Tag Archives: security

Howdy ya’ll! Greetings From Austin, Texas…

What are we doing in the Lone Star State, you ask? Well, we’re excited to officially announce the opening of our newest 10Fold office! That’s right, we’ve expanded our footprint (or cowboy boot print, we should say) beyond California to Austin, where you can find us located in the heart of downtown at the corner of 6th Street and Congress Avenue, just steps from the Texas State Capitol (map here).

There are many things that attracted us to Austin, primarily the booming local tech scene, coupled with an extremely talented pool of PR professionals. Oh, and of course the amazing BBQ, craft beers, incredible live music, endless sunshine, beautiful Texas wildflowers, etc. are all added bonuses!

We invite you to keep an eye on our blog, as our Austin team will be sharing updates regularly on the agency’s growth, local market trends, the latest hotspots, etc.

We could not be more enthused about the prospect of Austin. If you’re a University of Texas student looking for a summer or fall internship, a PR practicioner exploring your next career opportunity, or an emerging technology company in need of PR and marketing services, we’d love to have a conversation!

Feel free to reach out to us by visting our contact us page.

10Fold Reveals 10 Largest Breaches of 2016

Nearly Three Billion Personal Records Breached Around the World

SAN FRANCISCO, CA–(Marketwired – Jan 19, 2017) – 10Fold, a full-service B2B technology public relations agency with a specialization in cybersecurity, today announced that in 2016, more than 2.8 billion personal records were breached on social and file-sharing platforms, email providers and government databases around the world. In its second annual year-in-review, 10Fold analyzed the largest data breaches of 2016, then ranked the top 10 from greatest to least.

“If 2015 was the year of the healthcare data breach — breaches impacted nearly 40 million people — then 2016 was the year of the social media breach. Four of the top 10 breaches were social media related and impacted more than 640 million people,” said Angela Griffo, vice president of the cybersecurity practice at 10Fold. “But the biggest surprise of the year was Yahoo revealing that the information of more than 1.5 billion people had been stolen by attackers. Regardless of an attacker’s motive, any compromised information leaves users susceptible to identity theft and fraud.”

News reports about the 10 largest data breaches discovered in 2016, which are listed below, indicated that each attack affected 49 million users or more. 10Fold selected these data breaches based on independent research collected throughout 2016 and cross-referenced the information with third-party resources, including ID Theft Resource Center and Information is beautiful.

10 Largest Data Breaches of 2016:

1. Yahoo: 1.5 Billion Users — The Yahoo data breach is possibly the largest email provider data breach in history. When Yahoo first confirmed the breach in September 2016, the company revealed the breach impacted 500 million user accounts. The stolen account information included names, dates of birth, telephone numbers, passwords, and security questions and answers. In December, the company revealed an additional one billion users had been affected by the breach, bringing the grand total of affected users to 1.5 billion.

2. FriendFinder Network: 412 Million Users — In October, a number of sites in the FriendFinder Network were hacked, resulting in a data breach that affected 412 million users. According to LeakedSource, the sites affected included Adult Friend Finder, Cams and Penthouse. The breached data encompassed 20 years of user information and included user names, emails, passwords, joining dates and the date last visited. A significant amount of the user information released was the stored data of users who had previously attempted to delete their accounts. Of the total records breached and released, 15 million came from deleted accounts.

3. Myspace: 360 Million Users — In May, the prolific cyberhacker Peace sold the data of 360 million Myspace users. Released user information included names, passwords and secondary passwords. According to Time Inc., the information was from an older 2013 Myspace platform. Only those profiles that existed prior to the site’s relaunch were affected. The new site now includes stronger user account security.

4. LinkedIn: 117 Million Users — In May, it was announced that cyberhacker Peace had sold 117 million emails and encrypted passwords on the dark web for roughly $2,200.

5. VK Russia: More than 100 Million Users — In June 2016, it was reported that hacker Peace was selling the data of 100 million VK users for roughly $570. The information released contained usernames, emails, unencrypted passwords, locations and phone numbers. What’s more, the original hack occurred between 2011 to 2013.

6. Dailymotion: 87.6 Million Users — In October 2016, France-based video sharing site Dailymotion reports indicated that hackers released the usernames and emails of 87.6 million users. According to the Dailymotion blog post, the breach was due to an external security problem. While the company claimed the hack was limited — roughly 18.3 million user accounts were associated with encrypted passwords — all partners and users were still advised to reset their passwords for safekeeping. Dailymotion is the 113th most-visited website in the world.

7. Tumblr: 65 Million Users — In May, 65 million Tumblr accounts were found for sale on the dark web. A cyberhacker using the alias Peace sold the data for $150. According to security researcher Troy Hunt, the data contained email and password information.

8. DropBox: More than 60 Million Users — In August 2016, Dropbox announced that it had reset the passwords of more than 60 million users after the company discovered that an old set of Dropbox user credentials was taken. While the company suspects that the records were originally obtained in 2012, the breach was not discovered and users were not notified until 2016. The released information contained usernames and encrypted passwords. It has been reported that a senior Dropbox employee verified the released data is legitimate.

9. Philippines’ Commission on Elections: 55 Million Voters — On March 27, a hacker group posted the entire database of the Philippines’ Commission on Elections (COMELEC) online. The attackers also shared three links where the information of 55 million registered voters in the Philippines could be downloaded. The distributed data included email addresses, passport numbers and expiration dates, and fingerprint records — information that cannot be replaced or reset. Various reports suggest this breach is the biggest government-related data breach in history.

10. Turkish Citizenship Database: 49.6 Million Citizens — In April 2016, the entire Turkish citizenship database was hacked. Attackers released the personal information of 49.6 million citizens. The information released included details that are found on a standard Turkey identification card, including national identifier, name, parents’ names, gender, birthdate, city of birth and full address. According to reports, hackers validated the data by publishing details of Turkey’s president and former prime minister Recep Tayyip Erdogan. It’s suspected that the hack was politically motivated, based on the following statement found in the released database: “Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?”

Visit 10Fold at Security Never Sleeps During RSA
This year 10Fold is hosting its seventh annual Security Never Sleeps luncheon at RSA, which features a moderated panel discussion and audience Q&A with the cybersecurity industry’s leading executives, media and analysts. The event takes place on Wednesday, February 15 from 11:30 a.m. to 1:30 p.m. PST. Interested in attending this – Invitation Only – event ? Please send an email to: events@10fold.com and we’ll contact you to discuss your potential participation.

About 10Fold
10Fold is a leading North American public relations firm with regional offices in San Francisco, Pleasanton and Capistrano Beach, California. As a privately owned company founded in 1995, 10Fold provides strategic communications and content expertise to B2B organizations that specialize in networking, IT security, cloud, storage, Big Data, enterprise software, AppDev solutions, wireless, and telecom. The award-winning, highly-specialized account teams consist of multi-year public relations veterans, broadcasters and former journalists. 10Fold is a full-service firm that is widely known for its media and analyst relations, original content development, corporate messaging, social media and video production capabilities (through its division ProMotion Studios). For more information, visit www.10fold.com or follow us on Twitter (@10FoldComms) and Facebook (www.facebook.com/10FoldComms).

Network Breaches Are No Match for Veriflow

Based in San Jose, California, Veriflow provides a preventative solution for network administrators who worry about security vulnerabilities from change induced errors. The practical application of this service allows for network administrators who may not be knowledgeable in certain technologies to easily monitor changes in the network. Where Veriflow differs from its peers is the basis of its design; a mathematical formula called formal verification, which continuously evaluates changes and ensures they won’t bring harm to the network.

President and CEO James Brear is a proven industry executive with an impressive history of success. Annual revenues under James rose consistently with his leadership at Procera Networks, totaling nearly 1110% in total growth from the start of his tenure and gathering several awards. This led to the successful acquisition of the firm by Francisco Partners for $240M in 2015. Co-Founder Brighten Godfrey leads the technical research and development for the firm. He holds a Ph.D in computer science and is an expert in mathematical formal verification, which checks the validity of code as it is written.

Veriflow has been awarded several accolades for its unique services, including Innovation Challenge Winner and a silver medal from the Network Products Guide. The firm has also been able to attract investments from the Department of Defense, Menlo Venture Capital, and NEA Technologies.

For more information about Veriflow and their services browse through coverage 10Fold has helped them acquire here and here, and watch how Veriflow’s products work here:

PLUMgrid and Secure Cloud Infrastructure

Headquartered in Silicon Valley, PLUMgrid creates secure cloud infrastructure for both private and public spheres. Company leadership is headed by industry veteran Larry Lang, the former CEO and president of QuoromLabs, which provides a ‘disaster recovery’ service for cloud based services. Lang oversaw serious revenue generation for the firm, proving his highly capable leadership.

PLUMgrid holds an impressive catalogue of partners for its groundbreaking software, including Red Hat, Docker, and Rackspace. Along with these associates come many awards for the innovative and unique services they provide. Among them being The 10 Coolest Networking Startups of 2015, 2016 Virtualization 50 and 20 Most Promising OpenStack Solution Providers 2015.

Find recent press coverage 10Fold has acquired for PLUMgrid here and here, and learn more about the services they provide in this video:

10Fold- Security Never Sleeps- 104

Following Snowden’s Legacy, Contractor Accused of Stealing NSA Files

“Political motivations still unknown”

Stock prices of NSA contractor Booz Allen Hamilton took a nosedive Friday as reports of one of its contractors leaked that a former employee had been charged with two felony accounts of theft of government property and unauthorized removal of classified documents by the Department of Justice. The accused, Harold Martin Thomas III, faces up to 11 years in jail for his alleged crimes. Booz Allen also bears the weight of the formerly employing the highly controversial Edward Snowden, whose leaks to the public in 2013 revealed a mass United States surveillance program.

Expose Retaliation for BuzzFeed

“Retaliation for defamation articles against hacker group OurMine”

Interactive media site BuzzFeed was compromised Thursday by hacker group OurMine, bringing down articles and deleting information related to their members. The massive cyberattack came after BuzzFeed published stories that OurMine, which focuses primarily on the digital accounts of tech CEO’s, venture capitalists and celebrities, may be a lone Saudi Arabian teenager.

Mac Malware Monitor Your Webcam, Microphone

“New malware can penetrate even airtight Mac devices”

Malicious software that targets user’s microphone and webcam access is nothing knew, the NSA and cybercriminals alike have had programs for years that are capable of such feats. However, Mac devices have largely been a different, due primarily to the hardwired light indicating that webcams or microphones are active allowing users to notice their activation. This perceived safety may no longer be the case, according to researcher Patrick Wardle, His team’s analysis at Synack has examined several examples of malware being able to monitor microphone and webcam feeds without activating this light.

eCommerce Sites Lose Customer Data to Web Malware

“MageCart responsible for several incidents”

Cybercriminal campaign ‘MageCart’ has been the culprit of several hacking events involved with the loss of customer data and other sensitive information. MageCart has been active since at least March of this year, targeting other sites such as Powerfront and OpenCart.

10Fold- Security Never Sleeps- 104

Following Snowden’s Legacy, Booz Allen Contractor Charged with File Theft

“Could face up to 11 years in prison”

Former Booz Allen Hamilton employee Harold Thomas Martin III is accused by the Department of Justice of theft of government property and unauthorized removal of classified documents. Stock of the NSA contractor firm took a dip as the news broke. This further scars the company’s reputation that is already bearing the weight of the Edward Snowden revelations of 2013, bringing to light the mass United States government surveillance program that proved very controversial to the public. Whether the intentions of Martin are political is yet to be seen.

Expose Retaliation Hits BuzzFeed

“Hacking group targets interactive media site”

Hacking group OurMine seems to have targeted BuzzFeed, odd considering the group often sets its sights on digital accounts of CEO’s, venture capitalists, and celebrities. The attack on BuzzFeed focused on manipulating the text or completely deleting certain articles related to the groups reputation, in which the website exposed that OurMine may be a solo hacker teenager from Saudi Arabia.

New Malware Can Monitor Webcam, Microphone

“New piggyback virus can access software”

Malware used for covert surveillance is far from new. The NSA has several programs that can monitor voice or video without the notice of a laptops user. However this is not the case with Apple products, as they have a hardwired indicator that notifies the user when the webcam is on. Now this may no longer be the case. Researcher Patrick Wardle explains that a new piggyback virus is able to access webcam and speaker functions without any notification to the user.

eCommerce Malware Stealing Card Data

“Powerfront, OpenCart among affected”

Researchers are monitoring a cybercriminal campaign that have been plaguing several eCommerce sites since at least March of this year. Dubbed ‘Magecart’ by RiskIQ, the malicious software attacks the payment sources of the internet commerce sites, stealing customer personal information and card data.

10Fold- Security Never Sleeps- 103

Hack Claims from Guccifer 2.0 Denounced by Clinton Foundation

“Widely believed to be political in motivation”

Guccifer 2.0, the hacker who claims responsibility for the Democratic National Committee leaks that aimed to expose corruption within its ranks, claims to have breached the servers of the Clinton Foundation and attained documents that could be damaging to Hillary Clinton’s presidential campaign, despite denial from the Clinton Foundation itself. The hacker posted screenshots of spreadsheets online, claiming that they were documents from the institution and that: ‘… her staff don’t even bother about the information security.”

The political motivations of the cyber-attack remain obvious, as the hacker made clear favorable reference to Julian Assange, founder of WikiLeaks and outspoken opponent of Hillary Clinton.

Report Claims that Email Provider Yahoo Assisted in Spying on U.S. Citizens

“Raises questions of why Yahoo did not fight the order”

A program developed by Yahoo Inc. last year reportedly allows the U.S. Federal government to search through email databases for certain phrases. Anonymous former employees narrowed government agencies involved to either or both the National Security Agency or the Federal Bureau of Intelligence.

The news is surprising, given the typical resistance to government mandates to enter customer accounts that tech firms generally uphold. However, Yahoo not only complied with the order, but dedicated its own resources and staff to assist with the operation.

TalkTalk fined £400K for mistakes that led to 2015 hack

“Actions first taken to clear its reputation of highly hacked service”

After the personal data theft of over 155,000 customers Telecom firm TalkTalk has been fined £400,000 for its security vulnerabilities in 2015. Well over 15,000 of those affected had bank information stolen and suffered serious ramifications for what Information Commissioner Elizabeth Dunham reported that even the most basic of security measures failed to be acted upon and “…(the company) could have done more to safeguard its customer information.”

Malware Infested-Ads Plaguing Spotify

“Free version of service seems to open malicious sites”

Malware seems to have worked its way into the Spotify servers and is continuously serving itself to the users who use the Spotify free product to stream music. The ads have been reported to open infected sites, causing potential harm to those that travel to them.

 

 

10Fold- Security Never Sleeps- 102

J&J Warns Hackers Can Infiltrate Insulin Pump

“Caution advised to patients as cyber vulnerabilities seem possible”

The insulin pumps in question retain a malfunction that could allow hackers to breach its defenses, causing an overdose of insulin. This news breaks while medical security remains of high concern following a series of stories that particular pacemakers and defibrillators exhibited bugs that may signal security vulnerabilities of their own.

Johnson &Johnson describes the potential risk as low as there have been no reported hacking attempts thus far, but is advising patients that there may be certain security flaws they could be subjected to and sharing advice on potential fixes for the issue.

Default Password Danger Shown with Massive Botnet Attack

“IoT devices used to target victims”

Weak default usernames and passwords assigned to internet connected devices seemed to be the target of the Mirai botnet that was responsible for the massive DDoS attack. In contrast to other botnets, this program employs IoT gadgets to select and attack its targets.

This same platform was used to bring down Security reporter Brian Krebs website with another massive DDoS cyber-attack, searching through devices with a list of easily guessable passwords such as ‘12345’ and ‘admin.’

“Zero-day” EMC Console Management Flaws

“Would allow attacker to end malicious programs”

Dell’s vApp manager for Unisphere for VMAX was revealed to have five zero day vulnerabilities, announced by digital security consultants Digital Defense. The web application is used to manage all of EMC’s storage platform, and vulnerabilities breached would allow hackers to send Adobe Flash Action Message Format messages from the server running the program.

Attackers may be able to completely shut down or gain total control of the storage platforms, providing grave cause for concern. EMC has patches available through security advisories on these potential breaches available to Dell EMC customers.

 

 

10fold- Security Never Sleeps- 101

Nearly Half of State Voter Registrations Attacked by Russian Hackers

“Four were cracked, leaving speculation on security of upcoming election”

As we covered in our last installment, cyber security threats from the Russians have been on the rise in this year’s voting season. We can see now that these fears may have some legitimacy, as Russian hackers were successfully able to enter several voter registration systems in the U.S.

James Comey, Director of the FBI released in his statement that “There’s no doubt that some bad actors have been poking around.” Among those attempted to be breached were what many political analysts consider to be this year’s electoral ‘swing states’, including Arizona and Illinois.

GAO Claims Issue at FDA Cybersecurity Systems

“Confidential health data potentially at risk”

Security firewalls and 80 other weaknesses were found in the Food and Drug Administration’s computer programs. This lack of proper security would allow hackers to breach confidential health information. The information was made public after the GAO, the Government Accountability Office, made 15 instructional changes to beef up security measures after an extensive audit undertaken to strengthen government agencies from potential cyber attacks.

Ransomware Spread Increases

“Weak desktop credentials biggest point of most common point of contact”

Stolen credentials for widespread remote administration application TeamViewer has been largely used to insert ransomware software ‘Surprise’, according to a research team in March. The number of attacks have increased significantly of late, adopted by more highly effective cybercriminals noting its success from their lesser-known counterparts.

The cyberattacks began long before the TeamViewer insertion via RPD servers, but started as crude password generator attacks. This recent development allows criminals to be far more effective in their theft and hacking techniques.

Tofsee Malware Now Distributed Via Spam

“Experts believe the new method is more profitable for hackers”

While malware program Tofsee has been around since 2013, its current spam distribution method is fairly new. The RIG exploit kit that recently oversaw the spread of the malware has stopped circulating, leaving spammers to employ their bots to pick up the slack. Cybercriminals often use Tofsee to engage in , including click fraud, cryptocurrency mining, DDoS attacks and sending spam.

 

10Fold – Security Never Sleeps – 98

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Researchers have encountered a denial-of-service botnet that’s made up of more than 25,000 Internet-connected closed circuit TV devices. Scammers are spreading JavaScript malware disguised as a Facebook comment tag notification. The Threat Group 4127 that hit the Democratic National Committee also went after 1,800 other targets with info interesting to Russian government, says SecureWorks. The whitehats from Kaspersky Lab provided a free tool that allowed victims to decrypt their precious data without paying the ransom, which typically reaches $500 or more.

Large botnet of CCTV devices knock the snot out of jewelry website – Publication: Ars Techinca – Reporter name: Dan Goodin

The unnamed site was choking on an assault that delivered almost 35,000 HTTP requests per second, making it unreachable to legitimate users. When Sucuri used a network addressing and routing system known as Anycast to neutralize the attack, the assailants increased the number of HTTP requests to 50,000 per second. The DDoS attack continued for days, causing the Sucuri researchers to become curious about the origins of the attack. They soon discovered the individual devices carrying out the attack were CCTV boxes that were connected to more than 25,500 different IP addresses. The IP addresses were located in no fewer than 105 countries around the world.


Facebook comment tag malware scam targets Chrome users – Publication: SC Magazine – Reporter name: Robert Able

A user will receive a notification in their app and/or in their email about a friend tagging them in a comment and, upon clicking the link, malware is downloaded to their device, according to Hackread. Currently the malware is only targeting Chrome and one analyst on the network question and answer site Stack Exchange said the file is a typical obfuscated JavaScript malware, which targets the Windows Script Host to download the rest of the payload.


Google Accounts Of US Military, Journalists Targeted By Russian Attack Group – Publication: Dark Reading- Reporter name: Sara Peters

A Russian attack group used the Bitly URL-shortener to disguise malicious links in order to carry out spearphishing campaigns not only against the Democratic National Committee, but also against some 1,800 Google accounts of US military and government personnel and others.


New and improved CryptXXX ransomware rakes in $45,000 in 3 weeks – Publication: Ars Technica- Reporter name: Dan Goodin

Earlier this month, the developers released a new CryptXXX variant that to date still has no decryptor available. Between June 4 and June 21, according to a blog post published Monday by security firm SentinelOne, the Bitcoin address associated with the new version had received 70 bitcoins, which at current prices is valued at around $45,228. The figure doesn’t include revenue generated from previous campaigns.