website

now browsing by tag

 
 

#infosec | MAZE Relaunches “Name and Shame” Website

Source: National Cyber Security – Produced By Gregory Evans A threat group has once again taken to the internet to publish data stolen from alleged victims who refuse to cooperate with its ransom demands.  In December 2019, the MAZE ransomware group published online a portion of the 120 GB of data they claimed to have stolen […] View full post on AmIHackerProof.com

#hacking | Iranian hackers breach US government website in retaliation for airstrike 

Source: National Cyber Security – Produced By Gregory Evans

A website operated by the U.S. government has been hacked by a group claiming to represent the government of Iran.

The website operated by the little-known Federal Depository Library Program, fdlp.gov, was hacked and defaced on Saturday, and has been taken offline.

A message from the hackers left on the website read: ‘in the name of god. >>>>> Hacked By Iran Cyber Security Group HackerS … ;)<<<<<. This is only small part of Iran’s cyber ability ! We’re always ready.’

The FDLP is a program created to make federal government publications available to the public at no cost. 

The image above appeared on fdlp.gov on Saturday before the website was taken offline

The hackers in their message made reference to the death of Qassem Soleimani, and depicted President Donald Trump being beaten by a fist with the Revolutionary Guard insignia

The hackers in their message made reference to the death of Qassem Soleimani, and depicted President Donald Trump being beaten by a fist with the Revolutionary Guard insignia

Current Google results show the defaced page title text of the fdlp.gov website

Current Google results show the defaced page title text of the fdlp.gov website

It followed the similar hacking of websites for a number of obscure, non-governmental entities, including the Sierra Leone Commercial Bank, the Taiwan Lung Meng Technology Company, and the Human Rights Protection Association of India.

The website for a British company called Bigways was also struck in the cyber attacks.

Security experts have already warned that cyber attacks could be part of Iran’s retaliation for the U.S. airstrike on Friday that killed Revolutionary Guard General Qassem Soleimani, a top official in Iran and beloved there. 

Iran’s state-backed hackers are already among the world’s most aggressive and could inject malware that triggers major disruptions to the U.S. public and private sector.

Potential targets include manufacturing facilities, oil and gas plants and transit systems. A top U.S. cybersecurity official is warning businesses and government agencies to be extra vigilant.

The websites of several obscure, non-government entities were also defaced on Saturday

The websites of several obscure, non-government entities were also defaced on Saturday

In 2012 and 2013, in response to U.S. sanctions, Iranian state-backed hackers carried out a series of disruptive denial-of-service attacks that knocked offline the websites of major U.S. banks including Bank of America as well as the New York Stock Exchange and NASDAQ. 

Two years later, they wiped servers at the Sands Casino in Las Vegas, crippling hotel and gambling operations.

The destructive attacks on U.S. targets ebbed when Tehran reached a nuclear deal with the Obama administration in 2015. 

The killing early Friday in Iraq of Quds Force commander Soleimani – long after Trump scrapped the nuclear deal – completely alters the equation.

‘Our concern is essentially that things are going to go back to the way they were before the agreement,’ said John Hultquist, director of intelligence analysis at the cybersecurity firm FireEye. ‘There are opportunities for them to cause real disruption and destruction.’

Iran has been doing a lot of probing of critical U.S. industrial systems in recent years – trying to gain access – but has limited its destructive attacks to targets in the Middle East, experts say.

It’s not known whether Iranian cyberagents have planted destructive payloads in U.S. infrastructure that could now be triggered.

‘It’s certainly possible,’ Hultquist said. ‘But we haven´t actually seen it.’

Member of the Iranian Basij paramilitary militia, affiliated to the Revolutionary Guard, mourn Gen. Qassem Soleimani, in Tehran, Iran on Saturday

Member of the Iranian Basij paramilitary militia, affiliated to the Revolutionary Guard, mourn Gen. Qassem Soleimani, in Tehran, Iran on Saturday

Iranians take part in an anti-US rally in Tehran, Iran on Saturday

Iranians take part in an anti-US rally in Tehran, Iran on Saturday

Robert M. Lee, chief executive of Dragos Inc., which specializes in industrial control system security, said Iranian hackers have been very aggressive in trying to gain access to utilities, factories, and oil and gas facilities. 

That doesn’t mean they’ve succeeded, however. In one case in 2013 where they did break into the control system of a U.S. dam – garnering significant media attention – Lee said they probably didn’t know the compromised target was a small flood control structure 20 miles north of New York City.

Iran has been increasing its cyber capabilities but is not in the same league as China or Russia – which have proved most adept at sabotaging critical infrastructure, witnessed in attacks on Ukraine´s power grid and elections, experts agree.

And while the U.S. power grid is among the most secure and resilient in the world, plenty of private companies and local governments haven’t made adequate investments in cybersecurity and are highly vulnerable, experts say.

‘My worst-case scenario is a municipality or a cooperative-type attack where power is lost to a city or a couple of neighborhoods,’ Lee said.

Consider the havoc an epidemic of ransomware attacks has caused U.S. local governments, crippling services as vital as tax collection. While there´s no evidence of coordinated Iranian involvement, imagine if the aggressor – instead of scrambling data and demanding ransoms – simply wiped hard drives clean, said Hultquist.

‘You could see many cities and hospitals targeted at once with ransomware that encrypts data to make it unusable, but there is no way to decrypt it by paying a ransom,’ said cybersecurity veteran Chris Wysopal, the chief technical officer of Veracode.

Members of Iran-backed Iraqi Shiite armed groups popular mobilization forces carry the coffin of slain Abu Mahdi al-Muhandis during a funeral procession in Karbala city, southern Baghdad

Members of Iran-backed Iraqi Shiite armed groups popular mobilization forces carry the coffin of slain Abu Mahdi al-Muhandis during a funeral procession in Karbala city, southern Baghdad

The only known cybersecurity survey of U.S. local governments, county and municipal, found that the networks of 28% were being attacked at least hourly – and that nearly the same percentage said they didn´t even know how frequently they were being attacked. Although the study was done in 2016, the authors at the University of Maryland-Baltimore County don´t believe the situation has improved since.

The top cybersecurity official at the Department of Homeland Security, Christopher Krebs, urged companies and government agencies to refresh their knowledge of Iranian state-backed hackers’ past exploits and methods after Soleimani’s death was announced. ‘Pay close attention to your critical systems,’ he tweeted.

In June, Krebs warned of a rise in malicious Iranian cyberactivity, particularly attacks using common methods like spear-phishing that could erase entire networks: ‘What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you´ve lost your whole network.’

Wysopal said the Iranians are apt to have learned a lot from the 2017 NotPetya attack, which the U.S. and Britain have attributed to state-backed Russian hackers and which caused at least $10 billion in damage globally. The worst cyberattack to date, it exploited unpatched software after being delivered through an unwitting Ukrainian tax software provider and spread on networks without human intervention.

When then-Director of National Intelligence James Clapper blamed Iran for the Sands Casino attack, it was one of the first cases of American intelligence agencies identifying a specific country as hacking for political reasons: The casino´s owner, Sheldon Adelson, is a big Israel backer. Clapper also noted the value of hacking for collecting intelligence. North Korea´s hack of Sony Pictures in retaliation for a movie that mocked its leader followed.

The vast majority of the nearly 100 Iranian targets leaked online last year by a person or group known as Lab Dookhtegan – a defector, perhaps – were in the Middle East, said Charity Wright, a former National Security Agency analyst at the threat intelligence firm InSights. She said it´s highly likely Iran will focus its retaliation on U.S. targets in the region as well as in Israel and the U.S.

Iran is widely believed to have been behind a devastating 2012 attack on Aramco, the Saudi oil company, that wiped the data from more than 30,000 computers. It was also a victim of the Stuxnet computer virus. First uncovered in 2010, it destroyed thousands of centrifuges involved in Iran’s contested nuclear program and is widely reported to have been a U.S.-Israeli invention. 

Source link

The post #hacking | Iranian hackers breach US government website in retaliation for airstrike  appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Labour defended its website with a $20-a-month package

Source: National Cyber Security – Produced By Gregory Evans Security for the many, not the few Britain’s Labour Party was using a $20 a month “basic security” service to protect its website when hackers attempted to force it offline last week and temporarily slowed down online campaigning. While the defences seemed to have worked, entry-level […] View full post on AmIHackerProof.com

#cyberfraud | #cybercriminals | Card data stolen from black-market website BriansClub

Source: National Cyber Security – Produced By Gregory Evans

In an instance of robbers getting robbed, a large underground store for buying stolen credit card data has been hacked. Cyber-security journalist Brian Kerbs has reported that data stored by BriansClub, a dubious website that shares his name, was stolen.

BriansClub hosted more than 26 million credit and debit card records pilfered from online and physical retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone.

“Multiple people who reviewed the database shared by my source confirmed that the same credit card records also could be found in a more redacted form simply by searching the BriansClub Web site with a valid, properly-funded account,” wrote Kerbs.

The cyber-security journalist complains that the fraud website has been piggybacking on the cybersecurity journalist’s online popularity to carry on their activities, even using his image in one of their ads.

Data accessed by Kerbs shows that the blackmarket website added just 1.7 million card records for sale, and added 2.89 million stolen cards in 2016, 4.9 million cards in 2017 and 9.2 million in 2018. The addition between January and August 2019 was roughly 7.6 million cards.

BriansClub holds approximately £325 million worth of stolen credit cards for sale, according to an analysis byNew York-based security intelligence firm Flashpoint.

“All of the card data stolen from BriansClub was shared with multiple sources who work closely with financial institutions to identify and monitor or reissue cards that show up for sale in the cybercrime underground,” Kerbs wrote.

“There is no honour among thieves,” noted Sam Curry, chief security officer at Cybereason. 

“The asymmetry of cyber-conflict is undeniable, and while cybercriminals and nation state attackers probe for holes at their leisure, it’s important to remember that the tables can be turned. Predator can become prey when they are successful enough,” he said.

Source link

The post #cyberfraud | #cybercriminals | Card data stolen from black-market website BriansClub appeared first on National Cyber Security.

View full post on National Cyber Security

How can you #protect your #website from #malware and #cyberattacks?

Source: National Cyber Security News

From defacements to backdoor files, what kinds of malware should you be aware of?

Cybersecurity is at the forefront of many businesses’ strategies for 2018, as the breaches, malware incidents and disclosure of many vulnerabilities last year showed just how weak the defences of some of the world’s largest firms really are.

Website owners are at an elevated risk of compromise and, with nearly every business required to have an online presence, the dangers could affect everyone from SMEs to large corporations.

Threats come in all shapes and sizes

Malware comes in a deceptive amount of incarnations, from phishing kits to simpler, flat HTML files. SiteLock was able to examine its categorisation data to find that cyber-criminals are seeking out long-term access to targets in order to facilitate complex malware that steals traffic, spreads more malware and lines the pockets of additional malware.

General malware

General malware or unique encoded malware accounts for 44.04pc of all instances detected by SiteLock’s scanners. Although this type of content can be heavily obfuscated and is often generated at random, there are key indicators that give it away, such as the context of the file’s location based on how the website is structured, file behaviours and how exactly the file is obfuscated.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Why Your Website Needs SSL Certificate Security

Source: National Cyber Security – Produced By Gregory Evans

Many people believe that website security is only important where personal information, and credit card transactions are involved. This could not be further from the truth. Your website needs security regardless of whether it is an e-commerce site, or blog. SSL is the industry standard in website protection and millions…

The post Why Your Website Needs SSL Certificate Security appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyberattack performed by Anonymous hackers on Israeli government ministry’s website

Source: National Cyber Security – Produced By Gregory Evans

Members of Anonymous hacked into the website of the Israeli Periphery Development Ministry’s Galilee Development Authority leaving a message with the organization’s symbol: “Israel is helping human terrorist groups,” they wrote. The website of the Israeli Periphery Development Ministry’s Galilee Development Authority was broken into by hackers from Anonymous, most…

The post Cyberattack performed by Anonymous hackers on Israeli government ministry’s website appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Bug took Apple’s Developer website down amid hacking fears

Source: National Cyber Security – Produced By Gregory Evans

After several developers reported a possible security breach in Apple’s Developer website as their account addresses showed an address in Russia, Apple has said the problem originated owing to a bug in its account management application. According to a MacRumours report on Thursday, several developers reported that all of their…

The post Bug took Apple’s Developer website down amid hacking fears appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

CDU politician accuses Russia of hacking website

Source: National Cyber Security – Produced By Gregory Evans

A senior politician of German Chancellor Angela Merkel’s conservative Christian Democratic Union (CDU) lashed out at Russia after her website appeared to be hacked Sunday. Julia Klöckner, the leader of the CDU in the state of Rhineland Palatinate, said on Twitter: “Today a massive hacker attack on my homepage –…

The post CDU politician accuses Russia of hacking website appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

7 Signs Your WordPress Website Has Been Hacked

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans One of the reasons WordPress is so popular as a content management system is because of its airtight security . But the truth is, 136,640 attacks are happening per minute to WordPress websites across the globe. In fact, weak passwords, domain or hosting level breaches, insecure […] View full post on AmIHackerProof.com | Can You Be Hacked?