hack

now browsing by tag

 
 

Nuit du Hack

General Cybersecurity Conference

 June 30 – July 1, 2018 | Paris, France

Cybersecurity Conference Description 

The Nuit du Hack is organized by the nonprofit organization HZV, in synergy with a security assessment company: Sysdream.

The Nuit du Hack is the largest yearly French Hacking Con. From Sat. June 30th, 09AM until the next morning, whatever human being in crave for a Pwn will join there. There will be held a public wargame ( BYOD, we provide the eth. switches + wifi ), a private, prequalified Capture The Flag tournament, lots of workshops around electronics, soft, and hack culture/gear, a job speed-dating, lulz, and even a lovely crafted chill-out room!.

advertisement:

The post Nuit du Hack appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Here Are The #Clever Means #Russia Used To #Hack The #Energy #Industry

Last July, officials from the Federal Bureau of Investigation and the Department of Homeland Security revealed that Russian hackers were behind cyber intrusions into the U.S. energy power grid. The intrusion illustrated the severe threat that hackers pose to our most critical industries – energy, finance, healthcare, manufacturing and transportation.

The DHS and FBI downplayed the danger in a joint statement: “There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks.”

But that might not be the end of it. Russia may be laying the groundwork for more damaging hacks, on America as well as other nations, using new cyber weapons like CrashOverride and BlackEnergy 3.

In 2015, Russia tested this on the Ukrainian capital of Kiev. These tools were specifically developed to disrupt electric power grids and it blacked out 225,000 people in the Ukraine.

One might wonder what is Russia’s end game for this kind of attack. To hurt us financially? To show us how vulnerable we are? In preparation for a more sinister attack?

Is it to punish America for anti-Russian policies? The White House expelled 60 Russians from the United States this week, joining western allies in response to Russia’s poisoning of a former Russian spy in Britain with what was a banned chemical weapon.

When DHS and FBI dissected the hackers’ tradecraft, it turned out to be very clever indeed. Mark Orlando, Chief Technology Officer for cyber services at Raytheon, broke down the particulars of why the new world of hacking works so well in America.

One of the attackers’ main strategies is to divide targets into two groups – intended targets which are the energy companies themselves, and staging targets like vendors, suppliers, even trade journals and industry websites.

Instead of going straight to the larger and better-protected targets, like a $60 billion energy company with a cyber security department, the hackers worked their way into the smaller and less secure companies’ networks like those that supply the big ones with smaller equipment. Or the local utilities that are partnered with them. Local regulators may also have good access.

There is even an Electric Utility Industry Sustainable Supply Chain Alliance that many of the large energy companies use.

When the hackers get into those systems, they use that access to gather intelligence and set traps for the larger company.

This targeting of the supply chain partners is brilliant. The manufacturer of natural gas turbines that supply a gas power plant would have great access to the plant’s systems and management, would probably have password access, and would not be questioned very hard.

‘It’s important to raise awareness,’ says Orlando. ‘These details, if taken by themselves, might not seem that impactful. When presented with the entire story, we can see it was part of a larger, sustained campaign, potentially causing a lot of damage.’

This is a long-term strategy that takes patience – just the kind of thing traditional espionage has perfected over the last century.

America seems to be getting the message. A recent survey from Raytheon and Ponemon showed that two-thirds of cyber security executives and chief information security officers in America, Europe and the Middle East believe cyber extortion, such as ransomware and data breaches, will increase in frequency and payout.

The traps themselves are pretty imaginative. Many are based in social media. No one would suspect a cute kitten video of hiding malware. But they do. And if your co-worker is a kitten-nut, they may not hesitate to download that video without thinking that it is a trap.

‘The weakness in cybersecurity are the users themselves, those that are not necessarily computer-savvy,’ says Quinn Mockler, a young cyber security researcher at Columbia Basin College in the Tri-Cities Washington near the Hanford Nuclear Reservation. ‘People overall need better awareness of cyber security. Otherwise, we will be open to constant attack.’

In one example discussed by Orlando, the attackers found a harmless-looking photo on one company’s human resources site that contained valuable information – the manufacturer and model of a certain piece of control-systems equipment.

That provided critical information on how the plant runs and set up the next phase of the attack – spear phishing – which is the use of customized, highly deceptive emails designed to deliver malware. Using resumés, curricula vitae, policy documents and other common messages, the hackers made reference to these control systems creating plausible, well-informed emails likely to fool someone into opening a malware-laced attachment.

One was an invitation to a company New Year’s Eve party.

Another common method used to infiltrate is called a watering-hole attack which plants malicious code in a place the targets trust, then waits for them to come pick it up.

In the energy-sector attack, DHS and FBI found that watering holes included trade publications and informational websites that dealt with matters specific to the energy industry. The hackers corrupted those sites and altered them to contain malicious content. The targets saw no reason to suspect anything was wrong when they visited them.

‘It’s a low-complexity, low-effort, high-yield attack,’ Orlando says. ‘With relatively little effort, you can target lots and lots of users.’ The best defense, he says, is for a company to monitor its own networks for signs that a user may have unwittingly stumbled into a watering-hole.

Much of the malware in the energy-sector attack was designed to capture user credentials, or the digital identity of someone authorized to use a target network. Credential harvesting includes usernames and passwords, hashes or a computer’s digital signature, often stolen through tricking someone at a false login page for a familiar site.

The hackers’ spear phishing emails contained documents that ordered the target’s computer to retrieve data from a server – one the hackers either owned themselves, or had commandeered. Once the hackers had the target’s credentials, they could apply techniques to reveal the password in plain text.

Requiring multiple modes of authentication to sign in, such as a thumbprint or a security token code, is the best way to thwart this type of attack.

Hackers imitated login pages themselves, planting a link that redirected users to a page whose ‘username’ and ‘password’ fields fed credentials straight to them. Orlando notes, ‘If I can come into your environment using authorized credentials, detecting that just became exponentially more difficult.’

There are two main lessons from the power-grid hack, Orlando says. First, businesses should know that small hacking attempts like suspicious emails are often part of a larger campaign. Also, they should understand that truly cyber-secure businesses look beyond their own networks. Like tracking the spread of a new Flu virus.

‘Your network isn’t just your network. It’s your network, plus your trusted partners, plus your suppliers,’ he says. ‘If you’re not mitigating risk across the entire cyber ecosystem, you’re potentially missing a very large exposure to your business.’

Since smaller companies are the hacker’s first stop on the way to the bigger targets, Orlando recommends monitoring computer networks for unusual activity, installing security patches regularly, developing a response plan to disclose breaches and limit damage, and communicate up and down the supply chain on cyber security.

Data diodes, air gaps, field programmable gate arrays – all the sophisticated approaches to cyber security that the nuclear and defense industries use – eventually need to be part of everyone’s defense.

But as Orlando summed up, the daunting new reality in modern cyber security is that a company’s cyber defenses are only as strong as the defenses of everyone connected to it.

advertisement:

The post Here Are The #Clever Means #Russia Used To #Hack The #Energy #Industry appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hack of #Baltimore’s 911 #dispatch system was #ransomware #attack, city #officials say

The hack that forced Baltimore’s 911 dispatch system to be temporarily shut down over the weekend was a ransomware attack, city officials said Wednesday.

Such attacks — another of which occurred in Atlanta last week — take over parts of private or municipal computer networks and then demand payment, or ransom, for their release.

Frank Johnson, chief information officer in the Mayor’s Office of Information Technology, said he was not aware of any specific ransom request made by the hackers of Baltimore’s network, but federal authorities are investigating.

“The systems and the software and the files are all being investigated by the FBI right now,” Johnson said.

No personal data of city residents was compromised, he added.

Dave Fitz, an FBI spokesman, could not be reached Wednesday. On Tuesday, Fitz said the agency was aware of the breach and providing assistance to the city, but otherwise declined to comment.

The attack infiltrated a server that runs the city’s computer-aided dispatch, or CAD, system for 911 and 311 calls. The system automatically populates 911 callers’ locations on maps and dispatches the closest emergency responders there more seamlessly than is possible with manual dispatching. It also relays information to first responders in some cases and logs information for data retention and records.

The breach shut down the CAD system from Sunday morning until Monday morning, forcing the city to revert to manual dispatching during that time. While the city’s 911 calls are normally recorded online on Open Baltimore, the city dispatch logs stopped recording them at 9:54 a.m. Sunday and didn’t resume recording them again until 7:42 a.m. Monday.

Johnson said the attack was made possible after a city information technology team troubleshooting a separate communications issue with the server inadvertently changed a firewall and left a port, or a channel to the Internet, open for about 24 hours, and hackers who were likely running automated scans of networks looking for such vulnerabilities found it and gained access.

“I don’t know what else to call it but a self-inflicted wound,” Johnson said. “The bad guys did not get in on their own without the help of someone inadvertently leaving the door open.”

Once the “limited breach” was identified, city information technology crews “were able to successfully isolate the threat and ensure that no harm was done to other servers or systems” on the city’s network, Johnson said. And once “all systems were properly vetted, CAD was brought back online.”

Johnson said the city “continues to work with its federal partners to determine the source of the intrusion.”

The Baltimore hack comes amid increasing hacking of municipal systems across the country, and follows one in Atlanta last week that paralyzed that city’s online bill-payment system, with hackers demanding a $51,000 payment in bitcoin to unlock it. That attack occurred Thursday, and Atlanta employees only turned their computers back on Tuesday.

Johnson said his office works diligently to prevent cyberattacks and is looking to invest more in safeguarding its networks.

Baltimore also faced cyberattacks during the unrest in 2015, when its website was taken offline. Johnson said he was unaware of any other successful attacks on the city’s networks. He said the city would be obligated to disclose any attacks that compromised residents’ personal information, health information or crime data.

Johnson said he feels the city recovered well from the breach once it was identified, but that he did not want to go into detail about what was done lest he expose the city to more attacks.

The city has a $2.5 million contract with TriTech Software Systems to maintain its CAD software and provide “technical support services to ensure the functional integrity” of the city’s CAD system.

Scott MacDonald, TriTech’s vice president of public safety strategy, said the company worked with city IT personnel to shut down the CAD software after the attack. The breach was not related to the company’s software, MacDonald said.

“When we were alerted of it, it was reported that the server had some sort of compromise,” he said. “Our techs connected and worked with the IT staff there, and the CAD system was taken down manually, in combination between our staff and theirs, while the servers could be troubleshooted by the city.”

advertisement:

The post Hack of #Baltimore’s 911 #dispatch system was #ransomware #attack, city #officials say appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hack Miami

General Cybersecurity Conference

 May 18 – 20, 2018 | Miami, Florida, United States

Cybersecurity Conference Description

HackMiami Conference is famous for gathering the brilliant minds in the information security business and the digital underground under one roof. This conference will showcase the greatest penetration testing tools, techniques and methodologies which are the cutting edge of the worldwide digital threatscape.

Read More….

advertisement:

The post Hack Miami appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Duke #Energy #Vendor’s #Hack May Mean #Stolen Customer #Bank Info

Nearly 375,000 Duke Energy Corp. customers may have had personal and banking information stolen in a data breach.

The country’s largest electric company said Tuesday the customers paid a bill by check or cash at 550 walk-in payment processing centers in the Carolinas, Florida, Indiana, Ohio and Kentucky since 2008.

Those payments were processed by TIO Networks, which was hacked in an attack disclosed after the company was purchased in July by PayPal Holdings Inc. Duke Energy customers make up nearly a quarter of the 1.6 million TIO Network customers potentially compromised.

The personally identifiable information that may have been stolen from Duke Energy customers includes names, addresses, electricity account numbers and banking information if a customer paid power bills by check.

TIO Networks is sending letters to notify those affected.

View full post on National Cyber Security Ventures

It’s #apparently #insanely easy to #hack #Apple #MacOS High #Sierra, and here’s how you can #protect yourself

Source: National Cyber Security – Produced By Gregory Evans

Most of us sleep better at night knowing that the data on our computers is safe from prying eyes. That’s why we have our trusty usernames and passwords. Well, turns out…not so much. Some tech-minded people found a super easy way to hack Apple MacOS High Sierra, and anyone can do it.

Usually, when you hear “hack” you think of some crazy complicated computing code that only the really dedicated can figure out, like Huck on Scandal or something. But to get into a computer that has the High Sierra operating system, all you have to do is type “root” as the username and leave the password field blank. Once you hit enter, you’re in.

We told you it was insanely easy.

The main user of a computer is called the “root user” and has “root access,” hence the name of the bug. The best way to protect yourself for now, according to Apple, is by setting a password for your main user account if you don’t already have one. Security experts and researchers have had varying experiences in replicating the bug, so it’s still being figured out. According to Wired, Apple is aware of the issue and working out a long- term fix, so hold tight for their update if you’re worried about your security.

Oh, and to make this even scarier, apparently the software can be hacked via malware too, meaning a hacker can get into your computer remotely.

So make sure you set your admin password and keep your eye out for anything out of the ordinary on your Mac or MacBook if you have Sierra. Hopefully, Apple will fix the bug ASAP.

The post It’s #apparently #insanely easy to #hack #Apple #MacOS High #Sierra, and here’s how you can #protect yourself appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Women #allegedly #hack #college #computer system to change #grades

Source: National Cyber Security – Produced By Gregory Evans

The Bucks County District Attorney’s office said Aleisha Morosco tried multiple times to change her microbiology grade.

After several failed attempts, she enlisted a friend’s help, orchestrating a security breach at Bucks County Community College.

Authorities said while working at a medical office affiliated with Penn Medicine, Kelly Marryott accessed a faculty member’s personal information and leaked it to her friend, Aleisha Morosco.

Desperate to change her grade, Morosco then used the stolen data to gain unauthorized access to BCCC’s computer system. Officials said while inside the system, Morosco changed not just her grade, but several other student’s grades in her microbiology class.

“The investigators were able to find out the IP address used to access the professor’s account and change the grades,” said Jovin Jose, ADA Bucks County. “That same IP address was used by one of the charged defendants.”

The electronic footprint led investigators to Morosco and to her 37-year-old friend, Marryott.

“They got his personal information, and shouldn’t have obtained the use for that purpose,” said Jose. “We intend to prove at trial that they accessed his information to change grades, which is a crime.”

Bucks County Community College issued this response to Action News:

“BCCC takes the integrity of its data systems very seriously, and all of it the grades altered in the breach were restored to their correct level.”

Students on campus are stunned a classmate would go to these lengths to change a grade.

“It’s crazy. You deserve the grade you get,” said Emily Bombino. “And if you have an issue talk to your professor. Don’t go around changing, stealing his information.”

Both women face felony counts of unlawful computer use and identity theft. A court date is tentatively set for December.

The post Women #allegedly #hack #college #computer system to change #grades appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Researchers #Hack Car Infotainment #System and Find #Sensitive User #Data Inside

Source: National Cyber Security – Produced By Gregory Evans

People who are worried about their security will use a secure phone, lock down their computer, and use strong passwords for their online accounts. But how many people have considered that their car could be leaking their most sensitive data?

A researcher who recently decided to investigate his car’s infotainment system found that it was not designed using modern software security principles, yet it stored a lot of personal information taken from his phone that could be valuable to hackers.

Executing code on the car’s infotainment unit was extremely easy by connecting a USB flash drive with specially crafted scripts. The system automatically picked up those files and executed them with full administrative privileges.

Car enthusiasts have used the same method in the past to customize their infotainment systems and run non-standard applications on them, but Gabriel Cîrlig, a senior software engineer at security firm Ixia, wanted to understand the security implications of this technique.

What he found was a major privacy issue where call histories, contacts, text messages, email messages, and even directory listings from mobile phones that had been synchronized with the car, were being stored persistently on the infotainment unit in plain text.

Mobile operating systems like Android and iOS go to great lengths to protect such data by restricting which applications have access to it or by allowing users to encrypt their devices. All that security could be undone if people pair their devices over Bluetooth with an infotainment system like the one found in Cîrlig’s car.

Cîrlig and an Ixia colleague Ștefan Tănase decided to go even further and investigate how the car’s infotainment unit could be potentially abused by an attacker or even law enforcement to track users and obtain information about them that they couldn’t otherwise get from their mobile devices.

The researchers presented their findings Friday at the DefCamp security conference in Bucharest, but declined to disclose the car make or model because they’re still in the process of reporting the privacy issue they found. However, they mentioned that the car was made by a Japanese manufacturer.

Cîrlig told me that there is a firmware update available that blocks the USB attack vector on his car, but installing it requires going to a dealership. This means that a large number of cars will likely never be patched.

The infotainment system itself is a hacker’s paradise and is more powerful than most embedded devices, including home routers. It has a Cortex-A9 CPU with 1GB of RAM, as well as Wi-Fi and GPS. The operating system is based on Linux and has a fully functional Bash command-line shell with all its usual utilities. On top of that, there are various debugging tools, including for the GPS, that the system’s developers did not bother to remove, according to Cirlig.

It looks like technology that was created in a rush without any concern for security engineering, Cîrlig told me. “A production system, at least for a car, should be completely locked down.”

He thinks that some of the software design choices were driven by convenience, like the storing of unencrypted user sensitive data indefinitely instead of requesting it again from the phone when the device is in proximity.

In addition to data copied from mobile devices, Cîrlig found other sensitive information on the infotainment unit, such as a list of favorite locations the car has been driven to or from, voice profiles, vehicle status information, and GPS coordinates.

For their presentation, Cîrlig and Tanase showed a proof-of-concept malware program—a Bash script—that when executed via USB, continuously looked for open Wi-Fi hotspots, connected to them and could exfiltrate newly collected data. By combining this malware with location data from the GPS, an attacker could also track the car in real time on a map.

To make things worse, the rogue script is installed as a cron job—a scheduled task on Linux—and is persistent. Even if the infotainment system is reset to factory defaults, cron jobs are not removed, the researchers said.

Hackers could take the attack even further and create a USB worm, where a compromised infotainment system could infect all USB dongles plugged into it and potentially spread the infection to other cars, Cîrlig said. Or the car could be used in a wardriving scenario, trying to automatically exploit Wi-Fi networks and other systems it encounters, he said.

The development of infotainment systems is usually outsourced to third-party electronic component suppliers and not made by the automobile manufacturers themselves. Other researchers have shown in the past that there are ways to jump from the infotainment systems to more critical electronic control units (ECUs)—the specialized embedded computers that control a car’s functions.

The auto industry continues to work using outdated programming principles and very old technology stacks that would be unacceptable today in a modern software development environment; and that needs to change, Cîrlig said. “For someone like myself who has a software development background, that style of coding looks ancient, from the age of the dinosaurs.”

The post Researchers #Hack Car Infotainment #System and Find #Sensitive User #Data Inside appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

IS #militants #hack into #Swedish #radio station in #Malmo, take over #broadcast

Source: National Cyber Security – Produced By Gregory Evans

The attack occurred Friday morning in the southern city of Malmo, but went unnoticed until listeners began calling in. Experts say it is unlikely the prepetrators will be caught.

Islamic State militants hacked into a Swedish radio station Friday, taking over its transmission and broadcasting an English language propaganda song aimed at recruiting more militants.

The song entitled, “For the Sake of Allah” played for about 30 minutes on the Mix Megapol station in Malmo. Mix Megapol is an FM and internet-based radio station that is part of a private radio network.

Jakob Gravestam, a Marketing Director for the Bauer Media Group, which operates the Malmo-based station, issued a statement that said “Somebody interfered with our frequency using a pirate transmitter.”

Mix Megapol is one of Sweden’s biggest radio stations, and has about 1.4 million listeners daily. But the pirated transmission was only heard in parts of the southern city of Malmo, Sweden’s third largest metropolis, with a population of about 350,000.

The song features male voices singing, in English, such lyrics as: “For the sake of Allah we will march to gates of the paradise where our maidens await. We are men who love death just as you love your life, we are soldiers who fight in the day and the night.”

Preventing such attacks

The hack occurred during a popular morning show ‘Anders & Gry with Friends’ but the hosts didn’t notice anything was askew until listeners called in and asked what was going on.

“A lot of people have called us about this,” Gravestam told the 24Malmo website. “We are very happy that people are vigilant and we treat this very seriously.”

Gravestam said the attack highlights the need for broadcasters to discuss how to “prevent” such incidents. He added that Bauer Media will organize such a discussion and invite other broadcasters, as well as the Swedish Post and Telecom Authority (PTS), which monitors the electronic communications and postal sectors, to the meeting.

The post IS #militants #hack into #Swedish #radio station in #Malmo, take over #broadcast appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

“Victory for the #good guys” – #criminal behind #Mandiant #hack arrested

Source: National Cyber Security – Produced By Gregory Evans

“Victory for the #good guys” – #criminal behind #Mandiant #hack arrested

FireEye has caught the hacker behind a well-publicised attack that leaked a security researcher’s details and claimed to infiltrate the company’s networks earlier this year.

Mandiant employee Adi Peretz was the attack’s main victim as a number of his online accounts were exposed. Mandiant is a division of FireEye.

The alleged hacker, who went by the username of LeakTheAnalyst, has now been arrested according to reports, although their name and location have not been made public.

“These attackers rarely, if ever get caught…Over my career, I have found it frustrating how little risk or repercussions exist for the attackers, who hide behind the anonymity of the internet to cause harm to good, well-intentioned people,” Mandia says in a statement.

In addition to OneDrive accounts and PayPal invoices, Peretz’s LinkedIn login was compromised and his page was allegedly defaced by the hacker. The hacker also claimed to have gained access to Mandiant’s systems and customer data.

It was fun to be inside a giant company named ‘Mandiant’ we enjoyed watching how they try to protect their clients and how their dumb analysts are trying to reverse engineer malwares and stuffs. Now that ‘Mandiant’ knows how deep we breached into its infrastructure its so-called threat analysts are trying to block us. Let’s see how successful they are going to be :D,” the hackers’ say as part of their data dump,” a post on PasteBin said.

Two weeks later, the hacker posted another batch of information apparently from the data dump. They also claimed that FireEye was conducting a coverup.

“Well we were waiting FireEye for a public comment and FireEye lied again, and they lied in cost of their customers. They did a mistake. They knew we had access to JIRA, Their IDF workshop wasn’t a part of Adi Peretz’s job. They knew Adi Peretz wasn’t working on Bank Hapoalim,” The PasteBin dump says.

“They said our documents was “public”, are license files, private contract documents, private IDF workshops and internal network topologies public? If they weren’t public why did you removed our files and from public file hosting? Why did you removed our first Pastebin message? They knew the truth and they’re hiding it from their customers and the public,” it continues.

“Therefore, I am pleased that, in this case, we were able to impose repercussions for the attacker and achieve a small victory for the good guys,” Mandia concludes.

The post “Victory for the #good guys” – #criminal behind #Mandiant #hack arrested appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures