Jump to content
Praetorian

Cyber Security

Recommended Posts

I get semi regular messages about cyber security concerns. Some of them are more interesting than others. Most, however, are irrelevant to most people.

Every now and then I do find something that other people might care about, so I decided I'd start sharing them.

https://thehackernews.com/2018/02/hacking-skype.html?m=1

 

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

Uber Sued After Data Stolen By Hackers Covered Up - Uber broke Pennsylvania law when it failed to notify potential victims for a year after it discovered hackers had stolen their personal information. Hackers stole the names and driver's license numbers of at least 13,500 Pennsylvania Uber drivers. Uber is accused of violating a state law requiring it to notify victims of a data breach within a "reasonable" time frame. "Instead of notifying impacted consumers of the breach, Uber hid the incident for over a year — and actually paid the hackers to delete the data and stay quiet.” 

http://abcnews.go.com/US/wireStory/uber-sued-data-stolen-hackers-covered-53529638

 

Hackers Can Use Cortana To Open Websites On Windows 10 Even If Your PC Is Locked - If running a WIN 10 based system, a simple hack involving activating Cortana via voice command to open websites on a PC that is locked. This flaw was discovered on systems that the OS was installed with default settings. And it has already been reported that voice assistants can be fooled with noise that is undetectable to the human ear. By default your system probably has “use Cortana even when my device is locked.”

 https://thenextweb.com/artificial-intelligence/2018/03/07/hackers-can-use-cortana-to-open-websites-on-windows-10-even-if-your-pc-is-locked/

 

Share this post


Link to post
Share on other sites

SEC Charges Former Equifax U.S. CIO with Insider Trading Related to Data Breach - The SEC has charged former Equifax executive Jun Ying with insider trading saying he sold stock based on confidential company information
enabling him to avoid more than $117,000 in losses. “The SEC alleges that before Equifax's public disclosure of the data breach, Ying exercised all of his vested Equifax stock options and then sold the shares, reaping proceeds of nearly $1 million.” The charges specifically say Ying violated the antifraud provisions of the federal securities laws and seeks disgorgement of ill-gotten gains plus interest, penalties, and injunctive relief.
https://www.scmagazine.com/sec-charges-former-equifax-us-cio-with-insider-tr
ading-related-to-data-breach/article/751109/

MOSQUITO Attack Allows to Exfiltrates Data from Air-Gapped Computers Via Leverage Connected Speakers - MOSQUITO is new technique devised by a team of researchers at Israel’s Ben Gurion University, led by the expert Mordechai Guri, to exfiltrate data from an air-gapped network. This was accomplished by using malware and leveraging connected speakers (passive speakers, headphones, or earphones) to acquire the sound from surrounding environment by exploiting a specific audio chip feature. Recommend users ensure malware
protection software is up to date. 
http://securityaffairs.co/wordpress/70192/hacking/mosquito-attack-airgapped-
networks.html

Share this post


Link to post
Share on other sites

Hackers Steal Payment Card Data On 880K From Expedia Orbitz - Another season, another breach of personal information from a consumer-facing website. This time, it's Expedia's Orbitz and approximately 880,000 payment cards with information now in the hands of criminals. According to Expedia, both its partner website and its consumer site were affected by the breach. The consumer site was breached sometime between Jan. 1, 2016 and June 22, 2016, while the partner site was hit between Jan. 1, 2016 and Dec. 22, 2017. The company said that information including names, phone numbers, email, and billing addresses also might have been accessed. http://www.darkreading.com/attacks-breaches/hackers-steal-payment-card-data-on-880k-from-expedia-orbitz/d/d-id/1331318

 

New Ransomware Zenis Will Delete Backup Files Even If Victim Pays - A self-proclaimed “mischievous boy” who calls himself “ZENIS” unleashed ransomware attacks that encrypt the files and then purposely deleted the backups. Zenis uses a customized encryption method that warns recipients to pay up or risk losing forever their infected files. Presently it is  unknown how Zenis is being distributed or the extent of its effectiveness.

MITIGATION STRATEGY: Users affected by this ransomware are advised not to pay the demand and instead seek assistance from companies such as MalwareHunterTeam or Abrams. www.scmagazine.com/new-ransomware-zenis-will-delete-backup-files-even-if-victim-pays/article/752763/

Share this post


Link to post
Share on other sites

Atlanta Government Systems Hit By Ransomware - The city of Atlanta has suffered a ransomware attack on Thursday, which resulted in outages of some of its customer facing applications, including some that customers may use to pay bills or access court-related information. Richard Cox, the new Atlanta chief operations officer, shared that the city systems have been hit with ransomware and that the malware has encrypted some of the city’s data. It is still unclear if the attack resulted in the compromise of personal or financial information. https://www.helpnetsecurity.com/2018/03/23/atlanta-government-systems-ransomware/

 

QR Code Bug In Apple iOS 11 Could Lead You To Malicious Sites - A new vulnerability has been disclosed in iOS Camera App that could be exploited to redirect users to a malicious website without their knowledge. This affects Apple's latest iOS 11 mobile operating system for iPhone, iPad, and iPod touch devices and resides in the built-in QR code reader,  which fails to detect the hostname in the URL, allowing attackers to manipulate the displayed URL in the notification, tricking users to visit malicious websites.

 MITIGATION STRATEGY: Be careful when using this iPhone feature, as its use may direct you to a malicious site. Ensure that your device has all patches and updates. https://thehackernews.com/2018/03/ios-qr-code-camera.html

 

Share this post


Link to post
Share on other sites

A bit of an oldie, 4 years ago, but still a goodie, and from a security perspective goes to show that even having tight logic built into your network and security devices may not be enough: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/

Share this post


Link to post
Share on other sites

Some malware allows a hacker to bug pretty much any device, like office phones and printers and not just computers, through software:

https://arstechnica.com/information-technology/2015/08/funtenna-software-hack-turns-a-laser-printer-into-a-covert-radio/

Video explanation 

https://youtu.be/5GnMj5cus4A

Edited by supernal

Share this post


Link to post
Share on other sites

Security Breach Leaks Millions of Panera Bread Customers' Personal Information, Report Says Panera Bread’s website has allegedly been leaking names, email addresses, physical addresses, birthdays, ordering habits, food preferences, and the last four digits of credit card numbers of customers who have used MyPanera or ordered food online over the past eight months. A security researcher claims he first reported the data leak to the fast-casual chain on August 2, 2017, but claims they disregarded his information as a scam. The company released a statement claiming only 10,000 customer records were exposed.
 http://people.com/food/panera-bread-leak-security-breach-mypanera/

Facebook Admits Public Data of its 2.2 Billion Users Has Been Compromised - Facebook dropped another bombshell on its users by admitting that all of its 2.2 billion users should assume malicious third-party scrapers have compromised their public profile information. On Wednesday, Facebook revealed that "malicious actors" took advantage of "Search" tools on its platform to discover the identities and collect information on most of its 2 billion users worldwide. The feature has been disabled and many new security patches are rolling out.

MITIGATION STRATEGY: Users are encouraged to pay close attention to app updates within their respective app store to ensure latest security updates are installed.
https://thehackernews.com/2018/04/facebook-data-privacy.html

Share this post


Link to post
Share on other sites

48 Million Profiles Left Exposed by Data Scraping Firm, Report Says - LocalBlox, a company that scrapes user information from social media and other websites to repackage and sell, left 48 million of its records exposed on a public server. The data on each individual reportedly includes names, addresses, dates of birth, LinkedIn job histories, public Facebook data, Twitter handles and information from real estate listing site Zillow. LocalBlox founder Ashfaq Rahman told ZDNet that the 48 million figure is inflated because the dataset includes records that are intentionally fake for testing purposes. https://www.cyberscoop.com/localblox-upguard-data-scraping-breach/
 

'iTunes Wi-Fi Sync' Feature Could Let Attackers Hijack Your iPhone, iPad Remotely - Researchers at Symantec have issued a security warning for iPhone and iPad users about a new attack, which they named "TrustJacking," that could allow someone you trust to remotely take persistent control of, and extract data from your Apple device. The feature allows the computer owner to secretly spy on your iPhone over the Wi-Fi network without requiring any authentication, even when your phone is no longer physically connected to that computer. Ensure that no unwanted computers are being trusted by your iOS device. For this, you can remove the trusted computers list by going to Settings → General → Reset → Reset Location & Privacy. https://thehackernews.com/2018/04/iphone-itunes-wifi-sync.html

Share this post


Link to post
Share on other sites

SunTrust Unfaithful Employee May Have Stolen Data on 1.5 Million Customers - SunTrust Banks, Inc. announced recently it had discovered that a former employee may have attempted to download information on nearly 1.5 million clients and share it with a criminal organization. The company said it doesn't believe the information contains any personally identifiable
information, but does include name, address, phone numbers, and certain account balances. All clients are being offered identity protection services as a result of the potential incident. https://securityaffairs.co/wordpress/71660/data-breach/suntust-data-breach.html

Study Finds Children Hit Worst By Data Breaches - A recent study by Javelin Strategies found that more than a million children were affected by
identity fraud. Researchers pointed out that children are often a target because they offer "blank slate" identities with limited financial histories giving fraudsters the ability to establish and slowly develop networks of accounts over time before tapping the accounts. 66% of child victims were under age eight and 20% were between eight and 12.  https://www.scmagazine.com/a-recent-javelin-strategies-study-found-that-more-than-a-million-children-were-affected-by-identity-fraud-which-resulted-in-26-billion/article/761189/

Share this post


Link to post
Share on other sites

 Hackers Build a 'Master Key' That Unlocks Millions of Hotel Rooms - A critical design vulnerability in a popular and widely used electronic lock system can be exploited to unlock every locked room in a facility, leaving millions of hotel rooms around the world vulnerable to hackers. The 'master key' could be used to unlock doors using VingCard digital lock technology, without leaving a trace on the system. To obtain the electronic key needed to build the 'master key' the hacker simply needs to be standing next to someone with an active key on them.
https://thehackernews.com/2018/04/hacking-hotel-master-key.html

Massive Phishing Campaign Targets Half a Billion Users in the First Quarter 2018 - A massive phishing campaign has targeted more than 550 million email users globally since the first quarter of 2018. Researchers first spotted the campaign in early January impacting email users in the U.S., U.K., France, Germany, and the Netherlands. The emails masquerade as popular brands, online streaming services, and telecom operators and are designed to steal users' bank account details by offering them a coupon or discount in exchange for participating in a quiz or online contest. Recommend users remain vigilant even if the email message appears to be coming from a familiar brand, and never click the links within suspicious emailswww.scmagazine.com/massive-phishing-campaign-targets-half-a-billion-users-in-the-first-quarter-2018/article/761541/

Share this post


Link to post
Share on other sites

Cybersecurity fiasco: Interior Department Computers Trying to Talk to Russia, Inspectors Say - Three years after Chinese hackers stole security clearance files and other sensitive personal information of some 22 million U.S. federal employees, cyber-defenses at the Department of Interior, which hosted White House Office of Personnel Management (OPM) servers targeted in the theft, were still unable to detect "some of the most basic threats" inside Interior's computer networks - including malware actively trying to make contact with Russia. 
http://www.foxnews.com/politics/2018/04/05/cybersecurity-fiasco-interior-department-computers-trying-to-talk-to-russia-inspectors-say.html

Twitter Urges Users to Change Their Passwords After Discovering - Twitter is urging users to change their passwords after discovering a bug in its system that left passwords exposed. "We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you've used this password," Twitter tweeted on Thursday". The company states that the logs have been cleared and are implementing plans to prevent the bug from happening again. http://www.foxnews.com/tech/2018/05/03/twitter-urges-users-to-change-their-passwords-after-discovering-bug.html

Facebook Starts Investigation After Employee Allegedly Used 'Privileged' Access to Stalk Women - Facebook has launched an investigation following an allegation that a security engineer at the social network used "privileged access" to personal data to cyber-stalk women. Facebook told Fox News that it is investigating the allegation. "We are investigating this as a matter of urgency. It's important that people's information is kept secure and private when they use Facebook" . MITIGATION STRATEGY: Recommend Facebook users verify privacy settings are enabled and location services are disabled
http://www.foxnews.com/tech/2018/05/02/facebook-starts-investigation-after-employee-allegedly-used-privileged-access-to-stalk-women.html

Share this post


Link to post
Share on other sites
6 minutes ago, Praetorian said:

Cybersecurity fiasco: Interior Department Computers Trying to Talk to Russia, Inspectors Say - Three years after Chinese hackers stole security clearance files and other sensitive personal information of some 22 million U.S. federal employees, cyber-defenses at the Department of Interior, which hosted White House Office of Personnel Management (OPM) servers targeted in the theft, were still unable to detect "some of the most basic threats" inside Interior's computer networks - including malware actively trying to make contact with Russia. 
http://www.foxnews.com/politics/2018/04/05/cybersecurity-fiasco-interior-department-computers-trying-to-talk-to-russia-inspectors-say.html

Twitter Urges Users to Change Their Passwords After Discovering - Twitter is urging users to change their passwords after discovering a bug in its system that left passwords exposed. "We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you've used this password," Twitter tweeted on Thursday". The company states that the logs have been cleared and are implementing plans to prevent the bug from happening again. http://www.foxnews.com/tech/2018/05/03/twitter-urges-users-to-change-their-passwords-after-discovering-bug.html

Facebook Starts Investigation After Employee Allegedly Used 'Privileged' Access to Stalk Women - Facebook has launched an investigation following an allegation that a security engineer at the social network used "privileged access" to personal data to cyber-stalk women. Facebook told Fox News that it is investigating the allegation. "We are investigating this as a matter of urgency. It's important that people's information is kept secure and private when they use Facebook" . MITIGATION STRATEGY: Recommend Facebook users verify privacy settings are enabled and location services are disabled
http://www.foxnews.com/tech/2018/05/02/facebook-starts-investigation-after-employee-allegedly-used-privileged-access-to-stalk-women.html

Zero'ing on that last one, if the stalker has backend escalated/privileged access, I'm not sure what "enabling privacy settings" is going to do to protect the end user. The backend can probably enable the settings whenever/as much as they want, if not have access to the data from the database vs the frontend which most end-users interface with

Spooky :(

Share this post


Link to post
Share on other sites

It is hard to say, mostly because I don't know how their privacy settings function.

For example, if they just keep data from being being displayed, I agree with you.

However, if they keep data from being collected, well then, there is a benefit.

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...