Tag Archives: site

[ISN] More Uber Accounts Have Been Hacked, This Time in the United States

http://motherboard.vice.com/en_uk/read/more-uber-accounts-have-been-hacked-this-time-in-the-united-states By Joseph Cox Motherboard.Vice.com May 2, 2015 UPDATE: An Uber spokesperson responds, “We do not have any additional information to share beyond the statement we provided before: We investigated and found no evidence of a breach. Attempting to fraudulently access or sell accounts is illegal and we notified the authorities about this report. This is a good opportunity to remind people to use strong and unique usernames and passwords and to avoid reusing the same credentials across multiple sites and services.” Back in March, Motherboard revealed that fully functioning Uber accounts were for sale on the dark web for as cheap as $1 each. At the time, it appeared that the victims of those hacks were based in the United Kingdom. Now, Uber customers from all over the United States have taken to Twitter to complain that their account has been charged for trips they never took, sometimes half way across the world. “It was crazy,” one apparent victim, Stephanie Crisco from North Carolina, told me over Twitter direct message. “I used Uber for the first time Thursday night. On Friday morning I received a notification on my phone that my driver was en route. I didn’t request a driver. I clicked on the notification and it said that the ride was cancelled but the pickup was in London.” Crisco also tweeted a picture of the trips she claims she didn’t make. While many of the trips in the screenshot were cancelled, one of them in London was indeed successful, and Crisco told me that three charges were made against her account in total. Crisco has since cancelled her bank card, and Uber have refunded her for the three charges, which range between $40 and $120 each. […]

Tags: , , , , , , , ,

[ISN] Estonia recruits volunteer army of ‘cyber warriors’

http://www.telegraph.co.uk/news/worldnews/europe/estonia/11564163/Estonia-recruits-volunteer-army-of-cyber-warriors.html By David Blair Tallinn telegraph.co.uk 26 Apr 2015 Estonia has recruited a “ponytail army” of volunteer computer experts who stand ready to defend the nation against cyber attack. The country’s reserve force, the Estonian Defence League, has a Cyber Unit consisting of hundreds of civilian volunteers, including teachers, lawyers and economists. The Baltic nation of 1.3 million people is one of the most technologically advanced in the world: almost every banking transaction takes place online and 30 per cent of all votes in the last general election were cast electronically. But this also makes Estonia acutely vulnerable. In 2007, the country suffered one of the biggest cyber attacks in history when the websites of banks, government ministries and the national parliament were swamped with data. […]

Tags: , , , , , , , , , ,

[ISN] Researchers: Israeli military networks breached by hackers

http://www.israelhayom.com/site/newsletter_article.php?id=24913 Reuters and Israel Hayom Staff April 19, 2015 Hackers sent emails to various military addresses that purported to show breaking military news, or, in some cases, a clip featuring “Girls of the IDF” • Researchers: Hackers were likely Arabic-speaking programmers, based on their language settings. Hackers have managed to penetrate computer networks associated with the Israeli military in an espionage campaign that skillfully packages existing attack software with trick emails, according to security researchers at Blue Coat Systems Inc. The four-month-old effort, most likely by Arabic-speaking programmers, shows how the Middle East continues to be a hotbed for cyber espionage and how widely the ability to carry off such attacks has spread, the researchers said. Waylon Grange, a researcher with the Blue Coat who discovered the campaign, said the vast majority of the hackers’ software was cobbled together from widely available tools, such as the remote-access Trojan called Poison Ivy. […]

Tags: , , , , , , , , , , , ,

[ISN] Julian Assange’s website Wikileaks twists the knife into Sony by releasing EVERY email from cyberhack in searchable database

http://www.dailymail.co.uk/news/article-3042478/WikiLeaks-creates-online-archive-hacked-Sony-documents.html By ASSOCIATED PRESS 16 April 2015 Whistleblower Julian Asssange has added insult to injury for Sony Pictures after his website Wikileaks put hundreds of thousands of emails and documents from last year’s cyberattack into a searchable online archive. The calculated move by Assange to expose thousands of indiscreet and personal correspondences will likely spell fresh embarrassment for the embattled company so soon after they hoped the dust had settled on the matter. Assange and Wikileaks issued a statement on Thursday saying that the data has a public interest, but the majority of the correspondences run from the mundane to the deeply personal. They expose not just the unguarded opinions of Sony executives, but also reveal health concerns about their children and sadness over dying parents. […]

Tags: , , , , , , , ,

[ISN] Hacker In Trouble With Feds After Tweeting About ‘Playing’ With Plane Comms Mid-Flight

http://www.forbes.com/sites/thomasbrewster/2015/04/17/hacker-tweets-about-hacking-plane-gets-computers-seized/ By Thomas Fox-Brewster Forbes Staff 4/17/2015 What’s the first rule of flight club? No, it’s not “don’t talk about flight club”. The first rule is: do not tweet about hacking flight systems when using the on-board Wi-Fi. But pro hacker and founder of One World Labs, Chris Roberts, did just that on a trip from Denver to Syracuse yesterday. His tweet wouldn’t have made much sense to the average Twitter https://twitter.com/Sidragon1/status/588433855184375808 Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? “PASS OXYGEN ON” Anyone ? :) — Chris Roberts (@Sidragon1) April 15, 2015 But it made sense to US government officials, who evidently picked up on the references to on-board communications systems (the tweets did not refer to compromising flight control technologies). Rogers said when the flight landed, he was grabbed by FBI agents, questioned for four hours and when Rogers declined to hand over his computing equipment, they seized it all, including an iPad, a MacBook Pro, three hard drives, a flash drive and some USB sticks. He got to keep his phone. All devices were encrypted, so the border control cops may have had a tough time getting anything useful from Roberts’ machines. He still hasn’t retrieved his toys and has not seen a warrant. […]

Tags: , , , , , , , , , , ,

[ISN] FBI Warns of Fake Govt Sites, ISIS Defacements

http://krebsonsecurity.com/2015/04/fbi-warns-of-fake-govt-sites-isis-defacements/ By Brian Krebs Krebs on Security April 7, 2015 The Federal Bureau of Investigation (FBI) is warning that individuals sympathetic to the Islamic State of Iraq and al-Shams (ISIS) are mass-defacing Websites using known vulnerabilities in WordPress. The FBI also issued an alert advising that criminals are hosting fraudulent government Web sites in a bid to collect personal and financial information from unwitting Web searchers. According to the FBI, ISIS sympathizers are targeting WordPress Web sites and the communication platforms of news organizations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international sites. The agency said the attackers are mainly exploiting known flaws in WordPress plug-ins for which security updates are already available. The public service announcement (PSA) coincides with a less public alert that the FBI released to its InfraGard members, a partnership between the FBI and private industry partners. That alert noted that several extremist hacking groups indicated they would participate in an operation dubbed #OpIsrael, which will target Israeli and Jewish Web sites to coincide with Holocaust Remembrance Day (Apr .15-16). “The FBI assesses members of at least two extremist hacking groups are currently recruiting participants for the second anniversary of the operation, which started on 7 April 2013, and coincides with Holocaust Remembrance Day,” the InfraGard alert notes. “These groups, typically located in the Middle East and North Africa, routinely conduct pro-extremist, anti-Israeli, and anti-Western cyber operations.” […]

Tags: , , , , , , , , , , , , , , , , , ,

[ISN] FBI Warns U.S. Companies of Cyber Terror

http://freebeacon.com/national-security/fbi-warns-of-anti-israel-cyber-attacks/ By Bill Gertz The Washington Free Beacon April 2, 2015 The FBI is warning U.S. companies that cyber terrorists from the Middle East and North Africa are planning to conduct cyber attacks against Israeli and Jewish interests next week. The Bureau stated in a security notice to U.S. industry on Sunday that, as of early March, “several extremist hacking groups indicated they would participate in a forthcoming operation, #OpIsrael, which will target Israeli and Jewish Web sites.” “Given the perceived connections between the government of Israel and Israeli financial institutions, and those of the United States, #OpIsrael participants may also shift their operations to target vulnerable U.S.-based financial targets or Jewish-oriented organizations within the United States,” the FBI warning said. “Based on historical attacks, the FBI assesses that attacks which may spawn from #OpIsrael to target U.S.-based systems will likely constitute only a small percentage of overall activity.” The FBI said members of at least two extremist hacking groups it did not identify are currently working to recruit hackers for the attacks next week, which will coincide with the second anniversary of the first #OpIsrael cyber attacks. Those were launched on April 7, 2013, and timed to coincide with Israel’s Holocaust Remembrance Day, which begins the evening of April 15. […]

Tags: , , , , , , , , , , , , , , , ,

[ISN] IBM Uncovers New, Sophisticated Bank Transfer Cyber Scam

https://recode.net/2015/04/02/ibm-uncovers-new-sophisticated-bank-transfer-cyber-scam/ By Bill Rigby Reuters.com April 2, 2015 IBM has uncovered a sophisticated fraud scheme run by a well-funded Eastern European gang of cyber criminals that uses a combination of phishing, malware and phone calls that the technology company says has netted more than $1 million from large and medium-sized U.S. companies. The scheme, which IBM security researchers have dubbed “The Dyre Wolf,” is small in comparison with more recent widespread online fraud schemes but represents a new level of sophistication. According to IBM, since last year the attackers have been targeting people working in companies by sending spam email with unsafe attachments to get a variant of the malware known as Dyre into as many computers as possible. If installed, the malware waits until it recognizes that the user is navigating to a bank website and instantly creates a fake screen telling the user that the bank’s site is having problems and to call a certain number. […]

Tags: , , , , , , , , , , , , , ,