The same team that hacked the Tesla
Model S also found a weakness to exploit in the Google Pixel at a South
Korean hacking competition.
Qihoo 360 was awarded a $120,000 bounty from Google, who now is working on beefing up Pixel's security.
As we continue to become a more connected society, the
importance of cybersecurity is growing. That’s why companies like Google
welcome good-guy hackers to help find holes in their systems or
products, such as the Google Pixel. In fact, a Chinese hacking team
found a weakness in the smartphone and exploited it in under a minute.
The team, called Qihoo 360, was participating in PwnFest,
a hacking contest and security conference in South Korea. Qihoo 360
remotely accessed the Pixel to send hack codes that launched Chrome and
displayed a web page reading “Pwned By 360 Alpha Team.” The team was
awarded a $120,000 bounty from Google, who now is working on beefing up
Pixel’s security. Credit: The Register
In the wrong hands, such a hack could compromise a user’s personal data, which criminals can use maliciously.
Two years ago, Qihoo 360 performed a similar hack on a Tesla Model S,
where they were able to remotely control the locks, open the sunroof,
and interfere with the traction controls and charging system.
These hacks demonstrate how vulnerable our technology can be.
Internet safety is getting trickier, and more support needs to be placed
toward cybersecurity measures. Hopefully, these hackers stay on our
side.
Before most Americans woke up last Wednesday and learned Donald
Trump had won the presidential election, hackers linked to Russian
intelligence had already launched a sweeping cyberespionage campaign to
find out what his victory meant for Vladimir Putin's government.
Russia has always placed a top priority on
vacuuming up whatever intelligence it can about a new American president
and their top advisors and plans, to gain strategic advantage, Sean
Kanuck, the nation's first National Intelligence Officer for Cyber
Issues from 2011 to 2016 told NBC News.
"And especially after the largest electoral
upset in recent American history, it would be all the more important to
collect as much information as possible on the new administration and
its probable policies," said Kanuck, now an affiliate with the Center
for International Security and Cooperation at Stanford University.
Russian hackers didn't stop working after the election. Oliver Nicolaas Ponder / Getty Images/EyeEm
As Team Trump ramps up the transition and then
takes over the levers of power, Kanuck said, "I would expect it will
only increase against all of his close confidants and advisors."
The Nov. 9 attack especially targeted "people
who are or will be associated with the incoming administration,"
according to Steven Adair, founder of Volexity, the cyber security firm
that first disclosed the campaign.
Cybersecurity experts and current and former
U.S. officials said they would have been surprised only if they did not
see an aggressive post-election intel-gathering campaign by Russia."I
assume the need for intelligence is greater than normal right now.
Nobody knows what's going to be, what's going to happen," under Trump,
said John Hultquist, director of cyberespionage analysis at the security
firm iSIGHT Partners.
The attack came from the hacking crew known as
Cozy Bear that U.S. officials have linked to earlier attacks on the
Democratic National Committee, the White House, State Department and
Joint Chiefs of Staff.
What's noteworthy, some said, was how quickly
and aggressively the Russian-linked group is moving, especially when the
new president-elect is the candidate Putin favored during the campaign.
Even though Trump and Putin have expressed support for improved
U.S.-Russia relations, via his win Trump has suddenly become an opponent
for a Russian president who views the U.S. as not just a competitor but
in many ways as an enemy, experts said. As such, aggressive collection
of intelligence on the Trump transition effort would be part of Putin's
playbook, in terms of how the former KGB intelligence officer seeks to
gain leverage over his opponents, said Shawn Henry, a former top FBI
cybersecurity official who is now at the CrowdStrike security firm.
"They are interested in anything that is going
to demonstrate and dictate the direction that the U.S. is going,"
including key players and policies, said Henry, whose security firm has
tracked Cozy Bear for several years.
"It is a whole-cloth collection across the U.S.
and how they can use that information in negotiations," Henry told NBC
News. "If you know the answer before the test you are in a stronger
position."
Two targets come forward
Cozy Bear's flurry of activity on the morning of
Nov. 9 targeted think tanks, non-governmental-organizations and
university researchers, said Adair. Most of those targeted had ties to
the national security, defense, international affairs, public policy,
and European and Asian studies realms, according to Adair and other
experts at cybersecurity firms that track the Russian hackers.
"Before 9 a.m., we started seeing it," said
Adair. "What are they after? We can't say with certainty. But one of the
goals is to gain early access to the people who will have influence
over where things are going, and to increase their foothold in
organizations that are already playing, or will continue to play, a role
in what happens next."
Adair told NBC News that the campaign especially targeted "people
who are or will be associated with the incoming administration" or with
those in Congress and other places who will be working with them. Also
targeted: those with subject matter expertise in public policy matters
that have suddenly risen in importance now that a Republican
administration is taking over, he said.
"They want an early view of what happens," Adair said, "before it becomes policy or law." Related: The Trail of Russian Hackers
Adair said the hacking campaign used
sophisticated spearphishing techniques to send emails to hundreds of
people that look so legitimate that they won't hesitate to click on
links that are included, or to download files. That installs malware on
their system and enables the hackers to get their emails and files and
to move on to others they communicate with.
Two of the five separate "attack waves" included
purported messages forwarded on from the Clinton Foundation giving
insight and postmortem election analysis, a Volexity web report said.
So far, at least two targets have come forward.
Maeve Whelan-Wuest of the Brookings Institution and Adam Segal of the
Council on Foreign Relations tweeted that they received suspect emails.
Neither are Russia experts, but Segal directs the council's Digital and
Cyberspace Policy Program. And since both think tanks are prominent and
focus on U.S.-Russia relations, it's likely the hackers targeted
non-Russia experts who might be less suspicious of emails as a way of
gaining access to the entire roster of experts and their contacts, one
former senior U.S. intelligence official told NBC News.
The former intelligence official said the spearphishing campaign was
also timed to maximize its chances of success: "People were in such a
frenzy about the coming political change that their hesitation in
opening an email or attachment would probably be greatly reduced."
Adair said the speed and intensity of the
campaign suggests the hackers were planning their cyberattack no matter
which candidate had won, but that they appear to have tailored the
specifics to focus on people who were suddenly more important in a
future Trump administration.
The big question is whether Russia will continue
to use information it steals through cyberespionage to meddle in U.S.
political affairs. How Worried Should We Be About Russian Hackers?
Many experts bet yes, and say Putin often
undermines foreign leaders by leaking enough true information to show
that Russia has stolen their secrets, and then releasing manipulated or
completely fabricated material that creates huge problems for them.
"They could quote Trump or his advisors saying
things that they didn't say, to create added instability and
uncertainty," Kanuck said. "Countries like Russia have a long history of
influence operations and information confrontation. We should expect
that to continue in the digital media space."
A teenager has pleaded guilty to charges relating to
illegal computer hacking against the telecoms firm TalkTalk last year
A 17-year-old boy
has admitted hacking offences linked to a data breach at the
communications firm TalkTalk, claiming he was "just showing off" to
friends.
Norwich Youth Court was told he had used hacking tool software to identify vulnerabilities on target websites.
The data haul netted email addresses, names and phone numbers, as well as 21,000 unique bank account numbers and sort codes.
The boy pleaded guilty to seven charges and will be sentenced next month.
'I have grown up'
The cyber attack on the company in October 2015 prompted fears thousands of people may have had their online details stolen.
The boy told magistrates: "I didn't think of the consequences at the time. I was just showing off to my mates."
"It was a passion, not any more. I won't let it happen again. I have grown up," he added.
His
solicitor Chris Brown said he had played a small part in the scam,
adding his behaviour had been that of an immature 16-year-old.
The charges against the boy also included attacks on other websites, including the universities of Manchester and Cambridge.
The
boy will be sentenced for breaches under the Computer Misuse Act on 13
December. The magistrate said although further reports were needed,
they were minded to spare the teenager jail.
Six other people were arrested in connection with the attack.
'Relentless focus'
TalkTalk was fined a record £400,000 last month for security failings which allowed customers' data to be accessed "with ease".
The attack was branded a "car crash" by former information commissioner, Christopher Graham.
The company claimed the hack cost the firm £42m but has since reported a surge in half-year profits.
It
said it also lost 98,000 broadband customers in the first half of the
year, though this was largely offset by 69,000 new customers signing up.
Dido
Harding, chief executive of TalkTalk, said: "One year on we have
maintained a relentless focus on looking after our existing customers
and keeping up the pace across a wide range of operational
improvements."
Free public WiFi is an easy way to
access internet. And you don't have to pay anything. Except may be with
your data, that is if you are not cautious. Although the free internet
access points are a boon, especially to those who often have to travel,
using them is also fraught with risk.
The freely downloadable
"sniffing" software has made it easy for anyone to be able to hack into
someone's WiFi session and see what they're surfing. These software
tools are actually meant for IT administrators to troubleshoot network
problems. But like everything, they can be used for good or for evil.
So what do you do? Well, keep on surfing internet through free Wi-Fi but just follow these 5 safety tips:
Prefer
HTTPS encrypted sites: Let's say you're grabbing lunch at your
favourite cafe, waiting for your order to arrive. You pull out your
tablet and begin browsing some news sites over the cafe's wifi to catch
up on the latest headlines. Unbeknownst to you, that guy in the corner
is snooping on your traffic and can see everything you're seeing. If the
sites you're surfing are not https-encrypted, the guy in the corner
will be able to see everything you're seeing. And the majority of sites
still aren't - out of the top 100 most popular sites, only 25 use
encryption by default. Sites with HTTPS encryption is more private and
can be kept as confidential. So when on free Wi-Fi stick to HTTPS
websites.
Watch out for that hotspot: Beware of those
unknown and strangely named WiFi connections showing up in your phone
list. With small hardware investment, a hacker or cyber criminal can set
up his own rogue WiFi hotspot that appears legitimate. If you use it,
he can not only see what you're seeing, he can also jump in and alter
what you're seeing. So you think you're logging into Gmail, but you're
actually logging into his spoofed Gmail page - and now he has your
credentials. This is known as a man-in-the-middle attack, and you can
see some fun examples of it being done in this video where three
politicians were hacked. This kind of attack is more complicated, but it
can still be picked up pretty quickly in online tutorials.
Use
VPN: VPN stands for Virtual Private Network. It creates a secure
connection so that your public WiFi connection will be protected from
snoops. Even with their sniffing tools, all they'll be able to see is
encrypted gobbledygook.
Turn off your WiFi when not
in use: With WiFi switched on in your phone, tablet or laptop, your
phone's terminal is open even if you have not connected it to any access
point. Though the risk factor is not huge in this case but any hacker
can try to access your phone through bogus router. Also keeping your
WiFi off when not in use saves your phone's battery.
Say
no to silly and repeated passwords: Having one passwords for multiple
accounts is the silliest thing you can do to put your phone security at
risk. In case a hacker manages to procure that one particular password,
you very well know the repercussions of it. He/she can get an access to
several accounts of yours. So always choose strong and unique passwords.
Which of the world's 7.5 billion people
really clicked 'Send'? Anonymous email is a devastatingly effective
delivery system for malware and the time has come to leave the 1970s
behind and move on to a 21st century messaging standard.
Welcome to Enemy at the Gates!
This inaugural
post and those that follow will use real-world and hypothetical
cybercrime, cyber-espionage, and cyber-terrorism examples to
comprehensively explore this question:
If enterprises want to understand how they can better invest in security defenses, build the necessary Read Now
What is the true real-world identity of the
living, breathing human being standing at the intranet or internet gate
and is that living, breathing human being an enemy or a friend?
The
goals are to offer the reader different ways of thinking about how
vulnerabilities are exploited by criminal, nation-state, and terrorist
hackers and, more importantly, suggest paths forward to effective
solutions.
Through
many years of studying the cyber identity problem, I’ve noticed that
cybersecurity discussions often focus on identity verification
technologies and techniques in a context disconnected from the living,
breathing human being standing behind passwords, multi-factor
authentication procedures, and even biometric measures.
Most serious cyber breaches start with an anonymous
living, breathing bad actor sending a malware-laden email to a target
company employee. Just this month, the cybersecurity company Symantec
announced that a second group of hackers targeted banks that use the SWIFT global financial transfer system. The report suggests the attackers used phishing
emails containing malicious file attachments to deliver malware
payloads into their target banks’ computer networks. To illustrate the
seriousness of this incident, the first group of SWIFT hackers successfully stole $81 million from the Bangladesh Central Bank.
The
criminal hackers involved in the more recent attack may have used
simple email phishing where they had only general knowledge of the
banks’ operations or spearphishing where they may have used social
engineering techniques to gather specific information about bank
employees to design a very convincing email. Certainly the focus of
investigators is finding an answer to this question: “Which of the
world’s 7.5 billion living, breathing human beings really clicked ‘send’?”
We can protect your organisation from black hat hackers by doing a secure penetration testing Pls call 91-9042758135 , info@deiva.org
Email
is the cyber equivalent of a ballistic missile carrying a nuclear
warhead and is a devastatingly effective hacker tool. Consider that the
human being sending the email can be anyone operating from any location
with no authentication mechanism available to the email server receiving
the phishing or spearphishing email. The email technology in widespread
use does not, as part of the protocol, demand that senders identify
themselves in any context much less one in the real-world.
But
none of this is new. The vulnerabilities baked into conventional email
technology are well known. The amazing thing is that newer, more secure
messaging systems haven’t yet killed it off.
Setting
aside the question of why email is still around, we can conclude that
hackers will always have the advantage as long as 40+ year-old
conventional email technology remains in widespread use. The only
effective solution is to adopt a top-to-bottom replacement for
conventional email messaging. Critically, any such replacement must
comprehensively address the anonymity problem.
It will be
a very long and difficult process but the way forward is a focused,
coordinated effort involving government standards agencies,
legislatures, private companies, and cyber insurance providers.
Government standards agencies such as the National Institute of
Standards and Technology (NIST) should strongly promote security-focused
guidelines for email replacement technologies; legislatures can use tax
credits to encourage faster adoption of new messaging systems;
insurance companies can use cyber policy rates to further boost the
economic benefits of change.
Large
businesses may hold the key to quicker adoption of new messaging
technologies by using their size and economic influence to
incentivize supply chains to adopt secure messaging technologies for
business-to-business communication. Such action on the part of
coalitions of large businesses can accelerate the successful retirement
of SMTP email messaging throughout the broader economy since employees
will become familiar with messaging alternatives and begin to use them
when not at work. [ RELATED: How to craft a security awareness program that works ]
Pushback
from those who say this task is too difficult, expensive, or disruptive
must be challenged with the unarguable fact that current email
technology cannot be made secure and hackers are a very determined
species.
Until email replacements are widely adopted and
before focusing exclusively on the relative merits of anti-malware
systems and other technologies designed to deal with attacks after the
phishing email attachment is opened, security professionals should
always ask ‘Who are the living, breathing human beings sending emails to
my company’s employees? Are they friends or enemies at the gate?
A group of popular darknet hackers
going by the handle of Peace_of_Mind have hacked and defaced the
official website of w0rm.ws, an ‘invite only’ hacking and trading forum
that sells stolen data and exploits to buyers.
The
hackers left a deface page along with a brief message on the forum’s
homepage with personal details of a man named Sarpovu Nikolai alleged by
the hackers as the owner of the wOrm.ws forum. In other words, the
hackers have allegedly doxed the owner of the w0rm.ws forum. It is
unclear if Nikolai is the real owner of the forum but the deface page
has personal details about him. That includes his date of birth,
father’s name, mother’s name, nationality, residence permit and his
operating system.Hell is a darknet hacking forum which was hacked last year butsurfaced back on the Internet earlier this year. However, when it comes to the leaked data we requested the data mining company Hacked-DB for a scan and here’s an in-depth data analysis.
Leaked data
In
total, the entire website data including files, databases, exploits
kits, user data including accounts, passwords, history, PMs, forum posts
and other sensitive data has been leaked.
The
hackers leaked forum’s database in a zip and SQL files. The very first
file available for download is ekit.sql which contains information
client-side exploits and details about exploits with Common
Vulnerabilities and Exposures (CVE) in text only from. The same file is
also a database for Hunter exploit kit. Furthermore, there are few links to third party exploit files.
Exploit Hunter kit
The
second file in the database is ”hunter_ek.tar.7z” which is actually
a full exploit folder of the targeted forum. It contains important
information about the database – showing that the forum successfully
created exploits for high-profile software including Adobe Flash player,
Internet Explorer, Microsoft Office and PowerPoint.
Recently IT security researcher Mehrdad
noticed Apple users reporting that they couldn’t access their iCloud
accounts. He then did some social engineering but didn’t find anything
until one of his clients mentioned that they had received an email from Apple several days ago. It claimed his iCloud account has been blocked and asking them to click on a link in the email. Upon looking at the email, it seemed legit but after tracing header of the email he discovered two things: 1. The email wasn’t sent from apple 2. The link in the email body doesn’t belong to the official website of iCloud and redirect to somewhere else!
Screenshot from the email sent by cyber criminals➢ Sender: AppIe+iWT2XUJ@relay.skynet.be ➢ URL: www (dot) cityjoinery (dot)com/iCloud
Chrome already detected the site hosting phishing scamThis
is an old trick which you may already know as “phishing” but even today
it’s a growing threat and one of the most successful ways to steal
someone’s data. Here is another email that Mehrdad found encouraging
users to confirm that they had made a purchase from Apple
