Hacked

now browsing by tag

 
 

Local #company’s #system #hacked; employee #info #stolen

Source: National Cyber Security – Produced By Gregory Evans

 Green Bay Police say they are investigating the hacking of a local corporation’s computer network, resulting in the theft of “significant amounts of money” from victims in the organization.

Police did not immediately identify the company that was attacked. Action 2 News will work to find that out.

Officers say the hackers stole human resources information.

“In this case, it appeared the cyber actors utilized a known vulnerability to access the company’s computer systems and human resources software to steal personal identifying information from employees,” reads a statement from Capt. Jeremy Muraski.

Police say the vulnerability was a known issue and a security patch had not been installed and updated.

“This incident demonstrates how vital it is to maintain public facing computer systems with the latest security patches from the server companies as cyber actors will attempt to use exploits as long as they are finding vulnerable systems,” reads the statement from Capt. Muraski.

The post Local #company's #system #hacked; employee #info #stolen appeared first on National Cyber Security .

View full post on National Cyber Security

When Spies Get Hacked… Hackers Steal Customer Data from Android Spyware Company

When hackers get hacked” should become the tagline of 2018. After several other similar incidents, it is now the turn of an Android spyware maker that advertises its spyware to be used against children and employees. A target of a vigilante hacker, the company known as SpyHuman offers surveillance software for Android devices that enables its users to intercept phone calls, text messages, track GPS locations, read messages on WhatsApp and Facebook, and use the target device’s microphone.

It now appears that a hacker has stolen customer text messages and call metadata from the spyware company. Call metadata includes phone numbers the target devices dialled or received calls from along with their duration and dates. Hackers managed to access over 440,000,000 call details through exploiting a basic security flaw in the website.

advertisement:

nso-pegasusRELATEDControversial Israeli Spyware Firm Robbed by Its Own Employee Who Tried Selling Code for $50 Million!

“These spy apps should be out of market, most people spy on girls and [their] data image […] always sensitive,” the hacker wrote in a message that was obtained by Motherboard. “No one have rights to do that and same these apps and provider making money by doing this.”

While SpyHuman sells its spyware as a tool to monitor children and employees, it’s mostly used to illegally spy on partners and spouses without their consent. “Several review websites and social media posts do push the app for such purposes, and archives of particular SpyHuman pages include phrases such as ‘know if your partner is cheating on you,’ and suggests monitoring your husband’s texts in case he is having an affair,” the publication reports.

The company gave the following (non)explanation when asked about how it makes sure its software isn’t being used for illegal surveillance:

staff-surveillance-2RELATEDMicrosoft Exposes FinFisher Gov Spyware – Says Windows Defender ATP Can Now Detect the Notorious Spyware

“As a precaution, at an initial stage of our app installation, we always ask users that for what purposes they are installing this app in the target device. If they select child or employee monitoring then our app stays hidden and operate in stealth mode. Otherwise, it will create visible Icon so that one can know that such app is installed on his/her devices.”

As is apparent, since its users can always select a child or an employee – which in itself raises several questions – they don’t necessarily have to reveal if they are using the product for spying on people, mostly partners, without their consent.

– If you are a victim of spyware or technology-facilitated abuse, this is a very comprehensive resource list offering guidelines and help.

The post When Spies Get Hacked… Hackers Steal Customer Data from Android Spyware Company appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Man who #hacked #nude photos of #Jennifer Lawrence, #Kate Upton, pleads #guilty

A Connecticut man has pleaded guilty to hacking into the iCloud accounts of Hollywood stars and others so he could steal personal information, including private photographs and videos.

Federal prosecutors say 26-year-old George Garofano, of North Branford, pleaded guilty Wednesday to unauthorized access to a protected computer to obtain information.

The charge stemmed from the investigation into the 2014 scandal in which the private photos of Jennifer Lawrence, Kirsten Dunst, Kate Upton and others were made public.

Prosecutors say Garofano sent emails that appeared to be from Apple encouraging victims to disclose usernames and passwords. He then used the information to illegally access nearly 250 iCloud accounts.

Garofano, who remains free on $50,000 bond, faces up to five years in prison at sentencing at a date to be determined.

advertisement:

The post Man who #hacked #nude photos of #Jennifer Lawrence, #Kate Upton, pleads #guilty appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Buggy #Verge #crypto-cash gets #hacked, #devs go fork #themselves, #hard

Alt-currency’s value tumbles amid malicious mining mishaps

The Verge cryptocurrency has seen its value drop by 25 per cent after hackers exploiting a bug in the alt-coin’s software forced its developers to hit the reset button and hard-fork the currency.

Programmers on Wednesday confirmed that the fun-bux had been on the receiving end of a “small hash attack” that caused its value to drop from $0.07 to $0.05 per XVG. The developers claimed they had cleared up what was portrayed as a minor hiccup.

According to netizens observing the attack from the Bitcointalk forums, however, the shenanigans were anything but minor. Rather, bugs were present in the XVG code that allowed miscreants to mine blocks with bogus timestamps, messing up the currency’s blockchain.

The programming blunders were leveraged by persons unknown to generate new blocks at a rate of roughly one per second. This, in turn, allowed the attackers to net an estimated $1m.

“Usually to successfully mine XVG blocks, every ‘next’ block must be of a different algorithm,” explained forum poster OCminer, of the Suprnova Mining Pools. “So, for example, scrypt, then x17, then lyra, etc.

“Due to several bugs in the XVG code, you can exploit this feature by mining blocks with a spoofed timestamp. When you submit a mined block, as a malicious miner or pool, you simply set a false timestamp to this block one hour ago and XVG will then “think” the last block mined on that algorithm was one hour ago. Your next block, the subsequent block, will then have the correct time. And since it’s already an hour ago – at least that is what the network thinks – it will allow this block to be added to the main chain as well.”

OCminer added it was a 51 per attack, in which miscreants seize control of the majority of miners on a cryptocurrency’s network.

We’ve asked the Verge currency team for comment on the matter, but have yet to hear back at the time of publication.

In addition to the attack, the handling of the aftermath is also drawing criticism. To remedy the issue, the developers hard forked XVG, effectively creating a new blockchain.

“The XVG team erroneously forked their entire network to ‘undo’ the exploited blocks, but this resulted in the entire network being unable to sync,” noted cryptocurrency news site The Merkle.

“When the team was made aware of their mistake, they were able to re-sync the network, but still have not completely defeated the issue.”

advertisement:

The post Buggy #Verge #crypto-cash gets #hacked, #devs go fork #themselves, #hard appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Facebook #secretly deleted #some of Mark Zuckerberg’s private #messages over fears the #company could be #hacked

Want to delete that embarrassing message you just sent? WhatsApp will let you, and so will Instagram — but if you’re using Facebook, then you’re out of luck.

Unless you’re Mark Zuckerberg, the CEO and cofounder of Facebook.

TechCrunch reported Thursday that some old messages sent by Zuckerberg and senior executives have disappeared from recipients’ Facebook Messenger inboxes, proven by the original email receipts sent at the time.

The company appeared to confirm the unique arrangement, telling TechCrunch the change was made in response to an uptick in hacking.

“After Sony Pictures’ emails were hacked in 2014 we made a number of changes to protect our executives’ communications. These included limiting the retention period for Mark’s messages in Messenger. We did so in full compliance with our legal obligations to preserve messages,” the company said.

The Sony hack targeted the emails of Sony film executives, which revealed a side of Hollywood rarely seen by outsiders, and the decision to name the event as a catalyst for Facebook’s message purge indicates how troubling the incident was in Silicon Valley — and that Facebook was concerned about being hacked.

The company also raised the idea of a “retention period,” though there is no such thing for normal users. If a user long presses a private message on Facebook a “Delete Message” pop up confirms that the function will “delete your copy of the message,” and the recipients’ copy will remain.

Facebook-owned Instagram has long had the option to “unsend” direct messages, while Facebook-owned WhatsApp recently launched a deletion function where unread messages can be deleted “for everyone.” A message is then displayed to all participants that content has been deleted.

But Zuckerberg’s deleted messages didn’t leave behind any such message, probably because they had already been read, many years ago.

The messages were originally sent to former employees and people outside of Facebook. According to TechCrunch, the recipients of the now-deleted messages were not informed at any stage that correspondence they received had been erased.

Zuckerberg may be the CEO of Facebook, but it’s unclear how the decision to remove senior executives’ messages would be allowed under the company’s terms of service. The terms only allow Facebook to remove content if the company believes “that it violates this Statement or our policies” or for infringing copyright.

Deleting messages quietly, and selectively, also appears to fly in the face of Facebook’s campaign to “make the world more open and transparent.” Its own policies say that the company “should publicly make available information about its purpose, plans, policies, and operations.”

Facebook appears to have not followed these policies in this instance, and it raises questions about the recipient’s right to privacy.

The news comes just weeks after the Cambridge Analytica scandal which has seen Zuckerberg admit that tens of millions of users probably had their data scraped.

advertisement:

The post Facebook #secretly deleted #some of Mark Zuckerberg’s private #messages over fears the #company could be #hacked appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

SEARCH #ENGINE WITH #MILLIONS OF #HACKED DUTCH #PASSWORDS #ONLINE

A search engine showing 1.4 billion of leaked or hacked passwords, including those of some 3.3 million Dutch, is officially online. On Gotcha.pw Dutch people can now check whether their password was stolen by searching for their email address. If there is a leaked password associated with that email address, the site shows the first two characters of the password, NU.nl reports.

You can also search domain names on the site. In this way organizations can see which of their employees’ email addresses and passwords are on the street. Passwords from the National Coordinator for Counter-terrorism and Security, among others, can be found on the site, according to the newspaper. It is not clear whether these are old or current passwords.

The Gotcha.pw site administrator collected these passwords from previous data leaks and bundled them into a search engine. Such search engines have existed for some time. The Dutch police offer a similar service, and people can also use Have I Been Pwned to find out if their password is not safe.

The arrival of the Gotcha.pw search engine was announced with great fanfare last week – in a front page story on AD. The search engine was online for a short time last week Friday, but was taken down again. It initially showed the full hacked password, which is illegal. The administrator therefore adjusted the site to only show the first two letters of the passwords, according to NU.nl.

advertisement:

The post SEARCH #ENGINE WITH #MILLIONS OF #HACKED DUTCH #PASSWORDS #ONLINE appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Under Armour #admits 150 #million #MyFitnessPal #accounts were #hacked

Under Armour said on Thursday that data from some 150 million MyFitnessPal diet and fitness app accounts was compromised in February, in one of the biggest hacks in history, sending shares of the athletic apparel maker down 3 percent in after-hours trade.

The stolen data includes account user names, email addresses and scrambled passwords for the popular MyFitnessPal mobile app and website, Under Armour said in a statement. Social Security numbers, driver license numbers and payment card data were not compromised, it said.

It is the largest data breach this year and one of the top five to date, based on the number of records compromised, according to SecurityScorecard.

Larger hacks include 3 billion Yahoo accounts compromised in a 2013 incident and credentials for more than 412 million users of adult websites run by California-based FriendFinder Networks Inc in 2016, according to breach notification website LeakedSource.com.

Under Armour said it is working with data security firms and law enforcement, but did not provide details on how the hackers got into its network or pulled out the data without getting caught in the act.

While the breach did not include financial data, large troves of stolen email addresses can be valuable to cyber criminals.

Email addresses retrieved in a 2014 attack that compromised data on some 83 million JPMorgan Chase customers was later used in pump-and-dump schemes to boost stock prices, according to U.S. federal indictments in the case in 2015.

Under Armor said in an alert on its website that it will require MyFitnessPal users to change their passwords, and it urged users to do so immediately.

“We continue to monitor for suspicious activity and to coordinate with law enforcement authorities,” the company said, adding that it was bolstering systems that detect and prevent unauthorized access to user information.

Under Armour said it started notifying users of the breach on Thursday, four days after it first learned of the incident.

Under Armour bought MyFitnessPal in 2015 for $475 million. It is part of the company’s connected fitness division, whose revenue last year accounted for 1.8 percent of Under Armour’s $5 billion in total sales.

advertisement:

The post Under Armour #admits 150 #million #MyFitnessPal #accounts were #hacked appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

A #15-year-old #hacked the #secure Ledger #crypto #wallet

A 15-year-old programmer named Saleem Rashid discovered a flaw in the popular Ledger hardware wallet that allowed hackers to grab secret PINs before or after the device was shipped. The holes, which Rashid described on his blog, allowed for both a “supply chain attack” – meaning a hack that could compromise the device before it was shipped to the customer – and another attack that could allow a hacker to steal private keys after the device was initialized.

Rashid is not affiliated directly with any Ledger competitors although there was some suggestion that he did some work on Trezor and other competing hardware wallets. His response:

Former #Tennessee Gov. #Bredesen’s Senate #campaign fears it was #hacked

Source: National Cyber Security News

Former Tennessee Gov. Phil Bredesen’s Senate campaign told the FBI in a letter Thursday that it fears it was hacked.

The revelation comes as intelligence experts predict a widespread threat of cyberattacks on campaigns and election systems from both domestic and foreign hackers.
According to a copy of the letter obtained by CNN, Bredesen’s campaign “received multiple emails that appeared to be from the campaign’s media buyer” on February 28, which included specific details about a planned media buy and “urged the campaign to wire funds to an international bank account.”
    The letter, written by the campaign’s counsel Robert Cooper and sent to the FBI’s Memphis division, also detailed another email received on the same day which “purport(ed) to be from a principal in the media team that produced the TV commercial, urging transfer of the funds.”
    An FBI official confirmed that the Memphis field office received the letter but declined to comment further.
    Following the phishing attempt, the campaign hired a security firm “to determine the extent of any breaches and review security protocols,” according to the letter.

    Read More….

    advertisement:

    View full post on National Cyber Security Ventures

    Russian group #hacked German #government’s secure #computer #networks

    Source: National Cyber Security News

    A Russian-backed hacker group known for many high-level cyber attacks was able to infiltrate the German government’s secure computer networks, the dpa news agency reported Wednesday.

    Dpa cited unidentified security sources saying the group APT28 hacked into Germany’s foreign and defence ministries and managed to steal data.

    The attack was noticed in December and may have lasted a year, dpa reported.

    The Interior Ministry said in a statement that “within the federal administration the attack was isolated and brought under control.” The ministry said it was investigating.

    A spokesman wouldn’t give further details, citing the ongoing analysis and security measures being taken.

    “This case is being worked on with the highest priority and considerable resources,” the ministry statement said.

    APT28, which has been linked to Russian military intelligence, has previously been identified as the likely source of an attack on the German Parliament in 2015, as well as on NATO and governments in eastern Europe.

    Also known by other names including “Fancy Bear,” APT28 has also been blamed for hacks of the U.S. election campaign, anti-doping agencies and other targets.

    Read More….

    advertisement:

    View full post on National Cyber Security Ventures