Hacking

now browsing by tag

 
 

#hacking | Russian Cybercrime Boss Burkov Pleads Guilty — Krebs on Security

Source: National Cyber Security – Produced By Gregory Evans Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members […] View full post on AmIHackerProof.com

#hacking | Daily Inter Lake – Politics & Government, The big lesson from the Bezos hack: Anyone can be a target

Source: National Cyber Security – Produced By Gregory Evans

PROVIDENCE, R.I. (AP) — You may not think you’re in the same league as Jeff Bezos when it comes to being a hacking target. Probably not, but you — and just about anyone else, potentially including senior U.S. government figures — could still be vulnerable to an attack similar to one the Amazon founder and Washington Post owner apparently experienced.

Two U.N. experts this week called for the U.S. to investigate a likely hack of Bezos’ phone that could have involved Saudi Arabian Crown Prince Mohammed bin Salman. A commissioned forensic report found with “medium to high confidence” that Bezos’ iPhone X was compromised by a video MP4 file he received from the prince in May 2018.

Bezos later went public about the hack after the National Enquirer tabloid threatened to publish Bezos’ private photos if he didn’t call off a private investigation into the hacking of his phone. It’s not clear if those two events are related. The Saudis have denied any involvement in the purported hack.

The events could potentially affect U.S.-Saudi relations. On Friday, Sen. Ron Wyden, an Oregon Democrat, said he is asking the National Security Agency to look into the security of White House officials who may have messaged the crown prince, particularly on personal devices. Jared Kushner, a White House aide and President Donald Trump’s son-in-law, is known to have done so using WhatsApp.

Wyden called reports of the Bezos hack “extraordinarily ominous” and said they may have “startling repercussions for national security.”

But they could resonate at the personal level as well. As the cost of hacking falls while opportunities to dig into peoples’ online lives multiply, more and more people are likely to end up as targets, even if they’re not the richest individuals in the world.

Ultimately, that boils down to a simple lesson: Be careful who you talk to — and what you’re using to chat with them.

“People need to get out of the mindset that nobody would hack them,” said Katie Moussouris, founder and CEO of Luta Security. “You don’t have to be a specific target or a big fish to find yourself at the mercy of an opportunistic attacker.”

WhatsApp, owned by Facebook, is generally considered a secure way of trading private online messages due to the fact that it scrambles messages and calls with encryption so that only senders and recipients can understand them. What many people may not have realized is that it, like almost any messaging service, can act as a conduit for malware.

That encryption, however, is no help if a trusted contact finds a way to use that connection to break into the phone’s operating system. In fact, an infected attachment can’t be detected by security software while it’s encrypted, and apps like WhatsApp don’t scan for malware even once files are decrypted.

WhatsApp users can disable the automatic downloading of photos, videos and other media, which happens by default unless the user takes action.

Other messaging apps are likely also vulnerable. “It just so happens that this one was a vulnerability in WhatsApp,” said JT Keating, of Texas-based security firm Zimperium. “It could have been in any one of any number of apps.”

Prince Mohammed exchanged numbers with Bezos during a U.S. trip in spring 2018. On the same visit, the prince also met with other tech executives, including the CEOs of Google, Apple and Palantir, as well as sports and entertainment celebrities and academic leaders. Virgin Group founder Richard Branson gave the Saudi delegation a tour of the Mojave Air and Space Port in the desert north of Los Angeles.

Google and Apple didn’t respond to emailed requests for comment this week on whether their executives shared personal contacts after that trip. Palantir Technologies confirmed that its CEO Alex Karp met with the prince but said they never shared personal messages. Virgin Group said it was looking into it.

UC Berkeley cybersecurity researcher Bill Marczak cautioned that there’s still no conclusive evidence that the Saudi video was malicious, adding that it might be premature to jump to broader conclusions about it. Many other security experts have also questioned the forensics report upon which U.N. officials are basing their conclusions.

But Marczak said it is generally good advice to “always be on the lookout for suspicious links or messages that sound too good to be true.”

Even caution about avoiding suspicious links might not be good enough to ward off spyware — especially for high-profile targets like dissidents, journalists and wealthy executives. Hackers-for-hire last year took advantage of a WhatsApp bug to remotely hijack dozens of phones and take control of their cameras and microphones without the user having to click anything to let them in.

In such cases, said Marczak, “there doesn’t need to be any interaction on the part of the person being targeted.”

  

Source link

The post #hacking | Daily Inter Lake – Politics & Government, The big lesson from the Bezos hack: Anyone can be a target appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Pwn2Own Miami: Hackers scoop $250,000 in prizes during inaugural ICS security contest

Source: National Cyber Security – Produced By Gregory Evans

Industrial control systems taken to pieces in ‘drama-filled’ live hacking event

The inaugural edition of Pwn2Own Miami closed its doors on Thursday (January 23), with organizers from Trend Micro’s Zero Day Initiative (ZDI) heralding the industrial control systems live hacking event a success.

Taking place as part of the S4 industrial security conference, Pwn2Own Miami took a similar format to ZDI’s established hacking contests in Vancouver and Tokyo, but with a specific focus on industrial control systems (ICS) instead of PCs or mobile devices.

Over the course of the three-day event, more than $250,000 in prizes were handed out, as hackers demonstrated a string of exploits that made short shrift of many leading ICS platforms that are used to run organizations within the manufacturing, heavy industry, and critical infrastructure sectors.

Among the highlights of Pwn2Own Miami, Steven Seeley and Chris Anastasio successfully demonstrated a denial-of-service (DoS) exploit against the Triangle Microworks SCADA Data Gateway.

The hackers went on to achieve remote code execution in both Inductive Automation’s Ignition platform and the Rockwell Automation Studio 5000 design software.

Pwn2Own Miami is the world’s first ICS-focused live hacking event

Operating under the ‘Incite Team’ banner, the pair netted a total of $50,000 and were crowned ‘Masters of Pwn’.

Discussing the reaction to the debut Pwn2Own Miami, Brian Gorenc, director of vulnerability research and head of Trend Micro’s ZDI program, told The Daily Swig: “It has definitely been a successful debut in the ICS world.

“We had tons of interest in the contest as the event approached, and it all played out on the contest floor. We have had over 10 successful entries, several partial wins, and a couple of failures. [It was a] very drama-filled event.”

He added: “Some of the most interesting entries involve the researchers chaining numerous vulnerabilities together to gain code execution. One of the teams chained five vulnerabilities together to gain code execution on an HMI target. Quite impressive!”

Looking ahead, Gorenc said ZDI would be looking to make more of an impact on the ICS space.

“[We] plan to continue to bring our unique brand of researcher engagement to this community,” he said.

“Vulnerabilities submitted in these targets will continue to be purchased through the ZDI program throughout the year. We hope the increased exposure with the ICS community will result in more submissions outside of Pwn2Own Miami.”

The team may have to wait a little while to advance their plans in the ICS sector, however, as preparations are already underway for the flagship Pwn2Own live hacking event, scheduled to take place in Canada in March.

“With just eight weeks between contests, the team will be hard at work to ensure the flagship contest is successful,” Gorenc said. “We look forward to seeing what research is demonstrated.”

Check out the ZDI blog for a full list of the exploits that were showcased during Pwn2Own Miami.

READ MORE Project Zero relaxes 90-day vulnerability disclosure deadline to boost patch adoption

Source link

The post #hacking | Pwn2Own Miami: Hackers scoop $250,000 in prizes during inaugural ICS security contest appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | International police arrest two after WeLeakInfo takedown

Source: National Cyber Security – Produced By Gregory Evans

Search engine for leaked passwords shut down

Police have seized WeLeakInfo.com, an online service that turned selling access to data exposed by breaches into a business.

The site offered subscription-based access to billions of compromised user login credentials, essentially offering a search engine for breached personal data including names, email addresses, phone numbers, IP address, and passwords.

A joint law enforcement action led by the UK’s National Crime Agency (NCA), in collaboration with international law enforcement partners including the FBI and the East Netherland Cyber Crime Unit (Politie), has led to the seizure of the domain and the arrest of two suspects.

A 22-year-old male was arrested in Fintona, Northern Ireland by the country’s police service on suspicion of fraud and serious crime offences before being released on bail, pending further inquiries.

Another man, also 22, was arrested in Vriendin, The Netherlands, by Dutch authorities.

Neither suspect has been named but police allege the duo made £200,000 ($261,000) through the dodgy site they ran together.

The pair became suspects after police traced online payments for hosting and other services linked to the site back to IP addresses used by the two men.

Police also established “links between the purchase of cybercrime tools, such as remote access Trojans (RATs) and cryptors, and weleakinfo.com.”

Robert Ramsden-Board, VP EMEA at Securonix, commented in a press release: “Weleakinfo.com was a useful resource for threat actors.

“Hackers could perform unlimited searches for exposed data for as little as $2 a day.

“Hence, providing them with all the information they would need, such as exposed usernames and passwords, to be able to perform credential stuffing attacks and phishing attacks.”

The FBI took ownership of the WeLeakInfo.com domain name and added a notice stating it was seized.

Prior to the takedown, police allege that the site hosted credentials taken from around 10,000 data breaches. The details were used in subsequent cyber-attacks in an unspecified number of cases.

Although WeLeakInfo.com has been taken out of commission, other similar services exist and may well expand to fill the gap in the market occasioned by a rival’s takedown.

In a blog post, security industry veteran Graham Cluley explains the difference between WeLeakInfo and legitimate services like Troy Hunt’s HaveIBeenPwned. The latter only offers warnings – free of charge – that a person’s email address and associated info has been part of a breach without ever storing or offering access to passwords.

YOU MIGHT ALSO LIKE Massive stolen credit card sale features 1.3 mostly Indian records

Source link

The post #hacking | International police arrest two after WeLeakInfo takedown appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Turkish hackers target Greek government websites, stock exchange

Source: National Cyber Security – Produced By Gregory Evans Turkish hackers claimed on Friday to have hijacked for more than 90 minutes the official websites of the Greek parliament, the foreign affairs and economy ministries, as well as the country’s stock exchange. On their Facebook page, the hackers group, Anka Neferler Tim, justified their actions […] View full post on AmIHackerProof.com

#hacking | Facebook reportedly derailed Europe terror probe by alerting users of phone hack

Source: National Cyber Security – Produced By Gregory Evans

Facebook in October reportedly derailed an investigation into an Islamic State terror suspect by European law enforcement and an Israeli intelligence firm by warning users that their phones had been hacked.

The company’s massively popular messaging platform, WhatsApp, notified some 1,400 users, including the suspect, that an “advanced cyber actor” had gained access to their devices. The suspect, who was believed to be planning a terror attack during the holiday season, disconnected shortly after.

The officials in the unnamed Western European country had hacked the suspect’s phone with software developed by Israel’s NSO group, which they secured with a government contract and the approval of a judge, according to a Wall Street Journal report.

The WhatsApp warning message to users said: “An advanced cyber actor exploited our video calling to install malware on user devices. There’s a possibility this phone number was impacted.”

The company was reportedly unaware of the security investigations.

A Western intelligence official told Channel 12 that the notification had been sent to both Islamic State and Al Qaeda suspects, calling the intelligence breach “a disturbing and dangerous fact,” according to a Sunday report.

The alert foiled investigations into some 20 cases, including into suspected terrorists and pedophiles, the official said.

Investigators breached suspects’ phones “surgically” using a loophole in the app, had been monitoring the suspects for a long time, and following the alert had to start the investigations anew, he said.

The investigation into the Islamic State suspect planning a holiday season attack had relied on the suspect’s phone for information on his activities and communications, and had only had access to the device for a few days — not enough time to complete the probe.

One European intelligence official said that the NSO technology had given his team information on a violent bank-robbing outfit and weapons dealers, which led to arrests. He said that officials in other countries in Western Europe had told him that over 10 investigations may have been thwarted by the WhatsApp message to users.

On October 29, the same day as the alert, WhatsApp sued NSO Group, accusing it of using the platform to conduct cyber-espionage on journalists, human rights activists and others.

The suit, filed in a California federal court, contended that NSO Group tried to infect approximately 1,400 “target devices” with malicious software to steal valuable information from those using the messaging app.

WhatsApp said NSO Group’s hacking was illegal and that it was acting to protect its users.

NSO Group told The Wall Street Journal that its tools were “only licensed, as a lawful solution, to government intelligence and law-enforcement agencies for the sole purpose of preventing and investigating terror and serious crime.”

Most of its clients are Democracies in Europe that use its technology to fight crime and terror, NSO Group said.

NSO Group came to prominence in 2016 when researchers accused it of helping to spy on an activist in the United Arab Emirates.

Its best-known product is Pegasus, a highly invasive tool that can reportedly switch on a target’s phone camera and microphone, and access data on it.

The firm has been adamant that it only licenses its software to governments for “fighting crime and terror,” and that it investigates credible allegations of misuse, but activists say the technology has been instead used for human rights abuses.

Source link

The post #hacking | Facebook reportedly derailed Europe terror probe by alerting users of phone hack appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | #SocialSec – hot takes on this week’s biggest cybersecurity news (Jan 10)

Source: National Cyber Security – Produced By Gregory Evans

CES kicks off as Las Vegas tackles cyber-attack; British electronics retailer slapped with ICO fine; and nominations open for the top 10 web hacking techniques of 2019

CES 2020 opened its doors in Las Vegas this week, with tech enthusiasts from around the world getting a first look at hundreds of thousands of new gadgets and gizmos from more than 4,000 exhibiting companies.

With four conference sessions being dedicated to security and privacy this year, it’s good to see that infosec was not completely overshadowed by the invisible keyboards, next-gen wheelchairs, and other products of the (not too distant) future.

However, dominating Twitter this week was the organizers’ decision to bring in Ivanka Trump as CES keynote speaker.

Trump took to the stage to discuss the importance of government and industry collaboration for jobs creation, along with employer-led strategies to reskill workers.

Many, however, questioned the organizers’ choice of keynote speaker.

“Ivanka is not a woman in tech,” tweeted Brianna Wu, a software engineer who is running for Congress in Massachusetts.

“She’s not a CEO. She has no background. It’s a lazy attempt to emulate diversity, but like all emulation it’s not quite the real thing.”

Outside of the exhibition hall, Las Vegas officials said the city narrowly avoided a security incident on January 7.

Municipal officials confirmed that systems were attacked early on Tuesday morning, forcing government IT staff to take down a number of online services, including its public website.

A full-blown crisis was apparently averted thanks to swift action from those tasked with protecting Sin City’s digital infrastructure.

Elsewhere, the US Department of Homeland Security (DHS) issued a bulletin warning of a potential escalation of malicious cyber activity following the recent killing of Iranian military commander Qasem Soleimani.

Speaking to The Daily Swig this week, Suzanne Spaulding, advisor at Nozomi Networks and former DHS employee said the risk of retaliatory action by Iran is particularly high, given “that the ‘red lines’ are not clearly defined in cyberspace”.

Check out our coverage for more on the Iranian cyber threat.

Over in the UK, electronics retailer DSG Retail has been fined £500,000 ($655,000) after its point of sale system was compromised.

An investigation by the Information Commissioner’s Office (ICO) found that an attacker installed malware on nearly 5,400 checkout tills in Currys PC World and Dixons Travel stores between July 2017 and April 2018.

As previously reported by The Daily Swig, the breach impacted at least 14 million people and resulted in the payment card details of 5.6 million consumers being compromised.

“DSG breached the Data Protection Act 1998 by having poor security arrangements and failing to take adequate steps to protect personal data,” the ICO said.

“This included vulnerabilities such as inadequate software patching, absence of a local firewall, and lack of network segregation and routine security testing.”

Although £500,000 would be enough to make even the world’s biggest organizations sit up and pay attention, some noted that if the breach had taken place just one month later, DSG could have faced a far heftier, GDPR-induced fine.

And finally, nominations are open for the top 10 web hacking techniques of 2019.

Hosted annually by PortSwigger, this community-led initiative aims to seek out and honor the best hacking techniques of the past 12 months.

Caching exploits topped the 2018 web security hit list, and while it remains to be seen who will lead the pack this year, nominations in 2019 include developments in server-side request forgery, request smuggling, mutation cross-site scripting, and many other areas of research.

Check out the PortSwigger blog for full details.

Source link

The post #hacking | #SocialSec – hot takes on this week’s biggest cybersecurity news (Jan 10) appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Kuwait- 3 people suspected in KUNA hacking

Source: National Cyber Security – Produced By Gregory Evans

(MENAFN – Arab Times) KUWAIT CITY, Jan 9: Three people suspected of involvement in the hacking of the Kuwait News Agency (KUNA) Twitter account are under investigation, reports GDNonline.com.

Meanwhile, Information Minister Mohammed Al-Jabri announced the establishment of a neutral probe committee to investigate the hacking incident.

A fake government statement was posted on KUNA’s Twitter account saying all US military forces in Kuwait would be withdrawn imminently. The head of the Kuwaiti government’s communication office Tareq Al-Muzarem refuted the report, adding that KUNA’s Twitter account had been ‘hacked’.

type=”text/javascript”>
(function() {

MENAFN0901202000960000ID1099531582

Source link

The post #hacking | Kuwait- 3 people suspected in KUNA hacking appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Chinese hackers bypass two-factor authentication | Information Age

Source: National Cyber Security – Produced By Gregory Evans A Chinese government-backed hacking group has found a new way to bypass two-factor authentication, according to a new report. The report by Dutch cybersecurity firm Fox-IT attributes a range of cyber attacks on government entities and managed service providers to APT20, a hacking group linked to […] View full post on AmIHackerProof.com

#hacking | Iranian hackers breach US government website in retaliation for airstrike 

Source: National Cyber Security – Produced By Gregory Evans

A website operated by the U.S. government has been hacked by a group claiming to represent the government of Iran.

The website operated by the little-known Federal Depository Library Program, fdlp.gov, was hacked and defaced on Saturday, and has been taken offline.

A message from the hackers left on the website read: ‘in the name of god. >>>>> Hacked By Iran Cyber Security Group HackerS … ;)<<<<<. This is only small part of Iran’s cyber ability ! We’re always ready.’

The FDLP is a program created to make federal government publications available to the public at no cost. 

The image above appeared on fdlp.gov on Saturday before the website was taken offline

The hackers in their message made reference to the death of Qassem Soleimani, and depicted President Donald Trump being beaten by a fist with the Revolutionary Guard insignia

The hackers in their message made reference to the death of Qassem Soleimani, and depicted President Donald Trump being beaten by a fist with the Revolutionary Guard insignia

Current Google results show the defaced page title text of the fdlp.gov website

Current Google results show the defaced page title text of the fdlp.gov website

It followed the similar hacking of websites for a number of obscure, non-governmental entities, including the Sierra Leone Commercial Bank, the Taiwan Lung Meng Technology Company, and the Human Rights Protection Association of India.

The website for a British company called Bigways was also struck in the cyber attacks.

Security experts have already warned that cyber attacks could be part of Iran’s retaliation for the U.S. airstrike on Friday that killed Revolutionary Guard General Qassem Soleimani, a top official in Iran and beloved there. 

Iran’s state-backed hackers are already among the world’s most aggressive and could inject malware that triggers major disruptions to the U.S. public and private sector.

Potential targets include manufacturing facilities, oil and gas plants and transit systems. A top U.S. cybersecurity official is warning businesses and government agencies to be extra vigilant.

The websites of several obscure, non-government entities were also defaced on Saturday

The websites of several obscure, non-government entities were also defaced on Saturday

In 2012 and 2013, in response to U.S. sanctions, Iranian state-backed hackers carried out a series of disruptive denial-of-service attacks that knocked offline the websites of major U.S. banks including Bank of America as well as the New York Stock Exchange and NASDAQ. 

Two years later, they wiped servers at the Sands Casino in Las Vegas, crippling hotel and gambling operations.

The destructive attacks on U.S. targets ebbed when Tehran reached a nuclear deal with the Obama administration in 2015. 

The killing early Friday in Iraq of Quds Force commander Soleimani – long after Trump scrapped the nuclear deal – completely alters the equation.

‘Our concern is essentially that things are going to go back to the way they were before the agreement,’ said John Hultquist, director of intelligence analysis at the cybersecurity firm FireEye. ‘There are opportunities for them to cause real disruption and destruction.’

Iran has been doing a lot of probing of critical U.S. industrial systems in recent years – trying to gain access – but has limited its destructive attacks to targets in the Middle East, experts say.

It’s not known whether Iranian cyberagents have planted destructive payloads in U.S. infrastructure that could now be triggered.

‘It’s certainly possible,’ Hultquist said. ‘But we haven´t actually seen it.’

Member of the Iranian Basij paramilitary militia, affiliated to the Revolutionary Guard, mourn Gen. Qassem Soleimani, in Tehran, Iran on Saturday

Member of the Iranian Basij paramilitary militia, affiliated to the Revolutionary Guard, mourn Gen. Qassem Soleimani, in Tehran, Iran on Saturday

Iranians take part in an anti-US rally in Tehran, Iran on Saturday

Iranians take part in an anti-US rally in Tehran, Iran on Saturday

Robert M. Lee, chief executive of Dragos Inc., which specializes in industrial control system security, said Iranian hackers have been very aggressive in trying to gain access to utilities, factories, and oil and gas facilities. 

That doesn’t mean they’ve succeeded, however. In one case in 2013 where they did break into the control system of a U.S. dam – garnering significant media attention – Lee said they probably didn’t know the compromised target was a small flood control structure 20 miles north of New York City.

Iran has been increasing its cyber capabilities but is not in the same league as China or Russia – which have proved most adept at sabotaging critical infrastructure, witnessed in attacks on Ukraine´s power grid and elections, experts agree.

And while the U.S. power grid is among the most secure and resilient in the world, plenty of private companies and local governments haven’t made adequate investments in cybersecurity and are highly vulnerable, experts say.

‘My worst-case scenario is a municipality or a cooperative-type attack where power is lost to a city or a couple of neighborhoods,’ Lee said.

Consider the havoc an epidemic of ransomware attacks has caused U.S. local governments, crippling services as vital as tax collection. While there´s no evidence of coordinated Iranian involvement, imagine if the aggressor – instead of scrambling data and demanding ransoms – simply wiped hard drives clean, said Hultquist.

‘You could see many cities and hospitals targeted at once with ransomware that encrypts data to make it unusable, but there is no way to decrypt it by paying a ransom,’ said cybersecurity veteran Chris Wysopal, the chief technical officer of Veracode.

Members of Iran-backed Iraqi Shiite armed groups popular mobilization forces carry the coffin of slain Abu Mahdi al-Muhandis during a funeral procession in Karbala city, southern Baghdad

Members of Iran-backed Iraqi Shiite armed groups popular mobilization forces carry the coffin of slain Abu Mahdi al-Muhandis during a funeral procession in Karbala city, southern Baghdad

The only known cybersecurity survey of U.S. local governments, county and municipal, found that the networks of 28% were being attacked at least hourly – and that nearly the same percentage said they didn´t even know how frequently they were being attacked. Although the study was done in 2016, the authors at the University of Maryland-Baltimore County don´t believe the situation has improved since.

The top cybersecurity official at the Department of Homeland Security, Christopher Krebs, urged companies and government agencies to refresh their knowledge of Iranian state-backed hackers’ past exploits and methods after Soleimani’s death was announced. ‘Pay close attention to your critical systems,’ he tweeted.

In June, Krebs warned of a rise in malicious Iranian cyberactivity, particularly attacks using common methods like spear-phishing that could erase entire networks: ‘What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you´ve lost your whole network.’

Wysopal said the Iranians are apt to have learned a lot from the 2017 NotPetya attack, which the U.S. and Britain have attributed to state-backed Russian hackers and which caused at least $10 billion in damage globally. The worst cyberattack to date, it exploited unpatched software after being delivered through an unwitting Ukrainian tax software provider and spread on networks without human intervention.

When then-Director of National Intelligence James Clapper blamed Iran for the Sands Casino attack, it was one of the first cases of American intelligence agencies identifying a specific country as hacking for political reasons: The casino´s owner, Sheldon Adelson, is a big Israel backer. Clapper also noted the value of hacking for collecting intelligence. North Korea´s hack of Sony Pictures in retaliation for a movie that mocked its leader followed.

The vast majority of the nearly 100 Iranian targets leaked online last year by a person or group known as Lab Dookhtegan – a defector, perhaps – were in the Middle East, said Charity Wright, a former National Security Agency analyst at the threat intelligence firm InSights. She said it´s highly likely Iran will focus its retaliation on U.S. targets in the region as well as in Israel and the U.S.

Iran is widely believed to have been behind a devastating 2012 attack on Aramco, the Saudi oil company, that wiped the data from more than 30,000 computers. It was also a victim of the Stuxnet computer virus. First uncovered in 2010, it destroyed thousands of centrifuges involved in Iran’s contested nuclear program and is widely reported to have been a U.S.-Israeli invention. 

Source link

The post #hacking | Iranian hackers breach US government website in retaliation for airstrike  appeared first on National Cyber Security.

View full post on National Cyber Security