Monday 29 February 2016
ICIT Fellow Insights: Why Leadership Should Be the Top Priority
Public and private sector leaders are slowly accepting the reality that the weakest link – and greatest asset – in their cybersecurity strategy is the human element. The question which now must be answered is how to best train, motivate and inspire the next generation of leaders and change agents who can help improve an organization’s cybersecurity hygine. Join ICIT Fellow Dan Waddell (ISC2) and Sr. Fellow Parham Eftekhari as they discuss one of the most important cybersecurity issues of our day.
For More , Click Here : http://ift.tt/1Sd1x21
from hacker samurai http://ift.tt/1SdaWXe
via IFTTT
ICIT Fellow Insights: Making Your CISO and CFO BFFs
Your CFO can be an invaluable ally in your quest to elevate the strategic value of CyberSecurity within your organization. The key is to establish a trust-based relationship in which you understand how to parlay the positive impact cybersecurity investments can have on the business, turning the CISO function into a strategic business driver vs. a cost center. Join ICIT Fellow Brian Contos (Securonix) and Sr. Fellow Parham Eftekhari as they share strategies and ideas to accomplish this goal.
Read More , Click here : http://ift.tt/1RfCGWr
from hacker samurai http://ift.tt/1Tid9SS
via IFTTT
Apple Shareholders Cheer Battle to Save ‘Walled Garden’
As 200 shareholders cheered Apple CEO Tim Cook’s battle with the FBI for a “backdoor” into the iPhone, but the real battle is Apple’s attempt to save its lucrative “walled garden.”
It is Breitbart News’ understanding that there are about 7,000 requests by law enforcement for Apple to open iPhones that run on iOS8 and iOS9. Backdoor access apps for older versions of iPhone iOS are available for download on the Internet for users that want to install apps that are not approved by the Apple Store.
There are a significant number of regulations in effect worldwide that relate to protection of private and sensitive “data at transit.” Former CIA employee and current fugitive Edward Snowden created a furor in 2013 over disclosures that the NSA wasclandestinely using “PRISM” and other software hacking tools to capture all Apple, Microsoft, Google and Facebook content “data in transit.”
Despite embarrassment for the Obama administration, not much has changed over NSA bulk “data in transit” collection. As Snowden’s revelations demonstrated, Silicon Valley tech companies have helped facilitate “data in transit” surveillance programs because Silicon Valley companies are receiving lucrative payments from the NSA. For the full article click here
from hacker samurai http://ift.tt/1TMyWlf
via IFTTT
Netflix Updates: TEDTalks, ‘Hackers,’ ‘American Pie’ Movies & More Leaving March 2016
As March approaches, Netflix is expected to get rid of a few movies and series on their roster to make way for new and incoming ones this March 2016. However, this time around it seems there is a huge gap between the number of items leaving and coming on Netflix.
As LifeHacker puts it, “it’s a slow month for additions.” But that doesn’t mean there are several things in store for Netflix viewers this March! In fact, some beloved movies are making a comeback, while most Netflix original series make their entry on the platform. Read more about what’s coming to Netflix this month here.
?Unfortunately, Netflix users will have to part ways with a lot of offerings this March. Majority of the TEDTalks collections will be moving out, but not before “Hackers,” “Hamlet,” and “The Monster Squad” bid adieu. For the full article click here
from hacker samurai http://ift.tt/1RzTTg6
via IFTTT
Snapchat Hacked: Employee Payroll Details Leaked Following Phishing Scam
Snapchat admitted that hackers were able to access sensitive employee data after a member of staff fell for a phishing email which claimed to be from co-founder and CEO Evan Spiegel.
In a blog post confirming the breach, Snapchat said it was embarrassed that one of its employees fell for the scam as it is “a company that takes privacy and security seriously.” The company pointed out that while some employees’ data was leaked and their identities compromised, user data was never at risk. “The good news is that our servers were not breached, and our users’ data was totally unaffected by this.”
The hacker or hackers behind the scam used the increasingly-popular social engineering tactic of phishing to get access to the information. Phishing scams typically see highly-tailored emails sent to specific employees within the target organization which appear to come from a legitimate source and contain information that employees might expect to see.
In this case, the scammer impersonated Evan Spiegel, the co-founder and CEO of Snapchat, asking for access to payroll information. The scam was not detected, and payroll information about some current and former employees was disclosed externally, the company said. For the full article click here
from hacker samurai http://ift.tt/21vRtam
via IFTTT
IOS 9.2 JAILBREAK: LATEST RUMORS AND UPDATES, HACKER SUCCESSFULLY JAILBREAKS IOS 9.3 BETA, FAKE IOS 9.2 JAILBREAKS SURFACE ONLINE
Just in the past month iOS 9.2.1 was officially released by Apple. It brought with itself several bug fixes and also worked towards fixing the security loopholes of iOS 9.2. Various rumors regarding a jailbreak for iOS 9.2 have been doing rounds on the internet for quite some time now.
It was previously reported that a particular hacker by the name of Luca Todesco was able to successfully develop a jailbreak or iOS 9.2.1 while it was in its beta stage. However, this person abstained from releasing the jailbreaking tool for the common public.
Though this caused disappointment among fans of jailbroken iOS, it also showed the world that jailbreaking of iOS 9.2.1 was indeed possible. It is being speculated that renowned jailbreaking teams- Pangu and TaiG might have already developed jailbreaking tools for iOS 9.2.
Todesco recently claimed that he has managed to jailbreak the iOS 9.3 beta too. However, once again he has stated that he will not release the tool for the common public. For the full article click here
from hacker samurai http://ift.tt/1RzTVo0
via IFTTT
Massive IRS data breach much bigger than first thought
A massive data breach at the IRS was much bigger than was first realized. Theagency now says more than 700,000 social security numbers and other sensitive information may have been stolen.
Hackers used the “Get Transcript” program, which allows you to check your tax history online. The IRS began the online program two years ago, allowing taxpayers to request their tax history over the Internet, in addition to the post office. But following a nine-month investigation by the Treasury inspector general for tax administration, the IRS says its online service has put hundreds of thousands of more taxpayers at risk of identify theft, reports CBS News correspondent Jan Crawford.
Not even Virginia-based tax attorney, Wayne Zell, was protected from hackers.
“Somebody was trying to claim a refund using my social security number and I knew something was wrong,” Zell said. “I got a form earlier this week stating that somebody had recovered my E-File personal identification number. I don’t have an E-File personal identification number.”
The IRS’s data dump is the latest in a series of disclosures. In May 2015, the agency reported cyber criminals accessed approximately 114,000 taxpayer accounts. Three months later, that number grew to as many as 334,000. This month, the IRS said there are as many as 724,000 victims. For the full article click here
from hacker samurai http://ift.tt/21vRtag
via IFTTT
Saturday 27 February 2016
Eye-opening report says hackers have the ability to kill patients at hospitals
It’s common knowledge that hospitals can be hit with data breaches that reveal personal information or fall victim to“ransomware” attacks that take their computer systems hostage.
But an eye-opening new report from Independent Security Evaluators now says that malicious hackers have the capability to kill patients by taking over computer systems that track delivery of medicine or manage requests for blood work.
Fortunately a patient death has never been caused by a cyber criminal, but the report seems to be a wakeup call for the healthcare industry, which has so far been ill-prepared to deal with “very real” threats to patients’ lives, according to ISE founder Steve Bono. For the full article click here
from hacker samurai http://ift.tt/1S8dMgr
via IFTTT
Controversy surrounds Myanmar hackers claim
Controversy surrounds claims that Myanmar-based hackers, possibly with links to the military, have been attacking Thai government websites since early January.
The Blink Hacker Group said in Facebook posts and in an e-mail interview that its attacks were in retaliation for Thailand sentencing two Myanmar nationals to death for the murder of two British backpackers late last year, according to a Reuters report on February 26.
But the Thai police said they did not believe the hackers were based in Myanmar.
Myanmar individuals named in the recently released report, “Unleashed: Unveiling Cyber Warfare in Myanmar”, by a Swedish cyber security expert, Tord Lundström, are upset over the allegations they are involved in hacking, according to a Myanmar Times report, February 26. For the full article click here
from hacker samurai http://ift.tt/1VKdlaY
via IFTTT
Hackers Strike UC Berkeley: Data Of 80,000 People Possibly Compromised
Earlier this month, a group of former and current students from the University of California Berkeley filed a lawsuit against Google, alleging the Internet firm of scanning the educational Gmail accounts of the school to gather analytics data.
It seems that UC Berkeley’s cyber troubles do not end there, as officials of the school have sent out warnings to about 80,000 people due to a hacker attack on its system which stored sensitive data.
The people are composed of former and current faculty, students, staff and vendors, who may have had their bank account information and Social Security numbers compromised.
According to a UC Berkeley statement, an individual hacker or a group of hackers were able to infiltrate computers part of the Berkeley Financial System, or BFS, in late December 2015. BFS is a software which the school uses for financial management purposes, including making purchases and other payments aside from salaries. For the full article click here
from hacker samurai http://ift.tt/1oOBVNC
via IFTTT
US IRS Hacked – 700,000 Personal Accounts Illegally Accessed
There is now greater chances that the cyber thieves could impersonate thousands of taxpayers since the illegally obtained information include specific data such as birth dates and Social Security numbers. Thieves could use this information to collect tax refunds, file false federal tax returns, and many more tax related illegal activities.
Previously, the tax agency reported in May 2015 that it found 114,000 US taxpayer data were illegally accessed using the “Get Transcript” since January 2014.
The “Get Transcript” application enables individuals to view information from the tax returns of the previous years. After the cyber-attack was uncovered in May, the IRS website app was immediately discontinued. For the full article click here
from hacker samurai http://ift.tt/1oOBVxk
via IFTTT
Friday 26 February 2016
Centrify Provides Secure Access on the Good Dynamics Secure Mobility Platform
New solution offers ironclad identity security for thousands of cloud and on-premises apps and servers via integrated single sign-on and multi-factor authentication
BARCELONA, Spain–(BUSINESS WIRE)–Mobile World Congress – Centrify, the leader in securing enterprise identities against cyberthreats, today announced a partnership with BlackBerry to provide secure access to thousands of cloud and on-premises applications and servers on the Good Dynamics Secure Mobility Platform. Centrify’s smartcard-based mobile derived credentials are now certified “Secured by Good” on mobile devices, allowing for easy and secure single sign-on (SSO) to apps and privileged password access to servers.
This combination of SSO, multi-factor authentication (MFA) and access to apps and servers from the Good secure container will give highly regulated customers, such as those in the government sector and the financial services industry, the ability to safely use smart-card based authentication from mobile devices without compromising security.
Customers using BlackBerry’s mobility solutions have the highest levels of encryption and security for mobile application data—both in motion and at rest. With Centrify, customers now have a seamless solution for the use of smartcards for secure access on Good-secured devices. Centrify provides turnkey, password-free access to thousands of apps within the Good secure container, as well as support for smartcard-derived credentials for secure authentication to the Good container.
……
To read the full Press Release , Click Here: http://ift.tt/21mWcep
from hacker samurai http://ift.tt/1KQr5Ay
via IFTTT
Security Researchers Collaborate to Uncover Sony Pictures Hackers
Today’s topics include the joint efforts by competing security firms to unmask the Sony Pictures hackers, Microsoft’s buyout of development tool company Xamarin, Dell’s proposed $67 billion acquisition of EMC clears a major regulatory hurdle, and Asus settles with the FTC over security of wireless routers.
The cyber-attack against Sony Pictures Entertainment disclosed in November 2014 is one of the highest-profile and yet mysterious security breaches in recent years. Since then, media reports variously placed the blame on North Korean hackers, disgruntled ex-employees and others.
But “Operation Blockbuster,” a research project carried out by multiple competing security firms, released a report on Feb. 24 that blames attackers identified as the Lazarus Group and also claims that they are still active. For the full article click here
from hacker samurai http://ift.tt/1T0z3cO
via IFTTT
WHEN YOU INVITE ELITE HACKERS TO DO THEIR WORST, IT GOES REALLY, REALLY BADLY
Kevin Roose of Fusion is a brave man. He invited hackers to demonstrate just how bad they could make things for him.
Roose apparently forgot the story of Jeremy Clarkson, the former Top Gear host who boldly printed his bank account details in a UK paper, claiming: “All you’ll be able to do with them is put money into my account. Not take it out.”
Soon enough, Clarkson was shown to eat his words – he noticed that a direct debit had been set-up to various charities, a clever way for a somewhat gentle hacker to prove how wrong the poor loveable buffoon can be.
Roose invited two hacker teams to go to work on him, and he’d later meet with them in person at DefCon, held at Las Vegas each year, a gathering of white and black-hat hackers.
Just so you know, Roose gave himself an A- rating for his security set-up, with a range of safeguards including two-factor authentication, strong passwords, and more, all up and running. For the full article click here
from hacker samurai http://ift.tt/1n1yt0s
via IFTTT
WHEN YOU INVITE ELITE HACKERS TO DO THEIR WORST, IT GOES REALLY, REALLY BADLY
Kevin Roose of Fusion is a brave man. He invited hackers to demonstrate just how bad they could make things for him.
Roose apparently forgot the story of Jeremy Clarkson, the former Top Gear host who boldly printed his bank account details in a UK paper, claiming: “All you’ll be able to do with them is put money into my account. Not take it out.”
Soon enough, Clarkson was shown to eat his words – he noticed that a direct debit had been set-up to various charities, a clever way for a somewhat gentle hacker to prove how wrong the poor loveable buffoon can be.
Roose invited two hacker teams to go to work on him, and he’d later meet with them in person at DefCon, held at Las Vegas each year, a gathering of white and black-hat hackers.
Just so you know, Roose gave himself an A- rating for his security set-up, with a range of safeguards including two-factor authentication, strong passwords, and more, all up and running. For the full article click here
from hacker samurai http://ift.tt/1n1yt0s
via IFTTT
Xbox Live Down Imminent As Hackers Threaten Microsoft
Hacker attacks have been a really big annoyance to online gamers in the past, taking down the PlayStation Network and Xbox Live in recent years. Now another group of hackers have claimed that they can take Xbox Live “off the face of the Earth,” which can only mean bad things for Microsoft and fans of the company’s games.
The heads in Microsoft should come up with a safety measure after the threat was made in Newsweek. Apparently they’re doing this so that major companies can have better network security. Microsoft has to take Xbox Live down for a while and make some big improvements to the network’s security to ensure a better experience for online gamers. While taking Xbox Live down for maintenance sounds extreme, the company might not have much of a choice given previous hack attacks in the past. Calling the FBI for help might do them some good, but the company will also have to protect itself so that the hackers can stay away from Xbox Live. For the full article click here
from hacker samurai http://ift.tt/1TDgom9
via IFTTT
Hackers could hijack homes
A security expert said that setting up your house based on the ‘Internet of Things’ devices could lead to your house being hijacked by hackers.
Allen Scott, the head of strategic partnerships, for F Secure warned that the new wave of ‘internet of things’ devices could leave people ‘under siege’ from criminals that “want to find an easy way to make cash.”
He said that the current trend from hackers involves people are taking data, encrypting it and then holding it to ransom. There is no reason to think it is impossible with smarthouses.
The ‘Internet of Things’ essentially describes a new type of home product that now has internet connectivity, allowing it to update itself, be controlled remotely via smartphone or tap into millions of other devices to make itself more intelligent. For the full article click here
from hacker samurai http://ift.tt/1TDgom5
via IFTTT
DHS: Hackers increasingly targeting emergency systems
WASHINGTON — The Department of Homeland Security and the Multi-State Information Sharing and Analysis Center are warning that cyberattacks against law enforcement, fire departments and other emergency services have become commonplace and are likely to increase in frequency.
An intelligence assessment obtained by WTOP, reads, “cyber targeting of the Emergency Services Sector (ESS) will likely increase as systems and networks become more interconnected and the ESS becomes more dependent on information technology for daily operations.”
The assessment said the unified nature of the systems “creates more targets for hackers,” and that “vulnerable systems include call-center communications-management software, closed-circuit TV camera systems, interactive voice response systems, and emergency alert systems — particularly wireless emergency alert systems.”
Hacking emergency systems is not a new phenomenon. Similar incidents date back more than four years. The most notorious took place in February 2013. For the full article click here
from hacker samurai http://ift.tt/20ZyPC2
via IFTTT
Thursday 25 February 2016
Baltimore hackers say they reveal potentially deadly cybersecurity weaknesses at area hospitals
Area hospitals are riddled with cybersecurity flaws that could allow attackers to hack into medical devices and kill patients, a team of Baltimore-based researchers has concluded after a two-year investigation.
Hackers at Independent Security Evaluators say they broke into one hospital’s systems remotely to take control of several patient monitors, which would let an attacker disable alarms or display false information.
The team says it strolled into one hospital’s lobby and used an easily accessible kiosk to commandeer computer systems that track medicine delivery and bloodwork requests — more opportunities for malicious hackers to create mayhem. For the full article click here
from hacker samurai http://ift.tt/1QgfoDy
via IFTTT
The Habits Of Hackers: When You’re Most Likely To Get Attacked
First thing Tuesday is the most effective time to hit inboxes with bogus invoices and receipts looking to catch people unawares, according to Proofpoint’s Human Factor 2016 security report. Hackers are targeting busy people who are quickly clearing their inbox for the day ahead, hoping their attack will hit the mark before the IT team has a chance to act.
Rather than linking to sites hosting malware, three-quarters of malicious links sent last year directed their recipients to bogus pages designed to steal passwords and other credentials, says Kevin Epstein – Proofpoint’s Vice President of Threat Operations.
“Attackers target the human factor because it is so much more difficult to defend with the kinds of traditional defence – like signature and reputation-based antivirus and anti-spam – on which most organisations still rely,” Epstein says.
“People are easier to fool than machines. Anti-malware software is never too sleepy to question legitimacy, or too curious to avoid clicking.” Scammers are expanding their efforts beyond email to focus more on SMS and social media, with password-stealing “phishing” attempts 10 times more common than malware links in social media posts. While email-based scams peak in the morning, social media-based scams are more common in the afternoon as people look for distractions from their work. For the full article click here
from hacker samurai http://ift.tt/1QAdgCc
via IFTTT
Russian hackers take credit for string of robocalls threatening violence at schools
Spokane was just one of hundreds of cities nationwide, and even across the world, that were victim to a series of robocalls threatening violence at schools.
The calls came in about 2:30pm in Spokane, but dozens of others cities had just gone through the same drill hours before.
Police say in the calls a recorded voice threatens violence at the school, although does not specifically name any school. The recording repeats itself several times, and then disconnects. This is the latest round of these kinds of calls. It’s happening with more and more frequency.
Today eight schools in the Spokane Public School District got the call: Salk, Sacajawea, Shaw, and Glover middle schools, Rogers High School, Stevens, Willard, and Wilson elementary. All eight were locked down while police and school officials investigated. When they determined there was not threat, the students were released. In the Mead School District Shiloh Hills Elementary got one of the robocalls and actually evacuated out of an abundance of caution. For the full article click here
from hacker samurai http://ift.tt/1p8yEZt
via IFTTT
Hackers behind Sony attack may have targeted other Asian countries, report says
The hackers behind the November 2014 cyberattack against US-based Sony Pictures Entertainment over its controversial comedy The Interview may have targeted Japan and other Asian countries in similar attacks, according to a report released on Wednesday by a private cybersecurity coalition.
The document notes that although the hacker group’s victims have mainly been in the United States and South Korea, malware linked to the group has been detected in other Asian countries such as Japan, China and India.
US authorities have accused North Korea of carrying out the Sony Pictures cyberattack that took place ahead of the planned release of The Interview, a comedy about an assassination attempt on the country’s leader Kim Jong-un. For the full article click here
from hacker samurai http://ift.tt/1p8yEZp
via IFTTT
Ask Matt: Can I profit from hackers?
Q: Can I profit from digital security?
A: Security of our computers, tablets and phones is top of mind. That presents an opportunity for investors.
The raging debate over whether Apple (AAPL)should cooperate with the government in the investigation of a mass murder is opening a discussion of the balance of privacy and justice. Businesses and consumers are looking for ways to legally secure their data and are looking to companies with expertise needed to offer encryption, but also the ability to provide access when needed.
Investors have choice when it comes to security-company stocks – and analysts are pretty bullish on most of them. There are nine companies in the broad Russell 3000 index that are in the security software industry, according to data from S&P GlobalMarket Intelligence. Nearly all the shares are down this year. But analysts think, on average, the nine software security stocks could be more than 40% higher in 18 months than they are now. Eight of the nine stocks, with the exception of Symantec(SYMC) are rated a “buy” or “outperform.” Analysts like AVG Technologies (AVG)best, and say the stock could be worth 63% more in 18 months. Analysts are also the most bullish on Vasco Data (VDSI), Imperva (IMPV) and FireEye (FEYE). For the full article click here
from hacker samurai http://ift.tt/21jC9xr
via IFTTT
Wednesday 24 February 2016
Global Risk Advisors Announces Launch of GRA Quantum
New York, NY, February 23, 2016 — Global Risk Advisors is excited to announce the launch of GRA Quantum: The Evolution of Cybersecurity – our latest move to equip clients with unparalleled, comprehensive protection against emerging threats.
As even the largest, highest profile, and most well-resourced corporations and government agencies continue to fall prey to hackers , it has become clear to us that the plans and products currently on the market are not working. Something is lacking from the existing paradigm.
GRA Quantum has been created to fill this vacuum — to reimagine cybersecurity.
Among the core values of GRA Quantum is an understanding that true security requires more than just software updates and prefabricated “solutions.” GRA Quantum exemplifies the belief that partnership and close collaboration enable the creation and implementation of customized, comprehensive strategies to successfully handle all threat vectors. We believe that the work of GRA Quantum fulfills our mission to serve as a personal, trusted advisor to each of our clients.
As we launch this new venture, Global Risk Advisors remains an active firm committed to continuing our delivery of high quality risk advisory products. GRA Quantum will fully assume and build upon our existing information security services, as well as deepen our mutually collaborative relationships with Silicon Valley.
We look forward to engaging in a dialogue with members of your team about GRA Quantum, and to discussing what, together, we can do to ensure you are protected.
We hope you are just as excited about this endeavor as we are.
Come visit us at www.graquantum.com!
from hacker samurai http://ift.tt/1KKY5Kp
via IFTTT
Hackers Try to Access FDA Data
When the FDA recently warned medical device manufacturers to take cyber security threats seriously and prepare for them, they weren’t just spouting directives. They were talking from experience.
FDA TURNS TO CHINA DURING CHEMO DRUG CRISIS
From January 2013 to June 2015, the FDA received 1,036 security incidents, according to FierceBiotechIT.
The media outlet cited a report in the Federal Times about the incidents, which were learned about through a freedom of information request. For the full article click here
from hacker samurai http://ift.tt/1QxDYvn
via IFTTT
Hackers scam Wichita finance firm out of $270,000
Scammers tried to steal a total of $270,000 from the company Heritage Group L.C. The money management firm wired the money overseas in three transactions, thinking it was acting on orders from a client – but instead, it was communicating with a hacker.
Red flags stopped the company from losing all the money, but the company’s president says for now, the Heritage is out $95,000. Heritage Group L.C. is a private company that manages money for clients.
It provides accounting services, invests money, and other financial services.
On February 10, the firm gets an email.
“They get an email from one of their clients. They think it is the client who was contacting them,” said Srgt. Santiago Hungria, who heads the cyber/ financial crimes with the Wichita Police Department. For the full article click here
from hacker samurai http://ift.tt/1p3OynS
via IFTTT
Hackers compromise Linux Mint Cinnamon ISO and forums
The leader of the Linux Mint project, one of the more popular Linux distributions for the desktop, has revealed the project’s website was attacked. In two separate posts to the project’s blog,Clement Lefebvre wrote that the damage to the project includes a compromised ISO for Linux Mint 17.3 Cinnamon edition and a stolen forums database.
The linuxmint.com domain remained down until earlier today, and now the blog.linuxmint.com subdomain isn’t responding. The previously linked blog posts were viewed via Google’s site cache. For the full article click here
from hacker samurai http://ift.tt/1QcaLXu
via IFTTT
While hackers hit the headlines, insider threats should not be forgotten
Hardly a month passes without reports of hacker attacks on high profile firms that destroy business reputations, share prices and executives’ careers. The ensuing “arms race” between businesses and hackers is consuming valuable resources at Board level. However, greater damage can be caused by insider threats, which operate in the shadows, bypassing security and leaking sensitive data.
Businesses are increasingly dependent on data, which makes them more and more vulnerable to the leakage of sensitive data. Success increasingly depends on the need to collaborate, sharing sensitive data internally between teams; and also externally with customers and business partners. Working practices involved in collaborating at local, national and international levels make it difficult to control access to and circulation of data. Therefore, insiders with authorised access to sensitive information represent credible and growing security threats, which businesses should ignore at their peril. For the full article click here
from hacker samurai http://ift.tt/1TyEajk
via IFTTT
Hackers use Microsoft security tool to pwn Microsoft security tool
FireEye security wonks Abdulellah Alsaheel and Raghav Pande have twisted the barrels of Microsoft’s lauded EMET Windows defence gun 180 degrees and fired.
The result of their research is p0wnage of the enhanced mitigation toolkit so that instead of defending Windows it attacks it.
The attacks the pair found affect older versions of Windows which rely on EMET for modern defences like address space layout randomisation and data execution prevention.
Windows 10 already has much of EMET’s payload baked in save for some newly-added features in the latest version 5.5, which is also patched against Alsaheel’s and Pande’s hack. For the full article click here
from hacker samurai http://ift.tt/1QcaOCB
via IFTTT
Tuesday 23 February 2016
Banks are being targeted by cyber hackers
Cyber-criminals are increasing attacks on Australian banks and using more sophisticated methods, says a report by computer giant Dell, suggesting heightened cyber-security vigilance and spending by financial institutions and the federal government is justified.
Dell SecureWorks, the IT security subsidiary of Dell, found that Australia is the third-most-targeted country from 17 examined in a report on banking “botnets”. The term, which combines the words robot and network, refers to internet-linked computers that maliciously launch repetitive tasks designed to damage information systems.
“Threats are becoming more sophisticated, incorporating emerging technologies, advanced cryptography, and resilient infrastructure to resist surveillance and disruption,” says the report, published on Friday.
Dell says 80 per cent of global attacks are on financial institutions in the United States. The United Kingdom is the next-most-targeted market, then Australia. Attacks in Asia are increasing and cyber attackers are also targeting bank customers as banking moves to mobile. For the full article click here
from hacker samurai http://ift.tt/21cjyDn
via IFTTT
LA Hospital Hit By Ransomware Pays Hackers $17,000: Is It The Right Choice?
After its computer system got taken over by hackers, the Hollywood Presbyterian Medical Center in Los Angeles has decided to pay a ransom of $17,000 in order to regain access.
The hospital was hit by ransomware — malicious software that locks computer systems until a ransom is paid to unlock it.
Media reports says the hackers were demanding the hospital to pay them 9,000 Bitcoins or about $3.4 million, but CEO and President Allen Stefanek confirmed [pdf] these were false. In the end, the hospital shelled out $17,000, which is equivalent to 40 Bitcoins.
Payment using Bitcoins require a particular level of anonymity, and they’re described as an “anonymous” form of currency. For the full article click here
from hacker samurai http://ift.tt/1SQaRK4
via IFTTT
BAE Systems share price: Hackers target group twice a week
Foreign governments are suspected of launching cyber attacks on BAE Systems (LON:BA) as often as twice a week, the Financial Times has reported. The news comes with the UK defence giant accelerating a push into cyber security.
BAE Systems’ share price has been little changed in today’s session, having lost 0.10 percent to 509.50p as of 09:45 GMT. The shares are outperforming the broader London market, with the FTSE 100 having For the full article click here
from hacker samurai http://ift.tt/1TCPCeS
via IFTTT
Hackers Targeted Human Error in 2015
Hackers overwhelmingly sought to socially engineer and exploit computer users last year rather than create automated exploits for use in email-based attacks, according to Proofpoint.
The cybersecurity company claimed in its new The Human Factor 2016 report that 99.7% of documents used in attachment-based campaigns relied on social engineering and macros.
What’s more, 98% of URLs in malicious messages link to executables, or executables inside an archive – which have to be opened by the user.
Similarly, phishing became 10-times more common on social media than malware, with 40% of Facebook accounts and 20% of Twitter accounts claiming to represent a Fortune 100 brand actually being unauthorized.
To mitigate this human-centric shift in attack tactics, organizations need to blend technical and non-technical elements, according to Kevin Epstein, VP of threat operations at Proofpoint. For the full article click here
from hacker samurai http://ift.tt/1TCPAUl
via IFTTT
Fire Emblem Fates: Hackers Adding Anna DLC Early
According to Siliconera, the character seen above, Anna, will not be made available in the game until 7 April, but that hasn’t stopped Anna from showing up in several castles under the game’s My Castle feature. It seems she has popped up via save file manipulation (which, depending on your point of view, could be considered akin to piracy). There’s also the Witch class, which is supposed to be officially released on the 21st of April, but has been spotted in castles already.
Adding DLC to the game early isn’t the only way hackers are running the show on Fire Emblem Fates. Apparently the skills Aptitude and Draconic Hex, which are locked to specific character classes in the game, have been seen floating around in the wild. Battling those castles and earning those skills is also possible, though the skill can never be removed once learned, so you’ll have to live with the indignity of breaking the game. For the full article click here
from hacker samurai http://ift.tt/20SIJp3
via IFTTT
Monday 22 February 2016
SA hit as cybercrime volumes double
Last year saw a drastic increase in cybercrime, reaching double the amount seen in 2014.
This is among the findings from AppRiver’s Global Security Report, which showed that AppRiver quarantined 944-million messages containing malware from January to November 2015, as well as 26-billion spam messages in the same period.
South Africans are not immune to cyber-attacks and, although the government has recognised these threats and implemented laws such as the Electronic Communication and Transfers (ECT) Act 25 of 2002, they do not have the resources to combat cybercrime.
Cyber-attacks came in many shapes and forms in 2015, from malicious macros to wire transfer fraud. For the full article click here
from hacker samurai http://ift.tt/1KDEfAL
via IFTTT
Anonymous hackers target Cincinnati police
The hacking group Anonymous released a video Sunday targeting the Cincinnati Police Department.
In the video, someone wearing a mask discusses the group’s anger over the department’s handling of a deadly officer-involved shooting in Westwood.
The group then posted online personal information about more than 50 Cincinnati police officers, including Police Chief Eliot Isaac. As of 4:30 a.m. Monday, the information had been taken down.
The case that prompted this hack took place Wednesday when witnesses said Paul Gaston became erratic after crashing into a pole. When police confronted him, investigators said Gaston initially complied with officer’s orders but then failed to comply with officer’s commands and reached to his belt to grab a gun. For the full article click here
from hacker samurai http://ift.tt/1oXkgDi
via IFTTT
Hackers compromised Linux Mint in a way the FBI can only dream of
Hackers took control of the official website for the Linux Mint distro over the weekend, resulting in some users downloading a build of the OS that had been modified to include a backdoor that would give attackers full access to a user’s system.
Announced in a blog post, the organization said it quickly spotted and rectified the issue, but that anyone who downloaded Linux Mint (Cinnamon Edition) on February 20 should probably start over. At the very least, you’ll want to check the MD5 signature of your download to ensure it’s legit.
If you do have an infected copy on disk or USB, you’ll need to format it and start again.
According to the organization, the backdoor connects to a site called absentvodka (can’t recommend searching and visiting that one, given the context) and the IP addresses lead to Sofia in Bulgaria. For the full article click here
from hacker samurai http://ift.tt/1XHVwdS
via IFTTT
IT dept sends over 100 phishing links to cyber security agency
Taking note of the spate of phishing and cheat refund emails landing in inboxes of taxpayers, the Income Tax department has referred over 100 such instances to the country’s premier cyber security agency to block these hackers from lurking in the e-world.
The department is particularly worried after taxpayers recently brought to its notice certain emails which have very cleverly “spoofed the department’s identity” by using almost resembling addresses to cheat gullible taxpayers over the Internet. For the full article click here
from hacker samurai http://ift.tt/1oDcE96
via IFTTT
Legal battle to affect digital privacy
The Apple versus FBI iPhone legal controversy may end up being a defining moment for how this nation views personal privacy in the digital age.
As you may already know, the FBI wants Apple to create a modified operating system for the iPhone that will allow investigators to get into the password protected iPhone of one of the San Bernadino terrorists who killed 14 people in December (http://lat.ms/1UcTClE).
The FBI believes there may be clues and information stored on the phone — “crucial evidence,” the bureau claims — related to the shootings. For the full article click here
from hacker samurai http://ift.tt/1L5v2Ry
via IFTTT
Saturday 20 February 2016
Be selective about what data you store and access from the cloud
Caution and awareness are important factors for mitigating security threats
BY THOMAS BOYDEN
Businesses are racing to expand their use of the cloud. The market for cloud services topped $100 billion in 2012 and is expected to surge to nearly $300 billion by 2020.
Cloud computing has numerous advantages. Companies can slash internal IT costs, and are looking to reduce data loss and service interruptions that accompany cyber attacks.
But caution is warranted.
Using the cloud means, in part, surrendering your organization’s data security. Even if your organization invests heavily in state-of-the-art cyber defenses and maintains an all-star staff of technology experts, none of that security transfers over to the data you send to the cloud. After an upload, your organization becomes wholly dependent upon the security protocols of outsiders.
….
To read full article , click here : http://ift.tt/215sZV8
from hacker samurai http://ift.tt/1QrZY0N
via IFTTT
SEC Brings Charges in $100 Million Newswire Hacking Scheme
The US Securities and Exchange Commission (SEC) has brought charges against nine new defendants involved in an international scheme that saw newswires that distribute corporate press releases hacked to facilitate an insider trading ring.
In a complaint filed in the US District Court in New Jersey on Wednesday, five traders and the four companies they owned are alleged by the SEC to make nearly $20 million in illegal profits by insider trading, Reuters revealed.
Hacked reported the crime that came to light in August 2015, wherein hackers based in Ukraine and crooked Wall Street traders came together to form an insider trading ring that is speculated to have generated $100 million in profits. For the full article click here
from hacker samurai http://ift.tt/24ht8Uz
via IFTTT
Meet the start-up trying to keep hackers from hijacking your car
After last year’s high-profile corporate data breaches, hundreds of start-ups have popped up with newfangled ways of spotting hackers within the electronic noise, usually by looking for virtual “threat signatures” pulled from expensive databases.
But Vienna-based PFP Cybersecurity is trying something different: tracking tiny changes in power usage and radio waves emitted by hardware. When something out-of-the ordinary happens—like an unexplained spike in power coming off a computer chip— PFP’s system raises a red flag that something might be wrong.
“Instead of dealing with hundreds of millions of [threat] signatures you go back to the fundamentals – the laws of physics,” said Chief Executive Steven Chen. “When a hacker moves electrons we can see them.” For the full article click here
from hacker samurai http://ift.tt/1WypIHa
via IFTTT
Weekend hacker loses control
Our rogue drone wouldn’t stop flying toward a UA student running with her dog.
We ran after it, but we had just spent 26 hours programming a drone that couldn’t even hover correctly. We were over-caffeinated, demoralized, and not too confident we could catch it.
Our team had come to Hack Arizona with a plan to build a website or an app. A drone wasn’t in the plans, but it looked so cool.
We were among more than 500 hackers from across the globe who descended upon the University of Arizona Science and Engineering Library for Hack Arizona last month. We were given 36 hours to make something elegant from scraps of technology. For the full article click here
from hacker samurai http://ift.tt/1Ky0qIt
via IFTTT
Lubbock Print Shop Targeted by Hackers
A Lubbock business was shut down Friday after being targeted by hackers demanding a ransom.
An employee opened a malicious email suspected to be the cause of the cyber attack.
Employees at Caprock Business Forms said they had received suspicious emails for several weeks, but the company’s operations were not affected until an employee opened the email on Friday that “All of a sudden we couldn’t do anything. We couldn’t go anywhere. We kept getting error messages. And finally, a message came up on her computer that said something about ‘ransomware,'” said Caprock Business Forms personnel manager Jon Jones. For the full article click here
from hacker samurai http://ift.tt/1WypIqM
via IFTTT
Friday 19 February 2016
Hackers extort money from victims of ransomware
According to industry experts, hackers have now found a way to extort money from people by hacking into their computers and freezing their files until they pay a ransom, like in the case of a California hospital.
The hackers demanded a ransom, and the California hospital paid it to the tune of $17,000.
People can protect themselves, but even experts will agree sometimes it’s easier and cheaper to just pay that ransom.
It’s a frightening scenario: Hackers used malware known as “ransomware” to hack into the computers of Hollywood Presbyterian Medical Center in California, holding the hospital’s computers hostage until the CEO agreed to pay 40 bitcoins or $17,000 to get the computers back online. For the full article click here
from hacker samurai http://ift.tt/1mMpX5e
via IFTTT
Fear iPhone hackers or the FBI? Bloomberg View
A federal judge in California ordered Apple to exploit a security weakness for the iPhone to help law enforcement investigate the San Bernardino terrorist attack. The company is refusing to provide a piece of software that would effectively allow federal investigators to bypass the strong security that Apple implemented in 2014.
Bloomberg View columnists Eli Lake and Megan McArdle discuss.
McArdle: Right now, it’s impossible to brute-force a passcode by simply trying combination after combination, because there’s a feature that will wipe the data after 10 unsuccessful tries. The judge has ordered Apple to create a piece of software that will raise that limit high enough for investigators in the San Bernardino shooting to keep trying until they unlock the iPhone belonging to San Bernardino County, which one of the shooters used.
On one hand, the Constitution is not a suicide pact. On the other hand, I see several major issues here. The first is that such a back door, once created, is probably not going to stay with the U.S. government. China, for example, is probably going to demand a similar bypass, which could easily be used to persecute dissidents. Second, we have an interest in privacy from our own government, which this damages. And third, they are arguing for this under a very expansive reading of the All Writs Act, a law dating to 1789. The government’s interpretation would represent a very dramatic expansion of its search power, and as citizens, we should all be concerned about that. For the full article click here
from hacker samurai http://ift.tt/1Kvi53M
via IFTTT
Infamous hackers targeting Mesa officers; group criticizing officer-involved shootings
An infamous hacker group that has targeted law enforcement in Arizona before is sending out a new warning to the Mesa Police Department.
In a five minute YouTube video “Anonymous” focuses on two officer-involved shootings in Mesa this year.
“Just as you laid them out, we shall lay out your many abuses,” a digitally enhanced voice says in the video.
Police say Daniel Shaver was shot and killed when he refused to show his hands in a hotel in January. For the full article click here
from hacker samurai http://ift.tt/1KZzqBG
via IFTTT
State computer systems experience up to 300 million hacking attempts daily
Salt Lake City — (KUTV) Computer systems for the state of Utah are being bombarded with attacks at a rapid fire rate — sometimes hundreds of millions a day — a dramatic increase from just a few years ago.
“In 2010, my IT director was letting me know that the number of attacks we were averaging a day were between 25,000 to 80,000,” said Keith Squires, Utah Commissioner of Public Safety. “We had peaks in the past year or so that were over 300,000,000 a day.”
Most of the time, the hackers are not sitting in front of a keyboard and screen, but programs set in motion by them are sweeping state systems, searching for signs of weakness. Think of it as a constant stream of searchlights, crisscrossing your neighborhood, looking for an open garage door. For the full article click here
from hacker samurai http://ift.tt/1OjUA8y
via IFTTT
Pro-Hezbollah hackers: We penetrated Israeli sites, security feeds
A pro-Hezbollah hacker group calling itself We Are Coming claims it penetrated 5,000 Israeli websites, including some containing sensitive security data, in 2015, as well as security camera feeds, Lebanese network Al-Manar declared this week.
Pro-Hezbollah news outlets in Lebanon have reported in the past that the group successfully breached Israeli websites and Facebook pages.
The Al-Manar report, however, was novel in its claim that We Are Coming accessed security camera feeds located in Israel. Al-Manar aired images allegedly taken via such breaches. The hacker group also released photos from what they claimed were same camera feeds from previous days as part of a campaign it named Shattering Illusions, meant to mark the eighth For the full article click here
from hacker samurai http://ift.tt/1Q5QoPk
via IFTTT
Thursday 18 February 2016
Weak Passwords Give Hackers The Key To Your Data
Necessary to our cyber health but the bane of our electronic existence, passwords! No sooner than you have one you really like and feel secure, the computer is tell you it’s time to change again.
“There is scientific evidence that if we are annoyed about changing our password, we will create a password that’s easier for a hacker to guess,” says CMU Cylab security expert Dr. Lujo Bauer.
That’s why “you find lots of passwords like ‘password,’ ‘password 123,’ and ‘princess 12345678.’”
During a recent sampling of users, people told KDKA they use everything from family and pet names to celebrities and old phone numbers as passwords. For the full article click here
from hacker samurai http://ift.tt/1mJVm8t
via IFTTT
Scam of the Week: The fake Facebook friend, how hackers steal money
You expect when you get a friend request it’s the real person, but fake accounts are easy to setup. An Ozark woman is dealing with an imposter, who is trying to rip off her friends.
Imogene Knell will tell you a crook, tried to get her goat. Knell’s facebook account was hacked. The swindler fished her friends and got their phone numbers. Then the thief made some calls. Luckily, Knell’s real friends caught on to the decoy.
“She said … Imogene, why would you want me to invest in one thousand dollars in a possible gamble… I said what are you talking about?” said Knell.
The hacker asked Knell’s friends to invest one thousand dollars into a gamble program.
“She would be in a drawing to possibly win one hundred thousand dollars delivered to her in cash,” said Knell.
The friend said no thanks.
“When she didn’t, the gentleman called her wanting to know where his money was,” she said.
The imposter couldn’t pull the wool over her eyes. For the full article click here
from hacker samurai http://ift.tt/1oMGgR4
via IFTTT
Los Angeles hospital pays ransom to hackers who took over its computer system
A Los Angeles hospital succumbed to the demands of hackers on Wednesday and forked over $17,000 to regain control of their computer system.
Hollywood Presbyterian Medical Center first learned of the hack on Feb. 5 and medical workers’ ability to communicate electronically was frozen by malware that demanded a decryption key, the hospital said in a statement Wednesday.
The hack reportedly affected its medical record system as well as equipment.
Hospital president Allen Stefanek said that the system was back online as of Monday after the facility gave in to the ransom demands.
“The quickest and most efficient way to restore our system and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this,” he said. For the full article click here
from hacker samurai http://ift.tt/1oMGdVE
via IFTTT
Wednesday 17 February 2016
The Pendulum of Cybersecurity : Network Security vs. Data Security
On October 6, 2015 the European Court of Justice ruled to invalidate a long standing agreement regarding the transfer of Europeans’ online information. This Safe Harbor agreement had been in place since 2000, and was critical to an awe-inspiring growth of the trans-Atlantic digital economy.
There were many reasons this decision was inevitable. But the one most compelling to US consumers and most crucial to US companies is the cultural one.In Europe, privacy is seen a fundamental right like freedom of expression. While in the US privacy is more of a consumer protection issue. That difference is colossal.
The hard truth is, here in the US, we don’t treat data well. Our companies don’t recognize data sovereignty or strive to understand it’s corporate footprint. They don’t often treat data as if it’s worth the costs of additional safekeeping beyond whatever standards are imposed by regulatory guidelines like HIPPA or PCI-DSS.
To read full article click here : http://ift.tt/20ZZTqd
from hacker samurai http://ift.tt/1VomYMn
via IFTTT
Edmonton healers and hackers join forces
Seniors are perhaps less in love with technology than Millennials, which presents a challenge to health care professionals.
To bridge it, health care experts and young developers are hunkering down this weekend to create new apps workable for even the most wifi-wary senior.
Hacking Health is a national program that works to find technological solutions for health problems, and Edmonton’s event Feb. 19-21 is turning that focus to older adults.
Event organizer Lili Liu, also the chair of Occupational Therapy at the University of Alberta, uses phones as an example. When your old one breaks, most of the options to replace it will have wifi capability and a camera — meaning seniors have more access to technology than ever before. For the full article click here
from hacker samurai http://ift.tt/1U7UsQD
via IFTTT
Why the Department of Defense just started deploying Windows 10
Starting this month, the U.S. Department of Defense will start deploying Windows 10 to about 4M devices within the next year. It’s the largest Windows 10 deployment ever, and involves upgrading every laptop and Surface tablet in use at the federal agency. It’s a vote of confidence for an operating system that is already running on 200M devices worldwide, with plans to reach 1B in the next few years. There are some sobering statistics that are motivating the agency to make the upgrades on such a robust schedule. According to a memo released last November and Microsoft’s own statements, there were an astounding 10 million cyber-attacks on a daily basis in 2012 (the year used for reporting). The DoD spends about $44B each year on cybersecurity and IT to fend off the attacks. For the full article click here
from hacker samurai http://ift.tt/1U7Uubo
via IFTTT
The Queensland government will spend $12.5 million over four years on a specialised cyber security unit to combat online hackers.
The Queensland government will create a specialised cyber security unit to protect itself from the threat of online hackers.
The government will invest $12.5 million over four-and-a-half years to beef up their IT system security and aid responses to major breaches.
“A safeguard is needed to continue the protection of the government’s data and systems into the future because we are not immune to this sort of crime,” Minister for the Digital Economy Leeanne Enoch said. For the full article click here
from hacker samurai http://ift.tt/1U7Uubm
via IFTTT
The Hubris of Hacking the FBI
NEWS ANALYSIS: Hackers who have the audacity to taunt American law enforcement should beware that the long arm of justice will find them—and fast.
The days of hacking with impunity, without any consequences or risk of penalty, may one day soon come to an end. A case in point is the rapid apprehension of an alleged suspect in the hacker attack against the U.S. Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) last week. Less than a week after hackers boasted to the media about breaching government security at least one of the alleged perpetrators is now in custody.According to Fox News, British officials arrested a 16-year-old male suspect in England on Feb. 12. That means that less than a week from the time the hackers boasted of breaching U.S. government security, that same government, working with its partners in the United Kingdom, was able to identity, locate and apprehend the attackers and has made at least one arrest. For the full article click here
from hacker samurai http://ift.tt/1U7UsAf
via IFTTT
Hackers deface JNU website to protest against anti-India slogans
Hackers breach JNU website to avenge anti-India slogans raised in the campus
The pro-Afzal, anti-Indian sloganeering has whole of India on the boild with many Indians siding with the government for cracking down on the demonstrators. They seems to have found a new ally in form of hackers who hacked the JNU website and defaced it with a pro-Indian message.
Yesterday a group of hackers defaced the JNU website’s central library home page as a mark of protest against “anti-India” sloganeering by one of the university’s student bodies. For the full article click here
from hacker samurai http://ift.tt/1XxJWlJ
via IFTTT
Tuesday 16 February 2016
ICIT Analysis: FDA Guidance on Medical Device Cyber Security
This Institute for Critical Infrastructure Technology blog post, entitled “Assessing the FDA’s Cybersecurity Guidelines for Medical Device Manufacturers: Why Subtle “Suggestions” May Not Be Enough” is an analysis of the recent Food and Drug Administration (FDA) “Draft Guidance for Industry and Food and Drug Administration Staff.” The guidance advises medical device manufacturers to address cybersecurity “throughout a product’s lifecycle” and is the latest action by the FDA which underscores its position that medical device cyber security is a priority for the health sector. However, despite the implied sense of urgency, the FDA has chosen not to implement enforceable regulations over medical device manufacturers. This examination of the FDA’s ‘suggestions’ provides a concise summary of the draft guidance as well as recommendations for the healthcare community.
Click Here to download the blog post.
For more , Click here : http://ift.tt/1mFuJBs
from hacker samurai http://ift.tt/1QjKIgn
via IFTTT
Everything To Know About Encryption
It’s the tech that keeps your banking login safe
Encryption has been a hot-button topic on the campaign trail this year. Republicans have talked about it. Democrats have debated it. The White House has weighed in on the issue. But to best understand the argument around encryption, you need to know what it actually is.
Practically as old as secrets themselves, encryption — or cryptography, as it’s sometimes called — is a way of scrambling a message to make it unreadable. The Nazis famously jumbled their communications with a device called the Enigma Machine in World War II,but the Allies were eventually able to figure out the code. Today’s best cryptography is advanced enough that it’s impossible for even the world’s greatest code breakers to crack. For the full article click here
from hacker samurai http://ift.tt/1R6k1io
via IFTTT
Hackers: Nearly Half of Internet Users Are Now Making Your Job Easier
When was the last time you thought about changing all your passwords? Unless you run a large organization or have been the victim of a cyber attack, chances are it doesn’t regularly cross your radar.
Unfortunately, this lack of awareness often leads to a lack of caution, which makes it all that much easier for hackers to get exactly what they want from you.
According to recent research released by The Kapersky Lab, nearly half of all Internet users have shared their passwords with someone else. This suggests a common but dangerous assumption: that only large companies need to be on guard against hacking and cyber attacks. For the full article click here
from hacker samurai http://ift.tt/1R6k1ie
via IFTTT
Hollywood Hospital’s Network Compromised, Hackers Demand $3.6 Million Ransom
Could you go a full day without using your PC? It might not be all that difficult on a casual basis, but for workers at Hollywood Presbyterian Medical Center, they’ve had the challenge of servicing patients without the aid of any computer systems for over a week due to a malware outbreak and subsequent ransom demand.
A local computer consultant said the ransom is in the neighborhood of 9,000 Bitcoins, which is about $3.6 million in U.S. currency. The hackers responsible likely chose Bitcoin as their payment method of choice because the cryptocurrency is anonymous and difficult to trace, especially after they’ve been laundered. For the full article click here
from hacker samurai http://ift.tt/247I47I
via IFTTT
Sony hackers alive and well, say Kaspersky and AlienVault
The attackers behind the Sony Pictures hack in 2014 are alive and well and still hacking, according to security researchers from Kaspersky Lab and AlienVault Labs.
Juan Andrés Guerrero-Saade, senior security researcher at Kaspersky, and Jaime Blasco, head of the intelligence and research team at AlienVault, have been gathering evidence of malicious activity against other victims which they say makes a strong link to the actors behind the Sony attack.
The researchers presented their work at the Kaspersky Security Analyst Summit in Tenerife, Spain. In an article in Wired, the pair detail a number of links between the Sony attack and subsequent attacks against organisations in South Korea.
Although the US government blamed the Sony hack on agents from North Korea, the researchers from Kaspersky and AlienVault refused to endorse this view, saying that attribution was inherently unreliable. For the full article click here
from hacker samurai http://ift.tt/247I47E
via IFTTT
Monday 15 February 2016
Hackers Publish Info of 20000 FBI Employees
Most of the information appeared to have been culled from internal government directories, including employees’ email addresses, phone numbers and job titles.
The breach also appeared to have been socially or politically motivated, rather than as some other form of criminal activity, with some DotGovs tweets includingpro-Palestinian messages, reported SlashGear.
The hacker also claims to have hundreds of gigabytes of data from a Department of Justice (DOJ) computer, although this information has yet to be released.
The hackers said that the DOJ Helpdesk asked the required login data available, they provide access to a used by that employee workplace.
Several news outlets were contacted by the hackers on Sunday evening and given a preview of the data, including Vice’s Motherboard blog and FedScoop. And, before the Super Bowl, the hackers warned Vice’s Motherboard what they were up to. For the full article click here
from hacker samurai http://ift.tt/1Vg5qBW
via IFTTT
Hackers are selling your Netflix password for a measly $0.25
Account information can be obtained by outside parties in any number of ways, including phishing, which involves getting a user to divulge account information under false pretense – in a fake email, for example. Infostealer Banload secretly downloads, then steals banking information from the infected computer. “We have observed malware and phishing campaigns targeting Netflixusers’ information”.
Symantec cautions Netflix users that hackers have started a Netflix pilfering campaign, and that their personal info might be at risk. The scammers trying to steal Netflix subscription details so they can sell the information in extremely cheap price.
There are so many stolen Netflix credentials out there that Payet’s screenshots of online black markets include an ad for a tool called “NetflixGenerator” that spits out freshly compromised credentials in bulk, for people who want to resell those credentials to end users. For the full article click here
from hacker samurai http://ift.tt/1Vg5oKr
via IFTTT
Hackers Demand $3.6 Million From Hollywood Hospital Following Cyber-Attack
The Hollywood Presbyterian Medical Center, a 430+ beds hospital in the middle of Los Angeles, has been hit by a cyber-attack and its systems are now being held hostage by hackers that are demanding a ransom.
The incident took place at the start of February but was kept quiet the hospital’s staff and management, who called in local police and the FBI to help investigate the incident, along with a cyber-forensics firm.
Hackers want 9,000 Bitcoin
The hackers are requesting a 9,000 Bitcoin ransom, which is about $3.6 million (€3.2 million) in today’s currency to release the “electronic keys” to unlock computers. There are no details about how this happened since everyone is keeping quiet, but two plausible scenarios exist.
The first is that ransomware hit the hospital’s IT network and spread to numerous computers via a local LAN server, and the total ransom for each infected computer amounts to around 9,000 Bitcoin. For the full article click here
from hacker samurai http://ift.tt/1U2NjRL
via IFTTT
Anonymous Hacks South Africa’s Department of Water Affairs
Members of the World Hacker Team, one of Anonymous’ subdivisions, have breached South Africa’s Department of Water Affairs (DWA) as part of the group’s #OpAfrica and #OpMonsanto campaigns.
#OpAfrica is an Anonymous social campaign launched to highlight the situation of child labor and government corruption in African countries.
The campaign started a few weeks back, and the hacktivists involved in the campaign have targeted Rwanda, Uganda, and multiple targets in South Africa. Their most recent campaign, before this incident, involved the mass defacement of 2,532 websites running on the servers of Webafrica, a local Web hosting provider.
This time around, the hackers have targeted another government institution, namely the official website of the Department of Water Affairs. For the full article click here
from hacker samurai http://ift.tt/20yvslm
via IFTTT
ARE YOU GOING TO GET HACKED WHILE LOOKING FOR LOVE ONLINE?
As the stigma around online dating begins to fade, an increasing number of young (and older) Americans are wading out into the sometimes turbulent waters of sites and apps like OKCupid, Match.com, and Tinder. In fact, 15 percent of our nation’s inhabitants now say they’ve used some sort of digital matchmaking tool, which means that a lot of these sites and apps have a lot of people’s personal information. Sure, signing up for Tinder isn’t quite like applying for a credit card, but it should still be noted that many of these online dating services collect quite a bit of data on its users. And according to recent research from security provider Seworks and security tech company UpGuard, dating apps are ripe for the picking when it comes to the next big hack.
This Valentine’s Day, Pew Research estimated that some 38 percent of U.S. singles had a profile on a dating site or app. But according to Min-Pyo Hong of Seworks, these services are all extremely vulnerable to attack. Last Month, Hong and his team reviewed five “top dating apps,” and found that “all were vulnerable to hacking, containing exploits that would enable breaches similar to the infamous attack on Snapchat … or … the leaking of users’ data from an HIV-positive dating app.” And while Hong did not disclose which apps his team analyzed in his guest post for VentureBeat, he noted that “the two very most popular we analyzed have been downloaded between 10 million and 100 million times from Google Play alone.” For the full article click here
from hacker samurai http://ift.tt/1U2NjRG
via IFTTT
Friday 12 February 2016
16yo suspected of hacking CIA, FBI, White House arrested in UK
Police in England have arrested a teenage boy on suspicion of hacking into the emails of senior US officials last year and posting nearly 30,000 US government employees’ private information online this week. He has reportedly been released on bail.
The South East Regional Organized Crime Unit (SEROCU) sent out a terse email to the media on Friday, confirming that they had arrested a 16-year-old boy in the East Midlands region of England this past Tuesday, February 9. The arrest was connected to three alleged violations of the Computer Misuse Act of 1990.
It was not immediately clear if the teen was actually “Cracka,” one of the hackers from the online collective ‘Crackas With Attitude’ (CWA) that boasted hacking into the private email accounts of CIA Director John Brennan, Director of National Intelligence James Clapper, and the senior White House adviser on science and technology John Holdren, over the past several months. For the full article click here
from hacker samurai http://ift.tt/1QdmLNM
via IFTTT
Kaspersky researcher discusses its obligations upon identifying hackers
Just last week, CDN reported on Kaspersky Lab’s identification of Poseidon Group, an entity that uses malware and extortion-like tactics to coerce victims into contracting it as a security firm, all within the scope of legality.
Kaspersky has since shed more details into the story. In an email exchange, Dmitry Bestuzhev, director of its global research and analysis team in Latin America discussed why the identification of the group matters, and just what the company will do with this knowledge.
CDN: The big piece here is that you guys say this group has been identified. But the question is, so what? What does it mean?
DB: It is very impressive to see how Poseidon Group has been active and actively attacking its victims for at least last 10 years or even more. Financial damage it actually has caused to the victims is really significant.
Identifying the threat actor, putting all that samples into one same shape, actually helps to stop it. At this point there are many things have been done, like sharing news with the media, providing protection for the customers, notifying law enforcement agencies (LEA) and providing security community with free [support]. This is definitely is a big step in a right direction to stop such threat actors like Poseidon. For the full article click here
from hacker samurai http://ift.tt/1LmiH6A
via IFTTT
Bank Info? Nah, Hackers Want Your Netflix Login
It’s time to change your Netflix password.
The streaming video service’s worldwide expansion, which took a giant leap forward in January, might have caused an unintended side effect: phishing scams targeting users’ login details in order to fuel the black market for Netflix accounts.
According to a Symantec report, attackers redirect users to an official-looking Netflix website that is actually fake. There are various sites focused on specific countries; Brazil and Denmark are particularly hot targets. If the subscriber falls for the ruse and enters his or her log-in details, the hackers capture them and can then sell Netflix access via that account on the black market.
Wait, a black market just for Netflix? Why bother, when hackers seem to have little trouble stealing credit card and bank information to buy whatever they want? For the full article click here
from hacker samurai http://ift.tt/1QxRYWd
via IFTTT
IRS outage caused by back-to-back failures, not cyberattack
The computer outage that halted IRS tax return processing for more than a day resulted from not just one hardware failures but two, the tax agency says.
An electrical voltage regulator on the computer server that handles tax returns for millions of Americans started to fail on Feb. 3, Terence Milholland, the IRS’ chief technology officer, testified at a Thursday hearing of the House Committee on Oversight and Government Reform.
As a technician worked to address the problem, a backup voltage regulator also failed, he said. Approximately 30 hours elapsed before the IRS was able to fix the regulators, which Milholland said come under “high-stress conditions” when the computer is operating, and resume normal service. For the full article click here
from hacker samurai http://ift.tt/1SnfDP4
via IFTTT
A server is not more likely to be hacked if it is located at someone’s home
People who don’t understand technology should not opine on former secretary of state Hillary Clinton’s use of a private email server [“Ms. Clinton’s ‘top secret’ emails,” letters, Feb. 3]. Claiming that information on a home computer is easily accessed by hackers is simply untrue. A computer server’s vulnerability to hackers is dependent on the safeguards that are deployed, not where it’s located.
Clinton hired a private firm to set up her email server. Whether hackers could easily access her email server could be addressed only by cybersecurity experts assessing its defensive capabilities, including its network attachments. Her private email server may well have been more secure than the State Department’s, which, at the time, apparently was not well set up to handle classified information. For the full article click here
from hacker samurai http://ift.tt/1QxRWO0
via IFTTT
Insider Threat Webinar : ICIT Fellow Brian Contos (Securonix)
Join featured speaker Brian Contos, ICIT Fellow & Securonix Vice President and Chief Security Strategist, for this provocative analysis of insider threats with real-life use cases. Brian is the author of a well-known book on insider threats, Enemy at the Water Cooler. He also co-authored a book on physical and logical security convergence with former NSA Deputy Director William Crowell. Brian is a frequent speaker at industry events and is often featured in media outlets such as CNBC, NPR, Fox, and Forbes. Following the briefing, David Swift, Principal Architect and security industry expert, will discuss how Securonix can help prevent such breaches in any organization.
For More : http://ift.tt/1TXdNEf
from hacker samurai http://ift.tt/1LloFEy
via IFTTT
Microsoft: Win 10 Will Protect States from Hackers
Microsoft’s Mandy Tidwell took to the company’s blog this week to ensure governments that Windows 10 has the best security to thwart hackers. Tidwell says that security was a prime focus as Microsoft developed Windows 10, which was released last summer. The platform promises to protect governments from the growing rise of attacks better than previous Windows releases with several built-in features.
For starters, Windows 10 offers Microsoft Passport. This service is a two-factor authentication process that combines a registered device with a user’s PIN number, fingerprint, iris, or facial features. Thanks to this, attackers will have a hard time breaking into a government employee’s account because they need that physical information. This also prevents employees from using a username and password, the latter of which is usually identical to other passwords employees utilize on external non-government sites. For the full article click here
from hacker samurai http://ift.tt/1TWzIvf
via IFTTT
IBM Researchers Hack Into A Smart Building To Highlight The Backdoors Created For Hackers
This smart building was hacked by IBM researchers to show hacking risks associated with Internet of Things
IBM security researchers are warning that building automation systems used to power so-called “smart buildings” pose a security risk to companies. According to Gartner, devices in smart homes and smart commercial buildings represented 45 percent of total connected things in use in 2015.
According to a new IBM X-Force report, all the appliances in an office that is controlled by smart devices is being countered by the inherent threat these devices can pose to the network to which they are attached. The ones that control your building’s heating, lighting and air conditioning are also no exception. For the full article click here
from hacker samurai http://ift.tt/20Za0Ig
via IFTTT
Apple Employees Offered Cash For Login Credentials By Hackers
A recent coverage by Business Insider revealed that Apple employees are frequently targets of attempts by hackers to gain access to the Apple employee database through their login privileges. Reports confirm that two Apple employees based in Ireland were offered up to $23,000 for access to their login ID and password to the company’s employee portal.
A further follow-through by the tech-magazine iDigitalTimes threw further light on the matter – revealing that not just well-placed employees but even interns are often offered large sums of money for access to the login information. Typically, though, employees who have a lot of power and responsibility over the company’s operations get send emails offering them thousands of dollars for said information.
While it is incredulous to think that an employee as well-placed as Apple would even consider giving away their login information for a few thousand dollars, thereby risking their jobs (one of the most coveted handful of positions in the tech world), reports say that it is possible that some employees have actually taken the bait and the money for their trust. For the full article click here
from hacker samurai http://ift.tt/1QbkrAE
via IFTTT
Subscribe to:
Posts (Atom)