Saturday 26 November 2016
Warning: Hackers Might be Listening to You Through Your Headphones
Is a hacker listening to you through your headphones? Possibly the NSA? Should we be worried? Should we blame RealTek?
Researchers at Ben Gurion University in Israel just discovered something pretty interesting. They created a proof-of-concept code, labeled “Speake(a)r,” to show how a dedicated hacker could hijack your earbuds and headphones through your PC. For the full article click here
from hacker samurai http://ift.tt/2fBXlvt
via IFTTT
Jill Stein requests Wisconsin recount, alleging hackers filed bogus absentee ballots
Jill Stein has requested a full recount of the presidential election in Wisconsin, alleging that foreign hackers could have skewed the result by obtaining the state’s voter database and then filing bogus absentee ballots.
Stein, the Green party’s candidate in the presidential election, formally filed for a recount with Wisconsin authorities shortly before the state’s 5pm deadline on Friday. She also planned to request recounts in Michigan and Pennsylvania in the coming days.
Wisconsin’s election board agreed on Friday to the statewide recount. The process, including an examination by hand of the nearly 3 million ballots tabulated in the state, is expected to begin late next week after Stein’s campaign has paid the required fee, the Elections Commission said. For the full article click here
from hacker samurai http://ift.tt/2gg6hVR
via IFTTT
Friday 25 November 2016
Hackers break into Central Platte NRD’s computer system
KEARNEY, Neb. (AP) — Hackers broke into the Central Platte Natural Resources District’s computer system, but officials don’t believe anyone’s identity was compromised.
But the irrigation district has hired experts to determine exactly what data was accessed about three weeks ago.
The Kearney Hub reports that General Manager Lyndon Vogt says it doesn’t look like hackers got into the database with Social Security numbers, names and addresses of people served by the natural resources district.
Vogt says the hackers disabled the computer system’s antivirus software and planted a virus. But no data was lost because of an automated back-up feature that runs every 15 minutes. For the full article click here
from hacker samurai http://ift.tt/2gc9LbT
via IFTTT
Hackers can now report bugs in Defense Dept. websites without fear of prosecution
The Defense Department on Monday became the first U.S. government agency to launch a policy enabling researchers to report bugs or flaws they discover in its websites without fear of prosecution.
Calling it a “see something, say something” policy for the digital domain, Defense Secretary Ashton B. Carter said the program is aimed at improving the security of the Pentagon’s unclassified, public-facing networks.
The Army also opened registration Monday for Hack the Army, a challenge in which researchers and hackers scour Army sites for software flaws and compete for thousands of dollars in bounty rewards. For the full article click here
from hacker samurai http://ift.tt/2gca7ze
via IFTTT
Thursday 24 November 2016
Hackers Are Sneaking Malware Into Facebook Messenger Pictures
The next time a long-forgotten Facebook friend sends you an odd picture, it’s probably best to leave it alone.
Cyber-criminals have found a creative way to weasel into your computer: implanting malicious code inside a Facebook Messenger picture.
For the most part, the Facebook messaging app is tightly controlled, and doesn’t give hackers a lot of opportunity to mess with users. The app does allow users to embed a photo into a conversation, however, and that’s how the trick works. Discovered by security researcher Bart Parys, who wrote about it on Sunday after a friend spotted it on Facebook, it relies on the fact that Facebook lets users embed images as .svg files, a lesser-used file extension. It’s possible to fill an .svg file with script, as happened with the attack Parys noticed.
Clicking that photo will direct a user’s browser to open up to what appears to be a YouTube video in Google Chrome. It’s not, though: It’s actually a hoax site that tells a user they must install a Chrome extension to view it. For the full article click here
from hacker samurai http://ift.tt/2g7JMSN
via IFTTT
Your Cellphone Number Might be as Important to Hackers as Your Social Security Number, Expert Says
A 10-digit mobile phone number can reveal a lot of personal information about its owner – shopping habits, private data and other identifiable evidence – but many consumers don’t protect that number like they should, according to cyber security analysts.
“We’re going to get to a point where your cellphone number is as precious as your social security number,” said Louis McHugh, a professor at the Illinois Institute of Technology.
Just like social security numbers, cellphone numbers are unique, personal identifiers. Many people have had the same digits for decades. And while people are encouraged to protect their social security numbers to guard against identity theft, analysts told NBC5 Investigates that consumers often turn over their cellphone numbers to social media, retail and other companies without second thought. For the full article click here
from hacker samurai http://ift.tt/2fViNfv
via IFTTT
Wednesday 23 November 2016
Protect Your Amazon Account From Hackers
PHILADELPHIA, PA — One woman told CBS News, a hacker got into her Amazon account and spent nearly $1,500.
Jonette Ferrier told CBS Once in her account, the hacker changed her phone number, then ordered more than $1,500 in merchandise and had it sent to an out-of-state address. She changed her password several times but the con-artist kept hacking it.
He was ordering items just as fast as she canceled them.
He was placing orders to be sent to himself while I was on the phone with Amazon and a supervisor and they are watching it take place.” Ferrier said.
Security experts believe the hacker got into Ferrier’s computer using malware. The virus likely allowed them to monitor her every move.
“So if a gift card is entered, a pin number or log in credentials, they’ve got the entire record,” Security Expert Scott Schober said. “The same thing happens too if they try to change a password.”
A lot of you will be using amazon this holiday season so we want to keep this from happening to you. For the full article click here
from hacker samurai http://ift.tt/2glfufL
via IFTTT
New Zealand hackers gave themselves an electric shock while creating device to remotely open secure office doors
Imagine a device capable of pressing any office lobby door-open button from the outside of the building and the major security ramifications that might have all over the world.
A pair of New Zealand hackers reportedly created such a gadget for a few moments – and managed to give themselves electric shocks in front of onlookers.
Technology site The Register reports that two hackers, known only as Ryan and Jeremy, gave an unforgettable demonstration at the Kiwicon conference this week that had the crowd in stitches — but also raised real issues about security. For the full article click here
from hacker samurai http://ift.tt/2glfH2p
via IFTTT
Tuesday 22 November 2016
Your Cellphone Number Might be as Important to Hackers as Your Social Security Number, Expert Says
A 10-digit mobile phone number can reveal a lot of personal information about its owner – shopping habits, private data and other identifiable evidence – but many consumers don’t protect that number like they should, according to cyber security analysts.
“We’re going to get to a point where your cellphone number is as precious as your social security number,” said Louis McHugh, a professor at the Illinois Institute of Technology.
Just like social security numbers, cellphone numbers are unique, personal identifiers. Many people have had the same digits for decades. And while people are encouraged to protect their social security numbers to guard against identity theft, analysts told NBC5 Investigates that consumers often turn over their cellphone numbers to social media, retail and other companies without second thought. For the full article click here
from hacker samurai http://ift.tt/2fYdfhL
via IFTTT
Hacker group Cobalt hits ATMs across Europe
A hacker group called Cobalt targeted ATMs across Europe in “smash and grab” operations. The hackers are reported to have remotely attacked ATMs using malicious software, which manipulated the systems to dispense cash.
Two of the biggest global ATM manufacturers, NCR and Diebold Nixdorf, said they were aware of the attacks and were working with customers in efforts to mitigate the threat. The targeted countries include Armenia, Belarus, Bulgaria, Estonia, Georgia, Kyrgyzstan, Moldova, the Netherlands, Poland, Romania, Russia, Spain, the United Kingdom, and Malaysia, according to Russian cybersecurity firm Group IB.
Dmitry Volkov, Group IB threat intelligence head, told Reuters that he expected more ATM heists in the future. For the full article click here
from hacker samurai http://ift.tt/2fNprEI
via IFTTT
Monday 21 November 2016
The FBI Warns of Hackers Who Get ATMs to Spit Out Millions in Cash
Cyberattacks in Taiwan and Thailand caused ATMs to dispense millions to gang members.
Hackers who once made off with millions of dollars from individual bank accounts are now finding ways to target financial institutions, in some cases triggering multiple ATMs to spit out cash as gang members stand ready to collect the spoils.
Cybercriminals programmed ATMs in Taiwan and Thailand to release millions of dollars in cash earlier this year, and the FBI has since warned that similar potential attacks could happen in the U.S., The Wall Street Journalreported on Sunday. For the full article click here
from hacker samurai http://ift.tt/2gcExBU
via IFTTT
WADA claims hackers leaked fake data on Olympics athletes
The information on the Therapeutic Use Exemptions (TUEs), provided by the World Anti-Doping Agency (WADA), was modified by hacking group named Fancy Bears before they leaked on the web, WADA Medical Director Alan Vernec has said.
Since September 13, the Fancy Bears hacking collective leaked at least six batches of WADA confidential medical records, including TUE, reports Sputnik.
The athletes given TUEs include Rafael Nadal, Venus and Serena Williams and four-time Rio Olympics gold medallist Simone Biles, among others.
“WADA Medical Director Alan Vernec confirms to Foundation Board that many of the TUEs leaked by Fancy Bears had been modified,” WADA stated via its Twitter account. For the full article click here
from hacker samurai http://ift.tt/2fK0M3x
via IFTTT
Friday 18 November 2016
Canadian armed forces recruitment website hacked, users redirected to Chinese government home page
Hackers hit the Canadian armed forces recruitment website on 17 November. The hacked site was reportedly redirecting users to the official home page of the Chinese government. It is still unclear if the attack compromised users’ information in any way.
A spokesperson for the Canadian defence ministry, Ashley Lemire, confirmed the attack, the Guardian reported. Upon discovery of the attack, the site was hurriedly taken down by the armed forces. At the time of writing, the Canadian military recruitment site was still down.
Canadian army spokesperson Daniel Le Bouthillier told Motherboard: “We are aware of the situation and have since taken the site down. We are investigating further and, in the meantime, will not speculate on the motivations or point of origin of the redirection.”
Reports speculated that the hackers may have used SQL injection to hack into the site. Yet another theory speculated that the attackers could have hacked the armed forces’ site by sending staff a phishing link. For the full article click here
from hacker samurai http://ift.tt/2eNwxd7
via IFTTT
Three hacked: ‘Inside job’ puts six million customers’ private data in jeopardy
UK telco Three has been hacked, with up to six million customers’ data sets now understood to be under threat.
Three confirmed the breach on Thursday, revealing that hackers used an employee log-in to gain entry into its database of customers eligible for a phone upgrade.
Data accessed includes customers’ names, phone numbers, addresses and dates of birth, but Three claimed that no financial information could have been accessed.
Those affected, which could be up to two-thirds of Three’s nine million customers, have not yet been informed.
The hackers allegedly took the information from Three’s upgrade database and used it to issue eight new phones. It is alleged that these phones were then intercepted on their way to a Three customer whose account was used to generate the request, and probably sold on for profit. For the full article click here
from hacker samurai http://ift.tt/2gqbYEw
via IFTTT
Thursday 17 November 2016
How your connected home or office is a gift for hackers, criminals, and cyber spies
Internet-connected fridges which order your food, virtual assistants which react to your every voice command, and applications which allow you to remotely control almost every aspect of your home: today’s technologies increasingly make The Jetsons look like a prophetic message about the future.
That cartoon offers an idealised view at the world of tomorrow and didn’t anticipate some of the problems a space-age society might face: George Jetson was never locked out because the home got hacked, and Rosie the Robot was never out of service after being infected by ransomware.
Installing the latest technology can provide you with many conveniences, but it also opens up additional entry points for attackers, especially as more and more everyday devices become connected to the internet — and are more and more capable of storing and recording information on almost every event in your life. For the full article click here
from hacker samurai http://ift.tt/2glxgmT
via IFTTT
Mark Zuckerberg hacked once again by OurMine; Are Facebook users’ password safe?
It seems it is easy to get Mark Zuckerberg’s goat. The Facebook founder was targeted once again by OurMine, a notorious hacking group. This time the hacking group hacked into the billionaire’s Pinterest account.
In a report published by WccfTech, Zuckerberg’s Pinterest account was targeted a second time as claimed by OurMine who was also responsible for hacking into Zuckerberg’s account the first time in June this year.
The hackers have not made known the modus operandi other than to say that a “exploit on Pinterest” vulnerability was used. However, OurMine had said, about the previous hack, that they had used information found through a LinkedIn password dump. For the full article click here
from hacker samurai http://ift.tt/2g1zhkM
via IFTTT
Wednesday 16 November 2016
Learn to keep the hackers away from businesses Mount Olive
MOUNT OLIVE TWP. – Cyber security will be the topic of the Mount Olive Area Chamber of Commerce “Lunch & Learn” at 11:45 a.m., Tuesday, Nov. 22, at Enzo’s Pizza and Restaurant, 382 Route 46, Budd Lake.
Richard McElroy, owner of The Genusys Group in Clinton, will discuss cyber security and the small and medium business, including an overview on types of cyber attacks, and why hackers are increasingly targeting small businesses; basic security solutions such as firewalls, encryption, backup/disaster recovery, and password security; and cyber security best practices.
Admission is $15 for chamber members and $20 for non-members, in advance.
The cost is $20 and $25 at the the door.
For reservations, go to http://ift.tt/2eFUiU0.
Another chamber event, “Marketing in the Morning,” is held from 7:15 to 9 a.m., the third Wednesday of every month. For the full article click here
from hacker samurai http://ift.tt/2eFQum5
via IFTTT
“Hacker Lab” Event Shows How Cyber Criminals Attack Homes
At a “Home Hacker Lab” event sponsored by Hartford Steam Boiler (HSB), part of Munich Re, and Prescient Solutions, an ethical hacker revealed how cybercriminals work — and what consumers can do to protect themselves.
The October 13 workshop in New York City mounted a remote cyber-attack on an Internet-connected model home inside the American Modern Insurance Group claims training facility in Ohio. The event demonstrated in real time how hackers choose their targets, enter a system, and the harm they can do once they infiltrate a home.
Key takeaways for homeowners included:
- Most attacks happen via traditional means, through home Wi-Fi systems, emails and computer browsers.
- Hackers are quickly finding new entry points through smart Internet of Things (IoT) technologies.
- Roughly 80 percent of consumers report using a home network connected to the Internet. One in ten consumers have experienced a cyberattack via their connected home systems.*
The Hacker Lab was presented by HSB, a leading specialty insurer of data and information risks, and Prescient Solutions, a Chicago-based IT outsourcing firm. The lab was designed to help educate and provide home cyber defense ideas for consumers. For the full article click here
from hacker samurai http://ift.tt/2fgEnIm
via IFTTT
Tuesday 15 November 2016
Hackers might be a pain, but we need them, expert says
CHICAGO — Sure, they might take your credit card information, stop you from watching Netflix and figure a way to use any key fob to access your car, but don’t think too poorly of hackers.
Their mindset drives innovation that benefits humanity, said inventor, futurist — and hacker — Pablos Holman.
“You need that discovery process to get every new technology,” he said, noting hackers’ propensity to disassemble new gadgets immediately. “They flip it over, take out all the screws, break it into a lot of little pieces — but then figure out what can we build from that rubble.
“It’s that discovery process that starts every new invention, every new innovation,” Holman said. “You can’t get a new invention by reading the directions. That’s never happened before. That never will happen.”
Many technologists distinguish between hackers working to improve software and those working to exploit it, a divide known as white hat and black hat. The FBI is among the organizations that hire white-hat hackers. For the full article click here
from hacker samurai http://ift.tt/2fBqdSC
via IFTTT
One-day sale: Become an ethical hacker with this online course
As internet security becomes more important – and challenging – than ever before, companies are in need of experienced hackers to help them test out and improve their networks.
These people are known as ethical hackers, and there’s big money out there for anyone who has the skills to point out vulnerabilities and fix breaches in a company’s servers. Yes, just like in Mr Robot.
Our Become an Ethical Hacker Bonus Bundle has been one of our most popular online courses on ScienceAlert Academy to date. So to get you motivated to increase your skills in the lead up to the holidays, we’re running a one-day-only sale on the course.
The bundle of 9 courses is usually US$49, but is available for only US$25 until 11.59pm PST on Tuesday 15 November.
(For those not on the west coast, that’s going to be Wednesday 16 November. At 2.59am in New York, 6.59am in London, and 6.59pm in Sydney). For the full article click here
from hacker samurai http://ift.tt/2fBoNHA
via IFTTT
Monday 14 November 2016
How To Stop Hackers From Spying With Your Webcam
You know a security risk is serious when Mark Zuckerberg starts paying attention. While putting tape over your webcam is one surefire way of making sure no one’s watching you on your webcam, you don’t have to rely on such primitive methods. There are a couple of apps that can do the job for you.
Image: Logitech
First up is Oversight for the Mac, developed by one-time NSA employee Patrick Wardle. It’s constantly running in the background looking out for anything unusual. In particular, it monitors any attempts to access your webcam or microphone, as well as known malware threats including OSX/Eleanor, OSX/Crisis, and OSX/Mokes. From the Oversight site: “While the webcam’s LED will turn on whenever a session is initially started, new research has shown that malware can surreptitious piggyback into such existing sessions (FaceTime, Skype, Google Hangouts, etc.) and record both audio and video — without fear of detection.” For the full article click here
from hacker samurai http://ift.tt/2eWJGi7
via IFTTT
Google Pixel Got Hacked within a Minute at PwnFest
A team of white hat hackers took just a minute to hack Google Pixel at the PwnFest. The team completed the task with the help of undisclosed zero-day vulnerability. Google was offering the amount of $120,000 for the same and Qihoo 360 team showed interest on it. The gained the remote access in no time and hacked the model easily. These white hat hackers are doing the job in a way that it is appearing supportive for a lot of gadget owners.
Google knows the importance of this release by hackers. Therefore company will not take much time to release a new security patch. The hackers have clearly showed what is important for Google to make the gadget safe. Therefore Google will not take much time to safeguard their models. Owners of these models can stay relaxed because Google is looking to provide the support immediately. The hackers are working with an established software company in China. Therefore owners of Google Pixel need not have to worry as Google is supporting their customers.
These types of competitions are actually helpful for the smartphone industry. It helps the makers to remove the shortcomings and provide additional security layers to the gadget. Google will not like to compromise with the security of their gadgets. Therefore market is expecting from them to bring some additional safety measures which will make the model safe in coming times. This is the second time Qihoo 360 team did this type of task. Last time they managed to hack Tesla Model S and they were controlling the locks and many other functions without any difficulty. Later on the team was ready to help the makers to remove these flaws. For the full article click here
from hacker samurai http://ift.tt/2g6rDZJ
via IFTTT
Saturday 12 November 2016
Facebook buys stolen passwords from hackers to keep your accounts safe
Not many companies these days have been as good as Facebook at keeping their name out of the headlines for security breaches, and this in large part is due to the work of its security team — headed by Alex Stamos.
Facebook has added many security features over the years, things like two-factor authentication, unrecognized browser login notices, and more, but one of the biggest security flaws for Stamos and his team concerns passwords. Many people are lazy with their passwords, using the same one everywhere or picking easy-to-guess combinations like 1234567, and while Facebook’s team has developed the above security measures to help make even accounts with weak passwords safe, the fact is that many Facebook users don’t make use of them.
During Web Summit in Lisbon, Portugal, Stamos noted this weak point in security and talked about the responsibility of the social network to protect all accounts on Facebook, even the ones who don’t make use of all the security features. “The reuse of passwords is the number one cause of harm on the internet,” Stamos said at the conference. For the full article click here
from hacker samurai http://ift.tt/2fMp8YV
via IFTTT
Top Story: America under attack? Russian hackers launch massive phishing scheme after election
The 2016 presidential election is finally behind us and the U.S. has chosen new leadership. President-elect Donald Trump will be sworn into office on Friday, January 20, 2017.
This campaign cycle lasted for nearly a year-and-a-half and had plenty of bumps in the road along the way. One of the more shocking storylines was U.S. officials accusing the Russian government of trying to disrupt the U.S. election process. Now that the election is over, there are new allegations coming out against the same hacking group. The security firm, Volexity, says the same group that hacked the Democratic National Committee (DNC) and leaked its emails is at it again. Volexity calls the hacking group “The Dukes” and claims it is sending malware-laced emails. The group is targeting non-government organizations and think tanks across Washington. For the full article click here
from hacker samurai http://ift.tt/2fMnp66
via IFTTT
Friday 11 November 2016
Make phishing great again: Hackers prod US think tanks, NGOs amid Trump win shockwaves | hacker samurai
from Hacker Samurai http://hackersamurai.com/make-phishing-great-again-hackers-prod-us-think-tanks-ngos-amid-trump-win-shockwaves/
via IFTTT
Make phishing great again: Hackers prod US think tanks, NGOs amid Trump win shockwaves
With half of America celebrating the victory of the Republicans and President-elect Trump, and the other half mourning the result, a targeted phishing campaign engulfed various US think tanks and NGOs the week.
Security firm Volexity spotted the attack, which began around six hours after the President-elect clinched the necessary electoral votes. The phishing emails were sent using a mix of Gmail accounts and from compromised email accounts at Harvard’s Faculty of Arts and Sciences (FAS). Five waves of malware were sent out in the attack.
“Three of the five attack waves contained links to download files from domains that the attackers appear to have control over,” the firm said in an advisory. “The other two attacks contained documents with malicious macros embedded within them. Each of these different attack waves were slightly different from one another.”
The phishing emails were all election themed. Two claimed to have come from the Clinton Foundation with news about the results, two others claimed to have evidence that the election had been rigged, and one offered apparent post-election analysis. For the full article click here
from hacker samurai http://hackersamurai.com/make-phishing-great-again-hackers-prod-us-think-tanks-ngos-amid-trump-win-shockwaves/
via IFTTT
An Australian startup that unleashes hackers onto customers just won big in Hong Kong
An Australian “ethical hacking” cybersecurity startup has just scored a major win in Asia.
Brisbane’s Entersoft was the only Australian company among eight selected in Hong Kong last Monday to be admitted to the SuperCharger FinTech 2.0 accelerator. The startup will enter the 12-week program early in the new year.
“We are keen to use this accelerator experience to help position cybersecurity as an integral part of what is expected to be major growth in the fintech industry in Asia,” said co-founder Mohan Gandhi.
“[The accelerator] will help us build our networks and customer base into the growing fintech hubs of Hong Kong, China and Singapore.” For the full article click here
from hacker samurai http://ift.tt/2eJ2kXx
via IFTTT
Thursday 10 November 2016
Yahoo is worried that hackers might have access to your accounts | hacker samurai
from Hacker Samurai http://hackersamurai.com/yahoo-is-worried-that-hackers-might-have-access-to-your-accounts/
via IFTTT
iOS 10.1 jailbreak news: Has a new team of hackers developed the tool already? | hacker samurai
from Hacker Samurai http://hackersamurai.com/ios-10-1-jailbreak-news-has-a-new-team-of-hackers-developed-the-tool-already/
via IFTTT
Yahoo is worried that hackers might have access to your accounts
Yahoo’s having a terrible 2016: After it was acquired for a pittance by Verizon in July, the company admitted to a massive breach that took place in 2014 and saw hackers make off with 500 million users’ personal information.
Its new owner subsequently sought a billion-dollar discount on its purchase. As if things couldn’t get much worse, the company noted in a filing with the US Securities and Exchange Commission that at least some of its staff were aware of the breach in 2014, and that’s it’s currently evaluating whether the hackers have gained access to users’ accounts. That’s bad – really, really bad. The company said that earlier this week, “law enforcement authorities began sharing certain data that they indicated was provided by a hacker who claimed the information was Yahoo user account data,” and that it will “analyze and investigate the hacker’s claim that the data is Yahoo user account data.” For the full article click here
from hacker samurai http://hackersamurai.com/yahoo-is-worried-that-hackers-might-have-access-to-your-accounts/
via IFTTT
iOS 10.1 jailbreak news: Has a new team of hackers developed the tool already?
It has been some time since iOS 10.1 has been released, yet no jailbreak tool has been released. It is usually the Pangu and TaiG teams that find a way to break the Apple security, but it looks like they are having a hard time doing so. A new jailbreak team known as Unlock-Jailbreak is said to be heading the jailbreak game.
Pangu and TaiG teams usually realease a jailbreak tool two weeks after Apple releases its updated operating system (OS). However, nothing is heard from both teams, which has prompted speculations that they have been having a hard time breaking in. Instead, Unlock-Jailbreak is said to be working on a jailbreak tool that lets users install Cydia among the other many benefits.
The 10.1 jailbreak is also reported to allow the use of SIM cards from various network providers, which means it unlocks the phone’s exclusivity to certain providers upon installation. And if the said effects are not enough, it comes with a lifetime updates and support, and money-back guarantee. For the full article click here
from hacker samurai http://hackersamurai.com/ios-10-1-jailbreak-news-has-a-new-team-of-hackers-developed-the-tool-already/
via IFTTT
Wednesday 9 November 2016
Hackers targeted Clinton and Trump websites using Mirai botnet before Election Day | hacker samurai
from Hacker Samurai http://hackersamurai.com/hackers-targeted-clinton-and-trump-websites-using-mirai-botnet-before-election-day/
via IFTTT
Lansing utility paid ransom to cyber hackers | hacker samurai
from Hacker Samurai http://hackersamurai.com/lansing-utility-paid-ransom-to-cyber-hackers/
via IFTTT
Hackers targeted Clinton and Trump websites using Mirai botnet before Election Day
Hackers tried to cripple the campaign websites of US presidential candidates Hillary Clinton and Donald Trump this week employing the same Mirai malware used to take down a part of the internet in the US and Europe in October. According to security firm Flashpoint, four 30-second HTTP Layer 7 attacks were detected between 6-7 November. However, they note that neither site experienced any outages because the Mirai botnet is getting weaker.
“Flashpoint assesses with moderate confidence that the Mirai botnet has been fractured into smaller, competing botnets due to the release of its source code, which has led to the proliferation of actors exploiting the botnet’s devices,” the firm said. Researchers said they do not believe that the attacks were the work of nation-state actors, but were likely the work of “unsophisticated actors” using the Mirai IoT botnet to target the candidates’ sites. For the full article click here
from hacker samurai http://hackersamurai.com/hackers-targeted-clinton-and-trump-websites-using-mirai-botnet-before-election-day/
via IFTTT
Lansing utility paid ransom to cyber hackers
LANSING, MI (WLMI) — The Lansing Board of Water & Light confirmed on Tuesday it did pay a $25,000 ransom to unlock its internal communications systems this past spring to unlock its internal communications system following a cyber attack.
In all, the incident costs the utility about $2.4 million in recovery costs and upgrades in technology to prevent it from happening again.
Several BWL IT department employees have left the Lansing owned utility since the March attack. The cyber hackers demanded payment in bitcoin, a form of online payment often used by cyber criminals to extract payment from victims. For the full article click here
from hacker samurai http://hackersamurai.com/lansing-utility-paid-ransom-to-cyber-hackers/
via IFTTT
Tuesday 8 November 2016
Can Microsoft Protect The King Of Chess From Russian Hackers In The Upcoming World Championship?
There’s been a lot of anticipation in the upcoming World Chess Championship. The event that will star on Nov. 11 in New York will pit reigning World Champion Magnus Carlsen against the Ukrainian-born challenger Sergey Karjakin. However, Carlsen is worried about a possible Russian hack that might cause his defeat.
Now, the Norwegian Chess Grandmaster is asking for Microsoft Norway’s protection. Can Microsoft actually secure the preparation of the king of chess?
Protection From Russian Hackers
Carlsen has grown weary of Russian hack amidst his preparation for an intense 12-game match against Karjakin. According to the Telegraph UK, Carlsen has been using high-powered chess computers for months. He is not playing chess against these computers. Instead, Carlsen utilizes them to come up with moves for the upcoming event. For the full article click here
from hacker samurai http://ift.tt/2eRt9tr
via IFTTT
Google plugs Gmail vulnerability that allowed hackers to post from your account
GOOGLE HAS plugged a vulnerability in Gmail that allowed potential hackers to bypass authorisation processes and send mail from @gmail.com and @googlemail.com accounts.
Ahemd Mehtab, a security boffin and boss at Security Fuse, discovered the problem which is said to stem from the way that Google allows users to transfer between Google accounts without logging out.
It’s not a huge panic as it works only if the victim has blocked the sender, or the account is deactivated. Plus, Google has confirmed that the flaw is fixed, but it does seem like it was perfect fodder for someone seeking a bit of revenge trolling.
It appears that the problem was an anomaly, as it did not allow access to the Play ecosystem, which contains financial information. But in terms of privacy breaches, it’s still an absolute whopper, but unrealised, whereas in 2014, researchers managed to find a hack with a 92 per cent success rate. For the full article click here
from hacker samurai http://ift.tt/2eRnxiO
via IFTTT
Monday 7 November 2016
Here’s how voter data could get hacked, but Orange County says rigged election is almost impossible
With all the talk about election rigging in the lead-up to Tuesday, the bad news is that hackers might be able to find and compromise and maybe even change California voter registration databases.
The good news? If they did, it wouldn’t do much to the election.
Mikhail Gofman, associate professor of computer science at Cal State Fullerton, says it’s possible, theoretically, for the system to be hacked.
Neal Kelley, Orange County’s registrar of voters, says the election system’s checks and balances would make it impossible for such a hack to have any influence on a vote.
Here’s what they’re talking about:
Gofman envisions a scenario in which people show up to vote on Election Day only to find they cannot because a hacker has erased them from the registration rolls. For the full article click here
from hacker samurai http://ift.tt/2fTit1H
via IFTTT
US cyber army ready to hit Russian infrastructure if US elections are hacked
US military hackers are understood to have penetrated Russia’s electricity grid, telecoms networks and Kremlin command systems, ready to strike back if the pivotal US elections are disrupted by hackers.
It has been part of the US military doctrine for a number of years to consider an attack on US-based servers as an attack on sovereign territory.
But high-profile attacks – like those on Sony Pictures by North Korea, and a variety of attacks on US government bodies in the past year or two – beg the question: what is the US actually doing about it? Or perhaps, how much do we actually know about what the US is doing? For the full article click here
from hacker samurai http://ift.tt/2fTeqm7
via IFTTT
Saturday 5 November 2016
New generation of ethical hackers aims to impress recruiters
With the launch of the National Cyber Security Centre, backed by £1.9bn of funding to battle online crime, the government has made a statement.
Defence experts have long warned of the growing menace of cybercrime and now they have good reason to believe the threat is being given priority treatment.
Recognising the danger is one thing though, dealing with it another. The world – and by extension the UK – is facing a shortage of people with the skills needed to mount an effective defence. The global cyberdefence industry is going to need another 1.5 million staff by 2020, according to non-profit security organisation (ISC)2.
At the Cyber Security Challenge in London – a three-day competition designed to identify raw cybersecurity talents – recruiters are doing their best to address the shortage.
Stephanie Daman, the chief executive of Cyber Security Challenge UK, believes that the UK is slowly recognising the value of ethical hackers, also known as “white hats”, the cybertroops required to protect our increasingly connected world. For the full article click here
from hacker samurai http://ift.tt/2eoqsP6
via IFTTT
US Hackers Ready To Retaliate On Possible Russia Cyber Mischief During The Election
It’s already less than a week before another historic US election. No matter whom Americans vote for, the security and credibility of the election should be ensured. US military hackers are prepared to retaliate amidst the threats of possible cyber mischief by Russia and other countries.
US Military Hackers Are Ready To Retaliate
NBC News was able to review top secret documents regarding the said action that US hackers could take. A senior intelligence official also revealed that Russia’s electric grid, telecommunications network and the Kremlin’s command systems have been penetrated by the US military hackers.
Apparently, secret American cyber weapons will attack these if the US deem it necessary. This might have been to address concerns over Russia’s plan to disrupt the upcoming election. US intelligence officials are anticipating a cyber mischief that will include possible release of fake documents.
There might also be a proliferation of bogus social media accounts to spread misinformation. NBC further reports that a Russian hacker called “Guccifer 2.0″ has tweeted a threat. The US is warned to monitor the elections “from the inside system”. For the full article click here
from hacker samurai http://ift.tt/2fNKasI
via IFTTT
Friday 4 November 2016
Hacker sentenced to 29 months for developing PhotoFucket for ‘fusking’ naked Photobucket images
Hacker who developed a code to scan Photobucket’s 10 billion images sentenced to 29 months in prison
A 41-year-old Colorado hacker was sentenced Tuesday to 29 months in prison for selling his software which enabled blackmailers and others to scan Photobucket’s 10 billion images for nude images.
The United States Department of Justice had arrested two men in May, 2015 for “breaching the computer services of Colorado-based Photobucket.” The two men, Brandon Bourret, aged 39, of Colorado Springs, Colorado and Athanasios Andrianakis, aged 26, of Sunnyvale, California had developed a software known as “Photofucket” for “fusking”.
The software developed by these two was capable of hacking into the private Photobucket albums and stealing NSFW images of subscribers. Photobucket is an image and video hosting service with as many as 100 million users who keep their content in either public or private account. Some of those images are of nude Photobucket customers who thought their content was stored privately. For the full article click here
from hacker samurai http://ift.tt/2f1ggjn
via IFTTT
Israeli hackers show light bulbs can take down the internet
Weizmann Institute researchers use airborne drone to take control of nearby office devices to demonstrate vulnerability of the ‘Internet of Things’
A team of researchers at Israel’s Weizmann Institute of Science has shown how hackers can use the simplest of household devices, like light bulbs, to potentially take down sections of the internet or launch a full-scale attack on a country’s infrastructure.
The researchers focused on hacking into ordinary devices which are connected to the internet, the so-called “Internet of Things,” to show how easy it is to take control of the devices and employ them for the kind of distributed denial of service (DDoS) attack that took down wide swathes of the internet last month for several hours.
The experiment, carried out by four researchers, Eyal Ronen, Colin O’Flynn, Adi Shamir and Achi-Or Weingarten, focused on simple Philips Hue wifi-connected smart bulbs and showed how the bulbs can “infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction.”
“The attack can start by plugging in a single infected bulb anywhere in the city, and then catastrophically spread everywhere within minutes,” the researchers’ paper said. For the full article click here
from hacker samurai http://ift.tt/2fold2T
via IFTTT
Thursday 3 November 2016
Election Cyberattacks: Pro-Russia Hackers Have Been Accused in Past
LONDON — While Americans are just coming to terms with the prospect of political cyberattacks tied to Russia — it isn’t the first time Kremlin-linked hackers have been accused of trying to influence voters in other countries.
A torrent of stolen emails released by WikiLeaks — most damaging to the Democrats and Hillary Clinton — have marked the 2016 race in what U.S. intelligence officials say is an unprecedented attempt to by Vladimir Putin’s government to undermine trust in the U.S. election process.
“We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities,” the Department of Homeland Security and the Office of the Director of National Intelligence said in an extraordinary gloves-off statement on Oct. 7.
Russia has been accused of this before, notably when hackers attempted to hijack an election in neighboring Ukraine in 2014. For the full article click here
from hacker samurai http://ift.tt/2ffA8NM
via IFTTT
5 ways to protect your email account from hackers
Email is the engine that keeps London offices ticking over. For Hillary Clinton, Anthony Weiner and Huma Abedin, sending emails on shared computers and accounts might have been a time-saver but has now led to an FBI investigation. Our Government is also taking email seriously. This week it announced a new £1.9 billion cyber defence plan.
Even if you’re not running for office, like Clinton, it’s worth keeping a check on your inbox, if only to avoid that sinking feeling when you worry that you’ve accidentally sent a caustic message to the wrong person. Here’s how to get inbox clever.
Two-step security
Hillary’s campaign chair John Podesta fell foul of hacking this week after being asked to change his password by fake account no-reply@accounts.googlemail.com. Two-factor authentication might have given him extra protection — it means that before you can change anything on your account you need to go through a second check, such as a message to your phone. Cyber-security expert Dr Jessica Barker thinks this is key for personal security but 70 per cent of people in the UK don’t know what it is. It’s available on Gmail, Outlook and Facebook among others, so turn it on. For the full article click here
from hacker samurai http://ift.tt/2fyqeLb
via IFTTT
Wednesday 2 November 2016
Microsoft says Russia-linked Fancy Bear hackers are exploiting Windows zero-day flaws
Microsoft has identified a Russia-linked hacker group’s involvement in the zero-day attacks. The hacker group Strontium, which is also known as APT28 and Fancy Bear among others, is the same entity believed to be responsible for the controversial DNC (Democratic National Committee) hack. Microsoft said that Strontium was conducting “low-volume” spear phishing campaigns to target Windows users.
The company revealed that the hacker group leveraged two zero-day vulnerabilities, which were recently exposed by Google, in Adobe Flash and down-level Windows kernel to “target a specific set of customers”. Microsoft, however, refrained from mentioning the identities of the victims targeted by the attack.
A zero-day vulnerability is a publicly disclosed security flaw that was not known before and for which the software maker is yet to release a patch. For the full article click here
from hacker samurai http://ift.tt/2fawaIZ
via IFTTT
Tuesday 1 November 2016
Carolinas, dozens of states ask feds to help stop election hackers
All but four states are asking the federal government to take a second look at election systems online, according to CNN.
The Carolinas are part of that group looking to boost security to keep hackers out, but it is unclear whether Georgia will ask the feds for help, instead relying on its own resources.
The Department of Homeland Security is offering to scan state election systems, looking for vulnerabilities and suggesting ways to improve security online.
The effort comes after hackers targeted voting systems in several states and hacked into the Democratic National Committee.
South Carolina officials said they’re looking to reassure voters that information is protected online.
“It’s very important for voters to have the assurance that their vote counts and to have confidence in the system,” South Carolina Election Commission spokesperson Chris Whitmire said. “We’re not only taking steps to protect the process but we want people to know that we’re doing that, that we’re on top of it and doing everything we can.” For the full article click here
from hacker samurai http://ift.tt/2e90rmM
via IFTTT
Chinese hackers win US$215,000 for cracking Google Nexus, iPhones at global competition
A group of young Chinese hackers affiliated with internet giant Tencent won US$215,000 by gaining unauthorised access to Nexus 6P and iPhone 6s phones at an international mobile hacking challenge in Tokyo last week.
The Tencent team, called Keen Security Lab, beat a rival team led by cybersecurity research platform MWR Labs to claim the title of Master of Pwn at Mobile Pwn2Own 2016 on October 26.
The hackers exploited vulnerabilities to access Google Nexus 6P and IPhone6s while their latest software and program patches were running, said the event’s organiser Trend Micro, a US-based internet security company. For the full article click here
from hacker samurai http://ift.tt/2f55ut7
via IFTTT
Subscribe to:
Posts (Atom)