Tag Archives: cyber attacks

10Fold- Security Never Sleeps- 119

Some Yahoo Employees Knew of Massive Hack in 2014

“Will create more concern in Verizon acquisition”

Yahoo has now admitted that many employees were aware of a state-sponsored hacking attempt that resulted in a critical breach of its network. Personal information from at least half a billion accounts, what is considered to be the largest in history, involved over 200 million usernames and passwords being stolen from users and customers.

Possible Health Data Breach From Employee Laptop

“MGA Home Healthcare notifies patients of possible personal information theft”

Potential data breaches may have occurred with a vendor downloading information in an unauthorized manner while servicing homes. Over 3,000 patient and employee information blocks may have possibly been compromised, left vulnerable in an employee’s vehicle. Law enforcement has been notified and released a statement; “has been conducting a thorough review of the potentially affected records to confirm what information was exposed.”

IoT Worm Can Hack Smart Devices, Prompts Concerns

“Chain reaction can create chain reaction in other devices as well”

A proof-of-concept worm developed by Eyal Ronen, Adi Shamir, and Achi-Or Weingarten of Weizmann Institute of Science, and Colin O’Flynn of Dalhousie that can create insecure web-connected chain reaction hacks is exploiting universal encryption keys over ZigBee networks. This is then capable of moving to other devices via other devices universal keys, able to spread exponentially in what is described as a city-wide basis.

Major Cloud Malware Infested Says Researchers

“Concerns over difficulty identify mount”

Many computer experts are saying that repositories are supplying malware to users, creating a serious epidemic for those using cloud based technologies. Hundreds of buckets have possibly been compromised, says Xiaojing Liao, a graduate student at Georgia Tech who is leading a study that is addressing possible solutions to the issue.

Trump Victory Sparks Fears Over U.S. Encryption, Surveillance Policy

“Donald Trump’s surprise win has brought fears of rights violations, security”

Civil Libertarians and technology companies have voiced serious concern over some of Trump’s potential policies that call for closing down certain parts of the internet to fight Islamic terrorism. Trump won the election Tuesday night, a victory unforeseen by much of the media. The new President-Elect has been a vocal opponent of tech companies being uncooperative with the government on unlocking their technologies to assist with terrorist investigations.

10Fold- Security Never Sleeps- 106

Clinton Aide Email Dump from WikiLeaks

“Messages to and from John Podesta released to public”

Despite accusations of Russian influence of the United States presidential elections, WikiLeaks has gone ahead. Over 2,000 emails from Hillary Clinton’s campaign chairman John Podesta have been made public, creating negative press and attacks from political opponents on the former Secretary of State’s campaign. Was released on Friday, the same day several U.S. intelligence agencies blamed Russia for email and election server hacks.

SWIFT Users Targeted by Hackers, Symantec warns

“Second hacking group attempts scams”

Symantec, a cyber-security group, has observed many recent attempts to steal from banks via fraudulent SWIFT messages. This same method had appropriated about $81 million dollars from the Bangladesh central bank in February of this year, constituting a very serious threat to financial security. Malware is used to infect customers and hide fraudulent requests for transfers. Chief Executive of SWIFT Gottfried Leibbrandt informed the public of three attacks and issued a warning that central banks are threatened consistently by such hacks.

Financial Sector Security Guidelines Set by G7

“Intended to protect from cyber-attacks”

A three-page document was released by the Group of seven industrial powers that outlined several concerns and security measures that regulators will begin to enforce on their financial sectors. The recommendations outline new cooperative measures that nations with share, including notification of breaches and basic standards that all firms must meet. The news comes in the wake of policymakers concerns over many high-level hacks plaguing the banking and financial sectors of developed markets.

Malware Abuses Windows Troubleshooting Platform

“Longtime malware infects many firms worldwide”

A malicious backdoor in operation since 2013 has been largely distrivuted through the Windows Troubleshooting Platform, as warned by Proofpoint researchers. ‘LatentBot,’ the name given to the software, was idientified earlier this year and allows cybercriminals to surveil, steal information and gain administration access remotely.

 

10Fold- Security Never Sleeps- 104

Following Snowden’s Legacy, Booz Allen Contractor Charged with File Theft

“Could face up to 11 years in prison”

Former Booz Allen Hamilton employee Harold Thomas Martin III is accused by the Department of Justice of theft of government property and unauthorized removal of classified documents. Stock of the NSA contractor firm took a dip as the news broke. This further scars the company’s reputation that is already bearing the weight of the Edward Snowden revelations of 2013, bringing to light the mass United States government surveillance program that proved very controversial to the public. Whether the intentions of Martin are political is yet to be seen.

Expose Retaliation Hits BuzzFeed

“Hacking group targets interactive media site”

Hacking group OurMine seems to have targeted BuzzFeed, odd considering the group often sets its sights on digital accounts of CEO’s, venture capitalists, and celebrities. The attack on BuzzFeed focused on manipulating the text or completely deleting certain articles related to the groups reputation, in which the website exposed that OurMine may be a solo hacker teenager from Saudi Arabia.

New Malware Can Monitor Webcam, Microphone

“New piggyback virus can access software”

Malware used for covert surveillance is far from new. The NSA has several programs that can monitor voice or video without the notice of a laptops user. However this is not the case with Apple products, as they have a hardwired indicator that notifies the user when the webcam is on. Now this may no longer be the case. Researcher Patrick Wardle explains that a new piggyback virus is able to access webcam and speaker functions without any notification to the user.

eCommerce Malware Stealing Card Data

“Powerfront, OpenCart among affected”

Researchers are monitoring a cybercriminal campaign that have been plaguing several eCommerce sites since at least March of this year. Dubbed ‘Magecart’ by RiskIQ, the malicious software attacks the payment sources of the internet commerce sites, stealing customer personal information and card data.