http://ift.tt/28XmPgY
from Hacker Samurai http://ift.tt/28XmPgY
via IFTTT
Thursday 30 June 2016
Norton tackles hackers using Wi-Fi
Norton by Symantec has introduced a new privacy app designed to shield consumer information from hackers targeting unsecured Wi-Fi networks.
According to the Norton Wi-Fi Risk Report, the online habits of consumers gives hackers unimpeded access to sensitive data like banking information or social media passwords.
“What turns people into easy targets is confusion about the security of public Wi-Fi networks. Norton found that only 35% of global consumers are able to distinguish between a secure and an unsecure Wi-Fi network,” explains Mark Gorrie, director, Norton Business Unit, Pacific region, Symantec.
“Most people assume that all Wi-Fi networks available in public places like airports, hotels and cafes have security built-in,” he says. “That’s not the case. For the full article click here
from hacker samurai http://ift.tt/294KBHv
via IFTTT
25k connected cameras used as botnets; can your CCTV be hacked?
Are your CCTV cameras being used by hackers to attack other computers?
If you have purchased one from a random cameras with weak security encryptions, chances are that your CCTV could well be one among the thousands of cameras that are being used as botnets.
A US-based security firm has warned those who own Internet connected cameras, devices including the manufacturers to be aware of a serious emerging threat where hackers have hijacked IoT devices to stage attacks on other systems.
The case is being considered as the first major evidence of Internet of Things (IOT) becoming a serious security threat where hackers penetrate connected devices and use them to launch their attacks on vulnerable targets.
According to new revelations hackers first penetrated more than 25,000 connected CCTV cameras spread across 105 countries and later used them as botnets to attack their target. For the full article click here
from hacker samurai http://ift.tt/294KKuQ
via IFTTT
OurMine: The Group Who Hacked Zuckerberg And Pichai
What probably became as big a news as the hacking of Facebook CEO Mark Zuckerberg’s Pinterest and LinkedIn accounts, was the password that he used for both accounts. As revealed by the hackers, the password was ‘dadada’. The group responsible for the hacking calls itself, OurMine.
In the last few years, the hacking groups that have earned the most fame, or rather, notoriety, have been Anonymous and GhostRec. The last couple of weeks though belonged to the three-man team of OurMine.
The group’s latest target was Google’s CEO Sundar Pichai. They hacked his Quora account and posted several messages from there, mostly informing him about the lack of security on the account and how they could help him improve it. Pichai’s Quora account was linked to his Twitter account, and OurMine posted many messages there too. “Hey, it’s OurMine, we are just testing your security, please visit OurMine to upgrade it,” they tweeted.
OurMine claims that they are a security group. After hacking Pichai’s account they said that they never change any account passwords and only post the messages to indicate that the account can be hacked. For the full article click here
from hacker samurai http://ift.tt/294KDPZ
via IFTTT
Hackers investing 40% of crime proceeds in new criminal techniques
Nikolay Nikiforov, an official spokesperson at Russia’s Ministery of Communications, told SC that investment of crime proceeds in new attack methods is mainly due to a change of priorities by hackers seen in recent years whereby they are no longer solely interested in attacks on the private bank accounts of individuals, but mainly targeting the breach of correspondent accounts of banks.
This view is repeated by Sergey Semenov, deputy director of the Russian Ministry of Internal Affairs department tasked with fighting cyber-crimes, who says that hackers are constantly exploring and designing new technologies and techniques that will allow them to simplify their attacks to make them even more devastating.
For this reason, in recent years hackers have, according to Semenov, become active commissioners of different types of research dedicated to the problems of cyber-safety, usually ordered by them under the guise of legitimate startups or industry analysts. For the full article click here
from hacker samurai http://ift.tt/29dpB5f
via IFTTT
Wednesday 29 June 2016
This malware pretends to be WhatsApp, Uber and Google Play
Hackers are stealing credit card information in Europe with malware that can spoof the user interfaces of Uber, WhatsApp and Google Play.
The malware, which has struck Android users in Denmark, Italy and Germany, has been spreading through a phishing campaign over SMS (short message service), security vendor FireEye said on Tuesday.
Once downloaded, the malware will create fake user interfaces on the phone as an “overlay” on top of real apps. These interfaces ask for credit card information and then send the entered data to the hacker.
This family of malware continues to evolve. Since February, FireEye has observed 55 malicious programs in Europe that use the same overlay technique.
Earlier versions targeted banking apps, but now the malware can spoof the interfaces to more popular software, including WhatsApp and Google Play.
Users tend to input credit card information into these products as well as into banking apps, FireEye researcher Wu Zhou said in an email. For the full article click here
from hacker samurai http://ift.tt/29eMKD9
via IFTTT
Hurd Continues Cybersecurity Focus
A conference pushes cybersecurity to small and mid-sized businesses in San Antonio.
Congressman Will Hurd said the businesses know it’s important, because the owners across his district ask him about all the time.
“People understand the impact this is having,” he said. “Whether it’s a business person that’s trying to figure out how to protect themselves or someone asking ‘why did my credit card get reissued,’ this is an issue that almost everyone has been touched by.”
Hurd was a guest speaker at the Cybersecurity Conference in downtown San Antonio Tuesday, a chance for those small and medium sized business owners to learn how to protect themselves.
“They may not necessarily know what they can do, but events like this are great to bring the experts in, so, they can start asking those questions and figure out where to go,” he said. For the full article click here
from hacker samurai http://ift.tt/294Nyxz
via IFTTT
3 ways your smartphone can be hacked without you knowing
It’s more important than ever to be vigilant with online security as hackers are finding new creative ways to steal your information. Savvy digital thieves can target your smartphone without you even knowing about it, which leaves your sensitive data at risk.
If your phone gets hacked, sometimes it’s obvious. Ransomware, for example, will take over your phone and lock your entire system down. A message will display on the screen demanding that you pay a fee if you want to get your files back. If you missed our story about how ransomware is spreading to phones and tablets,
But sometimes hackers sneak malware onto your device without you even knowing it. Trojans likeAcecard hide in your system then slowly get worse. This is when malware can do the most damage, because it can infect your operating system for months, even years, before you realize there’s a problem.
We’ve covered how you can secure your smartphone in the past, but there are other things you can do to protect yourself from getting hacked. That’s why we’ve put together this list of things to watch out for. For the full article click here
from hacker samurai http://ift.tt/294NCgJ
via IFTTT
New study shows your apps could be putting your personal information at risk
CLEARWATER, Fla. – A new study shows more than a quarter of all third-party applications for your smartphone or tablet are putting you at risk of being hacked.
Cloudlock, a cyber security company, revealed in the study several popular apps that could allow hackers an easy gateway to your personal information.
“I was surprised that 27 percent of apps are dangerous to run, that’s a lot,” Stu Sjouwerman, CEO of Clearwater-based Knowbe4 cyber security, said.
We showed Sjouwerman Cloudlock’s study which revealed more than a quarter of all third party apps put your company at risk for being hacked if not managed carefully.
Sjouwerman added it’s not just your company that could have a security risk. Home internet and devices are just as susceptible. For the full article click here
from hacker samurai http://ift.tt/29c6dHs
via IFTTT
How worried are you hackers will discover our locations?
For consumer navigation and location-based services, how worried should we be about hackers discovering or corrupting our locations?
Three industry experts gave their opinions on this issue — now it’s your turn!
Go to http://ift.tt/29aEZ40 poll and register your vote. Do so by July 20 and you’ll be entered into a drawing for a $50 Visa gift card.
For the record, here’s how the experts weighed in.
Janice Partyka, Contributing editor, GPS World; Principal, JGP Services
A: Very worried. Just about any connected device can be hacked, including iPhones or Android phones, regardless of fingerprint recognition technology or complex passwords. Hackers can listen to conversations or access the location positioning via flaws in a portion of mobile networks called Signaling System 7. Hackers using common software-defined radio tools have discovered a cheap way to make a GPS emulator to falsify the GPS location of smartphones and in-car navigation systems. For the full article click here
from hacker samurai http://ift.tt/29c5Gp1
via IFTTT
Tuesday 28 June 2016
Hospital tech targeted by hackers
A new security survey has highlighted how cyber-attackers are continuing to target the healthcare industry, leading to a rise in the number of successful attacks against hospital networks.
The report by security firm TrapX explains how attackers have evolved and are now increasingly targeting medical devices that use legacy operating systems that contain known vulnerabilities. By camouflaging old malware with new techniques, the attackers are able to successfully bypass traditional security mechanisms to gain entry into hospital networks and ultimately to access sensitive data.
Healthcare is now the most frequently attacked industry according to the report, beating financial services, retail and other industries. As a result, it has been very difficult for healthcare organisations to keep pace with the number and sophistication of attacks they have to deal with.
The report – MEDJACK.2 – is based on first-hand research gathered from medical hijack attacks documented by medical organisations that have deployed the TrapX security solution. The report details threat data and analysis in three new hospital case studies that chronicle the sophisticated evolution of ongoing advanced persistent attacks detected between late 2015 and early 2016. These attacks, which target medical devices deployed within hospitals’ computer networks, contain a multitude of backdoor and botnet connections, giving remote access for attackers to launch their campaign. For the full article click here
from hacker samurai http://ift.tt/292m63v
via IFTTT
Hackers sent out false Greens mail
Norway’s Greens Party won big in last year’s municipal elections but has since lost popularity after carrying out some of its tough environmental measures. Now the party reportedly has fallen victim to hackers, who sent out thousands of false emails from a Greens account during the night that claim the party actually “loves” fossil fuels and wants to legalize marijuana.
The Greens’ membership secretary, Hans Joar Høiby Hansen, confirmed to state broadcaster NRK that the party’s email account was hacked. He declined to comment further on Tuesday morning.
As many as 10,000 emails were sent out to email addresses registered by the party(Miljøpartiet De Grønne, MDG). Their messages were clearly designed to embarrass the party and baffle its supporters.
In one of them, the party allegedly announced that it had radically changed its position on fossil fuels. “MDG love fossil fuels!” one mail exclaimed, adding that “without fossil fuels, we wouldn’t be as well off today as we are.” The mail linked to a video that promotes fossil fuels, ending with a greeting: “Have a nice summer and don’t have any bad conscience flying.” For the full article click here
from hacker samurai http://ift.tt/29bWIFi
via IFTTT
Hackers do the Bart, man, to spread ransomware attacks
SECURITY RESEARCHERS at Proofpoint have warned punters to watch out for another ransomware threat that wants to part you from money and feather a bastard’s nest.
Yup. Unbelievable. You probably thought that you had enough to worry about already. Turns out that you don’t. Get out a pen and send round word that the Bart ransomware is here and will lock up your data and your content and not let you have it back until you pay up, or do something else to restore your services.
The advice, as always, is not to pay up, but that is not the message that ransomware hackers put out. They say the opposite, but then they would as they have gone to some effort to get into this position. There are a lot of ransomware attacks these days.
Proofpoint said in a blog post that the hack is enabled through an email that promises to include photos. Anyone opening unsolicited emails that include nothing but ‘photos’ probably gets all they deserve, but we aren’t here to judge. For the full article click here
from hacker samurai http://ift.tt/292m3F1
via IFTTT
SYP website brought down by ‘Albanian’ hackers
South Yorkshire Police (SYP) has become the latest force to fall victim to hackers.
On Sunday (June 26) the force’s website was breached by a group believed to be of Albanian origin.
It was unavailable from lunchtime until approximately 3pm that day.
During that time the front page of the site showed an image of the Albanian flag alongside the words “hacked by no-Fawk-al Kuq e zi”.
While there is no literal translation for the first part of the phrase “Kuq e zi” is Albanian for red and black – the colours of the national flag.
The page also featured the words “red and black I dress, an eagle on my chest keep my head up for the flag, it’s good to be Albanian” and included a link which directed users to a page featuring clips of the Albanian football team.
The message was later changed stating that no data had been leaked or deleted and reading: “Simple a deface page was uploaded..update your drupal version Website Currently Under Construction Albanian Hackers,” it said.
A spokesperson for SYP would not confirm how the attack was carried out, but said the force was investigating the incident. For the full article click here
from hacker samurai http://ift.tt/29bWgHj
via IFTTT
REVEALED: Hackers used the VATICAN CITY to manipulate ‘second referendum’ petition
The government petition, which was manipulated by a ‘bot’ to add thousands of fake signatures every minute, has now reached nearly four million.
An inquiry by the Petitions Committee has already removed 77,000 names which it said were added “fraudulently” – with tens of thousands electronically registered to some suspect internet domains.
It’s been reported 42,000 signatories were registered to the Vatican City, a walled enclave in Rome that is the smallest state in the world by both size and population. For the full article click here
from hacker samurai http://ift.tt/292lzi5
via IFTTT
Monday 27 June 2016
ICIT Report: CISO Solution Fatigue – Overcoming the Challenges of Cybersecurity Solution Overload
Due to the plague of APTs, malware, ransomware and other malicious initiatives by invisible adversaries, few C-level executive positions are as critical as the CISO. A well informed CISO can improve the engagement of the C-Suite and improve the cyber posture of the organization. However, due to a variety of factors, CISOs combat information overload and vendor solution overload on a daily basis and must learn how to prioritize and communicate strategically to be effective in their role.
In this report, entitled ” CISO Solution Fatigue – Overcoming the Challenges of Cybersecurity Solution Overload,” ICIT discusses the growing phenomenon of solution overload and provides strategic recommendations for CISOs and the vendor community to overcome this obstacle in order to ensure optimal security for the organization. Specifically, the report discusses:
- Contributing Factors to Solution Overload
- Addressing Organizational Needs
- Communicating Across the Organization
- Return-on-Investment For the full article click here
from hacker samurai http://ift.tt/29gpfbw
via IFTTT
Three methods to prevent hackers from recovering data from your old phone
With mobile operating systems constantly emerging with newer features, each version of the operating system requires optimal hardware to run on. New operating systems tend to lag on older smartphone hardware and upgrading a phone’s hardware is not possible. The maximum possibility is to upgrade your storage, but many phones, for instance the iPhone, does not offer a micro SD card slot. So what do you do? Replace it with an upgraded new generation smartphone and dump / sell the older one.
So what do you do when you want to get rid of your old phone? One simple answer anyone would give is ‘factory reset it’. Well, though you should do it, simply factory resetting the phone will not ensure that your data is completely wiped off.
If you did not know this by now, then you should. A smarpthone can be easilyunformatted and data can be recovered by using some third-party recovery software. All this can be done on almost any smartphone out there and data on the phone recovered in less than a day. So if you have some really sensitive data on your old smartphone, you could end up in trouble if it falls in the wrong hands. For the full article click here
from hacker samurai http://ift.tt/28Ym2No
via IFTTT
Fed agencies look to encourage use of ethical hacking in healthcare
The healthcare industry is a prime candidate to benefit from ethical hacking, a concept that could help bolster the cybersecurity of provider organizations and payers.
That’s the opinion of Lucia Savage, chief privacy officer in the Office of the National Coordinator for Health IT, who believes ethical hacking could help probe cyber defenses to identify weaknesses,.
Ethical hackers are computer and networking experts who attempt to penetrate information systems on behalf of its owners to find security vulnerabilities that a malicious hacker could potentially exploit. For the full article click here
from hacker samurai http://ift.tt/28YmaMX
via IFTTT
New Google Chrome Bug Allows Hackers to Pirate Netflix Movies
Content piracy is one of the major things that are setting back the digital entertainment industry. However, the major players in the industry have devised means to combat this behavior using a tool known as digital rights management or simply as DRM.
What DRM technology does is help owners of copyrights restrict any unlawful access to content that has been stored on digital mediums. One of the companies that are currently taking advantage of the DRM technology is Google. Through its extremely popular Chrome browser, Google allows users to stream content from different streaming companies to their desktops or even mobile devices. Netflix is one such streaming company and apparently, security researchers have discovered a flaw in the DRM technology with respect to Chrome – a flaw that allows hackers to easily bypass the DRM security protocols and access Netflix content for free.
Google uses Widevine DRM technology to restrict any unauthorized access to copyrighted content that is streamed through the Chrome web browser. What this Widevine DRM does is to communicate with the available content protection systems from different video streaming companies such as Netflix, Hulu, Sling TV, Twitch and so on. This communication allows the DRM to take care of license or key exchanges that are meant for decrypting of the said content in Google Chrome. For the full article click here
from hacker samurai http://ift.tt/28YmcnS
via IFTTT
Quora Account Of Google CEO Sundar Pichai Hacked
The hacking group OurMine is at it again, and this time the victim is none other than Sundar Pichai, the CEO of Google.
The hackers broke into Pichai’s Quora account and posted several messages via the social media account. Since Pichai’s Quora account is linked to his Twitter account, OurMine was easily able to broadcast its feat to all of Pichai’s 508,000 followes.
The team announced its achievement on its website on Monday, June 27.
“Today, we checked Sundar Pichai Security, and we got access to his twitter & Quora accounts, his security was really weak,” noted OurMine.
OurMine is a three-person hacker outfit and seems to have a thing for CEOs. Earlier in June, as we reported, Facebook’s CEO Mark Zuckerberg’s Pinterest and Twitter accounts were also hacked by OurMine. The hackers posted to Zuckerberg’s Twitter account, which had been inactive since 2012. Twitter was quick to respond and swiftly suspended his account temporarily. For the full article click here
from hacker samurai http://ift.tt/28Ymhb3
via IFTTT
Saturday 25 June 2016
These People Hacked Uber — And May Have Learned Everything About You
Uber has faced criticism for its treatment of drivers and its treatment of women — now it’s under fire for its treatment of your personal information.
Researchers Vitor Oliveira, Fábio Pires and Filipe Reis from Portugal-based security firm Integrityrecently found a bunch of vulnerabilities in Uber’s app, one of which let the hackers see a user’s name, full trip path, their driver’s name and the license plate and car model, according to Integrity’s blog post.
Oliveira confirmed the vulnerabilities in a Twitter direct message and said “now it’s all fixed.”Uber corroborated this by emailing Mic a link to the Integrity team’s blog post, where it detailed that all of the bugs the security researchers found had either been resolved or previously reported.
Uber paid the team a total of $18,000 for spotting four vulnerabilities, Oliveira said. For the full article click here
from hacker samurai http://ift.tt/28YYhsT
via IFTTT
The clownish fight over who hacked the DNC
A war of words has erupted over whether the DNC hack was an act of espionage by the Russian government, between soundbite-ready security firm CrowdStrike and a lone hacker who’s unkindly claiming credit. And the conspiracy-theory fans went wild.
It all began with a Washington Post article many infosec denizens thought was a thinly-disguised PR puff piece for CrowdStrike.
The June 14 article Russian government hackers penetrated DNC, stole opposition research on Trump was definitive. It was also singled out for being fawning, without skepticism and lacking in technical details. The article refrained from using the word “sophisticated,” but did echo Cold War rhetoric about the Russian government’s intent on evil like the Reagan ’80s were back in style. For the full article click here
from hacker samurai http://ift.tt/28SAK9s
via IFTTT
What Your CEO Is Reading: NYC Shut Down; Fight Hacks…With Tape; Doing Unemployment Right
Every week, CIO Journal offers a glimpse into the mind of the CEO, whose view of technology is shaped by stories in management journals, general interest magazines and, of course, in-flight publications.
Tape: Part of every CEO’s cyber arsenal. A photo of Mark Zuckerberg beaming in Facebook Inc.’s open-plan Menlo Park headquarters made news this week when some noticed what appeared to be tape covering the camera and possibly the microphone of a nearby laptop. How funny that the person made rich vacuuming the personal data of millions should be so concerned about his own privacy, the hoi polloi chuckled. Slate’s Will Oremus thinks a little paranoia is a good thing, given that “webcam hacking is a demonstrably real phenomenon.” He continues: “[Zuckerberg] is highly likely to be the subject of various attempted hacks, to the point that it would be rash of him not to take extra security measures. FBI Director James Comey does it, too.” Break out the tape.
The hack that could take down NYC. New York Magazine’s Reeves Wiedeman imagines a scenario where Europe-based black hat hackers, after spending the last decade infiltrating corporate networks, shift from making money to making mayhem: “The hackers would get paid, but they also hoped their attack would dent America’s complacent faith in order and in the technology and political authority For the full article click here
from hacker samurai http://ift.tt/28YYa0m
via IFTTT
U.S. targets top lists of ransomware hackers
Cybercriminals are focusing their ransomware attacks on the U.S. and a handful of other countries, according to a new report from Kaspersky.
Such attacks on U.S. computers and networks are not only growing, but cybercriminals are using their most potent form of the malware to target U.S. users. Those “crypto” variety attacks encrypt the targeted user’s files.
Kaspersky’s research, which used randomized data from its customers around the world, said crypto attacks surged more than five-fold.
Even though the group’s study focused on private and corporate users, company experts told FCW that doesn’t mean federal, state or local governments aren’t potential targets. The Department of Homeland Security confirmed as much earlier this year, when it reported more than 300 incidents of ransomware on federal networks. For the full article click here
from hacker samurai http://ift.tt/2990a2d
via IFTTT
Trump insists hackers breached Clinton email server, struggles to support claim
Donald Trump struggled Thursday to substantiate his allegation that presumptive Democratic presidential nomineeHillary Clinton’s private email server was compromised by hackers when pressed by NBC News anchor Lester Holt.
In response to claims made by Mr. Trump a day earlier during an address Manhattan, Mr. Holt asked the GOP presidential hopeful to explain how he learned Mrs. Clinton’s private email server had been hacked.
As the interviewer pressed for answers, though, Mr. Trump wrestled for an explanation that ultimately ended with him promising to deliver proof at a later date.
“But is there any evidence that it was hacked other than — routine phishing —” Mr. Holt asked. For the full article click here
from hacker samurai http://ift.tt/2990cHg
via IFTTT
Friday 24 June 2016
Clinton failed to hand over key email to State Department
WASHINGTON Former Secretary Hillary Clinton failed to turn over a copy of a key message involving problems caused by her use of a private homebrew email server, the State Department confirmed Thursday. The disclosure makes it unclear what other work-related emails may have been deleted by the presumptive Democratic presidential nominee.
The email was included within messages exchanged Nov. 13, 2010, between Clinton and one of her closest aides, Deputy Chief of Staff Huma Abedin. At the time, emails sent from Clinton’s BlackBerry device and routed through her private clintonemail.com server in the basement of her New York home were being blocked by the State Department’s spam filter. A suggested remedy was for Clinton to obtain a state.gov email account.
“Let’s get separate address or device but I don’t want any risk of the personal being accessible,” Clinton responded to Abedin.
Clinton never used a government account that was set up for her, instead continuing to rely on her private server until leaving office. For the full article click here
from hacker samurai http://ift.tt/293N5aD
via IFTTT
Two Reports Expose Details of Chinese and Russian Government–Backed Hackers
Whether Russian government instructed hackers to breach the server of Democratic National Committee and steal research of opposition on Donald Trump as well as other documents in recent times, is still not confirmed.
Not only one but two hacker groups of Russian government breached computer network of DNC (Democratic National Committee), to spy on the internal communications and steal research of opposition on Donald Trump, presidential candidate of Republican.
Cozy Bear that successfully penetrate unclassified networks of State Department, Joint Chiefs of Staff and White House in the year 2014, infiltrated Democratic National Committee last summer, as well as monitor the chat and email communications. CrowdStrike believes that Cozy Bear might work for the FSB (Federal Security Service) of Russia. For the full article click here
from hacker samurai http://ift.tt/28RJHAS
via IFTTT
Another Security Company Blames Russia-Based Hackers for DNC Attacks
Russian hackers striking DNC (Democratic National Committee) as also the campaign of Hillary Clinton have dug deeper into United States of America’s political system attacking consultants, lobbyists, law firms, and think tanks comprising policy groups and foundations, says one person who has knowledge of the attacks’ investigations.
One detailed spear-phishing scam was used for targeting nearly 4,000 Google A/Cs with the intention of duping people into enabling admission in order that organizational and personal accounts could be hacked for stealing information. The scam was spread during October through the middle of May, said the person requesting anonymity as he discussed secret information.
The person’s input supports the conclusion which CrowdStrike the security company reached last week stating twin Russia-situated hackers’ gangs were responsible for the hack. For the full article click here
from hacker samurai http://ift.tt/28Q29sK
via IFTTT
Isis hackers release new ‘random’ kill list with 4000 names from database previously available online
An Islamic State (Isis)-affiliated hacker group called the Caliphate Cyber Army (CCA)has released a new “kill list” on social media, with names, addresses and emails of over 4,000 people from across the globe. While almost half of the names in the list are of Americans, residents of the UK, France, Canada and India have also reportedly made it to the list.
The hacker group distributed the list on the encrypted messaging service, Telegram, calling for Isis supporters to target the individuals listed. “O wolves of the Islamic State, [this is a] very important list, kill them immediately,” the hacker group said.
According to reports, over 280 names on the list belong to Indian nationals, although it is still uncertain if those listed are civilians or military and/or government officials. Coincidentally, some reports credits the UCC (United Cyber Caliphate) for releasing the list. However, since the CCA was incorporated into the UCC when the various pro-Isis hacker groups were merged in April 2016, the credit could perhaps be attributed to both hacker groups. For the full article click here
from hacker samurai http://ift.tt/28Q2hIv
via IFTTT
Ex-Central hoops teammates reunite each year at Hackers event
Arnie Butler found himself in some trouble on hole No. 3 at the Pueblo Country Club Thursday when his second shot landed in the bunker to the right of the green.
His third shot quickly got him out of trouble.
Butler’s chip shot hit the green and rolled right to the pin, hitting the pin and dropping into the hole for par.
“It’s been awhile since I’ve done that,” Butler said. For the full article click here
from hacker samurai http://ift.tt/28Q2bRf
via IFTTT
Thursday 23 June 2016
Event Information: Leveraging MFA Everywhere and Derived Credentials for Federal Identity Management
Registration is required to join this event. If you have not registered, please do so now.
Event status: Not started (Register)
Date and time: Thursday, June 30, 2016 10:00 am
Pacific Daylight Time (San Francisco, GMT-07:00)
Change time zone
Program: CIS Monthly Demo
Duration: 1 hour
Description: HSPD– 12 calls for a mandatory, government– wide standard for secure and reliable forms of identification issued by the federal government to its employees and to the employees of federal contractors. The implementation of this standard will ensure the identification for government employees and contractors is reliable and secure.
Join this webcast as Centrify’s Jonathan Bensen and Greg Cranley address key steps and strategies for a successful implementation of an identity management program and HSPD– 12 / PIV solution, including MFA, use of CAC and PIV to access all systems, applications, databases and Big Data and use of Derived Credentials to authenticate individuals who use mobile devices and need access to controlled facilities, information systems, and applications. For the full article click here
from hacker samurai http://ift.tt/28PBxWZ
via IFTTT
Hackers accessed Hillary’s emails, but State record-keepers shut out
NEW YORK – As Hillary Clinton’s IT specialist, Brian Pagliano, invoked the Fifth Amendment more than 125 times in a 90-minute deposition with Judicial Watch attorneys, the Washington-based watchdog released records providing evidence Clinton’s private email server was vulnerable to hackers.
The newly released State Department emails, referenced in the May 2016 State Department inspector general report, also make clear Clinton refused to utilize the State Department’s secure email system because she wanted to deny the State Department access to emails she chose to define as “personal.”
She knew that all emails transmitted via her private server would evade the State Department’s email archiving infrastructure, which was designed to make the messages available to Freedom of Information Act requests.
“The new Hillary Clinton email records show she had zero interest in disclosing her emails to the public as the law requires,” said Judicial Watch president Tom Fitton. For the full article click here
from hacker samurai http://ift.tt/28OHUtM
via IFTTT
Russian hackers target Hillary’s presidential campaign
Russian hackers, believed to be working on behalf of the government, have targeted key members of Hillary Clinton’s presidential campaign according to new research.
A hacker group dubbed Threat Group (TG-4127) has been singled out by SecureWorks’ Counter Threat Unit research team as the source of attacks, designed to redirect Ms Clinton’s campaign employees to a controlled URL that spoofed a legitimate Google login page.
TG-4127 targeted the Hillary for America campaign mail solution and website, which use Google Apps, and targeted 108 email addresses of staff members on the hillaryclinton.com domain in order to gain access to their email accounts.
Researchers said 213 short links were created and 20 of them have been clicked.
Ms Clinton’s national political director, finance director, directors of strategic communications, scheduling, and travel and her travelling press secretary were all targeted. For the full article click here
from hacker samurai http://ift.tt/28U4JzO
via IFTTT
No one safe from hackers after Facebook founder Mark Zuckerberg covers webcam with tape
An eagle eyed man has spotted a small detail in a photo Mark Zuckerberg posted online which has sparked paranoia of hackers being able to spy on people through their own webcams.
In a photo the Facebook founder posted online to celebrate 500 million Instagram users it showed his laptop had tape blocking the webcam.
Twitter user Chris Olson pointed out the billionaire’s cheap fix to protect his privacy and also noted his mic jack was covered with tape.
“I noticed Mark used some good-old tape to cover his microphone and webcam, something that I’ve seen people use before to protect against hackers,” Olson wrote on his Facebook page. For the full article click here
from hacker samurai http://ift.tt/28OI6ZT
via IFTTT
Vulnerability not value lures most hackers, says ethical hacker: exclusive interview
The majority of hackers are attracted by discovered vulnerabilities in an organisation’s networks rather the value of any data assets held, according to a Malaysia-based ethical hacker who acts as a security consultant to the financial services sector in Malaysia.
LE Global Services (LGMS) executive director and senior IT security consultant Fong Choong Fook told Computerworld Malaysia in an exclusive interview that in his experience targeted cyber threats were now spreading out from financial services to many other sectors.
Companies are potential targets irrespective of the industry they are in, said Fong. “Many companies, feel secure in not being in ‘lucrative’ fields such as finance or banking, and they feel content to put in place basic ground-level defences and hope to get by. That alone is not enough.”
Citing a Gartner report, Fong said that 75 percent of attacks today occur at the application level. “Despite the common use of defences such as web application firewalls and intrusion prevention and detection systems, hackers still pose a serious liability and not often stopped or detected.” For the full article click here
from hacker samurai http://ift.tt/28U4WCZ
via IFTTT
HILLARY CLINTON, DNC CAMPAIGN STRATEGY OUTLINED IN DATA DUMP BY HACKER
Hillary Clinton and the Democratic National Committee’s strategy has been outlined in the latest data dump by a hacker first reported to be Russian.
According to NBC News, the DNC first described the breach as a “disinformation campaign,” although some US officials suspected that it was espionage. Crowstrike, the third-party firm called in to secure the system and apprehend the hacker, first identified the perpetrators as Russians.
The firm then said in a statement that the hackers were looking at “political campaigns, strategies, and foreign policy plans.”
On Tuesday, the hacker then dumped a significant amount of data taken from the Democratic party’s systems. It included information that points to Hillary Clinton’s vulnerabilities as the party’s presumptive presidential nominee, including the email controversy. For the full article click here
from hacker samurai http://ift.tt/28OHYJW
via IFTTT
Wednesday 22 June 2016
Report: Russian Hackers Breached Clinton Foundation
Russian hackers have infiltrated The Bill, Hillary and Chelsea Clinton Foundation, according to a news report that comes days after disclosures that the country’s operatives targeted the Democratic National Committee’s computer network.
Bloomberg, citing three unnamed sources familiar with the matter, reported Tuesday that government investigators detected the data breach as recently as last week and that the attack was part of a broader campaign seeking information from more than 4,000 individuals that included political advisers, lawyers and party aides.
The report comes amid lingering questions about the Clinton Foundation’s fundraising as well as allegations that the Democratic front-runner’s use of a personal email server during her term as secretary of state potentially exposed sensitive information to hackers.
A spokesman told Bloomberg that the foundation was unaware of the hack.
The incident follows findings this week from cybersecurity firms CrowdStrike and Fidelis that suggest members of Russian intelligence agencies accessed the networks of the Democratic National Committee for nearly a year and downloaded data, including opposition research about Republican presidential front-runner Donald Trump. The Russian government has denied involvement. For the full article click here
from hacker samurai http://ift.tt/28P0ze2
via IFTTT
Hackers hit central banks in Indonesia and South Korea
In the month since activist hacking group Anonymous pledged to target banks across the world, senior officials have said the public websites of the central banks of both Indonesia and South Korea have been hit by cyber attacks.
In response to the attempted hacks, Bank Indonesia has blocked 149 regions that do not usually access its website, including several small African countries, deputy governor Ronald Waas told Reuters.
Waas said several central banks were hit by similar attacks and were sharing the IP addresses used by the perpetrators.
According to officials, no money was lost in the attacks on Bank Indonesia and the Bank of Korea, which were mainly distributed denial of service (DDoS) attempts. They also said there is no word on who is responsible for the attacks. For the full article click here
from hacker samurai http://ift.tt/28P0x5S
via IFTTT
Abilene BBB warns of phone system hacking
At least two Abilene businesses have had their phone systems hacked, according to Better Business Bureau President Steve Abel, a warning shot for other entities that use such voice mail systems.
“A phone hacking scam is a form of fraud that occurs when hackers break into a company’s voice mail system and rig it to either accept collect calls or place outgoing calls to international phone numbers — usually running up thousands of dollars on the business’s phone bill before they’re stopped,” Abel said Tuesday in an email.
Hackers call into a company’s voice mail system and search for voice mailboxes that still have the default passwords active — or have easily guessed combinations, such as 1-2-3-4, he said.
“Once he’s ‘in,’ the hacker will change the voice mailbox’s outgoing greeting,” he said.
An example would be: “Yes, operator, I will accept the charges,” Abel said. For the full article click here
from hacker samurai http://ift.tt/28P0Aid
via IFTTT
Hackers who leaked DNC files also broke into Clinton Foundation
The same hackers who penetrated the Democratic National Committee also succeeded in breaking into the Clinton Foundation, it was disclosed Tuesday.
The news broke just as leaks from the DNC hack — which was disclosed last week — began to appear online.
The perpetrators were said to have “links to the Russian government,” according to Bloomberg News, which first reported that the foundation had been compromised.
“The hackers in fact sought data from at least 4,000 individuals associated with US politics — party aides, advisers, lawyers and foundations — for about seven months,” Bloomberg reported. For the full article click here
from hacker samurai http://ift.tt/28OMLzJ
via IFTTT
Tuesday 21 June 2016
The Russian government hacked the DNC after all
Last week, the Democratic National Committee had its servers compromised, and swaths of files – including opposition research on Donald Trump, and reports on key Republican presidential candidates – were released anonymously to several media outlets, including Gawker.
The DNC said an initial assessment concluded the attack came from Russian hackers. But days later, an ostensibly lone hacker known only as ‘Guccifer 2.0′ claimed responsibility for the attack, and in a statement rife with broken English and syntax errors, said he did it alone.
“Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by ‘sophisticated’ hacker groups,” said a statement posted on the Guccifer blog. “I’m very pleased the company appreciated my skills so highly))) [sic] But in fact, it was easy, very easy.”
As it turns out, Guccifer was a front.
Multiple independent cybersecurity firms have now confirmed that the attack did indeed originate from the Russian government, and was likely carried out by APT28 – a cyber-espionage groupconfirmed by the German government to be an apparatus of the Russian GRU, the Kremlin’s chief foreign intelligence agency. For the full article click here
from hacker samurai http://ift.tt/28LdFXz
via IFTTT
Hackers hit Indon, S.Korea central banks
The central banks of Indonesia and South Korea have been hit by cyber attacks on their public websites since activist hacking group Anonymous pledged last month to target banks across the world, senior officials say.
In response to the attempted hacks, Bank Indonesia has blocked 149 regions that don’t usually access its website, including several small African countries, deputy governor Ronald Waas told Reuters in an interview late on Monday.
He said several central banks were hit by similar attacks and were sharing the IP addresses used by the perpetrators.
Central banks have been on high alert in the wake of revelations that hackers issued fraudulent money transfers to steal $US81 million ($A108.72 million) from the Bangladesh central bank in February.
No money was lost in the attacks on Bank Indonesia and the Bank of Korea, which were mainly DDoS (distributed denial of service) attempts, the officials said.
There was no word on who the hackers were.
Waas said the cyber attacks were unsuccessful because of the co-operation between central banks.
“There is regional co-operation between central banks. Those who have gotten hit are sharing their experiences,” he said. For the full article click here
from hacker samurai http://ift.tt/28KTp7u
via IFTTT
Chinese Hacking Against US Declines, Grows Against Russia – Study
Cybersecurity company FireEye said the intensity of Chinese hackers’ attacks had decreased against targets in the US and grown against those in Russia.
MOSCOW (Sputnik) — The intensity of cyberattacks conducted by hackers from China against the US targets has decreased, however the Chinese hackers continue attacks against Russia and the Asia Pacific region, US cybersecurity company FireEye said in a report.
“Between September 2015 and June 2016, we observed 13 active China-based groups conduct multiple instances of network compromise against corporations in the U.S., Europe, and Japan. During this same timeframe, other China-based groups targeted organizations in Russia and the Asia Pacific region,” FireEye said in the report published Monday. For the full article click here
from hacker samurai http://ift.tt/28LrTug
via IFTTT
Former Shin Bet head ‘bursts myth’ on cyber hackers who attack Israel
in This Big Speech Since stepping down as head of the Shin Bet (Israel Security Agency) last month, Yoram Cohen on Tuesday departed from conventional wisdom saying he wanted to “burst the myth of retribution,” explaining that Israel always eventually learns who to hold responsible for attempted cyber hacks.
Conventionally, most government and private sector officials say that one of the puzzles of cyber warfare is identifying who initiated a cyber attack.
Cohen’s statements, made at Tel Aviv University’s international cyber conference, indicated that the Shin Bet’s abilities to decipher who cyber attacks Israel are more advanced than has been previously known. For the full article click here
from hacker samurai http://ift.tt/28KTqbs
via IFTTT
Acer Data Breach: Acer Hacked, 34,500 Customers’ Info Compromised
If you bought something from Acer’s online store in the past year, then your sensitive information may be compromised. Computer manufacturer Acer announced that hackers broke into their online store to steal customers’ sensitive information. The company wrote a notice of data breach letter to the California Attorney General’s office explaining the incident.
“We recently identified a security issue involving the information of certain customers who used our ecommerce site between May 12, 2015 and April 28, 2016, which resulted in unauthorized access by a third party.”
According to Computer Business Review, some of the information that was compromised in the data breach include the names, addresses, credit card numbers, three-digit CVC security numbers, and the expiry dates of credit cards. The letter states that usernames and passwords, as well as Social Security numbers, were not affected by the data breach.
Those who are affected by the Acer data breach include customers who purchased items from the North American Acer online store between the dates stated in the company’s letter. According to PC World, 34,500 customers are affected, and they are based in Puerto Rico, Canada, and the U.S. According to a spokesperson from Acer, all customers whose information was compromised have already been alerted through a letter that details information about the data breach and the different steps that can be done to prevent being a victim of identity theft. For the full article click here
from hacker samurai http://ift.tt/28LrQhV
via IFTTT
Monday 20 June 2016
ICIT Analysis: The Wound Collectors – Profiling the Self Radicalized Lone-Wolf Terrorist
Acts of domestic terrorism in the West are escalating at an alarming rate. Lone wolf attacks and attackers have sparked public, political and law enforcement curiosity due to the, seemingly, random and independent action of a self-radicalized extremist with modest or no ties directly to the group in which they proclaim the action to be dedicated. In order to combat the escalation of this profound domestic threat, a more comprehensive understanding of the perplexing composition of the lone wolf is urgently needed.
This report, entitled “ICIT Analysis: The Wound Collectors: Profiling the Self Radicalized Lone-Wolf Terrorist” delves into the early and late stage development of the Lone Wolf while explaining the various stages of development and contributing factors that go into breeding this new and malicious threat. Authors James Scott (Sr. Fellow, ICIT) and Drew Spaniel (Researcher, ICIT) shed light on the telltale characteristics of the domestic, homegrown, lone wolf who carries out acts of terror in the name of extremist groups including For the full article click here
from hacker samurai http://ift.tt/28KCRNj
via IFTTT
Envisioning the Hack That Could Take Down New York City
On December 4, 2017, at a little before nine in the morning, an executive at Goldman Sachs was swiping through the day’s market report in the backseat of a hired SUV heading south on the West Side Highway when his car suddenly swerved to the left, throwing him against the window and pinning a sedan and its driver against the concrete median. A taxi ran into the SUV’s rear fender and spun into the next lane, forcing a school-bus driver to slam on his brakes. Within minutes, nothing was moving from the Intrepid to the Whitney. When the Goldman exec came to, his driver swore that the crash hadn’t been his fault: The car had done it.1
Moments later, on the George Washington Bridge, an SUV veered in front of an 18-wheeler, causing it to jackknife across all four lanes and block traffic heading into the city. The crashes were not a coincidence. Within minutes, there were pileups on 51st Street, the southbound BQE, as far north as the Merritt Parkway, and inside the Midtown Tunnel. By nine, Canal Street was paralyzed, as was the corner of 23rd and Broadway, and every tentacle of what used to be called the Triborough Bridge. At the center of each accident was an SUV of the same make and model, but as the calls came in to the city’s 911 centers in the Bronx and Brooklyn, the operators simply chalked them up to Monday-morning road rage. No one had yet realized that New York City had just been hit by a cyberattack — or that, with the city’s water system, mass transportation, banks, emergency services, and pretty much everything else now wired together in the name of technological progress, the worst was yet to come. For the full article click here
from hacker samurai http://ift.tt/28ISHH3
via IFTTT
ISIS threat to U.S. air bases, South Korea intelligence agency warns
Seoul (CNN)ISIS has collected information on 77 U.S. and NATO air force facilities around the world and is calling on supporters to attack them, according to South Korea’s intelligence agency.
The terror group has also released information on individuals in 21 countries, including the personal details of one employee of a South Korean welfare organization, the National Intelligence Service (NIS) said in a statement Sunday.
That person is now under protection, the agency said.
The NIS says ISIS’ hacking organization, the United Cyber Caliphate, collected details of U.S. air force units in South Korea including Osan Air Base, and addresses and Google satellite maps have been released through the Telegram messaging service.
In a statement Monday, U.S. Forces Korea (USFK) said it took the safety and security of its installations very seriously. For the full article click here
from hacker samurai http://ift.tt/28ISGmB
via IFTTT
Acer’s U.S. webstore hacked, names, mailing addresses and credit cards leaked
Acer U.S. Online Store Hacked, Breach Exposes Credit Cards, Names, Addresses
World’s top computer manufacturer Acer has suffered a data breach at its U.S. e-commerce site, Acer.com. The website was hacked by unknown hackers who may have access to buyers names, mailing addresses and credit card information. The hack attack may affect anyone that purchased from the site over the last year or so.
According to a letter sent by Acer to the California Attorney General’s office, the hack happened over a year ago. Customers that accessed the site between May 12 2015 and April 28 2016 may have had their data compromised. This includes names, mailing addresses, credit card numbers, expiry dates, and even the card’s CCV security codes. For the full article click here
from hacker samurai http://ift.tt/28J62Oi
via IFTTT
GTA ONLINE’S HACKER ISSUE *MIGHT* HAVE BEEN SOLVED
If certain reports (in some cases by – now former – hackers themselves) are to be believed, as of yesterday the method of using mod menus in GTA Online has been patched, boarded up, riveted and welded shut. In addition to this, Rockstar now has a policy of actively hunting down hackers and banning them on the spot, rather than resorting to occasional ban-waves.
This isn’t your regular temporary solution either – until now, the only thing Rockstar has managed to do was put roadblocks in front of GTA Online hackers. They usually circumvented these blocks within a week. However, as opposed to blocking the proverbial bridge, this time around Rockstar blew it the hell up.
Most mod menus used in GTA Online work on the basis of script injection (detectable but “slippery”) or tunables (previously undetectable). Or, should we say “worked”? Whatever Rockstar did seemingly made injection impossible and tunables detectable. For the full article click here
from hacker samurai http://ift.tt/28INMcg
via IFTTT
Hackers Hired by Pentagon to Prevent Security Breach
Pentagon initiated a programme called ‘Hack The Pentagon’ to bring high tech hackers to work on Defence Security websites. The team of 1,410 hackers worked on five public Pentagon internet pages to find unique internet vulnerabilities.
In total 1,189 vulnerabilities were spotted with the first gap to be found within 13 minutes of search. A sum of $150,000 was spent on experiment which found 138 unique vulnerabilities.
“These are ones we weren’t aware of and now we have the opportunity to fix them. And again, it’s a lot better than either hiring somebody to do that for you, or finding out the hard way,” said Ash Carter, Defence Security.
Following the footsteps of various large companies,for the first time a federal government took initiative to prevent breaching of network. For the full article click here
from hacker samurai http://ift.tt/28J64FN
via IFTTT
Saturday 18 June 2016
Anonymous Hacker Spamming Thousands Of ISIS Twitter Accounts With Gay Porn And Pride Messages
Leave it to Anonymous to come up with one of the better responses to the tragic mass shooting in Orlando. Just a day after saying they were done with tormenting the Islamic State, hackers linked to Anonymous unleashed a wave of hilarious infiltration onto social media sites associated with the terror group.
One hacker going by the name WauchulaGhost tells Newsweek they’ve hacked an estimated 200 pro-ISIS accounts. The U.S. based individual said, “shit is getting too close to home,” when asked to describe their response to the Orlando shooting. “One thing I do want to say is we aren’t using graphic porn and our purpose is not to offend Muslims. Our actions are directed at Jihadist extremists. Many of our own [group of hackers] are Muslim and we respect all religions that do not take innocent lives.” For the full article click here
from hacker samurai http://ift.tt/1OvEIHe
via IFTTT
Russian hackers responsible for $80M Bangladesh bank heist
A well-known Russian gang has been linked to the February theft of more than $80 million in funds managed by the Federal Reserve in Bangladesh.
Malware used in the attack has been linked to the Dridex gang, according to unnamed sources speaking with Bloomberg on Friday. The group, which operates out of Russia and other former Soviet satellite states, is known for the eponymous Dridex malware, which specializes in stealing banking information through Microsoft products and email campaigns.
Experts have said the malware is also similar to a product used by North Korea in the 2014 attack on Sony Studios, indicating the two-year-old software could now be available on the black market. For the full article click here
from hacker samurai http://ift.tt/1UU8aG2
via IFTTT
Google is paying up to 50 percent more to hackers who find Android bugs
Google is taking Android security very seriously. Since the company launched the Android Security Rewards program last year, it has reportedly paid a hefty $550,000 to 82 people for discovering various bugs in Android.
It seems, however, as though Google wants to take things to the next level. The company will be offering between 33 percent and 50 percent more money than previously for reports of Android bugs filed after June 1, 2016. Researchers who show a proof of concept and a proposed patch will get 50 percent more, while others will get 33 percent more than previous payouts.
According to a blog post on the Google security blog, the top-paid researcher was paid a whopping $75,750 for 26 vulnerability reports, and 15 researchers were paid $10,000 or more.
“Together, we made a huge investment in security research that has made Android stronger. We’re just getting started and are looking forward to doing even more in the future,” said Google in its blog post. For the full article click here
from hacker samurai http://ift.tt/1OvEpfD
via IFTTT
Hackers Targeting Clinton Aides Struck Across U.S. Politics
The Russian hackers who hit the Democratic National Committee and Hillary Clinton’s campaign burrowed much further into the U.S. political system, sweeping in law firms, lobbyists, consultants, foundations and the policy groups known as think tanks, according to a person familiar with investigations of the attacks.
Almost 4,000 Google accounts were targeted in an elaborate “spear phishing” campaign — intended to trick users into providing access so that information could be gleaned from personal and organizational accounts — from October through mid-May, according to the person, who asked not to be identified discussing confidential information.
The sweeping scope of the spying on the U.S. political establishment suggests
an information dragnet far larger than previously reported and one meant to
gather a near-encyclopedic understanding of the next president and those who
will influence his or her thinking. Based on data now being analyzed, various security researchers believe the campaign stems from hackers linked to Russian intelligence services and has been broadly successful, extracting reams of reports, policy papers, correspondence and other information. For the full article click here
from hacker samurai http://ift.tt/1UU8LaB
via IFTTT
‘Hack the Pentagon': Hackers identify 138 security flaws with US defence websites
Hackers invited by the US government as part of a pilot program to find security flaws with five Pentagon websites discovered 138 vulnerabilities, defence secretary Ash Carter has revealed.
The “Hack the Pentagon” event, which offered the first “bug bounty” in the history of US government, attracted 1410 participants.
The program cost US$150,000, with about half of the sum going to hackers.
“It’s not a small sum, but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us more than US$1 million,” Mr Carter said.
“Beyond the security fixes we’ve made, we’ve built stronger bridges to innovative citizens who want to make a difference to our defence mission.” For the full article click here
from hacker samurai http://ift.tt/1UU7u3s
via IFTTT
Friday 17 June 2016
Here’s How Celebrity Twitter Accounts Are Getting Hacked
Over the past month, the Twitter accounts of everyone from Mark Zuckerberg to Drake to deceased Beatle George Harrison have been hacked.
Some of those accounts, one of the most prolific hackers tells The Daily Beast, were taken over by an alarmingly simple method that could work on anyone—and not just celebrities—who has had a Myspace or LinkedIn account at any point.
J5Z, a hacker who gained access to the accounts of Harrison along with over a dozen other celebrities, including Rolling Stones guitarist Keith Richards and Justin Bieber producer Dan Kanter, said his method requires nothing more than access to one website and 76 cents.
That website is LeakedSource.com, which compiles the databases for publicly available hacks of usernames, passwords, and email addresses from every major website security breach over the last few years. The site includes results from 360 million Myspace accounts leaked in Mayand 117 million LinkedIn accounts that were breached in 2012.
This makes hackers’ jobs easy: J5Z only needs a single piece of identifying information—say, an email address or a similar username from an old site that’s previously been hacked, like Myspace. For a musician like Bon Iver, whom J5Z hacked, he’ll check his old Myspace username. For a businessman, a hacker might use an old email for his LinkedIn account. For the full article click here
from hacker samurai http://ift.tt/1sJdtit
via IFTTT
‘Russian speaking’ hackers selling access to thousands of servers for as low as $6
An underground market operated by “Russian-speaking people” is serving as eBay for compromised servers.
Over 70,000 compromised servers owned by governments, companies and universities in 173 nations are being sold on a marketplace called xDedic, according to security firm Kaspersky. Access to a hacked server can be purchased for as little as $6 (around AU$8 or £4).
India is among the most affected nations with over 3,488 compromised servers, the firm said in a statement. Brazil, China, Russia, South Africa and Australia were also in the top 10 most targeted countries.
The servers being sold offer illegal access to governmental, corporate and university networks as well as gaming, betting, dating, banking and shopping websites. Some servers contain preinstalled software that could be used to attack financial and point-of-service software, Kaspersky said.
The news comes after a wave of hackings, many being traced back to Russia, have taken place over the last month. For the full article click here
from hacker samurai http://ift.tt/21quw3N
via IFTTT
Thursday 16 June 2016
Securonix Wins 12 Info Security Products Guide Global Excellence Awards
The Cyber Security Innovator Sweeps the 2016 Info Security Product Awards
LOS ANGELES, CA–(Marketwired – Mar 9, 2016) – Securonix, the pioneer in user behavior and security analytics and one of the fastest growing cyber security companies, was honored with 12 awards at the 2016 Info Security Products Guide Global Excellence Awards held in San Francisco during the security industry’s annual RSA Conference.
Securonix was named:
- Best Security Company of the Year
- Fastest Growing Security Company of the Year
- Innovative Company of the Year
- Executive of the Year: CEO Sachin Nayyar
- Management Team of the Year
The Securonix Security Analytics Platform was recognized for:
- Best Security Product/Solution for Large Enterprise
- Innovation in Enterprise Security
- Best Security Software
- Best Security Solution for User Behavior Analytics (UBA)
- Innovation in Next Generation Security
- Most Innovative Security Software of the Year
More than 50 international judges from a broad spectrum of industry voices participated and their average scores determined the 2016 Global Excellence Awards Finalists and Winners. Winners were announced during the awards dinner and presentation in San Francisco attended by the finalists, judges and industry peers. For the full article click here
from hacker samurai http://ift.tt/1tyPrYb
via IFTTT
Securonix: The Recognized Leader in Security Analytics
“The good we secure for ourselves is precarious and uncertain until it is secured for all of us and incorporated into our common life.”– Jane Addams
Having great technology is useless unless it can address business objectives. From partner integrations and user interface to advanced algorithms and pre-packaged content, Securonix has been built to deliver on business objectives, not just on bits and bytes. Founded as a security analytics platform in 2008, Securonix began shipping General Availability (GA) products in 2011. By 2012, the company was profitable and its revenue continues to increase 100 to 200 percent year over year. Today, Securonix has over 200 employees.
Securonix is a purpose-built security analytics platform that is scalable and extensible; it can be rapidly deployed, showing immediate results by leveraging automation, advanced analytics and context-based data science to deliver threat detection that is powerful yet simple to use. Using signature-less anomaly detection techniques that track users, account, and system behavior, Securonix is able to automatically and accurately detect the most advanced data security, insider threats and fraud attacks. Globally, customers are using Securonix to address the most basic and complex needs around threat detection and monitoring, high privileged activity monitoring, enterprise and web fraud detection, application risk monitoring, and access risk management.
The Securonix team is known for their strong dedication to customer welfare. They stay close to customers, listen to them, stay up with them when there are issues and let their wants and needs drive much of the company’s innovation. For the full article click here
from hacker samurai http://ift.tt/1PwA9HE
via IFTTT
Cyberthreat analysis and intelligence: Innovators 2015
Securonix
Securonix is heavy on the threat analysis piece. And not just a particular threat. This is a product that really enjoys drinking from the Big Data fire hose. Lest you think that we have succumbed to marketing hype and are tossing around buzz phrases, such as “Big Data,” let us assure you that we mean it in the strictest sense. Big Data usually is defined by the four Vs: high velocity, variability, volume and veracity. That means that this Innovator can ingest lots of data that is rapidly changing and is being delivered and ingested at wire speeds all while losing none of its integrity. So, the next question is what can the tool do with this data? The answer is just about anything you want.
The reason for this very directed approach is that Securonix started out as analytics specialists and built from that basis of expertise. They believed that there was a big hole in most security programs. These programs start by looking at everything on the enterprise in terms of identity. They realized that since they were attaching the right ID to everything on the enterprise, there might be a lot more that could be done to protect the network. So they added behavioral analytics, making them the only pure-play security analytics provider.
The system creates baselines, understands what “normal” is, and picks out anomalies. It does not rely on signatures or policy-based analysis because those things, by themselves, don’t work. The Securonix platform is very heavy on anomaly detection and assessing outlier behavior. Then it correlates discovered behavior with many threat intelligence feeds and brings in contextually rich information. For the full article click here
from hacker samurai http://ift.tt/1tyPHGz
via IFTTT
To Stop Hackers, Treat Them Like a Disease
NOT A WEEK GOES BY without a cyberattack making headlines. These, however, are the attacks that should concern us least. The real danger comes from quiet and elusive hackers who infiltrate and blend into a network. Like a secret agent behind enemy lines, these undetectable viruses can have an organization under complete and total surveillance, waiting months or even years before making an attack. When the malware becomes active, which may be for only a few seconds, it can prove fatal.
Last November, around the time of Ukraine’s local elections, a type of malware called BlackEnergy was used to hack into Ukranian media companies, rendering their operating systems unbootable. In December, BlackEnergy targeted power companies in western Ukraine with great precision, causing a blackout that affected more than 225,000 civilians. A month later, in January, BlackEnergy was also detected on the IT network of Kiev’s main airport, including air-traffic control systems. We’re also seeing an alarming rise of ransomware, a form of extortion in which malware hacks into an operating system, encrypts critical data and demands that the organization or individual pay an exorbitant fee to obtain the decryption keys. The longer the victim hesitates to pay, the higher the cost of decryption. For the full article click here
from hacker samurai http://ift.tt/1Q8hBDb
via IFTTT
Hackers caught selling access to over 70,000 companies
Cyber security is a growing problem as many industries begin to move into the digital platform. In fact, HousingWire magazine’s issue from April was dedicated to the rising problem of cyber security.
Recently, Cyber-security firm Kaspersky Lab uncovered an online marketplace with criminals from all over the world selling access to over 70,000 hacked corporate and government servers, according to an article by Ilya Khrennikov for Bloomberg Technology. Some were sold for as low as $6 each.As businesses ranging from banks to retailers go digital, hacking is getting more advanced and is often instrumental to traditional crime. Markets offering criminals both the tools to hack into networks and the spoils of successful attacks such as credit card data are growing in size and complexity. U.S. authorities worked with counterparts from more than a dozen other countries in 2015 to dismantle a sophisticated computer forum known as Darkode, described as an online, invitation-only market for cyber-criminals to buy and sell products for infecting electronic devices.
Recently, it has spread so much that the National Association of Federal Credit Unions urged congress to pass legislation that would require stricter standards for retailers in the fight against hacking. For the full article click here
from hacker samurai http://ift.tt/1W1pFXr
via IFTTT
Cycle hackers of the world unite: how a global movement grew out of Glasgow
“We wanted to start thinking about the total experience of cycling,” saysCycleHack co-founder Sarah Drummond. “Infrastructure is important, of course, but we wanted to move the conversation beyond that. We’re not just looking at what needs to change, but how we need to change it.”
Drummond, the director of Snook design agency, started CycleHack in 2014 with Jo Holton and Matt Lowell, with the idea of running one event in Glasgow, before Melbourne and Beirut came on board. Last year, more than 500 people took part across five continents as the hack expanded to another 22 cities. This year there are 38 cities signed up Рfrom Amsterdam to Athens, and Ṣo Paulo to Sydney, via Mexico City, London and Tokyo. Drummond is astonished at how quickly the movement has grown, and says she has already had a further 10 enquiries from cities who would like to join.
The hacks bring together participants from a wide range of backgrounds – cycle activists, developers, designers, planners and engineers – to innovative and collaborate on new ideas. For the full article click here
from hacker samurai http://ift.tt/1W1nNxU
via IFTTT
Hack the hackers: Eavesdrop for intel on emerging threats
In a sea of vulnerabilities clamoring for attention, it’s almost impossible to know which IT security issues to address first. Vendor advisories provide a tried-and-true means for keeping on top of known attack vectors. But there’s a more expedient option: Eavesdrop on attackers themselves.
Given their increasingly large attack surfaces, most organizations tie their vulnerability management cycle to vendor announcements. But initial disclosure of security vulnerabilities doesn’t always come from vendors, and waiting for official announcements can put you days, or even weeks, behind attackers, who discuss and share tutorials within hours of a vulnerability becoming known.
“Online chatter typically [begins] within 24 to 48 hours of the initial public disclosure,” says Levi Gundert, vice president of threat intelligence at Recorded Future, citing the firm’s in-depth analysis of discussions on foreign-language forums. For the full article click here
from hacker samurai http://ift.tt/1UXlyGB
via IFTTT
Wednesday 15 June 2016
The 'cyber jihad' is coming, says this security firm
CNBC : The 'cyber jihad' is coming, says this security firm http://cnb.cx/1XX5Nqa #Jihad #Orlando #ISIS #CyberWar #terrorism #cyberjihad #cybersecurity #ISIL
from Hacker Samurai http://ift.tt/1UuVYwI
via IFTTT
from Hacker Samurai http://ift.tt/1UuVYwI
via IFTTT
HACKERS HIJACK ISIS TWITTER ACCOUNTS WITH GAY PORN AFTER ORLANDO ATTACK
Twitter accounts belonging to supporters of the Islamic State militant group (ISIS) have been hacked in the wake of the Orlando shooting, with jihadist content replaced with gay pride messages and links to gay pornography.
A hacker affiliated with the hacktivist collective Anonymous, who uses the online moniker WauchulaGhost, first began hijacking pro-ISIS Twitter accounts several months ago. Following the mass shooting at the Pulse gay nightclub in Orlando, Florida, on June 13, the hacker decided to replace ISIS imagery posted to the accounts with rainbow flags and pro-LGBT messages.
“I did it for the lives lost in Orlando,” the hacker tells Newsweek. “Daesh [ISIS] have been spreading and praising the attack, so I thought I would defend those that were lost. The taking of innocent lives will not be tolerated.” For the full article click here
from hacker samurai http://ift.tt/1YrzpKW
via IFTTT
When ISIS Hackers Call You Out By Name
Americans are well aware that terrorists wish harm on their country. We’ve lived through 9/11, San Bernardino, and this week’s horrid atrocity in Orlando—ugly reminders that our nationality, genders, and sexualities all make us targets.
However, it’s a completely different experience altogether to see Islamic State (IS, ISIS, or Daesh) supporters target you by name. Indeed, something new is happening: Pro-ISIS hacking groups are investing their efforts into a new style of threat, known as “kill lists,” comprised of random people’s names and information for lone wolf jihadists to attack. Notable of such releases was a recent list of 3,600 New York residents’ names and personal information, accompanied by the message: For the full article click here
from hacker samurai http://ift.tt/1XpcJeV
via IFTTT
THIS IS HOW HACKERS STOLE MILLIONS FROM YOUR COMPANY
Imagine a corporate bookkeeper gets an email from his CEO that says, “Hey, I need the W-2s for everybody in the company.” The diligent bookkeeper gathers the requested tax documents and sends them off to the executive. But the initial email wasn’t really penned by the CEO—it was written by a crook who broke into the executive’s email account. The goal: to carry out a new type of cybercrime called “business email compromise” or BEC, which hackers have used to try to steal billions of dollars in recent years.
“Our adversaries are opportunists,” says FBI agent Mitchell Thompson, speaking to reporters on Tuesday in New York City in Lower Manhattan at a roundtable to discuss growing online threats. “They look for vulnerabilities to exploit.”
There are several different kinds of BEC crimes, including the executive impersonation described above, which first appeared just before the 2016 tax season. Once hackers steals your information, they can sell it to other criminals or use it for lucrative credit card and tax refund scams. For the full article click here
from hacker samurai http://ift.tt/1Uz2HBL
via IFTTT
Report: Russia’s ‘Best’ Hackers Access DNC’s Trump Research
Russian hackers reportedly penetrated computers at the Democratic National Committee, accessing confidential information, including opposition research on presumptive Republican presidential nominee Donald Trump.
An individual familiar with the breaches told the Washington Post that the hackers accessed a year’s worth of detailed chats, emails and opposition research on Trump, which could contain details about his personal and professional history. That individual told the newspaper that DNC officials first learned about the breach nearly two months ago, when the political party’s technology staff discovered malware on its computers.
The DNC turned to the incident response and threat intelligence firm CrowdStrike to investigate the breaches that began as early as last summer. For the full article click here
from hacker samurai http://ift.tt/1Uz3qTF
via IFTTT
Subscribe to:
Posts (Atom)