again

now browsing by tag

 
 

How do I get my wife to trust me again? | #facebookdating | #tinder | #pof | romancescams | #scams

How do I get my wife to trust me again? | #facebookdating | #tinder | #pof | Dating Scams 101 “)), n = v(f[r.size_id].split(“x”).map(function (e) {return Number(e);}), 2), i.width = […] View full post on National Cyber Security

#onlinedating | Love Island’s Curtis Pritchard admits he cannot face dating again following split from Maura Higgins | #bumble | #tinder | #pof | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

Curtis Pritchard admits that he cannot face dating again following his messy split from Maura Higgins.

The Love Islander, 24, has said that he is not looking for another relationship after he and his former co-star broke up in a series of blazing bust-ups and public rows.  

Speaking to The Sun about the split, Curtis said: ‘It hurt. I wasn’t ready for everyone to know we had split up — I wanted some time.

Candid: Curtis Pritchard admits that he cannot face dating again following his messy split from Maura Higgins

‘It was a shock to see that she had announced it on social media hours later.’ 

He insists that he is now content to remain single and will not be signing up to online dating platforms anytime soon.

The TV personality added: ‘I’m very old-fashioned. I don’t actually like talking to people over a mobile phone or laptop. I’m a very sociable person. I like to be with somebody and talk to them.’ 

Heartache: The Love Islander, 24, has said that he is not looking for another relationship after he and his former co-star broke up in a series of blazing bust-ups and public rows

Heartache: The Love Islander, 24, has said that he is not looking for another relationship after he and his former co-star broke up in a series of blazing bust-ups and public rows

But it comes after Maura herself said that she would consider going back onto Love Island because she ‘needs a man’.

The 29-year-old took to Instagram last month to discuss her love life with fans. 

She rubbished claims linking her to Dancing on Ice partner Alexander Demetriou after he separated from his wife of four years, Carlotta Edwards, last month.

Newly-single: But it comes after Maura, 29, said that she would consider going back onto Love Island because she 'needs a man'

Newly-single: But it comes after Maura, 29, said that she would consider going back onto Love Island because she ‘needs a man’

Maura said during the Q and A: ‘It doesn’t bother me. We’re in 2020 and a man and woman cannot just be friends…’ 

She then zoomed in on her face and said: ‘Pure sh*** you know.’

Maura also revealed that she has struggled with adjusting to fame since leaving the Love Island villa but assured fans that she is still single. 

Asked if she would ever return to Love Island, the Irish beauty replied: ‘Well, to be honest, I need a man. So maybe I’ll go back in next year, you never know.’ 

All over: Maura's revelation comes after Dancing On Ice star Alexander Demetriou  confirmed he has separated from wife Carlotta Edwards (pictured together last November)

All over: Maura’s revelation comes after Dancing On Ice star Alexander Demetriou  confirmed he has separated from wife Carlotta Edwards (pictured together last November)

Sad times: The reality star was asked by a fan if she's bothered by the speculation surrounding her and Alexander's relationship following the news he and his wife had split

Sad times: The reality star was asked by a fan if she’s bothered by the speculation surrounding her and Alexander’s relationship following the news he and his wife had split

Confirmation: The professional skater took to Instagram stories to confirm the news and revealed to his followers that it had been a 'tough time' for him

Confirmation: The professional skater took to Instagram stories to confirm the news and revealed to his followers that it had been a ‘tough time’ for him

Last month, Alexander, 28, took to Instagram stories to confirm he had split from Carlotta amid reports that he became ‘besotted’ with Love Island beauty Maura. 

In a statement posted on Instagram stories, Alexander said: ‘I’m sorry I have been quiet on social media recently but it’s been a tough time for me personally. 

‘Carlotta and I have separated. Although it saddens me that we can no longer be together, I feel this is best for both of us.

‘I’m looking forward to what the future will bring but in the meantime let’s all say home and stay safe.’

A friend of the former couple recently told their marriage troubles ‘came as a shock’, as they were so close before the last Dancing On Ice series. 

Heartache: Maura has been single since splitting from her Love Island beau Curtis Pritchard earlier this year

Heartache: Maura has been single since splitting from her Love Island beau Curtis Pritchard earlier this year 

Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post #onlinedating | Love Island’s Curtis Pritchard admits he cannot face dating again following split from Maura Higgins | #bumble | #tinder | #pof | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

Love Island’s Curtis Pritchard says he can’t face dating again after split from Maura Higgins following cheating claims | #tinder | #pof | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

CURTIS PRITCHARD has revealed he is not looking for another relationship after his split from Maura Higgins.

The pair dated for eight months after meeting on last summer’s Love Island, but split in March after a series of blazing rows and public ­bust-ups. There were also accusations of cheating.

Curtis Pritchard says he can’t face dating again after split with Maura Higgins following cheating claimsCredit: Getty – Contributor

Speaking about the break-up previously, Curtis said: “It hurt. I wasn’t ready for everyone to know we had split up — I wanted some time.

“It was a shock to see that she had announced it on social media hours later.”

Curtis is now content to remain single for the time being — and insists you will not find him on a dating app any time soon.

He added: “I’m very old-fashioned. I don’t actually like talking to people over a mobile phone or laptop. I’m a very sociable person. I like to be with somebody and talk to them.”

7

Maura Higgins proved popular with fans during her time in the villa and even landed herself a job on This MorningCredit: Ann Summers

When asked if he had signed up for dating apps such as Tinder, Curtis said: “No.” His older brother, who has been with girlfriend Abbie Quinnen, a fellow dancer, for two years, added: “He’s too lazy for that, honestly.”

The Pritchard brothers have revealed their “end goal” is to become a presenting duo to rival Ant and Dec.

And they are keeping their eyes firmly on that prize — with no distractions.

For dance pro AJ, quitting Strictly just weeks before the pandemic hit put a break on his ambitious career plans.

Curtis and Maura finished fourth place in the 2019 series of Love Island

7

Curtis and Maura finished fourth place in the 2019 series of Love IslandCredit: Rex Features

But dancer AJ Pritchard has no regrets — and no plans to ever go back
Speaking exclusively to The Sun, the 25-year-old, who made it to the latter stages of the BBC1 series last year with YouTube star Saffron Barker said: “I made a decision and I’m very happy with that decision.

“I felt like coming out on what was a complete high.

“That last year with Saffron was a fantastic year, and if you don’t move forward and keep striving for what is your end goal,  you won’t be able to make that jump.

“To wait another year just didn’t feel right for me. I won’t ever go back.”

AJ says that he is happy with his decision to quite Strictly and has no regrets

7

AJ says that he is happy with his decision to quite Strictly and has no regretsCredit: Getty – Contributor

AJ was the second big Strictly name to announce their departure this year, after Kevin Clifton quit the show in March.

In his four years there, AJ’s highest finish was fourth with Team GB gymnast Claudia Fragapane in 2016.

However, his most memorable series came the following year with singer Mollie King from The Saturdays, as the pair were rumoured to be getting close away from the dance floor.

TV chiefs are still trying to replace AJ and Kevin for the upcoming series, which is set to go ahead despite the complications from Covid-19.

The dancer says he will never go back to the show as he is ready to move on

7

The dancer says he will never go back to the show as he is ready to move on

AJ is backing plans for the show to return, but admits there will obviously be draw-backs.

He  says: “There are things you can do to still work with social distancing, whether that be dances like the Charleston or jive.

“You can create routines where you don’t have to be close together. I think the professional group numbers are the one thing that could fall short this year. Usually the professionals learn them as a group.”

And he joked: “You could replay all the numbers from the past few years — and then I’ll be back on the TV.”

‘WE WANT TO BE LIKE ANT & DEC’

In recent months, AJ and Curtis have got a taste of their dream jobs as a presenting duo with an appearance on the BBC’s Big Night In charity appeal for those affected by coronavirus.

But their ultimate aim is to bag a prime-time Saturday night variety show, such as Britain’s Got Talent, which AJ appeared on as a contestant in 2013 with dance partner Chloe Hewitt.

AJ said: “Our aim is to get roles on big shiny floor TV shows and to become a household name as presenters.

“We want to definitely get our own shows commissioned and be like Ant and Dec.

The brothers have big dreams of becoming TV regulars like Ant and Dec

7

The brothers have big dreams of becoming TV regulars like Ant and Dec

“My first TV appearance was on Britain’s Got Talent. Doing some presenting on a variety show like that would be an absolute dream for me.”

The boys were tight-lipped on whether they had been in any meetings to discuss their own series yet, but did confirm nothing had been commissioned.

Curtis added: “We would absolutely love to be presenters.

“BGT is a prestigious and incredible show so hosting something like that would be a bit of a dream come true.”

‘I NEVER WANTED TO BE LABELLED DYSLEXIC’

But with both boys suffering from dyslexia, reading autocues on live shows can be extremely difficult.

Instead, they have to learn their lines ahead of time.

AJ said: “Reading the full text and learning lines can be difficult with dyslexia.

“We do work that bit harder, but I think that TV producers see that and adapt to work with us.”

The pair hosted the BBC's Big Night In to help riase funds and fight Covid-19

7

The pair hosted the BBC’s Big Night In to help riase funds and fight Covid-19

The boys, who this month became ambassadors for the British Dyslexia Association, credit their dyslexia with making them creative people and for steering them towards dancing.

But they were not always pleased with being a bit different.Curtis said: “I never wanted to be labelled dyslexic for a couple of reasons.

“I was scared of it and I thought it was a bad thing —  that I’ve got a problem or something, when in reality I couldn’t have been more wrong because it moulded me into the person I am today.

“And really it’s actually made me more creative and expressive and more knowledgeable.” With their creativity and upbeat attitude, all the brothers need now is for the TV industry to come back to full strength after lockdown.

And they are confident it will.

AJ said: “We’re both in the same mindset to move forward with that career.

“But the entertainment side will bounce back because people need to be entertained and want to have fun.”

AJ & Curtis Pritchard get the nation dancing for the NHS

GOT a story? RING The Sun on 0207 782 4104 or WHATSAPP on 07423720250 or EMAIL exclusive@the-sun.co.uk

.  .  .  .  .  .  . .  .  .  .  .  .  .  .  .  .   .   .   .    .    .   .   .   .   .   .  .   .   .   .  .  .   .  .

Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post Love Island’s Curtis Pritchard says he can’t face dating again after split from Maura Higgins following cheating claims | #tinder | #pof | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Powerless Again: Etseri, Svaneti – Georgia Today on the Web

Source: National Cyber Security – Produced By Gregory Evans BLOG Do you KNOW what it’s like, dear reader, when the electricity goes off? Several times a month if you’re lucky, up to several times a day if not? You’re trying to run a guest house. It’s winter, and you’re not in Mestia or Ushguli, so […] View full post on AmIHackerProof.com

The FBI Wants Apple to Unlock iPhones Again

Source: National Cyber Security – Produced By Gregory Evans

After anxious days awaiting Iran’s response to the US assassination of Qasem Soleimani, the country sent missiles flying at two Iraqi military that housed US troops—who knew about it well in advance, thanks to an early warning system that dates back to the Cold War. In a rare reversal from the norm, Donald Trump followed up by using Twitter to defuse tensions rather than escalate them further. Iran’s still on a path to developing nuclear capabilities, but they won’t get there any time soon.

As far as anyone knows, Iran hasn’t countered the US directly with a cyberattack, but a new report shows that they’ve spent the last year probing US critical infrastructure. All of which is to say, let’s hope both parties stick with deescalation.

On the home front, Amazon swatted at money-saving extension Honey just in time for the holidays, warning users that it was a security risk without specifying how. Google welcomed alleged spy app ToTok back into the Google Pay Store, while the jury’s still out for Apple. And TikTok recently patched bugs that could have let attackers take over a victim’s account. (No, that doesn’t mean it’s spying on you.)

It was an active week for Facebook; the company made its Privacy Checkup feature a wee bit more granular, acknowledged that encrypting Messenger end-to-end by default will take years, and suffered a bug that doxxed the admins of Pages. Otherwise all good, though.

And while you may have heard that Russia disconnected itself from the internet over the holidays, that’s not quite right. But the Kremlin’s efforts to censor the internet are very real, and increasingly broad.

Stop us if you’ve heard this one before: The FBI has asked Apple to unlock the iPhone of a mass shooter. As it did when the agency did the same in the San Bernadino investigation, Apple has declined. The Cupertino company regularly complies with subpoenas for data stored in its cloud, but argues that breaking into a locked iPhone would be require undermining its own encryption, which in turn would make all iPhones less safe. The prolonged fight in 2016 ended in something of a draw, when the FBI found a way to unlock the iPhone on its own. While its request hasn’t escalated to a court fight yet, it’s only a matter of time before it tries for a rematch.

[A Comprehensive Look at How SMS Two-Factor Authentication Gets Abused](https://www.issms2fasecure.com/

)

We’ve written about the risks inherent in using SMS-based two-factor authentication since 2016. Since then, the plague of so-called SIM-swap attacks that it enables have only grown, hitting even Twitter CEO Jack Dorsey. This week, researchers at Princeton University’s Center for Information technology detailed the many, many ways that SMS 2FA can go wrong, including multiple failings on the part of carriers to vet SIM-swap requests. If this doesn’t convince you to switch to an authenticator app, nothing will.

By now it’s no longer surprising that every voice assistant has a small army of human contractors behind it, transcribing recordings to improve accuracy. (Or did, until the public backlash.) Skype, however, reportedly hit an impressive low by not only using contractors in China but letting them listen to recordings through a Chrome web browser, and were encouraged to all long in through the same account and password. In other words, it would have been almost comically easy to compromise the sensitive data. Microsoft told The Guardian that it has since moved its transcription efforts out of China and into “secure facilities.” It’s unclear exactly what that means, but the bar appears to be extremely low.

To continue the theme: In a letter to US senators this week, Ring acknowledged that four employees sought improper access to video taken by its customers’ cameras over the last four years. The company says that of them were fired for violating company policy, and that currently only three employees can access stored customer videos.


More Great WIRED Stories

The Original Source For This Story: Source link

The post The FBI Wants Apple to Unlock iPhones Again appeared first on National Cyber Security.

View full post on National Cyber Security

#city | #ransomware | Ransomware attacks shaking up threat landscape — again

Source: National Cyber Security – Produced By Gregory Evans

Ransomware is changing the threat landscape yet again, though this time it isn’t with malicious code.

A spike in ransomware attacks against municipal governments and healthcare organizations, coupled with advancements in the back-end operations of specific campaigns, have concerned security researchers and analysts alike. The trends are so alarming that Jeff Pollard, vice president and a principal analyst at Forrester Research, said he expects local, state and city governments will be forced to seek disaster relief funds from the federal government to recover from ransomware attacks.

“There’s definitely been an uptick in overall attacks, but we’re seeing municipality after municipality get hit with ransomware now,” Pollard said. “When those vital government services are disrupted, then it’s a disaster.”

In fact, Forrester’s report “Predictions 2020: Cybersecurity” anticipates that at least one local government will ask for disaster relief funding from their national government in order to recover from a ransomware attack that cripples municipal services, whether they’re electrical utilities or public healthcare facilities.

Many U.S. state, local and city governments have already been disrupted by ransomware this year, including a massive attack on Atlanta in March that paralyzed much of the city’s non-emergency services. A number of healthcare organizations have also shut down from ransomware attacks, including a network of hospitals in Alabama.

The increase in attacks on municipal governments and healthcare organizations has been accompanied by another trend this year, according to several security researchers: Threat actors are upping their ransomware games.

Today’s infamous ransomware campaigns share some aspects with the notable cyberattacks of 20 years ago. For example, the ILoveYou worm used a simple VB script to spread through email systems and even overwrote random files on infected devices, which forced several enterprises and government agencies to shut down their email servers.

But today’s ransomware threats aren’t just using more sophisticated techniques to infect organizations — they’ve also built thriving financial models that resemble the businesses of their cybersecurity counterparts. And they’re going after targets that will deliver the biggest return on investment.

New approaches

The McAfee Labs Threats Report for August showed a 118% increase in ransomware detections for the first quarter of this year, driven largely by the infamous Ryuk and GandCrab families. But more importantly, the vendor noted how many ransomware operations had embraced “innovative” attack techniques to target businesses; instead of using mass phishing campaigns (as Ryuk and GandCrab have), “an increasing number of attacks are gaining access to a company that has open and exposed remote access points, such as RDP [remote desktop protocol] and virtual network computing,” the report stated.

The concept of ransomware is no longer the concept that we’ve historically known it as.
Raj SamaniChief scientist, McAfee

“The concept of ransomware is no longer the concept that we’ve historically known it as,” Raj Samani, chief scientist at McAfee, told SearchSecurity.

Sophos Labs’ 2020 Threat Report, which was published earlier this month, presented similar findings. The endpoint security vendor noted that since the SamSam ransomware attacks in 2018, more threat actors have “jumped on the RDP bandwagon” to gain access to corporate networks, not just endpoint devices. In addition, Sophos researchers found more attacks using remote monitoring and management software from vendors such as ConnectWise and Kaseya (ConnectWise’s Automate software was recently used in a series of attacks).

John Shier, senior security advisor at Sophos, said certain ransomware operations are demonstrating more sophistication and moving away from relying on “spray and pray” phishing emails. “The majority of the ransomware landscape was just opportunistic attacks,” he said.

That’s no longer the case, he said. In addition to searching for devices with exposed RDP or weak passwords that can be discovered by brute-force attacks, threat actors are also using that access to routinely locate and destroy backups. “The thoroughness of the attacks in those cases are devastating, and therefore they can command higher ransoms and getting higher percentage of payments,” Shier said.

Jeremiah Dewey, senior director of managed services and head of incident response at Rapid7, said his company began getting more calls about ransomware attacks with higher ransomware demands. “This year, especially earlier in the year, we saw ransomware authors determine that they could ask for more,” he said.

With the volume of ransomware attacks this year, experts expect that trend to continue.

The ransomware economy

Samani said the new strategies and approaches used by many threat groups show a “professionalization” of the ransomware economy. But there are also operational aspects, particularly with the ransomware-as-a-service (RaaS) model, that are exhibiting increased sophistication. With RaaS campaigns such as GandCrab, ransomware authors make their code available to “affiliates” who are then tasked with infecting victims; the authors take a percentage of the ransoms earned by the affiliates.

In the past, Samani said, affiliates were usually less-skilled cybercriminals who relied on traditional phishing or social engineering tactics to spread ransomware. But that has changed, he said. In a series of research posts on Sodinokibi, a RaaS operation that experts believe was developed by GandCrab authors, McAfee observed the emergence of “all-star” affiliates who have gone above and beyond what typical affiliates do.

“Now you’re seeing affiliates beginning to recruit individuals that are specialists in RDP stressing or RDP brute-forcing,” Samani said. “Threat actors are now hiring specific individuals based on their specialties to go out and perform the first phase of the attack, which may well be the initial entry vector into an organization.”

And once they achieve access to a target environment, Samani said, the all-stars generally lie low until they achieve an understanding of the network, move laterally and locate and compromise backups in order to maximize the damage.

Sophos Labs’ 2020 Threat Report also noted that many ransomware actors are prioritizing the types of data that certain drives, files and documents encrypt first. Shier said it’s not surprising to see ransomware campaigns increasingly use tactics that rely on human interaction. “What we’ve seen starting with SamSam is more of a hybrid model — there is some automation, but there’s also some humans,” he said.

These tactics and strategies have transformed the ransomware business, Samani said, shifting it away from the economies of scale-approach of old. “All stars” affiliates who can not only infect the most victims but also command the biggest ransoms are now reaping the biggest rewards. And the cybercriminals behind these RaaS operations are paying close attention, too.

“The bad guys are actively monitoring, tracking and managing the efficiency of specific affiliates and rewarding them if they are as good as they claim to be,” Samani said. “It’s absolutely fascinating.”

Silver linings, dark portents

There is some good news for enterprises amid the latest ransomware research. For one, Samani said, the more professional ransomware operations were likely forced to adapt because the return on investment for ransomware was decreasing. Efforts from cybersecurity vendors and projects like No More Ransom contributed to victims refusing to pay, either because their data had been decrypted or because they were advised against it.

As a result, ransomware campaigns were forced to improve their strategies and operations in order to catch bigger fish and earn bigger rewards. “Return on investment is the key motivator to the re-evolution or rebirth of ransomware,” Samani said.

Another positive, according to Shier, is that not every ransomware campaign or its affiliates have the necessary skills to emulate a SamSam operation, for example. “In terms of other campaigns implementing similar models and techniques, it’s grown in the past 18 months,” he said. “But there are some limitations there.”

On the downside, Shier said, cybercriminals often don’t even need that level of sophistication to achieve some level of success. “Not everyone has the technical expertise to exploit BlueKeep for an RDP attack,” he said. “But there’s enough exposed RDP [systems] out there with weak passwords that you don’t need things like BlueKeep.”

In addition, Samani said the ransomware operations that earn large payments will be in a position to improve even further. “If you’ve got enough money, then you can hire whoever you want,” Samani said. “Money gives you the ability to improve research and development and innovate and move your code forward.”

In order to make the most money, threat actors will look for the organizations that are not only most vulnerable but also the most likely to pay large ransoms. That, Samani said, could lead to even more attacks on government and healthcare targets in 2020.

Shier said most ransomware attacks on healthcare companies and municipal governments still appear to be opportunistic infections, but he wouldn’t be surprised if more sophisticated ransomware operations begin to purposefully target those organizations in order to maximize their earnings.

“[Threat actors] know there are organizations that simply can’t experience downtime,” Shier said. “They don’t care who they are impacting. They want to make money.”

Source link

The post #city | #ransomware | Ransomware attacks shaking up threat landscape — again appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #infosec | Hackers attack OnePlus again – this time stealing customer details – HOTforSecurity

Source: National Cyber Security – Produced By Gregory Evans

Hackers have once again successfully compromised the website of Chinese phone manufacturer OnePlus.

Back in January 2018 it was revealed that the credit card details of some 40,000 people using the OnePlus website had been stolen by hackers. On that occasion the attackers managed to inject a malicious script into an payment webpage that skimmed card data as it was entered by customers.

At the time OnePlus said it was conducting an indepth security audit of its systems.

The latest security incident, detailed by OnePlus in an FAQ on its website, isn’t as serious as the payment card breach – but could still lead to customers being put at risk by fraudsters and online criminals.

The cellphone manufacturer has confirmed that customers’ names, contact numbers, email addresses and shipping details have been accessed by an unauthorised party via a vulnerability on its website.

Fortunately, payment information and passwords have not been compromised.

OnePlus has not revealed just how many customers have been impacted by the data breach, but says that all affected users have been sent an email notifying them of the security incident.

Of course, even if your passwords and payment details haven’t been exposed in this latest hack – that doesn’t mean that users have nothing to worry about.

Online criminals could abuse users’ names and contact details to launch phishing attacks, spread spam, or even attempt to commit fraud over the telephone.

Of course, the challenge for affected users is that – unlike passwords – details such as your name and contact details can not be easily changed.

Customers are being advised to contact OnePlus’s support team for assistance if they have any concerns.

According to the company it has since patched the vulnerable website, and checked it for similar security flaws:

“We’ve inspected our website thoroughly to ensure that there are no similar security flaws. We are continually upgrading our security program – we are partnering with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December.”

No details have been shared of the nature of the website vulnerability which allowed the hackers to access customer data, but OnePlus must realise that the patience of customers is not limited – and for a second serious security breach to have occurred in a relatively short period of time will have done nothing to strengthen users’ trust in the brand.

More transparency about what has occurred and how, combined with strengthened security, would go a long way to reassure customers who must be feeling rattled by this latest incident.

OnePlus says it has informed the authorities about the data breach and is working with the police to further investigate who might be responsible for the attack.

Source link

The post #cybersecurity | #infosec | Hackers attack OnePlus again – this time stealing customer details – HOTforSecurity appeared first on National Cyber Security.

View full post on National Cyber Security

Hackers #attempt to #hit Mecklenburg Co. #computers again

Less than 24 hours after Mecklenburg County Manager Dena Diorio refused to pay cyber hackers a $23,000 ransom, the hackers tried again.

In a memo to employees obtained by NBC Charlotte, Diorio wrote that a security check, “…is reporting that the cybercriminals are redoubling their efforts to penetrate the County’s systems, primarily through emails that contain fraudulent attachments with viruses that could further damage our systems.”

It was an email with just such an attachment that was opened earlier this week by a county employee that triggered the freeze on much of the county’s computer system.

The hackers demanded a ransom of $23,000, but on Wednesday Diorio refused to pay, saying the county’s backup systems could restore much of what had been disabled.

During a speaking engagement at Charlotte’s Kennedy Middle School, Governor Roy Cooper said the county did the right thing by not paying the ransom.

“We can’t fall prey to these scam artists and people who want to hold governments hostage,” Cooper said.

Cooper said the state was working with Mecklenburg County on restoring the system, and that adding cybersecurity has to be a top priority.

“It shows us that we need to be careful and that we need to make sure that our systems are as secure as possible at a local, state and federal level,” Cooper explained.

View full post on National Cyber Security Ventures

Hackers to #Help Make #Voting #Machines Safe Again

Source: National Cyber Security – Produced By Gregory Evans

Following the recent declaration by the U.S. National Security Agency that Russian hackers tried to infiltrate the electronic voting machines used in the last U.S. presidential election, many people are calling for a lot of things especially for the electronic voting machines to be scrapped. Although the Russians did not succeed, more questions are still left on the table.

Bipartisan bill to secure voting machines

U.S. senators looking for answers have constituted a committee and is hoping to pass a bipartisan bill called the Securing America’s Voting Equipment (SAVE) Act. The bill will enlist help from the Department of Homeland Security to organize an event like the one held at the DEFCON hackers conference in July, themed the “Voting Machine Hacking Village.”

That DEFCON event exposed vulnerabilities in the electronic voting machines used in the last U.S. election. Hackers took less than two hours to break into the 25 voting machines that were brought to the DEFCON conference, and the first machine was penetrated in minutes. The results of the findings released at an event at the Atlantic Council in October was one of the key provocations for the US senators to introduce the SAVE bill.

Interestingly, some of the significant findings after the alleged Russian breach were centered on the use of foreign materials in the production of these voting machines. Hackers at the DEFCON event pointed to the possibility of having malware embedded into the hardware and software along the entire supply and distribution chain. It was also believed that hackers could have tampered with voters’ registration on the touch screen voting machines.

Hackers enlisted to hunt for vulnerabilities in voting machines

Called the “Cooperative Hack the Election Program”, the initiative mirrors the bug bounty programs previously ran by the U.S. Department of Defense (DoD) where friendly hackers were invited to hack the Pentagon, Army and Air Force. The program is set to swing into motion one year after the bill is in play.

The stated objective of the program is “to strengthen electoral systems from outside interference by encouraging entrants to work cooperatively with election system vendors to penetrate inactive voting and voter registration systems to discover vulnerabilities of, and develop defenses for, such systems.”

Just like past U.S. DoD programs, the “Hack the Election” competition will offer incentives for hackers to find security weakness in the election system. Hackers playing by the rules will also be waived from the Computer Fraud and Abuse Act (CFAA) and the Digital Millennium Copyright Act (DMCA).

Hackers to replicate past successes against voting machines

Looking at past results, we can expect excellent outcomes for the new program. The first of these bug bounties was the ‘Hack the Pentagon’ program where hackers found 138 vulnerabilities. This was quickly followed by the ‘Hack the Army’ program which yielded 118 vulnerabilities and ‘Hack the Air Force’ program with a bountiful harvest of 207 vulnerabilities.

While it is not clear if the hacking program is a one-off event, the bill does propose a requirement for integrity audits to be performed every four years on the voting machines starting from 2019. There is also the provision for grants to be given to help states enhance the security of their voting systems.

The post Hackers to #Help Make #Voting #Machines Safe Again appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach

Source: National Cyber Security – Produced By Gregory Evans

Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach

Hackers have once again targeted Verticalscope, a Canadian firm that manages hundreds of popular web discussion forums with over 45 million user accounts. The breach has compromised at least 2.7 million user accounts. The Toronto-based company runs a network of support forums and online community websites catering to a wide range of interests, from outdoor and automotive to sports and technology.

In June 2016, Verticalscope admitted that it had suffered a data breach that saw at least 45 million user accounts compromised and their data leaked in a blog post on Leakedsource.com.

The latest breach impacted six websites, including Toyotanation.comJeepforum.com – the company’s second-most popular website – and Watchuseek.com, security expert Brian Krebs first reported.

Security researcher and founder of Hold Security, Alex Holden, notified Krebs last week that hackers were selling access to Verticalscope.com and a number of other sites operated by the company.

Holden initially suspected that a nefarious actor was just trying to resell data stolen in the 2016 breach.

“That was before he contacted one of the hackers selling the data and was given screen shots indicating that Verticalscope.com and several other properties were in fact compromised with a backdoor known as a ‘Web shell’,” Krebs wrote. “With a Web shell installed on a site, anyone can remotely administer the site, upload and delete content at will, or dump entire databases of information — such as usernames, passwords, email addresses and Internet addresses associated with each account.”

The hackers reportedly obfuscated certain details in the screenshots that allowed him to locate at least two backdoors on Verticalscope’s website and Toyotanation.com, one of the company’s most popular forums.

Krebs reported that a simple search on one of Verticalscope’s compromised domains led to a series of Pastebin posts that have since been deleted “suggesting that the individual(s) responsible for this hack may be trying to use it to advertise a legally dicey new online service called LuiDB”.

“Similar to Leakedsource, LuiDB allows registered users to search for account details associated with any data element compromised in a breach — such as login, password, email, first/last name and Internet address,” Krebs noted. “The first search is free, but viewing results requires purchasing a subscription for between $5 and $400 in Bitcoin.”

“The intrusion granted access to each individual website files,” Verticalscope said in a statement to Krebs. “Out of an abundance of caution, we have removed the file manager, expired all passwords on the 6 websites in question, added the malicious file pattern and attack vector to our detection tools, and taken additional steps to lock down access.”

The company did not provide any details regarding when and how the attack took place or who carried out the hack. IBTimes UK has reached out to Verticalscope for further details.

The post Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures