ll only have to wait one day.
Why? Well, Valve’s theory is that this measure will slow down hackers trading away items from compromised accounts. In order to make money from illicitly obtained accounts, hackers need to get the goods out before the legitimate owner can report the hack and have the account frozen, you see.
Valve could just insist on two-factor authentication, but there are plenty of users who just can’t use the app for whatever reason. These users will have to swallow some inconvenience, but with any luck, the value prospect of hacking an individual Steam account will go way, way down as a result of these holds. For the full article click here
from hacker samurai http://ift.tt/1IWFkgt
via IFTTT
Hackers Say Crashed Japan PM’s Website to Protest Whale Hunt
A hacking group said Thursday it has crashed Prime Minister Shinzo Abe’s official website to protest Japan’s plans to hunt whales.
Chief Cabinet Secretary Yoshihide Suga told reporters that one of Abe’s websites has been inaccessible since early Thursday and police were investigating.
Suga acknowledged that the Anonymous hacker group has posted a twitter message claiming responsibility, but added authorities had not singled out the group as a prime suspect.
One of the group’s twitter messages posted earlier Thursday criticized Japan over its whaling plans, and warned that Abe’s website would be brought down.
“@AbeShinzo whaling is not cultural right! Your website is #TangoDown!” the messages said. The group has also retweeted anti-whaling messages and one urging Abe not to eat whale meat and go vegan. For the full article click here
from hacker samurai http://ift.tt/1XYtA9t
via IFTTT
Subscribe to:
Posts (Atom)