Tuesday, 15 November 2016

Chinese Hackers Busted the Google Pixel in Under 60 Seconds

  • The same team that hacked the Tesla Model S also found a weakness to exploit in the Google Pixel at a South Korean hacking competition.
  • Qihoo 360 was awarded a $120,000 bounty from Google, who now is working on beefing up Pixel's security.
As we continue to become a more connected society, the importance of cybersecurity is growing. That’s why companies like Google welcome good-guy hackers to help find holes in their systems or products, such as the Google Pixel. In fact, a Chinese hacking team found a weakness in the smartphone and exploited it in under a minute.
The team, called Qihoo 360, was participating in PwnFest, a hacking contest and security conference in South Korea. Qihoo 360 remotely accessed the Pixel to send hack codes that launched Chrome and displayed a web page reading “Pwned By 360 Alpha Team.” The team was awarded a $120,000 bounty from Google, who now is working on beefing up Pixel’s security.
Credit: The Register
Credit: The Register
In the wrong hands, such a hack could compromise a user’s personal data, which criminals can use maliciously.
Two years ago, Qihoo 360 performed a similar hack on a Tesla Model S, where they were able to remotely control the locks, open the sunroof, and interfere with the traction controls and charging system.
These hacks demonstrate how vulnerable our technology can be. Internet safety is getting trickier, and more support needs to be placed toward cybersecurity measures. Hopefully, these hackers stay on our side.

The Election Is Over, But Russia Is Still Hacking

Before most Americans woke up last Wednesday and learned Donald Trump had won the presidential election, hackers linked to Russian intelligence had already launched a sweeping cyberespionage campaign to find out what his victory meant for Vladimir Putin's government.
Russia has always placed a top priority on vacuuming up whatever intelligence it can about a new American president and their top advisors and plans, to gain strategic advantage, Sean Kanuck, the nation's first National Intelligence Officer for Cyber Issues from 2011 to 2016 told NBC News.
"And especially after the largest electoral upset in recent American history, it would be all the more important to collect as much information as possible on the new administration and its probable policies," said Kanuck, now an affiliate with the Center for International Security and Cooperation at Stanford University.
Image: Computer keyboar
Russian hackers didn't stop working after the election. Oliver Nicolaas Ponder / Getty Images/EyeEm
As Team Trump ramps up the transition and then takes over the levers of power, Kanuck said, "I would expect it will only increase against all of his close confidants and advisors."
The Nov. 9 attack especially targeted "people who are or will be associated with the incoming administration," according to Steven Adair, founder of Volexity, the cyber security firm that first disclosed the campaign.
Cybersecurity experts and current and former U.S. officials said they would have been surprised only if they did not see an aggressive post-election intel-gathering campaign by Russia."I assume the need for intelligence is greater than normal right now. Nobody knows what's going to be, what's going to happen," under Trump, said John Hultquist, director of cyberespionage analysis at the security firm iSIGHT Partners.
The attack came from the hacking crew known as Cozy Bear that U.S. officials have linked to earlier attacks on the Democratic National Committee, the White House, State Department and Joint Chiefs of Staff.
What's noteworthy, some said, was how quickly and aggressively the Russian-linked group is moving, especially when the new president-elect is the candidate Putin favored during the campaign.

Even though Trump and Putin have expressed support for improved U.S.-Russia relations, via his win Trump has suddenly become an opponent for a Russian president who views the U.S. as not just a competitor but in many ways as an enemy, experts said. As such, aggressive collection of intelligence on the Trump transition effort would be part of Putin's playbook, in terms of how the former KGB intelligence officer seeks to gain leverage over his opponents, said Shawn Henry, a former top FBI cybersecurity official who is now at the CrowdStrike security firm.
"They are interested in anything that is going to demonstrate and dictate the direction that the U.S. is going," including key players and policies, said Henry, whose security firm has tracked Cozy Bear for several years.
"It is a whole-cloth collection across the U.S. and how they can use that information in negotiations," Henry told NBC News. "If you know the answer before the test you are in a stronger position."

Two targets come forward

Cozy Bear's flurry of activity on the morning of Nov. 9 targeted think tanks, non-governmental-organizations and university researchers, said Adair. Most of those targeted had ties to the national security, defense, international affairs, public policy, and European and Asian studies realms, according to Adair and other experts at cybersecurity firms that track the Russian hackers.
"Before 9 a.m., we started seeing it," said Adair. "What are they after? We can't say with certainty. But one of the goals is to gain early access to the people who will have influence over where things are going, and to increase their foothold in organizations that are already playing, or will continue to play, a role in what happens next."
Adair told NBC News that the campaign especially targeted "people who are or will be associated with the incoming administration" or with those in Congress and other places who will be working with them. Also targeted: those with subject matter expertise in public policy matters that have suddenly risen in importance now that a Republican administration is taking over, he said.
"They want an early view of what happens," Adair said, "before it becomes policy or law."
Related: The Trail of Russian Hackers
Adair said the hacking campaign used sophisticated spearphishing techniques to send emails to hundreds of people that look so legitimate that they won't hesitate to click on links that are included, or to download files. That installs malware on their system and enables the hackers to get their emails and files and to move on to others they communicate with.
Two of the five separate "attack waves" included purported messages forwarded on from the Clinton Foundation giving insight and postmortem election analysis, a Volexity web report said.
So far, at least two targets have come forward. Maeve Whelan-Wuest of the Brookings Institution and Adam Segal of the Council on Foreign Relations tweeted that they received suspect emails. Neither are Russia experts, but Segal directs the council's Digital and Cyberspace Policy Program. And since both think tanks are prominent and focus on U.S.-Russia relations, it's likely the hackers targeted non-Russia experts who might be less suspicious of emails as a way of gaining access to the entire roster of experts and their contacts, one former senior U.S. intelligence official told NBC News.
The former intelligence official said the spearphishing campaign was also timed to maximize its chances of success: "People were in such a frenzy about the coming political change that their hesitation in opening an email or attachment would probably be greatly reduced."
Adair said the speed and intensity of the campaign suggests the hackers were planning their cyberattack no matter which candidate had won, but that they appear to have tailored the specifics to focus on people who were suddenly more important in a future Trump administration.
The big question is whether Russia will continue to use information it steals through cyberespionage to meddle in U.S. political affairs.
How Worried Should We Be About Russian Hackers?
Many experts bet yes, and say Putin often undermines foreign leaders by leaking enough true information to show that Russia has stolen their secrets, and then releasing manipulated or completely fabricated material that creates huge problems for them.
"They could quote Trump or his advisors saying things that they didn't say, to create added instability and uncertainty," Kanuck said. "Countries like Russia have a long history of influence operations and information confrontation. We should expect that to continue in the digital media space."


Boy, 17, admits TalkTalk hacking offences


 A teenager has pleaded guilty to charges relating to illegal computer hacking against the telecoms firm TalkTalk last year
A 17-year-old boy has admitted hacking offences linked to a data breach at the communications firm TalkTalk, claiming he was "just showing off" to friends.
Norwich Youth Court was told he had used hacking tool software to identify vulnerabilities on target websites.
The data haul netted email addresses, names and phone numbers, as well as 21,000 unique bank account numbers and sort codes.
The boy pleaded guilty to seven charges and will be sentenced next month.

'I have grown up'

The cyber attack on the company in October 2015 prompted fears thousands of people may have had their online details stolen.
The boy told magistrates: "I didn't think of the consequences at the time. I was just showing off to my mates."
"It was a passion, not any more. I won't let it happen again. I have grown up," he added.
His solicitor Chris Brown said he had played a small part in the scam, adding his behaviour had been that of an immature 16-year-old.
The charges against the boy also included attacks on other websites, including the universities of Manchester and Cambridge.
The boy will be sentenced for breaches under the Computer Misuse Act on 13 December. The magistrate said although further reports were needed, they were minded to spare the teenager jail.
Six other people were arrested in connection with the attack.

'Relentless focus'

TalkTalk was fined a record £400,000 last month for security failings which allowed customers' data to be accessed "with ease".
The attack was branded a "car crash" by former information commissioner, Christopher Graham.
The company claimed the hack cost the firm £42m but has since reported a surge in half-year profits.
It said it also lost 98,000 broadband customers in the first half of the year, though this was largely offset by 69,000 new customers signing up.
Dido Harding, chief executive of TalkTalk, said: "One year on we have maintained a relentless focus on looking after our existing customers and keeping up the pace across a wide range of operational improvements."

Wednesday, 19 October 2016

Using public WiFi? Here are 5 ways to stay safe from hackers







Free public WiFi is an easy way to access internet. And you don't have to pay anything. Except may be with your data, that is if you are not cautious. Although the free internet access points are a boon, especially to those who often have to travel, using them is also fraught with risk.
The freely downloadable "sniffing" software has made it easy for anyone to be able to hack into someone's WiFi session and see what they're surfing. These software tools are actually meant for IT administrators to troubleshoot network problems. But like everything, they can be used for good or for evil.
So what do you do? Well, keep on surfing internet through free Wi-Fi but just follow these 5 safety tips:
  1. Prefer HTTPS encrypted sites: Let's say you're grabbing lunch at your favourite cafe, waiting for your order to arrive. You pull out your tablet and begin browsing some news sites over the cafe's wifi to catch up on the latest headlines. Unbeknownst to you, that guy in the corner is snooping on your traffic and can see everything you're seeing. If the sites you're surfing are not https-encrypted, the guy in the corner will be able to see everything you're seeing. And the majority of sites still aren't - out of the top 100 most popular sites, only 25 use encryption by default. Sites with HTTPS encryption is more private and can be kept as confidential. So when on free Wi-Fi stick to HTTPS websites.
  2. Watch out for that hotspot: Beware of those unknown and strangely named WiFi connections showing up in your phone list. With small hardware investment, a hacker or cyber criminal can set up his own rogue WiFi hotspot that appears legitimate. If you use it, he can not only see what you're seeing, he can also jump in and alter what you're seeing. So you think you're logging into Gmail, but you're actually logging into his spoofed Gmail page - and now he has your credentials. This is known as a man-in-the-middle attack, and you can see some fun examples of it being done in this video where three politicians were hacked. This kind of attack is more complicated, but it can still be picked up pretty quickly in online tutorials.
  3. Use VPN: VPN stands for Virtual Private Network. It creates a secure connection so that your public WiFi connection will be protected from snoops. Even with their sniffing tools, all they'll be able to see is encrypted gobbledygook.
  4. Turn off your WiFi when not in use: With WiFi switched on in your phone, tablet or laptop, your phone's terminal is open even if you have not connected it to any access point. Though the risk factor is not huge in this case but any hacker can try to access your phone through bogus router. Also keeping your WiFi off when not in use saves your phone's battery.
  5. Say no to silly and repeated passwords: Having one passwords for multiple accounts is the silliest thing you can do to put your phone security at risk. In case a hacker manages to procure that one particular password, you very well know the repercussions of it. He/she can get an access to several accounts of yours. So always choose strong and unique passwords.

cyber-attacks-espionage time-to-destroy-the-hackers-ballistic-missile

Time to destroy the hacker’s ballistic missile

Which of the world's 7.5 billion people really clicked 'Send'? Anonymous email is a devastatingly effective delivery system for malware and the time has come to leave the 1970s behind and move on to a 21st century messaging standard.

 

Welcome to Enemy at the Gates!
This inaugural post and those that follow will use real-world and hypothetical cybercrime, cyber-espionage, and cyber-terrorism examples to comprehensively explore this question:
threat intelligence
If enterprises want to understand how they can better invest in security defenses, build the necessary
Read Now
What is the true real-world identity of the living, breathing human being standing at the intranet or internet gate and is that living, breathing human being an enemy or a friend?
The goals are to offer the reader different ways of thinking about how vulnerabilities are exploited by criminal, nation-state, and terrorist hackers and, more importantly, suggest paths forward to effective solutions.
Through many years of studying the cyber identity problem, I’ve noticed that cybersecurity discussions often focus on identity verification technologies and techniques in a context disconnected from the living, breathing human being standing behind passwords, multi-factor authentication procedures, and even biometric measures.
Most serious cyber breaches start with an anonymous living, breathing bad actor sending a malware-laden email to a target company employee. Just this month, the cybersecurity company Symantec announced that a second group of hackers targeted banks that use the SWIFT global financial transfer system. The report suggests the attackers used phishing emails containing malicious file attachments to deliver malware payloads into their target banks’ computer networks. To illustrate the seriousness of this incident, the first group of SWIFT hackers successfully stole $81 million from the Bangladesh Central Bank.
The criminal hackers involved in the more recent attack may have used simple email phishing where they had only general knowledge of the banks’ operations or spearphishing where they may have used social engineering techniques to gather specific information about bank employees to design a very convincing email. Certainly the focus of investigators is finding an answer to this question: “Which of the world’s 7.5 billion living, breathing human beings really clicked ‘send’?”  

What to secure your company.please  visit

 www.deiva.org

We do penetration testing with OWASP standard.

We can protect your organisation from black hat hackers by doing a secure penetration testing Pls call 91-9042758135 , info@deiva.org


Email is the cyber equivalent of a ballistic missile carrying a nuclear warhead and is a devastatingly effective hacker tool. Consider that the human being sending the email can be anyone operating from any location with no authentication mechanism available to the email server receiving the phishing or spearphishing email. The email technology in widespread use does not, as part of the protocol, demand that senders identify themselves in any context much less one in the real-world.
But none of this is new. The vulnerabilities baked into conventional email technology are well known. The amazing thing is that newer, more secure messaging systems haven’t yet killed it off.
Setting aside the question of why email is still around, we can conclude that hackers will always have the advantage as long as 40+ year-old conventional email technology remains in widespread use. The only effective solution is to adopt a top-to-bottom replacement for conventional email messaging. Critically, any such replacement must comprehensively address the anonymity problem.
It will be a very long and difficult process but the way forward is a focused, coordinated effort involving government standards agencies, legislatures, private companies, and cyber insurance providers. Government standards agencies such as the National Institute of Standards and Technology (NIST) should strongly promote security-focused guidelines for email replacement technologies; legislatures can use tax credits to encourage faster adoption of new messaging systems; insurance companies can use cyber policy rates to further boost the economic benefits of change.
Large businesses may hold the key to quicker adoption of new messaging technologies by using their size and economic influence to incentivize supply chains to adopt secure messaging technologies for business-to-business communication. Such action on the part of coalitions of large businesses can accelerate the successful retirement of SMTP email messaging throughout the broader economy since employees will become familiar with messaging alternatives and begin to use them when not at work.
[ RELATED: How to craft a security awareness program that works ]
Pushback from those who say this task is too difficult, expensive, or disruptive must be challenged with the unarguable fact that current email technology cannot be made secure and hackers are a very determined species.
Until email replacements are widely adopted and before focusing exclusively on the relative merits of anti-malware systems and other technologies designed to deal with attacks after the phishing email attachment is opened, security professionals should always ask ‘Who are the living, breathing human beings sending emails to my company’s employees? Are they friends or enemies at the gate?

Tuesday, 4 October 2016

Hacking, Trading Forum w0rm.ws Hacked; Exploit Kits, Database Leaked

Hacking, Trading Forum w0rm.ws Hacked; Exploit Kits, Database Leaked
                A group of popular darknet hackers going by the handle of Peace_of_Mind have hacked and defaced the official website of w0rm.ws, an ‘invite only’ hacking and trading forum that sells stolen data and exploits to buyers.
The hackers left a deface page along with a brief message on the forum’s homepage with personal details of a man named Sarpovu Nikolai alleged by the hackers as the owner of the wOrm.ws forum. In other words, the hackers have allegedly doxed the owner of the w0rm.ws forum. It is unclear if Nikolai is the real owner of the forum but the deface page has personal details about him. That includes his date of birth, father’s name, mother’s name, nationality, residence permit and his operating system.Hell is a darknet hacking forum which was hacked last year but surfaced back on the Internet earlier this year. However, when it comes to the leaked data we requested the data mining company Hacked-DB for a scan and here’s an in-depth data analysis.
Leaked data
In total, the entire website data including files, databases, exploits kits, user data including accounts, passwords, history, PMs, forum posts and other sensitive data has been leaked.
The hackers leaked forum’s database in a zip and SQL files. The very first file available for download is ekit.sql which contains information client-side exploits and details about exploits with Common Vulnerabilities and Exposures (CVE) in text only from. The same file is also a database for Hunter exploit kit. Furthermore, there are few links to third party exploit files.
Exploit Hunter kit
The second file in the database is ”hunter_ek.tar.7z” which is actually a full exploit folder of the targeted forum. It contains important information about the database – showing that the forum successfully created exploits for high-profile software including Adobe Flash player, Internet Explorer, Microsoft Office and PowerPoint.


Apple Users Targeted with iCloud Phishing Scam

Apple Users Targeted with iCloud Phishing Scam

        Recently IT security researcher Mehrdad noticed Apple users reporting that they couldn’t access their iCloud accounts. He then did some social engineering but didn’t find anything until one of his clients mentioned that they had received an email from Apple several days ago. It claimed his iCloud account has been blocked and asking them to click on a link in the email.
Upon looking at the email, it seemed legit but after tracing header of the email he discovered two things:
1. The email wasn’t sent from apple
2. The link in the email body doesn’t belong to the official website of iCloud and redirect to somewhere else!

apple-icloud-phishing-attack
Screenshot from the email sent by cyber criminals
➢ Sender: AppIe+iWT2XUJ@relay.skynet.be
➢ URL: www (dot) cityjoinery (dot)com/iCloud

apple-icloud-phishing-attack-3
Chrome already detected the site hosting phishing scam
This is an old trick which you may already know as “phishing” but even today it’s a growing threat and one of the most successful ways to steal someone’s data. Here is another email that Mehrdad found encouraging users to confirm that they had made a purchase from Apple