Cyber Security Blog

Pro-Assad Syrian Pleaded Guilty For Hacking In US —

(pc-Google Images)

A supporter of Syrian President Bashar Al-Assad’s government has pleaded guilty to to charges of conspiring to receive extortion proceeds and conspiring to illegally access computers in his limited role as a member of the Syrian Electronic Army (SEA) hacking group.

The U.S. Department of Justice in a statement said that 37-year-old Peter Romar was a member of the Syrian Electronic Army hacking group and had joined an operation to infiltrate computers of Assad’s “perceived detractors” in the media, U.S. government and other governments.

Justice Department officials said the hackers used a tactic known as “spear-phishing,” to target computers.

“If a victim could not make extortion payments to the conspiracy’s Syrian bank accounts due to sanctions targeting Syria, Romar acted as an intermediary in Germany to evade those sanctions,” the Justice Department said.

CNN, National Public Radio, the Associated Press, Reuters, Microsoft Corp, Harvard University and Human Rights Watch were among the hacker group’s targets.

Share Button

European Eastern Gang Claimed To Be Behind Yahoo Data Breach —

(pc-Google Images)

The biggest data breach in recent times and the one that had all the eyeballs rolling was that of Yahoo. The massive 2014 data breach credentials was carried out by an Eastern European criminal gang, not a state-sponsored group as Yahoo claims, a cybersecurity firm has said.

The hackers, known as “Group E”, sold the stolen Yahoo data to at least three clients, including one state-sponsored actor. While Yahoo said it believes a nation-state actor was behind the breach, but did not provide any technical evidence.

Arizona-based security firm, InfoArmor, said in a report-“Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organizations. The Yahoo data leak as well as the other notable exposures, opens the door to significant opportunities for cyber-espionage and targeted attacks to occur.”

The firm has not specified how it obtained access to the database or why Yahoo did not reveal the scope of the breach for almost two years.

According to InfoArmor chief intelligence officer Andrew Komarov, the hackers were also previously linked to other high-profile breaches at other websites including LinkedIn, Tumblr and MySpace.

Share Button

Does Apple Log Your iMessage Contacts And Shares With Police ? —

(pc-Google Images)

Apple must have boasted about all its security methods including end-to-end encryption and privacy, but latest information reveals that the iMessage that you send isn’t as secure as you may have thought. A new report in The Intercept suggests that Apple may be logging and potentially sharing information like phone numbers of people that you iMessage with law enforcement agencies.

When a user contacts anyone through Apple messages app, the app pings the server to find out if the recipient has an iMessage account. The report adds that Apple takes a note of the IP address along with the date and time. This could help with providing information on the user’s location. The information is then stored for 30 days before it is deleted.

“This log also includes the date and time when you entered a number, along with your IP address — which could, contrary to a 2013 Apple claim that “we do not store data related to customers’ location,” identify a customer’s location,” the report reads.

Although the contents of iMessages sent over Apple’s servers are encrypted end-to-end, thereby making them unreadable even to Apple, the metadata could be used to connect dots during a criminal investigation.

However, Apple in a statement quoted that- “In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We work closely with law enforcement to help them understand what we can provide and make clear these query logs don’t contain the contents of conversations or prove that any communication actually took place.”

Apple is known for its strong position towards customer privacy. This report can very well put questions on the high standards maintained by the tech-giant over the years.

Share Button

‘Companies Should Face Severe Punishment For Cyber Security Failures’ —

(pc-Google Images)

Customers’ data and its security is the major goal of any company. Breach in this not only tarnishes the reputation of the company but also faith of the customers gets a thrashing. A majority of directors, hence, believe that companies should face severe penalties if they fail to keep customers’ data safe.

Seven in 10 board members have demanded stricter punishment for those who fail to meet basic cyber-security requirements.

The issue came in the wake of the major yahoo security breach. The breach affected the names, passwords and information of 500 million users in 2014, but it was discovered only recently.

The research, which surveyed 200 directors from companies with more than 500 employees, found that 71 percent believe companies should be penalised for failing to meet basic cyber security requirements.

Rob Cotton, NCC’s chief executive, said big companies were often the most unworried about cybersecurity, with directors themselves refusing to take responsibility for safety.

“For years it hasn’t been taken seriously enough in boardrooms across the country and while these results don’t prove that it’s now being managed appropriately, they do show that directors are realising that greater scrutiny and oversight from regulators and government will stimulate the necessary action and help drive-up standards,” he said.

At present, security failings are punishable with a fine of up to £500,000 from the Information Commissioner’s Office (ICO). EU data protection rules due to come into force in 2018 will create penalties of up to 4pc of global revenues or up to €20m (£17m), but it will be up to national regulators to enforce the rules.

Share Button

More than 400 malicious apps infiltrate Google Play —

Enlarge (credit: Curious Expeditions)

Google Play was recently found to be hosting more than 400 apps that turned infected phones into listening posts that could siphon sensitive data out of the protected networks they connected to, security researchers said Thursday.

One malicious app infected with the so-called DressCode malware had been downloaded from 100,000 to 500,000 times before it was removed from the Google-hosted marketplace, Trend Micro researchers said in a post. Known as Mod GTA 5 for Minecraft PE, it was disguised as a benign game, but included in the code was a component that established a persistent connection with an attacker controlled server. The server then had the ability to bypass so-called network address translation protections that shield individual devices inside a network. Trend Micro has found 3,000 such apps in all, 400 of which were available through Play.

“This malware allows threat actors to infiltrate a user’s network environment,” Thursday’s report stated. “If an infected device connects to an enterprise network, the attacker can either bypass the NAT device to attack the internal server or download sensitive data using the infected device as a springboard.”

Read 4 remaining paragraphs | Comments

Share Button

FTC Denies LabMD’s Request for ‘Stay’ —

Regulator Won’t Put Its Final Order on Hold While LabMD Appeals in Court
The FTC has denied LabMD’s request for a “stay,” or delay, in implementing the regulator’s final order stemming from a longstanding dispute over the cancer testing lab’s information security practices. LabMD has asked an appellate court to review the case.

Share Button

Spotlight: How Softwear Systems Provides Drupal Security —

In the early 1980’s Softwear Systems opened up as a custom software company in Chicago. Over the years, its founder Mitch Meyers, learned how to create and manage great websites. Today, the company focuses on providing effective Drupal web development for their clients. At one point, Softwear had a client who worked for a branch…

The post Spotlight: How Softwear Systems Provides Drupal Security appeared first on Sucuri Blog.

Share Button

Fancy Bear’s Sloppy Mac Malware —

Russian Hacking Group’s Latest Malware? Not So Fancy
A new kind of malware for Mac OS X has been linked to Fancy Bear, the Russian group suspected of hacking the DNC and the World Anti-Doping Agency. But the malware only poses a low risk to users, experts say.

Share Button

After two years of hack, Yahoo admits —

It seems that everything is not going well for Yahoo! After Recode broke the news of hack of  500 million Yahoo users’ private data last Thursday. Now, The New York Times had reported that top executives, including CEO Marissa Mayer, knew about the security lapse and chose to ignore the vulnerabilities.

According to the reports, the security team at Yahoo “Paranoids,” that in 2014, Google and many other technology companies were hit by the attack. While Google chose to disclose about the hack and  investigated the security lapse. They invested   “hundreds of millions of dollars in security infrastructure” to find the solution of the vulnerabilities.

Whereas, the top security officials at Yahoo,  turned down the Paranoids requests to disclose about the hack, and force users to change their passwords, and push for end-to-end encryption for all emails.

Instead of confronting the issue, and taking requisite steps to solve it, the executives decided to bury the news as they felt that this would lead users to seek out to other email clients.

 Nearly after  two years of the hack, Yahoo finally broke the news of the hack, “names, email addresses, telephone numbers, birth dates, encrypted passwords and, in some cases, security questions” were compromised in the hack.

Share Button

Israeli Firm ‘Cellebrite’ Claims To Hack Any Smartphone —

(pc-Google Images)

For any company, the matter of the security of its customers’ data is the highest concern. Breach in this will not only tarnish the company’s reputation but will also hamper the customer’s faith in the company.

Israeli security firm Cellebrite made headlines earlier this year when its services were employed by the FBI to help break into the phone of the San Bernardino shooter. The firm now claims that it can hack any smartphone.

The company said that it has the biggest research and development team in the sector and that the team is up-to-date with the latest technology which can decrypt and extract data from any phone in the world.

A BBC report details how the firm works with top notch software systems to disable security of the devices. The firm even supplies these units to authorities for data extraction in the field.

Yuval Ben-Moshe, senior technical director, didn’t hesitate to take a dig at iPhone 7 as well. “We can definitely extract data from an iPhone 7 as well – the question is what data”, said Moshe.

Moshe claimed that his firm can access data on “the largest number of devices that are out there in the industry”.

Share Button

Translate »
Clef two-factor authentication