Inside

now browsing by tag

 
 

#cybersecurity | hacker | Inside the connected home and its implications for cybersecurity and privacy

Source: National Cyber Security – Produced By Gregory Evans

Over
the last few years, the introduction of connected devices into our homes has
become a boon for consumer convenience and entertainment. But this dynamic has
important cybersecurity and privacy considerations. The astounding increase of
connected devices has not only given attackers new points of entry but also
allows more of our information to be collected and potentially shared than ever
before.

To
find out how consumers address cybersecurity and privacy risks of connected
devices in their homes, ESET, in September 2019, surveyed 4,000 people – 2,000 in the United
States, 2,000 in Canada. Overall, the results show a large disconnect between
what people say they do to protect themselves and what they are actually doing
in practice.

The Heart of the Connected Home

Starting at the central point of a connected home, the router, ESET polled respondents if they had changed their router username and password, either directly or through a technician when it was first acquired. About 57 percent of Americans either said the username and password were not changed or they do not know if they were changed. In a similar vein, 57 percent either could not or do not know if they could name every device connected to their home network.

A
secure router is the basis of an effective home network. The router is both the
heart of the network and is in the majority of scenarios the single internet-facing
device, taking ineffective security measures (or taking none at all) makes
every device connected to it more vulnerable. At a minimum, passwords and usernames
should be changed from either their factory or ISP/cable provider default. As
the public-internet facing device attackers may be able to gain some
information by default and even the slightest knowledge about a device will
open the opportunity to try connecting to it using the default administrative
credentials, making the device an incredibly easy target.

The devices connected to that network pose a risk as well. Almost 44-45 percent of respondents have between one and five connected devices, which one would think should be easy to keep track of. The respondents that have more than 10 devices is where keeping track of them all starts to get tricky. Giving each device a recognizable name is a must to make it easier to keep track of the authorized vs. unauthorized devices on a network.

Connected Device Security

Consumers claim to be worried about cybercriminals targeting connected home devices, yet 42 percent of respondents are not worried about something they sit in front of for hours every week – their connected TVs.

When
connected to the internet a connected TV can potentially be taken attacked by
ransomware, the resources abused by coinminers or the credentials used to
access your favorite streaming service could be stolen. Anything connected to
your home router can be targeted by cybercriminals.

Interestingly, about 17 percent of total respondents have connected devices (not just smart TVs) that they did not connect to the internet. Some didn’t have time to set up the features, while others simply don’t care enough about the additional features to connect the devices to the internet.

We found that more than half (61 percent) of Americans don’t turn off features that they do not use. Keeping with the television example, consumers may buy a smart TV for its streaming features only to realize after-the-fact that there are certain apps they want to use to connect to these services are not available on the device. The consumer purchases an additional streaming device, such as Apple TV or uses a gaming console to stream, but they never turn off the internet connection on the TV. That device is now connected to the home network and is likely not monitored or updated. That’s a hazard to home network security.

Start with the Basics

It’s
clear there is still a learning curve for many consumers with connected homes.
A whole host of problems can be avoided simply by changing the default username
and password on the router and keeping the software up to date. This is
especially important as consumers add new types of devices to their networks
every year, a trend this set to continue.

Consumers would do well to remember the saying, “an ounce of prevention is worth a pound of cure.” Our survey found that, even though 35 percent of Americans and 37 percent of Canadians said they were concerned about the security of their connected homes, only 20 percent of Americans and 29 percent of Canadians did any type of research on the data collection and storage policies of connected home device manufacturers.

Consumers
who spend hours evaluating price, features and the aesthetics of their home
devices would do well to spend a few minutes researching the reputation of the
manufacturer, the security of the device, known issues and vulnerabilities and
the degree to which their data is shared or sold to third parties.

Original Source link

The post #cybersecurity | hacker | Inside the connected home and its implications for cybersecurity and privacy appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Inside the mind of the online scammer

Source: National Cyber Security – Produced By Gregory Evans When Dame Helen Mirren revealed she had been the victim of a “humiliating” scam on the press junket for her latest movie (in which, coincidentally, she also plays the victim of a hoax), it highlighted how everyone needs to be on their guard against fraudsters. Even […] View full post on AmIHackerProof.com

#deepweb | Video: Inside the Spurs dressing room ahead of Liverpool clash – Spurs Web

Source: National Cyber Security – Produced By Gregory Evans

Tottenham Hotspur have shared a glimpse of inside their dressing room ahead of this afternoon’s Premier League fixture against Liverpool.

The club’s social media team have uploaded footage which shows some of the player’s shirts hanging up in the away dressing room deep within the bowels of the Anfield stadium.

Tottenham are without a win in their last 10 Premier League away games (D2 L8), including a 1-2 defeat to Liverpool in March. The Lilywhites last endured a longer such run between May 2000-January 2001 under George Graham (14 games).

Mauricio Pochettino’s side will be looking to chip away at the thirteen point advantage which Jurgen Klopp’s table toppers currently hold over them in the Premier League table.

Our record at Anfield is less than favourable and are winless in our last eight away league games against Liverpool (D3 L5), last winning at Anfield in May 2011 (2-0), thanks to goals from Rafael van der Vaart and Luka Modric.

Source link
——————————————————————————————————

The post #deepweb | <p> Video: Inside the Spurs dressing room ahead of Liverpool clash – Spurs Web <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#computersecurity | ANU cyber attack: How hackers got inside Australia’s top uni

Source: National Cyber Security – Produced By Gregory Evans

news, latest-news, anu hack, anu data breach, anu hack 2019, china hacks ANU, who hacked ANU, Australian National University, anu cyber attack, anu student staff data stolen

It’s been compared to Ocean’s Eleven – a cyber attack on Australia’s top university, methodically planned and then adapted on the fly by an “A team” of hackers who cracked into the personal records of 200,000 students and staff and walked away leaving virtually no trace. The operation was so slick investigators claim they still don’t know if the breach was the work of a foreign state, even as its “shocking” sophistication throws suspicion on China. But the hack didn’t go entirely to plan. Now, after months of forensic analysis, the Australian National University has revealed it’s likely the hackers “didn’t get what they wanted” from its records after all. They were foiled in the act – and it was entirely by accident. On Wednesday, the university released a post-mortem of the hack and how staff responded – the first public report of its kind into an Australian cyber attack. It describes a highly professional operation, likely of up to 15 people “working round the clock” to harvest data and build custom malware within the network itself. Hackers evolved, covered their tracks and returned for fresh attacks when a scheduled fire wall unexpected booted them out, in a campaign the university says was remarkably more sophisticated and “distinct” from an earlier breach involving national defence research in 2018. If the university hadn’t been cleaning up after that hack, where nothing was stolen but suspicion also fell heavily on China, it’s unlikely staff would have discovered this second breach when they did. “Frustratingly” the ANU says it doesn’t have enough evidence to point the finger at anyone this time around, not even organised crime – security teams now scouring the dark web for the stolen data have turned up nothing so far. Director of defence, strategy and national security at the Australian Strategic Policy Institute Michael Shoebridge has read the report closely (“It’s bit like CSI Miami”) and thinks China remains the most likely suspect – both for its well-known cyber capability and its interest in harvesting human intelligence on Australian government officials and researchers known to orbit the ANU. So how did the hackers get in and what clues did they leave behind? According to the report, which was developed in collaboration with Australia’s security agencies, the intrusion was first discovered in April, during a routine security sweep. A small army of cyber experts descended on the campus and the hunt began in earnest, with staff realising on May 17 someone hadn’t just been in the house, they’d been robbed. More than two weeks later, vice-chancellor Brian Schmidt went public with the news: the university had been hacked for the second time in less than a year. Nineteen years’ worth of HR data had been compromised. The final report now revises down that figure considerably – while hackers got into that database, analysts believe they stolen only a fraction of that, or roughly the same amount you can store on a CD. But to date investigators are still not sure exactly how much data was taken – or why. Professor Schmidt handed down the report on Wednesday with an apology to students and staff and a call to break the silence surrounding attacks of this kind. He said he hoped its detail would encourage disclosure about hacks more broadly, rather than providing an “instruction manual”. In the interest of transparency, only a small number of very specific details were omitted to prevent copycats. The hack was so sophisticated it “has shocked even the most experienced Australian security experts”, Professor Schmidt said, though he acknowledged the university “could have done more”. “This wasn’t a smash and grab, it was a diamond heist,” he said. “It’s likely they spent months planning this. They were organised and everyone knew their role.” It began, as many attacks do, with a seemingly innocuous email sent to a senior staff member in November 2018. The staffer wasn’t on campus at the time so it was read by a colleague. And they didn’t open the attachment. But this was something a little more sophisticated than the usual nefarious traffic the university deflects from its inboxes (ANU blocks 5000 intrusions attempts a day). Just previewing this email’s attachment was enough to deliver the malware and steal senior login credentials. And the hackers had their first door in. “The fact they got in without anyone actually clicking on an email, that wasn’t widely known around the traps,” Professor Schmidt says. “We were sort of ground zero for that.” From there, investigators think hackers must have gotten got lucky – an inside job has now been ruled out. The thieves managed to find an old legacy server due to be decommissioned within the year and it was there that they built their base of operations, installing “shadow infrastructure” to cloak their movements on the network as they hunted for a way into its more secure databases. Investigators say they are confident they know what the hackers were after – the HR files – because they made a beeline for that part of the network to the exclusion of other areas like research, much of which they had also gained access to. While the hackers ran extensive software to clean up their trail, university analysts believe they would have found traces elsewhere, as they did with the HR database, if they had been busy in more than one place. Instead, even when inside the network, they used password cracking software and kept running email “spear-phishing” campaigns like the one that first worked in November – trying to sniff out the right credentials to access the closed HR system, and eventually taking a final, desperate run at the IT department itself. Once they broke into the HR database through a previously unknown vulnerability, hackers used their own custom-made software to scrape its data so detail of exactly what was taken wouldn’t appear on ANU logs. But university investigators are confident the amount taken was much smaller than they originally thought – megabytes out of the many terabytes of information stored in the data-set. Spanning a period of 19 years, the affected HR records include payslips, bank account details, tax file and passport numbers, emergency contacts, and some academic records, on an estimated 200,000 current and former staff and students. Sensitive personal information such as medical and counselling records, academic misconduct and financial hardship is not stored in the same part of the network. Whether the data was taken based off a targeted search of the records, a random sample or some other extraction method is still unclear. But the intruders didn’t stop there. After extracting the HR files via another compromised computer, more phishing emails were sent out to harvest further credentials. Whatever hackers planned to do next, they were interrupted. A new scheduled firewall went up, booting them out of their base of operations in the middle of one of their clean-up cycles. They spent a frantic fortnight in the lead up to Christmas trying to break back in. Eventually, they found another foothold in a legacy computer not behind a firewall. But what about those email traps sent to IT staff? As hackers continued their operation, one or two red-faced IT staffers did click on their malicious emails, handing over more credentials. But others in the department recognised the emails for what they were and shut down the new attack station. Unfortunately, at the time, they didn’t see them as part of a much bigger attack. Unknown to the university, hackers were now waging another a two-month-long battle to get back inside its systems. For the ANU’s chief information security officer Suthagar Seevartnam, all this suggests the information they stole wasn’t the endgame after all. Part of the data harvested was made up of field names, often displayed in confusing jargon unique to the university. It would have been difficult for hackers to search and, indeed, decipher. And the ANU says what was taken doesn’t appear to have been misused. “Our current sense is the actor didn’t get what they wanted because they were stopped twice during their campaign,” Seevartnam says. “And what they did get was not immediately usable or they didn’t understand the data’s business context.” Once disrupted by ANU security upgrades, the hackers didn’t give up, trying new tactics almost up until the point of discovery, including attempts to disable the university’s email spam filter. They also returned to harvest another handful of HR files missed during the first extraction. Even after discovering the breach, the ANU says it was still under attack, working to shore up its defences and secure the network. Within an hour of going public with the news, the university came under fire again, this time in the form of a botnet campaign. And the following night, there was another attempt on the spam filter – leading investigators to suspect the same hackers still hadn’t given up. The university now believes its systems are secure. Whoever they were, they were well-resourced and highly skilled. As Professor Schmidt puts it: “This was a state-of-the-art hack, carried out by an actor at the very top of their game, at the very cutting edge.” Sophisticated is often code for “state sponsored” but at this stage the ANU insists it can’t rule anyone out. While it notes the type of data targeted – HR and financial records – would be of high value to criminals dealing in identity theft online, the information stolen hasn’t been detected online And both the university and police say the small number of suspected identity fraud cases involving ANU staff or students since the breach have all been deemed unrelated. So did hackers keep going because what they extracted wasn’t valuable enough to sell – or were they after something else? Shoebridge thinks it unlikely the type of data taken would have been of much interest to criminals in the first place. “They have better sources for that kind of stuff,” he says. “But universities are great datasets for foreign espionage outfits. This would fit nicely into information China has already gotten elsewhere. “ANU conducts a whole lot of interesting research, it’s student and teaching population over time flow on to become government officials.You need information on people to pressure them into doing what you want. “The level of sophistication and aggression here calls to mind a state actor. It’s pretty impressive ANU found them. I think they would have been happy to stay in the network, undetected.” Attribution is a notoriously difficult on the modern cyber battlefield. As countries throughout the world devote more resources to online spying and sabotage, diplomacy is struggling to keep the peace. The Australian Cyber Security Centre, which is run by the nation’s top spy agencies, did not respond to requests for comment before deadline but has been working closely with the ANU on the investigation. Last year, the centre’s head Alastair MacGibbon said he was aware of foreign countries that “actively try to steal IP from tertiary institutions and research centres” and last year the Australian government took the rare step of publicly rebuking China for stealing commercial secrets from local businesses. But this hack has not been attributed to the communist government so far. Shoebridge thinks attribution is important. “This should serve a lesson for all institutions, especially universities,” he says. “But it shouldn’t be on them to take on foreign governments. Australia needs to attribute attacks like these. If you catch a burglar in your house, pretending it didn’t happen just encourages them to come back the next night.” Having identified technical weak-points in ANU systems as well as “people and process issues”, the university will now look to rebuild its network entirely over the next four years and roll out extra training to staff. The university did not answer questions on funding for the new initiative or IT resources during the hack, but at the time it was discovered staff were in the middle of a significant security upgrade following the previous 2018 attack. “Unfortunately, there was not sufficient time to universally implement all measures across the ANU network between the two attacks in 2018,” the report says. “The sophistication and speed of the second attack underscore the threat environment in which we now operate.” ANU handed down the report as Australia’s top spy agency launched an investigation into another attack on regional Victorian hospitals this week. Seevaratnam says commentary around hacks should focus less on what organisations did wrong – which he calls “victim-blaming” – and more on the lessons that can be learnt to protect the community. “We need to encourage and support other victims coming forward and sharing their stories.”

https://nnimgt-a.akamaihd.net/transform/v1/crop/frm/fdcx/doc6tkwzit59x1tpgir3z3.jpg/r0_206_3916_2419_w1200_h678_fmax.jpg

Source link

The post #computersecurity | ANU cyber attack: How hackers got inside Australia’s top uni appeared first on National Cyber Security.

View full post on National Cyber Security

Researchers #Hack Car Infotainment #System and Find #Sensitive User #Data Inside

Source: National Cyber Security – Produced By Gregory Evans

People who are worried about their security will use a secure phone, lock down their computer, and use strong passwords for their online accounts. But how many people have considered that their car could be leaking their most sensitive data?

A researcher who recently decided to investigate his car’s infotainment system found that it was not designed using modern software security principles, yet it stored a lot of personal information taken from his phone that could be valuable to hackers.

Executing code on the car’s infotainment unit was extremely easy by connecting a USB flash drive with specially crafted scripts. The system automatically picked up those files and executed them with full administrative privileges.

Car enthusiasts have used the same method in the past to customize their infotainment systems and run non-standard applications on them, but Gabriel Cîrlig, a senior software engineer at security firm Ixia, wanted to understand the security implications of this technique.

What he found was a major privacy issue where call histories, contacts, text messages, email messages, and even directory listings from mobile phones that had been synchronized with the car, were being stored persistently on the infotainment unit in plain text.

Mobile operating systems like Android and iOS go to great lengths to protect such data by restricting which applications have access to it or by allowing users to encrypt their devices. All that security could be undone if people pair their devices over Bluetooth with an infotainment system like the one found in Cîrlig’s car.

Cîrlig and an Ixia colleague Ștefan Tănase decided to go even further and investigate how the car’s infotainment unit could be potentially abused by an attacker or even law enforcement to track users and obtain information about them that they couldn’t otherwise get from their mobile devices.

The researchers presented their findings Friday at the DefCamp security conference in Bucharest, but declined to disclose the car make or model because they’re still in the process of reporting the privacy issue they found. However, they mentioned that the car was made by a Japanese manufacturer.

Cîrlig told me that there is a firmware update available that blocks the USB attack vector on his car, but installing it requires going to a dealership. This means that a large number of cars will likely never be patched.

The infotainment system itself is a hacker’s paradise and is more powerful than most embedded devices, including home routers. It has a Cortex-A9 CPU with 1GB of RAM, as well as Wi-Fi and GPS. The operating system is based on Linux and has a fully functional Bash command-line shell with all its usual utilities. On top of that, there are various debugging tools, including for the GPS, that the system’s developers did not bother to remove, according to Cirlig.

It looks like technology that was created in a rush without any concern for security engineering, Cîrlig told me. “A production system, at least for a car, should be completely locked down.”

He thinks that some of the software design choices were driven by convenience, like the storing of unencrypted user sensitive data indefinitely instead of requesting it again from the phone when the device is in proximity.

In addition to data copied from mobile devices, Cîrlig found other sensitive information on the infotainment unit, such as a list of favorite locations the car has been driven to or from, voice profiles, vehicle status information, and GPS coordinates.

For their presentation, Cîrlig and Tanase showed a proof-of-concept malware program—a Bash script—that when executed via USB, continuously looked for open Wi-Fi hotspots, connected to them and could exfiltrate newly collected data. By combining this malware with location data from the GPS, an attacker could also track the car in real time on a map.

To make things worse, the rogue script is installed as a cron job—a scheduled task on Linux—and is persistent. Even if the infotainment system is reset to factory defaults, cron jobs are not removed, the researchers said.

Hackers could take the attack even further and create a USB worm, where a compromised infotainment system could infect all USB dongles plugged into it and potentially spread the infection to other cars, Cîrlig said. Or the car could be used in a wardriving scenario, trying to automatically exploit Wi-Fi networks and other systems it encounters, he said.

The development of infotainment systems is usually outsourced to third-party electronic component suppliers and not made by the automobile manufacturers themselves. Other researchers have shown in the past that there are ways to jump from the infotainment systems to more critical electronic control units (ECUs)—the specialized embedded computers that control a car’s functions.

The auto industry continues to work using outdated programming principles and very old technology stacks that would be unacceptable today in a modern software development environment; and that needs to change, Cîrlig said. “For someone like myself who has a software development background, that style of coding looks ancient, from the age of the dinosaurs.”

The post Researchers #Hack Car Infotainment #System and Find #Sensitive User #Data Inside appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Inside Mastercard’s Journey To Predicting Card Fraud

Source: National Cyber Security – Produced By Gregory Evans

Fighting payments fraud can be a daunting battle – especially if the battle is waged with reactions. That is, once you’re under siege, protecting data can be a scramble. Or as hockey great Wayne Gretzky once said, it’s important to skate to where the puck is going to be, and not…

The post Inside Mastercard’s Journey To Predicting Card Fraud appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

The inside story of catching a cyberpirate

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans When they discovered what was going on, US authorities were shocked. A man named Xiang Li was selling high-end defense software from his home in Chengdu, China, to anyone who could pay the going price. It posed a serious threat to America’s national security. Li and […] View full post on AmIHackerProof.com | Can You Be Hacked?

Second grade teacher arrested after police find heroin, needles inside purse

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ An Oklahoma elementary school teacher was arrested after police say they found syringes, some filled with heroin, in her purse at school. Megan Sloan, a second grade teacher at Sapulpa Elementary …

The post Second grade teacher arrested after police find heroin, needles inside purse appeared first on Become007.com.

View full post on Become007.com

15-Year-Old Arrested After Shooting Inside Boston School District Headquarters

ROXBURY (CBS) — A 15-year-old boy was arrested Wednesday morning after police say he fired a gun during a struggle in the lobby of the Boston School District headquarters building in Dudley Square.

Boston Police said the shooting took place around 9:20 a.m. at the Washington Street building, where students sign up for classes.

Many State Report Cards Leave Parents in the Dark About School Achievement – Inside School Research – Education Week

With jargon, “meaningless” tables and missing data, state report cards can be difficult for parents to use, a new report shows.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Many State Report Cards Leave Parents in the Dark About School Achievement – Inside School Research – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online