Showing posts with label cyber security. Show all posts
Showing posts with label cyber security. Show all posts

Wednesday 6 June 2018

How to Minimize Privacy Risks from Smart Gadgets

Smart Gadgets Echo

Smart Gadgets are prone to Security Risks

As the number of smart gadgets keep increasing, they make our homes smarter and lives easier. On the flip side, the smart gadgets are prone to security risks thus making them vulnerable to hacking.
There are a number of smart gadgets that have become vulnerable and prone to security risks. The Amazon Echo smart speaker had sent a private conversation to an acquaintance thus increasing the risk of the new voice-enabled technology.

Another smart gadget in the form of a smart doll which was seemingly a harmless toy was in fact a security risk. The smart gadget was used by hackers to intercept conversations over the connection.

A smart car too is not free from security risks. According to security researchers, the common car gadgets were vulnerable to cyber-attacks. The telematic control unit (TCU) are used for navigation, voice and data communication. The researchers were able to attack one of the TCU gadgets which was basically used to track per-mile insurance. The device that was installed in the car enabled them to hack into the car’s systems thereby taking complete control of all the functions of the car.

Let us take into account another smart gadget like the smart fridge. It is easy to get all the information regarding the user’s Gmail. A hacker can intercept all communications over a compromised internet connection. The home network that is connected to the smart fridge becomes vulnerable. According to the security researchers, a flaw in the SSL integration makes it easy for the hackers to access the network and in turn keep a track on all the activity linked to the user name and password that connects the fridge to the Gmail.

Various ways of protecting the smart gadgets from cyber attacks 


There are a few ways to ensure that your smart gadgets are safe from hackers. We can adopt certain practices to make our homes and personal data safe.

Our primary goal is to ensure that the network that enables all the smart gadgets is secure. Make sure that you do not connect to open or any public Wi-fi. On your home Wi-fi, enable password protected access. In case you have a default password on a router, make sure to change it.

On all the smart gadgets that are connected, make sure that all the operating systems are updated.
Get a secure router where the network security is enhanced.

Buy smart gadgets with added security. 


If the smart gadget that you are using is a smart speaker, then you can turn off the microphone button so that any private conversations are not prone to attacks.

In the case of smartphones you can turn off the mic access to all the apps except those apps used for video conferencing or voice recorders.

You can cover the camera of your smart gadgets like laptops or smartphones to prevent spying. The security camera in the house can be turned towards the wall when you are at home.

Since we are in an age where smart gadgets have become a part of our daily lives, we should make sure that we buy devices after checking out the reviews and also check out videos that will keep you aware of the security risks and glitches.

Tuesday 28 February 2017

Stop Charging Your Phone in Public Ports

charger
Credit:Selena Larson, CNN
As the time period of smartphones increases, its battery begins to retard. First 1 year is very enjoyable; when you are just required to charge your phone only once a day and get all the privileges all throughout of the day. In the beginning the battery even stays for two consecutive days if you do not use your phone very frequently, but as time passes you get to experience a huge lot of problems related to your phone, especially your battery.

It generally happens that when you forget to charge your phone completely, that very day you end up with an emergency when your battery runs out and you are forced to take the help of some unknown source to charge your phone, but this alternative can turn out to be very risky. Recent discoveries have been made where a different kind of scamming was discovered. The public plug-ins that are available on roads, railway stations or hospitals can turn out to be your major enemy in lieu of the benefit of charging.

The hackers are inflicting this public USB ports with some hacking device, which as soon as you connect your mobile with these ports in order to get the battery charged immediately all your information gets copied on the other side. In this world of digitalization, cashless society, paytm, mobicash all your data are mainly saved on your phone because with the help of your smartphones you avail these benefits and the data remain on your phone.
You know that this datas includes all your personal details related to your bank account details and if any scammer gets hold of it you will feel to get penalized without any mistake of yours. Just your casualty will force you to face several consequences.

This whole process involves many technicalities where as you plug in your phone into an unreliable source, your device gets infected, just like your phone gets inflicted by virus when you unknowingly visit unauthorized sites. In this case also the problem is the same by connecting your phone into a public outlet your data gets compromised.

Drew Paik who belongs to a security firm known as authentic8. This Authentic8 develops Silo, which is a high defined security browser that safeguards all the activities related to web.

Remember, the cord that you use to charge your phone is also used to share data from one phone to another. So, you can well imagine that when you plug in the cord to an infected socket what can the consequences be. If the port is truly hacked by the hackers then you cannot even imagine that to what extent they can draw your data.

The easiest way to charge your phone will turn out to be the biggest mistake of your life. So, never connect your phones to this public ports this can lead to serious consequences; you might have to face such problems that you didn’t expect to come across ever in your life.

Tuesday 7 February 2017

Lack of Cyber Security Poses Threat to Modern Cars

car
Cars have evolved so much from being a machine only used for transportation to an all-round smart transport system, integrated with accurate navigation, music and cameras. But as all good things have their own vulnerabilities, equipping cars with accessible technology risks the danger of it being hacked. All cars manufactured in EU should be connected via emergency Call (eCall) services by the month of April in 2018. However these simple mobile devices are not built strong enough to keep away hackers and malicious programs. A research conducted by Hebert Leenstra at the Cyber Security Academy in Hague on Automotive industry, inclines that car manufacturers should take the lead on protecting people from increasing cyber threats.

Modern day cars, including cars that can self-drive are in constant connection with its surroundings. Microchips have been used in almost every car system which controls the basic functioning of the car such as navigation system, music system and managing the car engine. Microchip uses Wifi, Bluetooth, and 4G/5G services to communicate to other cars or networks. A hacker can easily gain access to the car’s network via the internet. The most vulnerable part is the CAN bus where all the vehicle’s ICT systems are stored. A hacker who has gained access to the CAN bus can virtually control the car such as changing speed and applying brakes.

Everything wrong with modern cars

There are some basic flaws and defects in the ICT structure of modern day vehicles that can be exploited by hackers. The entertainment system is often linked with the engine in most of the cars even though there is no apparent reason for these two to be linked together. Also modern day cars rely on using the internet for their navigation systems which can easily be hacked.

What can be done to improve Cyber security?

The research carried out by Leenstra has identified several steps that car manufacturers can take to protect their customers. The first thing car manufacturers should do is change their Can bus design so that essential and non-essential systems are separated making them less vulnerable to cyber-attacks. The government needs to reevaluate their policy that prevents car manufacturers from providing extended support to car software, security and firmware updates. The implementation of the update, which is done via the internet or by a USB stick, should also be reviewed as the UDB device can hold back all kinds of information.

A broader approach could be taken by governments, dealers and insurers in spreading knowledge and information about cyber security. Information Sharing and Analysis Centre (ISAC) established in the United States have taken an aggressive step to stop Cyber-crimes. All parties within the ISAC share information and experiences regarding Cyber-attacks, which Europe can learn from and adapt.

The ICT structures of the modern day cars needs to be completely revamped to ensure customer safety. With the incidents of hacking becoming more frequent, it is necessary to implement measures as soon as possible.

Monday 9 January 2017

Code Associated with Russia Hacking Found on Vermont Utility Computer

Russia Hacking
Hacking of the Russian campaign which dubbed Grizzly Steppe was discovered by the Obama administration and they found that the code associated with the hacking was found on a laptop that was associated to a Vermont electric utility computer but was not connected with the grid.

The Burlington Electric Department said that they took immediate measures in figuring out the laptop by issuing alerts everywhere for its detection. They even assured that their officials are working over it to stop any further infiltration of the utility system by tracing the malware.

The Burlington Electric Department said, that the Department of Homeland Security have discovered a malicious code in Grizzly Steppe, which needs to be decoded. After this discovery they without wasting any time scanned all the computers in their system to locate the malicious software. The infected code was figured out in one of the Laptop which was of Burlington Electric Department and wasn’t connected to the organization’s grid system.

The detected malicious code was intended to have resulted from a comparatively less hazardous episode, due to visiting a website related to certain queries or questions. One of the team working with the concerned problem said that the Russian hackers might not have been involved directly in this case. The exact date of the incident is yet to be detected.

President Barack Obama issued an order where he expelled 35 Russian spies and passed ordinance on two Intelligence Agencies of Russia regarding their involvement in hacking U.S political parties in the election of 2016 presidential chair.

A declaration was passed after the Washington post where it was reported that the hackers of Russia infiltrated a Vermont utility. The government and the officials of utility industry judiciously monitored the nation’s electrical grid on a regular basis because it is all immensely computerized and any malfunctioning might lead to severe disruptions in the functioning of services related to any emergency or medical aid.

One of the senior most official of the administrative department under President Obama declared that all defenders of several networks based in United States can defend themselves against the unauthorized activity related to cyber crime by Russia.

No immediate response towards the request was answered by the Department of Homeland Security. The officials investigating with the case considered the incident as a minor one that on the long run did not lead to any disastrous results. But still they are alert and extremely critical regarding any disturbances that might occur by the disgraced action of the Russians in the field of cyber activities.

The officials have become entirely serious and have kept a strict watch eye on the Russians to avoid further malicious implications from their end. They have traced the infiltrated code and has successfully managed to bring it under control by taking in much advanced technologies and government aided campaigns in the space of cyber crime.

On a positive note Russia is justly held responsible by the U.S. officials for enabling them to develop such a highly intensive security measures to restrict any further hacking

Friday 25 November 2016

Malware is Making ATMs 'Spit Cash'


atm
We all know our ATM passwords and have vowed to carry this little secret to our grave because that is sufficient to keep our money safe. What if multiple people withdraw money from your account from several ATM machines even after not knowing your password? No, I’m not talking about a video game. You may now curse the genius hackers, but all of these things are now possible in real life.

Recently, a cyber security firm from Russia has warned about a series of coordinated hacks on the ATM machines. The centralized system of the bank was hacked thereby leading to disgorge of money from several ATMs without the instant knowledge of the bank officials and the account holders.

THE HACKER HITS THE JACKPOT

The activity is conducted by using a program dubbed by Cobalt, an infamous hacker group, to gain access to the bank accounts and in turn, the ATMs. The process has been named “touchless jackpotting”. The machines are not physically tampered with. This is done by penetrating a testing tool into the bank computers and then infecting them with malicious emails for accessing ATM controller servers. All that some accomplice has to wait in the appropriate ATM booth at the right time to collect the money oozing out of the ATM machine.

THE SMART BANK ROBBERS

In earlier days, the hardware based method of robbing where the card information was stolen, was more common. The new method that includes hacking is however much more dangerous because it is actually a smart way to rob a bank, where groups of ATMs are infected simultaneously. So, this method brings twice the money than the old way could, into the sinner’s pockets, that too in a shorter time and with lesser chances of going behind the bars.

TRACE THE MONEY

The key to solving any financial hacking is following the money. However, this is very difficult in this method because the money is collected in person from different ATM booths. The information of the hack is known only after the money has been withdrawn from the ATMs. Even if the cybercrime police hold links to gain information about Cobalt, they can hardly ever get fortunate enough to turn up at the specific location on the specific time. Moreover, the money mules often do not know the hackers as the hackers may not have met them in person .So even if they get caught; it is very difficult to catch the masterminds behind the entire play.

CAN THE MONEY BE SAFE AGAIN? 

The Cobalt group might have joined hands with other big groups of hackers like Buhtrap to raid the ATMs of 14 countries so far, that includes Poland, Spain, Britain, Russia, Romania and Netherlands.

The banks can place their ATM machines under the full view of a security camera and with security personnel at the doorstep so that the money mules can be caught easily. The bank employees must be trained to look for any suspicious threats.

Till then, all you can do is protect your ATM password!

Wednesday 17 August 2016

Hackers Hijack a Big Rig Truck’s Accelerator and Brakes

truck

Discoveries of Unsettling Set of Tests – Industrial Vehicles


In recent years, when cyber security researchers had revealed that they could hack a Chevy Impala or a Jeep Cherokee in disabling the brakes of the vehicles or hijack their steering, the outcome seemed to be a distressing wakeup call to the customer automotive industry. At the Usenix Workshop on Offensive Technologies conference, a team of University of Michigan researchers intended to present the discoveries of unsettling set of tests on industrial vehicles.

On sending digital signals in the internal network of a hug rig truck, the researchers were in a position of doing everything from change the readout of the instrument panel of the truck, trigger unintended acceleration or to even disable a form of semi-trailer’s brakes. The researcher also discovered that evolving these attacks was in fact easier than consumer cars due to a common communication standard in the internal networks of several industrial vehicles, ranging from cement mixers to tractor trailers to school buses.

One of the researchers from the University of Michigan’s Transportation Research Institute, Bill Hass has stated that these trucks tend to carry hazard chemicals and large loads. They are the backbone of the economy. If one could cause them with unintended acceleration, it would be too hard to figure out how many bad things could occur with it.

Unintended Acceleration – Tap of a Laptop Keyboard


A video of the researchers portrayed the consequences of unintended acceleration with only a tap of a laptop keyboard. The researchers had targeted several of their attacks on a 2006 semi-trailer though they had also attempted some hacks on a 2001 school bus. On connecting a laptop to the vehicles through their on-board diagnostic ports, they observed that they could look up most of the commands utilising the J1939 open standard which is said to be common to heavy vehicles.

This enabled them in duplicating signals on the networks of vehicles without the laborious reverse engineering other car hackers had to perform in order to replay commands within consumer vehicles, that lacked the calibration of industrial trucks. The other Michigan researcher, Leif Millar had commented that if one desired to hijack someone’s car, they would need to have the knowledge of the make and model and then adopt the attack. With trucks it seems to be all open so it is easy to craft an attack.

Disable the Brake of the Engine of Truck


It was for this reason that their complete truck-hacking project that had started as a University of Michigan class assignment had taken only two months. For the big rig truck that the J1939 standard permitted them in sending commands which accurately altered the statistics of almost any portion of the instrument panel. For instance they were capable of taking-off a full tank of gas when the truck was short of fuel or even avert a warning that the truck would be running out of compressed air in its air brakes, leading the vehicle to apply the emergency brakes without warning.

They could completely disable the brake of the engine of the truck, at 30 miles per hour or less, compelling the driver to rely on other form of brakes which is known as foundation brakes that tends to get overheated and fails. Most upsetting was the fact that the researchers managed to speed up the truck against the will of the driver on sending signals tricking the power train commands of the vehicle to limit the acceleration of the truck or max out its RPMs in any gear. They observed that they stopped short of attempting to put an end to the engine of the truck though they guessed it was a possibility.

Wednesday 13 April 2016

The Ransomware That Knows Where You Live

Ransomware

Ransomware - Scam Email Quoting People’s Postal Addresses -


As per security researcher, an extensively distributed scam email quoting people’s postal addresses tends to link to a dangerous kind of ransomware. After getting to know of an episode of BBC Radio 4’s You and Yours that discuss about the phishing scam, Andrew Brandt, of US firm Blue Coat had got in touch with BBC. He found that the emails seemed to be linked to ransomware known as Maktub.

The malware tends to encrypt the files of the victims, demanding a ransom to be paid before they can be unlocked. The recipients were told by the phishing emails that they owed hundreds of pounds to UK businesses and that they could print an invoice by clicking a link. However, according to Mr Brandt that leads to malware. One of the said emails had been received by You and Yours reporter, Shari Vahl. Mr Brandt had informed BBC that `it was incredibly fast and by the time the warning message had appeared on the screen, it had already encrypted everything of value on the hard drive, it happened in seconds’. Maktub does not only demand a ransom but it tends to increase the fee which needs to be paid in bitcoin, as time passes.
Ransomware_1

Addresses Highly Precise


One of the website connected with the malware had explained that during the first three days, the fee is at 1.4 bitcoins or around $580 and rises to 1.9 bitcoins or $799 after the third day. The recipients are told by the phishing emails that they owe money to British business and charities when they do not owe them anything. One of the organisations named was Koestler Trust, a charity that tends to help ex-offenders and prisoners produce artwork.

Chief executive Sally Taylor told You and Yours that they rely on generous members of the public and was very distressed when they discovered that people felt they had received emails from them asking for money when they had not been generated by them at all. A remarkable feature of the scam was that they included not only the victim’s name but the postal address as well. Several of them including the BBC staff had noticed that the addresses were generally highly precise.

Data Derived from Leaked/Stolen Databases


As per cybersecurity expert at the University of London, Dr Steven Murdoch, it is yet not clear how scammers were able to gather people’s addresses and link them to names and emails. The data could have been derived from a number of leaked or stolen databases for instance making it difficult in tracking down the source.

Many of the people had got in touch with You and Yours team to inform that they were concerned that the data could have been taken from their eBay account since their postal addresses had been stored in the same format there as they seemed to appear in the phishing emails.

The firm had mentioned in a statement that eBay tends to work aggressively in protecting customer data and privacy which is their highest priority and they are not aware of any link between this new phishing scam and the data of eBay. In an effort of creating the safest, environment possible for their customers, they tend to constantly update their approach to customer data security.

Wednesday 24 February 2016

John McAfee offers to Unlock Killer's iPhone for FBI

John McAfee

John McAfee to Break the Encryption on iPhone of Killer Syed Farook


John McAfee the creator of anti-virus software has stated that he would break the encryption on iPhone which tends to belong to San Bernardino killer Syed Farook. He made the offer in an article to FBI which was published by Business Insider. Apple had declined to abide with the court order asking it to unlock the device in-between opinion on whether the firm should be compelled in doing so.

Mr McAfee stated that he together with his team would undertake the task `with no charge’. The offer came up while Mr McAfee continued his campaign as a US presidential candidate for the Libertarian Party. He had claimed in his article that it would take them around three weeks. Graham Cluley, security expert had informed BBC that he was doubtful about Mr McAfee’s claim.

He stated that the iPhone is notoriously difficult to hack when compared to the other devices. Mr Cluley, for instance, had doubts on Mr McAfee’s idea that he could use `social engineering’ to work out the pass-code on the locked iPhone of Farook. It is a procedure wherein the hackers attempt to find out login identifications by deceiving people in disclosing them.

Back Door – iPhones Susceptible to Hacking


Mr Cluley said that `in a nutshell, dead men tell no tales. Good luck to Mr AcAfee trying to socially engineer a corpse in revealing its pass-code’ He added that the FBI is not interested anyway, they want to set a pattern that there should not be locks, they cannot break’. Mr McAfee, in his article had said that he was keen in unlocking the device since he did not want Apple to be forced in implementing a `back door’, a method wherein security services could access data on encrypted devices.

Tim Cook, chief executive of Apple had earlier commented in a statement that the firm did not want to co-operate. He discussed that introducing a back door would make all the iPhones susceptible to hacking by the criminals. Mr McAfee is of the belief that there would be a possibility of retrieving data from the phone by other means, but did not give much details regarding the same.

Tech Firms Support Apple


Those comprising of the Australian Children’s eSafety Commissioners, who had spoken to tech website ZDNet had stated that Apple would not essentially need to introduce a back door. However, the firm is only being asked to provide access to a single device. Other tech firms have supported Apple’s following a few days of debate on how it ought to respond to the request of FBI.

Sundar Pichai, Google boss had expressed his support for Mr Cook and recently chief executive of Twitter Jack Dorsey had added his approval through a tweet. Facebook had mentioned in a statement that it condemned terrorism and had solidarity with the victims of terror, though would tend to continue its policy of opposing requests of diminishing security.

It stated that they would continue to fight aggressively against the necessities for companies in weakening the security of their systems and these demands would develop chilling pattern as well as obstruct the efforts of the company in securing their products.

Tuesday 16 February 2016

Hack' on DoJ and DHS downplayed

DHS

Data Breach – DoJ/DHS

The US authorities had approved a data breach disturbing the Department of Justice, DoJ as well as the Department of Homeland Security – DHS, though restrained its severity. As per technology news site, Motherboard, the hacker has stated that they would soon share personal information of around 20,000 DoJ employees comprising of staff at the FBI.

It was informed by the news site that it had verified small parts of the breach, but had also observed that some of the details listed seemed to be improper or probably out-dated. The Department of Justice too restrained the significance of the breach. DoJ spokesman, Peter Carr had informed Guardian that `the department has been looking into the unauthorized access of a system which was operated by one of its components comprising of employee contact information and this unauthorized access is under investigation.

However, there is no indication at this time that there is any breach of sensitive personally identifiable information. The department has taken this very seriously and is continuing to arrange protection as well as defensive measure in safeguarding information. Any activity which is determined to be criminal in nature would be referred to law enforcement for investigation’

Hacked Data Posted on Encrypted Website

Hacked data which had been anonymously posted on encrypted website and reviewed by the Guardian comprise of a DHS personnel directory and the information listed included phone numbers together with email addresses. These were for individuals who have not worked for DHS for years. Besides this, some of the listings also had out-dated titles.

The encrypted DHS directory had appeared online prior to 7 pm EDT on Sunday and the password seemed to be `lol’. A source demanding responsibility had informed Motherboard who had revealed the story of the hack, that they had compromised the employee account of DHS and had then used the information from it to convince an FBI phone operator to provide access to the computer system of DoJ.

 The hackers had promised to release the information from the DoJ on Monday. At 4 pm EDT, an identical list had been posted on the same site with a DoJ staff directory which had also appeared to be out-dated. In order to assess the hack, during a government wide-meeting, an official compared it to stealing a years old AT&T phone book after the telecom had digitized most of its data already.

Disruption Regularly in Government Data Security

However, experienced officials state that it should be less simple in obtaining access token by imitating an official from a different department over the phone to a help desk.Things tend to be disrupted regularly in government data security and the OPM hack, exposed in June, revealed the deeply researched security clearance of 21.5m present and former government employees together with contractors from phone numbers to fingerprints.

 But the DHS breach seems to be far less severe and it is especially embarrassing considering that the department has been selected the point of entry for all corporate data shared with government agencies in the debated information sharing program between government and industry developed last year, by the Cybersecurity Information Sharing Act. The program wherein private companies tend to share user information with the government in exchange for immunity from regulation had not been accepted from its start at the DHS, which is left holding the bag in the incident of a breach.

Alejandro Mayorkas, DHS deputy secretary cited troubling provision from the bill to Senator Al Franken in a letter sent in July, wrote that `the authorization to share cyber threat indicators and defensive measures with any other entity or the Federal Government, notwithstanding any other provision of law, could sweep away important privacy protection’

Tuesday 29 December 2015

Java Plugin Malware Alert to be issued by Oracle


Java
Oracle is widely known for being behind the popular programming language called Java. Java is used for variety of purposes by the developer from making apps, games to even other robust programs. Oracle has issued an advisory where it has warned millions of Java users could get exposed to a malware threat which results due to the flaw in the software update tool. This particular plug-in is installed on a large number of PCS’s which allows them to run small programs written in the Java language.

Oracle has issued an alert for this malware threat on the social media as well as on its official website. US’s Federal Trade Commission is currently investigating the Oracle for any wrongdoing which isn’t a good time for the malware to emerge.

The threat of the Malware target

The reason for launching an investigation on Oracle can be summarized from the FTC’s complaint which states that Oracle was aware of number of security issues in the Java SE (standard edition) plug-in when it bought Java technology from its creator Sun in 2010. FTC has highlighted the flaws in the security system of the Java will can easily allow hackers to craft malware providing access to consumer’s usernames and passwords for the financial accounts. Apart from this malware can even be designed to feed of other vital and sensitive information which results in the attack on the user’s privacy. FTC has alleged that Oracle has been fooling its customers by asking them to install its updates which would ensure that their PC’s remain safe and secure. But Oracle had the firm knowledge that the Java has existing security issues.

Reasons for security issues in Java

The presence of security issues in the Java language is mainly attributed to Sun as it didn’t deleted the original update process in the earlier versions of the software before passing it on to Oracle. FTC states that it offers a great way for the hackers to exploit and launch their attacks on the PCs running Java.

Oracle has tried to address this issue but its update tools were only able remove the issues in latest version of Java but it left the earlier editions behind. Oracle only managed to rectify the problem in August 2014. In the current investigation being carried out by the FTC Oracle is not liable to plead ignorance as internal documents dating 2011 has stated that Java update mechanism is not aggressive enough or simply not working.

Trouble days for Java

Java is currently used to power a wide number of web browser base games, hat tools, and calculator and performs some other essential functions. Java also happens to be one of the top three applications which are targeted by the criminals. Most of the people don’t even know that it comes pre-installed on a large number of machines. FTC is recommending the business to stop using the java application or to remove them from their systems in order to remain safe secure from cyber threats. FTC is basically corned about the update procedures which are followed by the Oracle and it will not simply settle the problem by imposing a financial penalty.

Wednesday 16 December 2015

Moonfruit takes Websites Offline after Cyber-Attack Threat


Moonfruit
Cyber attacks have been increased rapidly throughout the globe. Sony was hacked just a few months which caused leakage of emails, movies details and other. Snapchat has also been hit in the past and now every website is playing cautious when it comes to imminent cyber attacks. Recently Moonfruit took thousands of its hosted business and personal websites offline after being threatened by a cyber-attack.

What is Moonfruit and why it took websites offline? 

Moonfruit is a UK company which helps its consumers and small business to create websites and online stores. Moonfruit is highly popular among the users in UK for its affordable pricing and efficient website builder which makes it simpler and easier to create demanding websites with less coding. Moonfruit has taken thousand of its customer’s website offline after receiving threats about a cyber attack.

Moonfruit had stated that it has kept thousands of its customer websites offline for up to 12 hours in order to make necessary changes in its infrastructure and to safeguard its consumers. Moonfruit has also perceived problems last Thursday when it suffered from a 45 minute of distributed denial-of-service attack. In this attack Moonfruit computer were overwhelmed by unwanted traffic and it made the use of its legitimate services non-functional.

Moonfruit consumers suffers from being offline

Moonfruit has informed its consumers about the decision of taking down the websites for up to 12 hours from Monday and it has generated some angst among the consumers. One such consumer Reece de Ville, a filmmaker, has complained that Moonfruit has been slow in communicating this decision which has the potential to disrupt the website performance and reach.

Moonfruits users had complained that this is bad time for taking down the websites as the holiday season is in full swings which brings higher web traffic and increases the sales volume. Apart from losing money through sales another problem faced by the users is the loss of potential clients or new clients within a day. Online stores will sells items especially for the holiday season like gifts and greeting cards store will take a severe hit in this Christmas week.

Armanda Collective behind the cyber attack threat

Moonfruit has sent emails to its customers where it explained that a notorious cyber hack group called Armanda Collective is attempting to extort money out of the company. Armanda Collective had previously successfully attacked the websites of web mail companies which included Hushmail, ProtonMail, RunBox and quite a number of Greek banking institutions.

The customers have been furious and quite unhappy with the loss of sales and potential clients. But it should also be understood that Moonfruit is a victim too of unpleasant criminal act where cyber criminals are threatening its business for extorting money. Moonfruit is working with the law enforcement authorities regarding this matter and hopes to dissolve this threat at the earliest. In the mean time customers have to bear with the Moonfruit decision of keeping the hosted websites offline.

Tuesday 1 September 2015

Samsung Smart Fridge Leaves Gmail Logins Open to Attack

Smart_Fridge

Samsung Smart Fridge – MiTM attacks on Connections

Security researchers have identified a possible way of stealing user’s Gmail identifications from Samsung smart fridge. At the recent DEF CON hacking conference, Pen Test Partners have discovered the MiTM – man-in-the-middle, weakness which enabled the exploit at the time of the IoT hacking challenge. The hack was against the RF28HMELBSR smart fridge, a part of Samsung’s line-up of Smart Home appliances that is controlled through their Smart Home app.

Though the fridge gears SSL, it tends to fail in validating SSL certificates thus enabling man-in-the middle attacks on most of the connections. Internet connected devices are designed to download Gmail Calendar information to on-screen display. Security shortcomings would mean that hackers who tend to be on the same network could possibly steal Google login information from their neighbours.

According to a security researcher at Pen Test Partners, Ken Munro, `the internet-connected device is designed to download Gmail Calendar information on its display and it seems to work the same way like any device running a Gmail calendar. User or owner of the calendar, logged in, can make updates and those changes are then seen on any devices which a user could view the calendar on

Fridge Fails to Validate Certificate

The fridge fails to validate the certificate while the SSL is in place and hence the hacker who tend to access the network where the fridge is on, probably through a de-authentication and fake Wi-Fi access point attack, can man-in-the-middle, the fridge calendar client and steal Google login information from the neighbours.

Since the fridge has not yet been in Europe, the UK based security consultancy fell short of time at DEF CON in trying to interrupt communications between the fridge terminal and the software update server. Efforts were made to mount a firmware-based attack through a customer updates was not successful but they had more safety when it pulled apart the mobile app and discovered the possible security problem in the process, though was not confirmed.

Name of a file that was found in a keystore of the mobile app’s code indicated that it comprises of the certificate which was used to encrypt traffic between the mobile app and the fridge.

Working on IoT Security/Hacking Research

The certificate had the correct password though the information to the certificate seemed to be stored in the mobile app in an obscured manner.

Then the next step would be to find out the password and use the certificate data in order to confirm to the fridge and send commands over the air to it. Pedro Venda of Pen Test Partners adds that `they wanted to pull the terminal unit out of the fridge in order to get physical access to things such as the USB port and serial or JTAG interfaces, but were unable to do so since they had run out of time. The MiTM is sufficient enough to expose a user’s Gmail information’.

 The team at Pen Test Partners are working on more IoT security and hacking research. It had published research that revealed Samsung’s smart TV’s failure to encrypt voice recordings sent through internet, in February. Samsung had informed that they were looking into the issue and stated that `at Samsung they understand that the success depends on consumer’s trust and the products and services provided. Protecting consumers’ privacy is the top priority and will work hard each day to safeguard valued Samsung users’.

Saturday 15 August 2015

Spyware Demo Shows How Spooks Hack Mobile Phones

audio

Secretive Techniques to Spy Mobile Devices

Generally Intelligence agencies seldom make it public, their secretive techniques for spying on mobile phones but a UK security firm has portrayed to BBC, how a tool which is sold around the world spies and actually functions.

It enables spies to take secret images through the phone’s camera as well as record the conversations with the microphone without the owner being aware of it. The software of Hacking Team had been recently pilfered from the company by hackers and published across the web where almost any type of data on a phone, PC or a tablet could be accessed through the tool which is amazing on how much it can do.

When the source code for the program had been dumped online by the hackers, Joe Greenwood, of cybersecurity firm 4Armed, who had seen it, could not refrain from experimenting it. Though he had to work with the code in order to make it work, it took him a day before he could make it run.

The software comprises of the surveillance console displaying data retrieved from a hacked device together with malware implanted on the target device itself. The cybersecurity firm had been cautious to note that utilising it to spy on someone without their permission would be violating the law.

In-Built Features to Track Bitcoin Payments

Mr Greenwood, on testing the software on his own PC, observed the scope of its potentials. He informed BBC that one could download files, record microphones, webcam images, websites that were visited, check what programs were running as well as intercept Skype calls.

Besides these, the software also had some in-built features to track Bitcoin payments which could be difficult to connect with individuals without extra data on when and how the transaction could have been performed. He also showed a live demonstration of the system on how an infected phone could be made to record audio from the microphone even though the device seemed to be locked and utilise the phone’s camera without the knowledge of the owner.

He informed that photos could actually be taken without them knowing and the camera in the background tends to be running, taking photos every number of seconds. There is also the possibility of listening in on phone calls, access the list of contacts that were stored on the device as well as track what websites the user of the device had visited.

Indication of Message Sent Somewhere -A Red Flag Spike in Network Data Usage

Marc Wickenden, technical director of 4Armed as well as Mr Greenwood had stated that they were shocked by the sleekness of the interface and pointed out that though customers would be paying up £1m for the software and expecting it to be user-friendly especially if it is intended for usage by law enforcers.

As for the tracked user, there are few ways of discovering that they are being watched. According to Mr Greenwood, a red flag, is a sudden spike in the network data usage indicating that information is being sent somewhere in the background and experienced intruders would however, be cautious in minimising this to remain undercover.

Currently spy software of this type is only likely to be arrayed secretly on the phones and computers of those who seem to be key targets for intelligence agency.


Friday 14 August 2015

Hackers Target Internet Address Bug to Disrupt Sites

Bug

Hackers Manipulating Internet Architecture

According to a security firm, it is said that hackers are manipulating a serious flaw in the internet’s architecture wherein the bug seems to target systems that tend to convert domain names into IP addresses. Taking advantage of it could impend the smooth function of the internet services since it would permit hackers to launch denial-of-service attacks on websites, possibly forcing them offline and regular internet users would unlikely be severely affected.

Bind seems to be the name of a variety of Domain Name System – DNS software which is used on most of the internet servers. The most recently discovered bug enables attackers to crash the software thus taking the DNS service offline and stopping URLs for instance, from functioning. Patch for the fault is made available, though several systems need to be updated.

 The ISC – Internet Systems Consortium that had developed Bind had mentioned in a tweet that the vulnerability was `particularly critical’ and `easily exploited’. Last week ISC had release a patch for serious vulnerability in BIND, one of the popular Domain Name Servers which is bundled with Linux.The flaw that affects versions of BIND 9 from BIND 9.1.0 to BIND 9.10.2-P2.

Fault in Handling TKEY Queries

It could be exploited to crash the DNS servers running the software followed by a DoS attach. Red Hat, Ubuntu, CentOS as well as Debian have all been affected with the bug and so patching is straightforward, update or apt-get update, whichever is suitable to the environment together with a DNS server restart.

 A networking expert at Sucuri, Daniel Cid, had published a blog post stating the vulnerability wherein he had clarified that the real exploits taking advantage of the fault had already taken place, based on the reports received from the customers of the company, that they were facing DNS server crashes. He also informed BBC that a few of the clients in various industries had their DNS servers crashed due to it.

He further added that due to their experience, server software such as Bind, Apache, OpenSSL and the others did not get patched as often as they should. According to a report in The Register, CVE-2015-5477, last week, there is a fault in handling TKEY queries, like a constructed packet could use the defect in triggering a REQUIRE assertion failure, which could cause BIND to exit. Cid informs that it is also trivial to check if the DNS server is being targeted.

Large DNS Exploits Take Down Hunks of Internet

One could look for the ANY TKEY in the DNS logs with querylog enabled since TKEY request seems to be `not very common’ and should be easy to notice suspicious requests. Brian Honan, cybersecurity expert, had commented that a spike in exploits of the fault was expected in the next few days.

He further added that the websites would frequently be accessible through other routes and cache addresses on DNS servers all over the world even though certain key DNS servers have been made to crash. He stated that `it is not a doomsday scenario but a question of ensuring that the DNS structure could continue to work while patches tend to be rolled out.

According to Mr Cid, the impact on general users is probably to be minimal and the average internet users will not experience much pain besides a few sites and email servers down. A large DNS exploit could take down hunks of the internet.

Tuesday 28 July 2015

United Hackers Given Million Free Flight Miles


United
United Continental Holdings, a US airline has rewarded the two hackers under their bug bounty program because they have spotted security holes in the company website and they disclose the security flaw privately rather than sharing it online.

As a part of reward hackers have received the maximum reward of a million miles on flight, which is worth of hundreds free domestic flights and it is for two people. According to tech experts, its big and very good step in the domain of online security. In conversation with Reuters United Continental Holdings confirmed that they have paid the reward of one millions mile to each hacker, but they didn’t respond on the tweets of individuals which is saying that they have been also paid the small cash reward. This Chicago based carrier is hoping that its bug bounty program will help the company to uncover the cyber risks in the area of airline web security. With the help of bug bounty program web researchers solved the problem before hackers can exploit them and due to that the cost is much less than hiring outside consultancies.

However; all the three major competitors of United have declined any comment on the bug bounty programs and fourth was not available for commenting. Whereas; Trade group Airlines stated that in US all the air carriers should conduct these kinds of tests to make sure that system is secure. United adopted this strategy in the month of May when due to technology glitches they have grounded its fleet more than two times. In one incident company locked its airline reservations system and prevents customers from checking in, however; due to other zapped functionality of the software this air carrier dispatches its entire flight plan. According to spokesperson of United, “We believe that with the help of this program we will continue to provide best, secure and most excellent service”.

Jordan Wiens, who is working on the cyber vulnerabilities, tweeted that last month he received a reward of 1 million miles from United for exposing a security flaw which can allow hackers to control the website of airline. The more he added in an interview that there are not many companies in industry which are doing bug bounty programs, however; according to Wiens it’s normal for big companies such as; United to offer bug bounty program for their websites. Beyond the bug bounty program, United stated that its perfect test system which internally engages the cybersecurity firms to keep its website and online security secure.

According to Dr Jessica Barker, who is security consultant, “Schemes which are rewarding the hackers are perfect way to find and disclose the online security problems in right way and it help us to make the internet safe for all of us”. The more he added that bug bounty programs are common for tech companies because they understand online security and due to certain benefits now other industries are catching them.

Tuesday 21 April 2015

Hackers Who Breached White House Network Allegedly Accessed Sensitive Data


Whitehouse
Hackers Breached White House Network


According to recent story published by CNN, Russian government hackers have breached the White House’s computer systems late last year and have gained access to sensitive details though the US officials disagree with it. The officials had stated earlier, that in October, the White House breach had only affected an unclassified network, though sources informed CNN that the hackers had gained access to real time non-public details of the president’s schedule.

 The sources also informed CNN that the hackers were the same ones who were behind a damaging cyber-attack on the US Department of State at the same time last year, which forced the department to close down its email system for an extended period of time. The connected cyber-attack on the State Department recently has been characterized as the worst hack on a federal agency. The White House is not unfamiliar to attacks from foreign spies.

 The Chinese have been associated in many high profile attacks of White House unclassified systems together with employee emails. Reports of the breach came in as government official have become more concerned with regards to cyber threats from Russia. James Clapper, FBI director informed Senate committee in February that `the Russian cyber threat is more severe than they had earlier assessed’.

Immediate Measures to Evaluate/Mitigate Activity

Ben Rhodes, White House deputy national security adviser stated that the breached White House system had no sensitive data. He informed CNN that they had an unclassified system and a classified system, a top secret system. And that they do not believe that their classified systems were compromised.

A White House spokesperson who tried to restrain the report informed that it was based on a security breach which was already revealed to the public. Spokesperson, Mark Stroh, informed the media, that this report was not referred to a new incident and any such activity was something which was taken seriously and in this case, they had made it clear at that time and had taken immediate measures to evaluate and mitigate the activity.

He also informed that as officials did last year, the US would not comment on who could have been behind the attacks. Investigating the security breaches are the Secret Service, FBI and US Intelligent agencies which according to CNN sources say were the outcome of one of the most sophisticated cyber-attacks that was ever directed at US government agencies.

Theft of Private Data – Government/Corporation/Individuals 

The recent report comes amid hacker thefts of private data related to governments, corporations as well as individuals, from sensitive emails to medical reports to financial information and possession of these data could tend to be of great importance to either enable criminal acts or assistance in government spying.

As per a senior department official, none of the department’s classified email system in the State Department breach was affected at that time though hackers used that breach to break into the White House’s network as reported by CNN.

The security researchers were under suspicion after the White House security breach was revealed in October, that hackers working for the Russian government were the cause of both the attacks according to the story of Washington Post and inspite of efforts beingmade by the State Department to safeguard its security, hackers were capable of accessing the system with the result that the network was owned for months by Russian hackers.

Saturday 7 March 2015

5 Simple Tips to Avoid Getting Scammed In 2015



CC


Criminals and computer hackers in all over the world are active; they are working round the clock to steal your personal information as well as money. There is nothing which you can do, but with few simple precautions you can reduce the risk because life in digital age doesn’t come with undo button and your small mistake can crook your Social Security number.
  • Use credit cards for online shopping: 

  • A credit card provides you better fraud protection than debit card and net banking as credit cards follow the different federal rules. If you are using credit cards, so you can dispute an unauthorized charge and later credit card company have to take charge off your bill after doing the investigation, which is not possible if you are using debit card. You can also dispute the charges of a credit card if the merchandise doesn’t arrive or if you have got the defective material. Whereas; some people afraid to use a credit card for online shopping, but this is for what credit card are meant to be. If there is any kind of problem, so it’s a job of credit card companies to deal with it.

  • Protect your personal information:

  • Hacker have variety of tools and techniques to get your account numbers and passwords such as; bogus emails designed to look like authentic e-mails from banks, key-loggers, phishing and more. There are always reasons why they need your personal information, but you shouldn’t forget that your Social Security number is the key to your tension free life because a hacker can use it to steal money or your personal identity. Social Security numbers are essential for financial and medical records, so it is recommended to guard it.

  • Never download unknown attachment or click on suspicious links:

  • It’s easy to click on a certain link which is in text mail or on social media post, but it is recommended to never open such links which are calming as shipping invoice or some other document calming certain lucky draw. Fraudsters are ready to count on your curiosity and your instant response can end-up with an installation of malicious software onto computers and smartphones.

  • Take your time:

  • Never make your purchase in rush as it can lead you towards fraud. Never fall in love with “buy-now-or-else because sometimes hackers use this trick to compromise your financial details. So before taking any final check-out makes sure you are doing shopping or purchase from authentic platform.


  •  Don’t be fooled by e-mails of free prize or free merchandise or money back guarantees: 

  • Never pay for playing in contest, which claims billion of dollars in prize. If the contest is authentic, so you don’t have to buy anything or pay any amount of money to get your prize. Free is good, but nothing comes in free especially when you are living in this meaning full world. The initial product may be free, but the other attached products can end your purchase with heavy bills and this is the technique through which most of the e-commerce companies are making a real profit. 
     
     
     

Monday 26 January 2015

Whatsapp and iMessage Could Be Banned Under New Surveillance Plans


Primeminister-UK

According to recent reports, Snapchat, WhatsApp and iMessage could be banned in the U.K. after the murder of Charlie Hebdo. It was the shocking event in Paris where leaders of the world prove that, how little they understand the latest technology. David Cameron, in an event in Nottingham, England, stated about how Britain has been able to access any form of communication with advanced technology and tools.

Phone calls, internet traffic, letters all can be intercepted due security and intelligence reasons, but as per the Cameron few services such as; WhatsApp, Facebook, iMessage, Snapchat and countless other smaller versions can be problem for national security. At the end of whole speech, David Cameron stated, “The first duty of government is to keep the country safe for our people, so that they can enjoy the life.”

As per another member and Mayor from Cameron’s party, Boris Johnson, “I am pretty interested in civil liberties stuff and if they are threat, so I want to listen their calls and check their emails to”. It can be alarming quote for those who have tipped to be a future British PM. No doubt, David Cameron was referring to listen only terrorists, but we all know that for this they need to keep an eye on all residents.

In the world of democracy, if you have elects those who are best according to you and later you are managing the money after paying taxes to live in better country. According to normal peoples we haven’t elect them to spy on our private life, to stop us from having basic rights and freedom, we didn’t have put them in charge, it means they couldn’t have a understanding about latest technology then our teenagers.

The argument presented by government and its officials, mobile services such as; WhatsApp, Facebook, iMessage, Snapchat are not freely accessible from their intelligence agencies. It is expected that government has approached those companies and asked to keep an eye on their messages, but their request denied. Now government has only option either to break in their security or to get a court order for further records.

But it’s nothing other than stupidity to stop normal people doing normal things through their instant messaging services; the latest technology is the easy medium for terrorists to communicate securely. If two or more machines are running for communications through Tor, while using 256bit encryption with the help of an IRC server so it can give same headache to government. Government can have little trouble to see those chats as the source and destination with the chat content of messages would be fairly secure throughout the process.

Ultimately, this is all what British government wants, and French government seems to follow the same route in a system as China is doing as they are routing all the traffic through government firewalls and normal people can access only approved sites and services. But the other fact is it is more difficult to stop the people from using the communication apps.





Monday 15 December 2014

FBI warns of ‘destructive’ malware in wake of Sony attack


Sony
According to the recent reports, the FBI (Federal Bureau of Investigation) has already intimated all the businesses in The United States of America, that the hackers have been using malicious software to launch a destructive cyber attack in the United States of America.

This was announced post the devastating breach that took place at Sony Pictures Entertainment last week. As per the Cyber security experts, the malicious software that has been described in the FBI alert looks to be describing the software that affected Sony.

This can be considered as the first key destructive cyber attack waged against a company operating on the soil of the United States of America. Until now, these kind of attacks has been seen in the Middle East and Asia, but nothing has been reported in the United States of America. At present, the Federal Bureau of Investigation had not disclosed as to how many companies have actually been victimized by these destructive attacks.

Confidential "flash" warning

According to Tom Kellermann, who is the chief cyber security officer with security software maker Trend Micro Inc, this synchronized cyber attack with the destructive payloads against a business in America clearly represents a turning point event.

For these destructive cyber attacks, Geopolitics will serve as the forerunners. The 5 page confidential "flash" warning issued by the FBI was released for the businesses on Monday; it has all the technical details pertaining to the malicious software that was used on this attack.

As per the reports, the malware has the ability to overrides all data stored on the hard drives of computers, which includes the master boot record. Due to this, the computers will not be able to boot. The reports also highlights that if the companies are unable to restore their data through the standard forensic methods, then overwriting of the data files will become more costly and extremely difficult.

This document was sent through mail with the clear instruction of not sharing the same with anyone else. This document was released post the unprecedented attack on Sony Pictures Entertainment, which affected the entire systems and the email line of the company. This has affected the company as they have crucial movies to be released during the holiday season.

The company’s spokeswoman stated that they are working with the federal and law enforcement officials to check on this issue and the company has been able to restore some of their important services. She declined to comment on the warning issued by FBI.

Actions currently being taken

Currently the FBI is working along with the Department of Homeland Security to investigate these attacks while FireEye Inc's has been hired by Sony to carry out the post attack clean up. Although FBI didn’t reveal the name of the victim of this attack; cyber security experts stated that it is a California-based unit of Sony Corp.

According to technical section of the report, some of the software used in this attacks have been compiled in Korea but no correction has been established with North Korea.

Monday 8 December 2014

Sony Malware May Be Linked To Other Damaging Attacks


Sony
Identification of Technical Evidence at Sony Corp’s Hollywood Studio

Researchers of Cyber security have identified what according to them is technical evidence linking massive breach at Sony Corp’s Hollywood studio with the attacks in South Korea and the Middle East. Kaspersky Lab, a Moscow based security software maker stated that it has uncovered evidence that all the three campaigns could have been launched by one group or it could have been facilitated by an individual organisation who are well versed in working with destructive malware.

Cyber attackers had damaged thousands of computers at Saudi Arabia’s national oil company as well as Qatar’s RasGas with virus known as Shamoon in 2012, which is one of the most destructive campaigns till date and Iran has been blamed by the U.S. officials.

A year ago, over 30,000 PCs were affected at South Korean banks as well as broadcasting companies by similar attack that cyber security researchers were of the belief that it was launched from North Korea. Kurt Baumgartner, Kaspersky researcher informed Reuters that there are `unusually striking similarities’ which are related to the malicious software and techniques in both the campaigns and the Sony attack on Nov. 24 in which a malware was dubbed `Destover’, was used.

Perpetrator Access to Confidential Information 

The attack had crippled the computer systems giving the perpetrator access to confidential employee information which also included the executive salaries. The attack is said to have used a so called wiper virus which can erase data and has the capabilities of bringing down networks with thousands of computers thereby preventing companies in conducting their business.Similarities were described by Baumgartner in depth in a technical blog which was published recently on Kaspersky’s website.

He stated in an interview that `it could be a single actor or it could be that there are trainers or individuals who float across groups’. According to him he states that the evidence indicate that the hackers from North Korea were the cause of the attack on Sony though it is unclear whether they work directly for the government.

Several of the cyber security researchers are not in agreement with Kaspersky’s interpretation of the technical evidence. Symantec Corp. a California based company had stated in a blog post that it also sees similarities between the attacks against Sony and the Shamoon campaign and attributes it to being copied stating that there does not seem to be any evidence that the same group is behind both attacks.

Critical Infrastructure At Risk

Chertoff co-founder and executive chairman of The Chertoff Group, which is a global security consultancy based in Washington commented in an interview that `either for political or economic reasons at some point, sophisticated actors are going to be more willing to use destructive malware.

He adds further that Sony attack shows that critical infrastructure is at risk and the potential for cyber weapons to be deployed continues to increase. Cyber security companies fear for more destructive attacks in the forthcoming months.

Chief executive officer, Ron Gula, for Tenable Network Security Inc., which is based in Columbia, Maryland comments, `if attacks like those against Sony continue against other U.S. companies, 2015 could be a year of disrupted services’.