Tag Archives: site

[ISN] Meet the hackers who break into Microsoft and Apple to steal insider info

http://arstechnica.com/security/2015/07/meet-the-hackers-who-break-into-microsoft-and-apple-to-steal-insider-info/ By Dan Goodin Ars Technica July 8, 2015 In February 2013, Twitter detected a hack attack in progress on its corporate network. “This attack was not the work of amateurs, and we do not believe it was an isolated incident,” a Twitter official wrote when disclosing the intrusion. Sure enough, similar attacks were visited on Facebook, Apple, and Microsoft in the coming weeks. In all four cases, company employees were exposed to a zero-day Java exploit as they viewed a website for iOS developers. Now, security researchers have uncovered dozens of other companies hit by the same attackers. Alternately known as Morpho and Wild Neutron, the group has been active since at least 2011, penetrating companies in the technology, pharmaceutical, investment, and healthcare industries, as well as law firms and firms involved in corporate mergers and acquisitions. The developers of the underlying surveillance malware have thoroughly documented their code with fluent English, and command and control servers are operated with almost flawless operational security. The take-away: the threat actors are likely an espionage group in a position to profit on insider information. “Morpho is a skilled, persistent, and effective attack group which has been active since at least March 2012,” researchers from security firm Symantec wrote in a report published Wednesday. “They are well resourced, using at least one or possibly two zero-day exploits. Their motivation is very likely to be financial gain and given that they have been active for at least three years, they must be successful at monetizing their operation.” […]

Tags: , , , , , , , , , , ,

[ISN] FBI puts $3m bounty on head of Gameover Zeus malware creator

http://www.v3.co.uk/v3-uk/news/2416111/fbi-puts-usd3m-bounty-on-head-of-gameover-zeus-malware-creator By Dan Worth V3.co.uk 02 July 2015 The FBI has offered a reward of $3m for information leading to the capture of the infamous Gameover Zeus malware creator. Evgeniy Mikhailovich Bogachev has been in the FBI’s sights since June last year when he was accused of being one of the ringleaders behind the notorious Gameover Zeus malware. The Monster Jobs website was hit by Gameover Zeus earlier this year. Keen to ramp up pressure on Bogachev, the FBI has now put a sizeable bounty on his head. “Bogachev is wanted for his alleged involvement in a wide-ranging racketeering enterprise and scheme that installed, without authorisation, malicious software known as Zeus on victims’ computers,” the FBI said. […]

Tags: , , , , ,

[ISN] {Moderators Note} Infrequent Postings of InfoSec News

As you have probably noticed, postings to InfoSec News have been rather infrequent in the last few months, and the reason is relatively straightforward, I have been happily employed for the last six months with Evident.io. Subsequently after staring at a laptop for 8-10+ hours a day, staring at it for another couple to find all the security news everyone craves is some nights pretty tiring. I am in the process of bringing on a few interns to work in the background, so keep an eye on the website and mailing list as some cool things are in the works here. Likewise, if you have Amazon Web Services in your infrastructure and are curious where your risks lay, please visit https://evident.io and if you would like a demo, please drop me an email to: my first name AT evident.io Thank you for your time and support! Sincerely, William Knowles http://www.linkedin.com/in/williamknowles

Tags: , , , , , , , , ,

[ISN] Attack on Lithuanian army’s website plotted for two weeks

http://en.delfi.lt/lithuania/defence/attack-on-lithuanian-armys-website-plotted-for-two-weeks.d?id=68228302 BNS June 12, 2015 The Wednesday’s cyber attack on the website of the Lithuanian Armed Forces Joint Staff was plotted for at least two weeks, with requests sent from Iran, among other countries, says Rimantas Černiauskas, director of the National Cyber Security Centre. “We see large amounts of interesting information. We see that there were continued various pings, for instance, there was an attempt from Iran to guess the password. We see that the server hosting the website was constantly checked by hackers, with attempts to enter it, most of the attempts were not successful,” said the expert. In his words, the final conclusions on the hacking should be submitted to the Armed Forces by the end of office hours on Friday – additional information has now been requested from the company managing the website content. Černiauskas confirmed that special robots had been checking the weak spots of the system on a daily basis, i.e., at least two or three times a day, attempting to guess the passwords and find system gaps, the attack was conducted by specific individuals. […]

Tags: , , , , , , , , , , ,

[ISN] FBI, Europol and NCA gunning for top 200 black hats making exploit kits for criminals

http://www.v3.co.uk/v3-uk/news/2411419/fbi-europol-and-nca-gunning-for-top-200-black-hats-making-exploit-kits-for-criminals By Alastair Stevenson V3.co.uk 03 Jun 2015 Law enforcement agencies need to mount a coordinated effort to shut down the exploit developers and hosting sites powering organised crime, according to experts from the FBI, Europol and the UK’s National Crime Agency (NCA). The experts made the claim during a panel discussion at InfoSec 2015, when FBI assistant legal attaché Michael Driscoll listed taking down the “core group” of 200 black hats creating exploit kits as one of the biggest challenges facing law enforcement. “We’re looking to stop that marketplace of tools. There’s a small group creating the core technologies that feed the criminal world,” he said. “The problem is they’re easily bought on the criminal marketplace and distributed. I could go now and pick them up for $200. We’re focusing our resources on taking out the people that do the most damage.” […]

Tags: , , , , , ,

[ISN] Security sleuths, sniff out the stupid from your Oracle DBs

http://www.theregister.co.uk/2015/06/04/security_sleuths_sniff_out_the_stupid_from_your_oracle_dbs/ By Darren Pauli The Register 4 Jun 2015 Databases remain a security nightmare, says Datacom TSS hacker David Litchfield, so he’s built an application to give admins a hand. The Datacom TSS hacker says the Database Security Scorecard will help inform system administrators of security shortfalls in databases and help bridge the language gap between management and tech. Litchfield (@dlitchfield) revealed the scorecard at the AusCERT2015 conference on the Gold Coast, and will publish the free platform to his website later this week. “Database security does not receive the support it deserves,” Litchfield says. “It is a no-man’s land where security think it’s the DBA’s responsibility and DBAs think it’s security’s responsibility. […]

Tags: , , , , , ,

[ISN] Renthacker site leaks Australian buyers’ names and addresses

http://www.theage.com.au/it-pro/security-it/rentahacker-site-leaks-australian-buyers-names-and-addresses-20150529-ghca3f.html By Liam Tung and Ben Grubb The Age May 29, 2015 The cat’s out of the bag for about 60 Australians who thought they could anonymously rent a hacker from a website to do their dirty work. If you’ve used the hacker-for-hire site Hacker’s List to contract out a hack job then your name, address and the reasons why you sought a hacker are now available on the web, potentially exposing you to legal action. Hacker’s List launched last November with the assurance that “only you and your hacker for hire know the details of your project”. A New York Times report in January highlighted that people across the world, from Sweden to Australia, were using it to anonymously request hacker services. Some jobs were legal, others were clearly not, such as one from an Australian who wanted to hack a business rival’s customer database. Would-be buyers appear to have assumed that job descriptions they gave on the site couldn’t be linked to information that would reveal their identity. But last week security researcher Jonathan Mayer discovered the site was in fact leaking information that linked buyers’ names and addresses to job descriptions, which may ultimately reveal who they are and their motivation for seeking a hacker. It’s also culminated in a potentially embarrassing list that should make anyone think twice before hiring a hacker online. […]

Tags: , , , , , , , ,

[ISN] Dating site hack reveals sexual secrets of 4 million users

http://www.independent.co.uk/life-style/gadgets-and-tech/news/dating-site-hack-reveals-sexual-secrets-of-4-million-users-10268933.html By Dan Sung The Independent 22 May 2015 A hacker has exposed the personal and sexual details of nearly 4 million users on one of the world-leading dating sites. The details lifted from the database of Adult FriendFinder include the information of previous members who had previously deleted their accounts. The specifics of the illegally mined data are around sexual orientation, sexual preferences and even whether or not members of the service are already with partners but looking for extramarital affairs. A Channel 4 News investigation traced the discovery to a forum where a hacker known as ROR[RG] posted the information which also includes names, email addresses, postcodes, dates of birth, computer IP addresses and just about everything else short of credit card details. More than 7 million of Adult FriendFinder’s 63-million-user worldwide community are British and, of 3.9 million accounts leaked, “dozens” are linked to UK government and armed service addresses. […]

Tags: , , , , , , , , , , , ,