United Hackers Given Million Free Flight Miles

United Continental Holdings, a US airline has rewarded the two hackers under their bug bounty program because they have spotted security holes in the company website and they disclose the security flaw privately rather than sharing it online.

As a part of reward hackers have received the maximum reward of a million miles on flight, which is worth of hundreds free domestic flights and it is for two people. According to tech experts, its big and very good step in the domain of online security. In conversation with Reuters United Continental Holdings confirmed that they have paid the reward of one millions mile to each hacker, but they didn’t respond on the tweets of individuals which is saying that they have been also paid the small cash reward. This Chicago based carrier is hoping that its bug bounty program will help the company to uncover the cyber risks in the area of airline web security. With the help of bug bounty program web researchers solved the problem before hackers can exploit them and due to that the cost is much less than hiring outside consultancies.

However; all the three major competitors of United have declined any comment on the bug bounty programs and fourth was not available for commenting. Whereas; Trade group Airlines stated that in US all the air carriers should conduct these kinds of tests to make sure that system is secure. United adopted this strategy in the month of May when due to technology glitches they have grounded its fleet more than two times. In one incident company locked its airline reservations system and prevents customers from checking in, however; due to other zapped functionality of the software this air carrier dispatches its entire flight plan. According to spokesperson of United, “We believe that with the help of this program we will continue to provide best, secure and most excellent service”.

Jordan Wiens, who is working on the cyber vulnerabilities, tweeted that last month he received a reward of 1 million miles from United for exposing a security flaw which can allow hackers to control the website of airline. The more he added in an interview that there are not many companies in industry which are doing bug bounty programs, however; according to Wiens it’s normal for big companies such as; United to offer bug bounty program for their websites. Beyond the bug bounty program, United stated that its perfect test system which internally engages the cybersecurity firms to keep its website and online security secure.

According to Dr Jessica Barker, who is security consultant, “Schemes which are rewarding the hackers are perfect way to find and disclose the online security problems in right way and it help us to make the internet safe for all of us”. The more he added that bug bounty programs are common for tech companies because they understand online security and due to certain benefits now other industries are catching them.

Hackers Unearth Major Security Flaw That Affects Adobe Flash Player

A major gaping hole is found in the popular Adobe Flash Player software used for watching videos online on a global scale. This flaw allows the attackers to take control of user’s system once they visit any malicious website.

Hackers Team which is known to create surveillance software for governmental agencies had stumbled upon this flaw when 400 GB of data was stolen from it over the weekend. Adobe had cleared all the speculations surrounding the emergence of this serious flaw and it had promised to make a fix available to all the users by Wednesday.

All You Need To Know About The Flaw In Flash Player

This serious flaw is present in the Adobe Flash Player 18.0.0.194 and its earlier versions, which were released for all the major OS like Windows, Mac and Linux. Adobe stresses on the fact that this flaw can be used to cause a sudden crash and act as a backdoor for the attackers to take control of affected system.

Hacking Team had described this bug as a fascinating bug, which had come to light in as many as four years of successful running of Flash player. The severity of this flaw is extremely high and some of the hackers are already utilizing it for a long time to create undue nuisance for the users with affected systems. The internal documents also stress on the point that it can be used as a weapon on mass scale to cause considerable loss of information and high-jacking of systems on a larger scale. Until a fix or security update is provided by the Adobe it will be wise to disable the Flash Player completely in the browsers to avoid further damages.

Hacking Teams Cautions Windows Users

The data released by the Hacking Team also reveals about vulnerability in the Adobe font drivers in Windows. The flaw in Flash Player has high severity rate in both 32 and 64 bits versions of Windows OS ranging from the order XP to latest 8.1. Windows computer is at greater risk of losing control to the hackers with the presence of this flaw. For successful taking control a hacker will have to rely on other vulnerability of font driver. Microsoft is quick to give heed on this situation and they are actively working on bringing a security fix for its users.

Hackers Are Already Exploiting This Flaw

Hackers Team got a wind of this flaw after a mysterious hacker going by the name PhineasFisher started exploiting this flaw. He had already created immense troubles for many companies being serviced by Hackers Team which includes even some governmental institutions.

The detailed report furnished by Hackers Team states that its RCS surveillance software possess capabilities for monitoring activities on Skype, Gmail, Facebook and Outlook.com along with cryptocurrencies transactions. This can be helpful for companies and its clients in keeping a keen eye upon its employees. However European parliament is seriously debating upon the legitimacy of any such software being used by a governmental organization to snoop upon its citizens.

Online Shoppers Must Protect Themselves from Cybercrime Theft

High Profile Data Breaks – Cyber Theft

Online shopping can be very comfortable but most of these shoppers are falling prey to cyber criminals as the fraud rates is on the increase. High profile corporate data breaks have been taking place and a number of the country’s huge corporations from retailers like Target to major web presences such as EBay have conveyed instances of cyber theft which has caused thousands of lost consumer records as well as financial data. Cyber-attacks have not only targeted businesses’ assets and reputations but have also progressively exposed their millions of consumers to identity theft.

This has resulted in making online shoppers a bit apprehensive in indulging in shopping online for fear of cyber theft. Shopping online had become quite popular and convenient from the comfort point of view and also to get to know detailed information of the product intended to be purchased. Recent poll conducted by USA Today, indicated that around 24% of online shoppers are taking a pause on their buying habits due to the possibility of identity theft brought on through submission of their details together with credit card information provided online.

Online Fraud – Biggest Challenges for Payment History

Chris Hamilton, chief officer of APCA commented that online fraud tends to be one of the biggest challenges facing the payment history. He stated that somehow some bad guy tends to get hold of the card number with adequate information to pose to be you and purchase something from an online merchant and consumers should deal with merchants which are reputable that you know. When consumers tend to hand over their details online, by phone or through post, the card-not-present fraud rose by 42% in 2014 reaching nearly $300 million and new figures indicated by the Australian Payments and Clearing Association also found that card skimming at the ATMs is far from dead, had gone up by 17% in 2014 reaching a total of $42.1 million.

The report had outlined that the healthcare and education sectors, together with financial institutions, retailers, government bodies and computer software providers seem to be high objects for cybercrime. This issue has become so serious that the payments industry is now proposing in introducing – tokenisation, which substitutes sensitive information, for instance the use of card numbers with tokens which tend to be useless to a fraudster.

Need to Check Bank Statement Frequently 

The report also indicated the $650 billion worth of transactions that were made on Australian payment cards in 2014, were fraudulent by 0.06% and the average fraud debt was $224. Steven Munchenberg, chief executive of Australian Banker’s Association, said that the customers need to check their bank statement frequently to make sure they are not the victim of fraud.

 He further added that banks are equipped with sophisticated systems in place to detect fraud and if customers are innocent victims of fraud, they tend to bear the loss and not the customers. In 2014, frauds through `tap and go’ payments was comparatively stable around $33 million in lost and stolen fraud which went up by only 2%. In all these situations, fraudsters tend to use cards having contactless payment abilities in making transaction below $100 without the need of a four digit Personal Identification Number.

Gamers Targeted By Ransomware Virus

A computer virus has been targeting the gamers around the world. The virus has the ability to stop the gamers from playing out their favourite games unless they are ready to pay a ransom for the same. Once a machine gets infected by the virus, this cruel program has the ability to seek out the saved games and other important files on the user’s computer and go ahead with encrypting the data. Reports suggest that in order for a user or the gamer’s to unlock any of their encrypted files, they will have to be ready to pay nearly $500 (£340) in Bitcoins. This malware has the ability to target nearly 40 separate games which include World of Warcraft, Call of Duty, World of Tanks, and Minecraft.

Dark world of the web and cash: 

This malicious program is very much similar to that off the widely distributed Cryptolocker Ransomware. It is the same Cryptolocker Ransomware which has been able to target thousands of people around the world in the last few years. However post the analysis of this malicious program called as Teslacrypt, it was revealed that it bears no resemblance or code share with Cryptolocker. Reports suggest that this program seems to have been created by a totally different cybercrime group.

According to the Vadim Kotov, a researcher from the security firm Bromium, the malicious file was targeting people by means of a website which has been already compromised by the creators. This site consists of a Wordpress blog that is unintentionally hosting a file that is making use of drawbacks in the Flash for infecting the potential visitors.

What happens when a machine gets infected? 

According to Kotov, post the infection of the machine, this malware has the ability to check out nearly 185 different file extensions in the user’s system. This malware, particularly looks out for files which are linked with popular video games and online services. These games need not belong to the top listing games on the web. He further added that the Teslacrypt malware, has the ability to store the files of the gamers which includes their maps, profiles, and saved games. He also added that gamers will only end up being disappointed if they try to uninstall any game downloaded through any online service. He further added that it is not possible for the user to restore any of their required data post re-installing the game file as well.

So what happens next? 

Once the user’s files have been targeted and encrypted by this malware, they will get a pop up message indicating that they have been targeted and they have only a few days to make the payment in order to retrieve their data. Reports suggest that the victim might end up paying between $500 to $1,000 Bitcoms in PaypalMy Cash payment cards. The Teslacrypt virus directs the potential victims to send their payment details to a designated address on the Tor anonymous browsing network. Although there are works in progress to crack the encryption system of the virus, user can resort to backups of the files in the meantime.

5 Simple Tips to Avoid Getting Scammed In 2015

Criminals and computer hackers in all over the world are active; they are working round the clock to steal your personal information as well as money. There is nothing which you can do, but with few simple precautions you can reduce the risk because life in digital age doesn’t come with undo button and your small mistake can crook your Social Security number.

• Use credit cards for online shopping: 

A credit card provides you better fraud protection than debit card and net banking as credit cards follow the different federal rules. If you are using credit cards, so you can dispute an unauthorized charge and later credit card company have to take charge off your bill after doing the investigation, which is not possible if you are using debit card. You can also dispute the charges of a credit card if the merchandise doesn’t arrive or if you have got the defective material. Whereas; some people afraid to use a credit card for online shopping, but this is for what credit card are meant to be. If there is any kind of problem, so it’s a job of credit card companies to deal with it.


• Protect your personal information:

Hacker have variety of tools and techniques to get your account numbers and passwords such as; bogus emails designed to look like authentic e-mails from banks, key-loggers, phishing and more. There are always reasons why they need your personal information, but you shouldn’t forget that your Social Security number is the key to your tension free life because a hacker can use it to steal money or your personal identity. Social Security numbers are essential for financial and medical records, so it is recommended to guard it.


• Never download unknown attachment or click on suspicious links:

It’s easy to click on a certain link which is in text mail or on social media post, but it is recommended to never open such links which are calming as shipping invoice or some other document calming certain lucky draw. Fraudsters are ready to count on your curiosity and your instant response can end-up with an installation of malicious software onto computers and smartphones.


• Take your time:

Never make your purchase in rush as it can lead you towards fraud. Never fall in love with “buy-now-or-else because sometimes hackers use this trick to compromise your financial details. So before taking any final check-out makes sure you are doing shopping or purchase from authentic platform.



•  Don’t be fooled by e-mails of free prize or free merchandise or money back guarantees: 

Never pay for playing in contest, which claims billion of dollars in prize. If the contest is authentic, so you don’t have to buy anything or pay any amount of money to get your prize. Free is good, but nothing comes in free especially when you are living in this meaning full world. The initial product may be free, but the other attached products can end your purchase with heavy bills and this is the technique through which most of the e-commerce companies are making a real profit. 

 

 

 

Hacker Ring Stole $1B from Banks in 30 Countries, Says Report

Again a hacker group has stolen more than $1 billion from different banks in all over the world and till now it is one of the biggest banking breaches, as per the reports of cyber-security firm.

According to Kaspersky Lab, which is one of the Russian security companies, “One of the hackers ring is active from last quarter of 2013 and they have infiltrated more than 100 different banks in 30 countries, including four banks in Canada.

They are using phishing schemes and other techniques to gain access banks computer and after that they lurk form one month to two month, to learn the banks' systems and in taking the screen shots or video of employees using their computers, the report says. As soon hackers become familiar with the banks' operations than they use their knowledge to steal money without raising any kind of suspicious activity, by setting up their fake accounts and transferring a lot of cash into them or programming ATMs to dispense money at their choice of time and more, according to Kaspersky.

This report was prepared to present in a security conference at Cancun, Mexico, but it was first reported by The New York Times.

It seems that hackers limit their theft $10 million before moving to another bank and this is why their fraud was not detected earlier, Vicente Diaz, Principal security researcher of Kaspersky said to The Associated Press in a telephone interview. These attacks were unusual because this time hackers target the banks rather than targeting any individual customers.

It seems that their goal is financial gain rather than espionage, Diaz said. This time hackers are not interested in any kind of personal information, they are only interested in financial gain. These hackers are flexible and quite aggressive as well because they have special tool for doing whatever they want to do. The most targeted countries are the U.S., Germany, Russia, Ukraine and China as attackers are expanding throughout Asia, Africa, the Middle East and Europe, Kaspersky says.

One of the bank lost more than $7.3 million through ATM fraud, whereas; in another case one of the financial institution lost $10 million because attackers exploit the bank’s online banking platform. Till now the name of banks are not clear and still Kaspersky is working with law-enforcement agencies to investigate these attacks.

These days, White House is putting a lot of focus on cyber-security due to many data breaches in national security agencies and companies, which are ranging from mass retailers to financial institutions such as; Home Depot and Target to Sony Pictures Entertainment and other insurance companies.

Now U.S. administration wants Congress to replace the all existing patchwork of national and state laws by giving a 30 days’ notice to companies that consumer’s personal information has been compromised. “As a officials at this point of time we cannot disclose the actions of individuals, but we believe that our officials are taking an appropriate actions to prevent these attacks and minimize any effects on customers”, one of the national security agency of U.S. said in a statement.

FBI: Email Scam Nets $214 Million in 14 Months

If you will check the spam folder in your e-mail account than you will know that why these e-mails known as spam’s and why your e-mail service provider is dropping these e-mails in spam folder, but in present you can easily find few fraud e-mails (e-mails which make fake promises) in inbox folder. Recently, the nonprofit National White Collar Crime Center and the Internet Crime Complaint Center with a joint effort of FBI release a report on the basis of calculation from Oct 1, 2013 to Dec 1, 2014.

In e-mail scams fake invoices delivered to different business that deals with international suppliers, asking for the payment of millions of dollars by wire transfer. According to recent reports of research team, “The victims love to use wire transfer payments method for money transaction to foreign banks, which can be transferred many times, but they tend to disperse faster”. Most of the American and Asian banks, which are located in Hong Kong or China, are the most preferred commonly reported last destination for more than 80 per cent fraudulent transfers.

Data in reports: 

As per the reports of National White Collar Crime Center and the Internet Crime Complaint Center in an association of FBI, “All of the scams has claimed more than 1,198 US victims and 928 victims in other countries has witness the these kinds of scams and U.S. firms have lost more than $179 million in total. According to FBI, “We believe that the number of victims and the total loss in dollar will continue to increase”.

In general if you will analyze your spam folder, so over there you will find few of the e-mails are promising or taking about reward, job of senior level in premium companies, lucky draw and more. Some of us are lucky because we know that these e-mails are fraud whereas; some of us believe in those e-mails and start to follow their instructions.

In other version of scheme, some of the businesses which work on international level of with international clients and suppliers are contacted through fax, phone, email or post asking for payments. These e-mails are spoofed and they seems like genuine and authentic as they are coming from reliable or legitimate supplier and fax or phone requests also appears authentic and genuine. Whereas; in other version e-mail accounts of high level management executives compromised form criminals for requesting a wire transfer through fake promises regarding to business opportunity and they include the instructions to reply or send funds on urgent basis.

However; the third version of fraud schemes involves the hacking of an employee's e-mail account, which sends the duplicate or fake invoices to suppliers or vendors.

According to task force of FBI, “Now it’s time when vulnerable businesses should avoid using free e-mails for executives or official accounts and they should exercise caution for posting the company information on social media or on public websites. You can also include additional security steps like; or digital signatures and two-step verification process.

US Military Social-Media Accounts Hacked

According to the reports, a hacker group who is claiming to be with the terrorist group ISIS and call themselves as the “Recently, Cyber Caliphate, took the complete control over the operation of Centcom YouTube channel and Twitter account that represents the United States central military command. There was a Pastebin tweeted by the hackers titles as “Pentagon account hacked with a message that, American soldiers, we are coming, now its time when you should watch your back. #CyberCaliphate”. This message included links to what is suppose to be with some confidential US Army files.

However, according to sources, it has come to light that these files might have been made available to public previously, in other words, these files cannot be deemed highly confidential. These files might not be confidential but at the end of the day, it was the files of Centcom’s social accounts that were compromised. This clearly indicates the pathetic state of the cyber security in the United States government. And if the hackers are able to get their hands on some of the most confidential files then it clearly indicates that ISIS is a more dreadful cyber-opponent than anyone can expect.

According to the tweets of Politico reporter Hadas Gold at 9:46AM PST, Twitter is aware of the cyber attack on Centcom and taking necessary steps to work on the issue. According to the update at 10:05AM PST, Twitter was able to remove the cover image and the profile image from Centcom. This was followed by the suspension of the Centcom account at 10:10AM PST. At 10:15AM PST, there was an update posted indicating one of the defense officials has confirmed these attacks to Fusion reported Brett LoGiurato. Brett LoGiurato tweeted that, defense official have confirmed that the United States Central Command Twitter account has been compromised. At 10:35AM PST another update followed indicating that even YouTube has suspended the hacked account of Centcom from YouTube. Around 11:55AM PST, The Next Web’s Matt Navarra tweeted that there has been a request received from Pentagon pertaining to an account security issue and they are working on the issue to resolve it.

Before the accounts could be shut, the following tweets were released from the account: 

1. Pentagon network hacked: Korean scenarios.
2. American soldiers, we are coming to you, now it’s time when you should watch your back.
3. We will not stop; we know everything about you, your wife, and your children.
4. ISIS is already here, we are in your computers, in each of your military base

While the US and its satellites kill our brothers and soldiers in Afghanistan, Syria and Iraq, then we broke into your networks and personal devices and know every information about you. The Cyber-Caliphate has also claimed to have taken control over the US media affiliates of CBS News and Fox in Tennessee. According to one of the Anonymous post left out in Pastebin, “In the name of Allah, the Most Gracious, the Most Merciful, the Cyber-Caliphate under the auspices of ISIS will continues with its Cyber-Jihad.

The Real Cybercrime Geography

According to cyber experts, the recent cyber attack on Sony Pictures was due to digital infiltration of North Korea. In digital world things change very rapidly and due to that spin doctors of North Korea stated in quick response that they didn’t hack the server of Sony Pictures and some of cybercrime experts from U.S. also telling the same that North Korean propagandists can be right. As per the evidence, which represented by FBI, it’s clear that incriminate hackers were working for the government organizations, communist, but still U.S experts stated that these proof are not just enough to blame Pyongyang.


According to Sam Glines, CEO of Norse (a cyber security firm), “According to data collection which was based on forensic evidence, it’s clear that North Korea is not accountable for any type of hacking activity or on initiating the attack on Sony Pictures”. All the hackers must be busy because thousands of information gathered from Sony Picture’s servers, which they released after few hours. All the leaked information was related to cast salaries, film’s budget, taxes of actors and actresses with little known fact that Kevin Federline act for a cameo appearance in $5,000. We all know that country North Korea is still on war with America, but America was never on the radar for computer attacks. So, who was responsible for cyber attack on Sony Picture’s? India? Russia? or Iran and Iraq? In future the answer can be the surprise.

According to Symantec there are 20 countries in world that can responsible for cyber attacks and the list was generated on following factors; malicious code rank, malicious computer activity, phishing, spam zombies rank, attack origin and bot rank. The top five countries according to survey were the U.S.A., China, Germany, Britain and Brazil, whereas; the in the list bottom three are Argentina, Australia and Israel, however; South Korea came in at No. 14, Russia at No. 12, and the fact is that North Korea didn’t make it to enter into top 20.

If you will say just gather 10 American computer experts on coffee table and soon the talk will turn into hacking and cybercrime, but it’s not true, however the Russians have been active in cybercrime and cyber-hacking from past few decades as they are also playing the vital role in cybercriminal world. In present if you own money, and want to hack into PC or mobile, so all you need to place an order or buy a program for a cyberattack to get someone’s personal information or swipe financial or banking information. IN western firms the online banking fraud and credit card information theft is normal, now the main question is “If the Russians are so good, so why they just landed up on rank at No. 12?

Hacker Clones a Politician’s Fingerprint Using Normal, Long-Distance Public Photos

Something of this magnitude can’t expected to have happened in past couple of years but now, according to a member of the Chaos Computer Club, which is a European hacker association (on the similar lines of Cult of the Dead Cow in the united states of America) it is possible.

They have successfully shown that it is quite possible to clone or reproduce anyone’s fingerprints. This clone can be used to break into anyone’s system, which is protected by the biometric fingerprint scanners. They just need the photo of someone’s fingers. According to the club, they do not need any close up photos; any photos with the celebrity waving the hands even from a far distance will do the trick.

Considering this case, the CCC was able to get their hands on the fingerprint of Germany’s defense minister Ursula von der Leyen through a photo, which was taken during a press conference. This could easily be considered as a security breach if the German government uses biometric access control systems.

The findings: 

The findings were presented by Jan “Starbug” Krissler, the hacker at the Chaos communication congress. He was able to recreate the thumbprint of the minister by using a photo of the minister, which was taken at the press conference, and some other photos, which have take the picture of her thumb from multiple angles. He used one of the commercially available software called Verifinger Software.

Jan created a real world dummy by using this thumbprint. He started by printing it on a mask and then exposing the same to create a negative print on a substrate. Then he filled the negative with wood clue and created a new positive fingerprint. In case of testing, this technique can pose serious threat to Apple’s TouchID sensor and just in case the minister has Apple iphone then the company can seriously get her into trouble. By this, the company is hoping that the German government is not relying on fingerprints to control their military systems.

What is the drawback? 

With the digital fingerprint readers becoming very common now and it is being on laptops to high-end expensive smartphones. The biggest problem with fingerprints is that they can give false positive, negative and even multiple readings of the same print and give out different results. Even though fingerprints are the best means of identification, still security and forensic communities are looking forwards towards more techniques that are reliable.

DNA sequencing is being considered a one of the best means of forensic identification, and vein matching and gait analysis are best options for control access. This technique is called living biometrics and as the name suggest it is only valid until the person is alive. This technique is already in use in Poland and Japan at some of their ATM’s.

If you are among the people who are using fingerprints for access control, it might be a good time to switch over to something more reliable.



 

Sony Malware May Be Linked To Other Damaging Attacks

Identification of Technical Evidence at Sony Corp’s Hollywood Studio

Researchers of Cyber security have identified what according to them is technical evidence linking massive breach at Sony Corp’s Hollywood studio with the attacks in South Korea and the Middle East. Kaspersky Lab, a Moscow based security software maker stated that it has uncovered evidence that all the three campaigns could have been launched by one group or it could have been facilitated by an individual organisation who are well versed in working with destructive malware.

Cyber attackers had damaged thousands of computers at Saudi Arabia’s national oil company as well as Qatar’s RasGas with virus known as Shamoon in 2012, which is one of the most destructive campaigns till date and Iran has been blamed by the U.S. officials.

A year ago, over 30,000 PCs were affected at South Korean banks as well as broadcasting companies by similar attack that cyber security researchers were of the belief that it was launched from North Korea. Kurt Baumgartner, Kaspersky researcher informed Reuters that there are `unusually striking similarities’ which are related to the malicious software and techniques in both the campaigns and the Sony attack on Nov. 24 in which a malware was dubbed `Destover’, was used.

Perpetrator Access to Confidential Information 

The attack had crippled the computer systems giving the perpetrator access to confidential employee information which also included the executive salaries. The attack is said to have used a so called wiper virus which can erase data and has the capabilities of bringing down networks with thousands of computers thereby preventing companies in conducting their business.Similarities were described by Baumgartner in depth in a technical blog which was published recently on Kaspersky’s website.

He stated in an interview that `it could be a single actor or it could be that there are trainers or individuals who float across groups’. According to him he states that the evidence indicate that the hackers from North Korea were the cause of the attack on Sony though it is unclear whether they work directly for the government.

Several of the cyber security researchers are not in agreement with Kaspersky’s interpretation of the technical evidence. Symantec Corp. a California based company had stated in a blog post that it also sees similarities between the attacks against Sony and the Shamoon campaign and attributes it to being copied stating that there does not seem to be any evidence that the same group is behind both attacks.

Critical Infrastructure At Risk

Chertoff co-founder and executive chairman of The Chertoff Group, which is a global security consultancy based in Washington commented in an interview that `either for political or economic reasons at some point, sophisticated actors are going to be more willing to use destructive malware.

He adds further that Sony attack shows that critical infrastructure is at risk and the potential for cyber weapons to be deployed continues to increase. Cyber security companies fear for more destructive attacks in the forthcoming months.

Chief executive officer, Ron Gula, for Tenable Network Security Inc., which is based in Columbia, Maryland comments, `if attacks like those against Sony continue against other U.S. companies, 2015 could be a year of disrupted services’.

China Suspected Of Attacking USPS and NOAA

Last week, National Oceanic and Atmospheric Administration and the United States Postal service had confirmed that that there were attacks on their computer system. These cyber attacks went on for a month and suspected to be originated in China. According to USPS, these attacks compromised the private information of nearly 800,000 employees. The type of information that was at risk includes date of birth, names, addresses, date of employments and Social Security numbers. This information’s is very important as anyone can forge and influence the service as well as other government agencies.

What is at risk? 

According to CTO, Greg Kazmierczak, Wave systems, specific details about any individual can be risky as the attackers can use them to spear phishing attacks later on. According to Eric Chiu, the president and founder of HyTrust, apart from attacking the companies, this personal data can be harmful to the employees against themselves. He stated that compared to the customer’s date, employee data is more valuable as the companies have a record of their social security, finance and home. This can help the attackers to forge the identity.

NOAA Breach: 

Even though USPS had not pointed fingers at anyone pertaining to this attack, but China is being suspected behind these attacks. According to CEO of ThreatTrack, Julian Waits Sr., this revelation could not have come at any bad time, now the customers will get concerned about their identity and their personal security. NOAA was called on the carpet regarding the breach originated from the Chinese systems. They informed Frank R. Wolf from the Virginia Republican that they sure that their systems were hacked by China. However, they were unable to confirm that this attack specifically originated in China.

The Breach Diary: 

1. 10th Nov- USPS confirms the cyber intrusion and gave an estimation of 2.9 million affected customers.

2. 10th Nov- Sarah Hendrickson appointed as the chief of security.

 3. 11th Nov- Microsoft fixed a 19-year-old bug, which can be used by the hackers to launch drive-by attacks.

4. 12th Nov- 24,105 stories about data breach was reported by the Deloitte

According to another news report, after hacking into USPS, days after this event, hackers broke into U.S. National Weather Service computers. This attack was confirmed by the US National Oceanic and Atmospheric Administration. This attack took place just two days after the attack on the USPS. According to the American media reports, many of the NOAA services were put under temporary maintenance or were taken down temporarily. One of the representatives of the company told the Washington post that they know it was an attack from the hackers and it originated from China.

The agency had failed to inform appropriate authorities regarding these attacks. Although there is enough evidence pertaining to these attacks, NOAA refused to comment on the issue pertaining to the Chinese attacks on the United States Satellite network and weather conditions. They haven’t confirmed if this attack affected their notification or impacted any classified data.

Researcher Put Their Focus on the Masque Attack on OS X/iOS

According to the reports released to public by the researchers working at FireEye on 17 November, Mac OS X and iOS operating systems have threat from Masque Attack, which has already come into existence. This report was published within a gap of a week post the discovery of WireLurker by the Palo Alto Networks.

What is Masque Attack? 

Masque attack can easily utilize a drawback in the operating system of Apple, which allows the user to replace one app by another app, as long as both these apps are using the same bundle identifier. One of the threatening issues is that through this attack, all the preinstalled apps on the operating systems (example Mobile Safari) can be easily replaced.

The duplicate apps will be able to track the local data of the original apps, which includes the login details like user id and password. Through this attack, an attacker can easily login into anyone’s account and make transactions from their bank accounts.

These attacks become more easy, has the iOS usually does not put in force certificate matching for apps that come with the same bundle identifier. FireEye researchers were able to verify and identify the vulnerability on both regular iOS and jailbroken. The regular iOS includes iOS 7.1.1, iOS 7.1.2, iOS 8.0, iOS 8.1, and iOS 8.1.1 beta. Attackers can influence the vulnerability through USB ports and even wireless networks.

According to the blog post of FireEye researchers Tao Wei, Hui Xue and Yulong Zhang, Apple is unable to prevent such attacks due to the existing standard interfaces and protections. They are requesting the Company to develop interfaces that are more powerful and give it to professional security vendors.

This way these vendors will be able to protect their enterprise users from all these advanced attacks. This attack will prompt the users to download malicious apps with new names like for example, the new angry bird.

The users of these operating systems are more susceptible to these attacks when they download any app from third party source or by ignoring the un-trusted app message popping on their phones. Users, who have set the Gatekeeping feature on “Anywhere”, actually nullify their protection.

As per FireEye's researchers, WireLurker utilizes very limited form of the attack when hitting the iOS through USB ports.

According to director of software engineering at Arxan, Joe Abbey, WireLurker will be able to deliver the workload only if the user has installed any un-trusted app on MAC, on the other hand for the Masque attack to occur, the user must have downloaded enterprise-provisioning profile.

Companies who have the BYOD policies are more susceptible to Masque attack. According to Abbey, it is recommended that the owners of BYOD policies disable the provisioning profiles, till Apple comes out with a solution.

Masque attacks and WireLurker are additional examples of highly sophisticated and automated attacks, which are growly rapidly. These attacks highlights that we are in serious need of automotive proactive protection and prevention methods.

Owing your Personal Data – the Key to Activity Tracking!

In the past few months, the market has been on the brink of saturation as far as fitness trackers and smartwatches are concerned. Every week sees a new announcement from one of the OEMs about a smartwatch, a smartband or a fitness tracker.

All these devices are aimed at doing one thing – gather raw data and churn them into useful information for the user. Yet if you even have to migrate from one of these devices to another, the process of reclaiming your data collected can be a tough journey.

Exporting from Activity Trackers

In case you own a fitness/activity tracker like Fitbit, Jawbone Nike+, Withings, etc. you would want to own all the precious data that these devices have collected over a period of time and when you make the switch, the old data should still be available.

Among them, the best exporting services is provided by Jawbone – just login to your account and export the data in CSV format by year for free. The next in line comes Fitbit – exporting is available in either of CSV or XLS formats but only if you happen to have a premium account for $ 49.99 a year. For others, you may need IFFFT recipes from the IFFFT websites, which let you export your data.

Exporting from Smartwatch

Smartwatch on the other hand collect less data and provide more “phone”-like facility like notifications, playing music, checking emails, etc. The data collected is usually synced with a smartphone. Since this means that there is a dedicated app on your smartwatch running for this, the data in theory can be extracted and archived if wished. Note that smartwatch are more power hungry devices and will not last as long as activity trackers often requiring daily recharge.

Smartphone and Health Services

The biometric data tracking does not end with wearable devices. Modern smartphones are very capable of collecting such data and then churning out the information. The three big competitors – Apple, Google and Microsoft are already in the game with integrated health services where all the data are stored in huge databases and can be exported i.e. Apple Health makes it possible to export all the data.

Microsoft on the other hand seems to be platform agnostic i.e. their recently launched smartband supports IOS, Android and Windows Phone whereas Google and Apple are more keen on supporting their platforms without compatibility across others.

The Recommendation

Going by all the choices, the Jawbone activity tracker seems the most promising – free export of all the data in CSV without any hassle. Next in line would be Fitbit with a premium account that provides the same with XLS and CSV support. As for the others, the long route of IFFFT recipe is the way out. For smartwatches, the scenario is different.

These devices do not provide stellar battery life and data tracking is limited in nature – they are more an all-rounder. However the Microsoft smartband seems a good proposition with cross platform support and data export in some form should be arriving in future.

Researchers Identified Sophisticated Chinese Cyber Espionage Team

Collaboration between various security firms has thwarted one of the biggest and most sophisticated cyber espionage crew called the Axiom which is thought to be linked to China. This Axiom Threat Actor Group mostly targeted NGO and pro-democratic along with other individuals who are perceived as potential threat to China.

The Axiom Group

The group mostly targets pro-democratic NGOs in Asia along with industrial espionage by targeting organizations with influential energy policy and environmental policies. Also on the list is IT giants, chip makers, telecom companies and infrastructure providers.

The group mostly used phishing attack and malwares to get the job done. The typical attack seems more like a state-sponsored attack yet again. Their prime is the Hikit tool linked to an attack referred to as Deputy-dog attack, which famously used an IE zero day bug to attack Asian firms mostly.

The group seems to work relatively quietly and is thought to be more heavily funded than say APT1 crew (Shanghai based and PLA affiliated). According to Novetta, the group is active for 6 years, is highly disciplined and is well-resourced. The suspect that Chinese government is related is most certainly true.

The Collaboration and Solution

The attacks performed did not go unnoticed however and sooner rather than later, security firms started collaborating to bring it down. The coalition among the partner is led by Novetta along with Bit9, Cisco, F-Secure, ThreatTrack Security, iSIGHT Partners, Microsoft, FireEye, Tenable, ThreatConnect, Volexity and other unnamed partners. Via Microsoft’s coordinated malware removal campaign, the coalition took its first public action called operation SMN.

Over 43k machines with Axiom tool installations have been removed from machines. Among them 180 were clear examples of Hikit – the last stage persistent and data exfiltration tool that is the peak of the Axiom victim’s lifecycle. This was perhaps the first of its kind from security firms to fight off potentially deadly state-sponsored threats to the whole world.

The Diplomacy 

China has clearly denied any involvement in Axiom. According to Chinese Embassy spokesman, such events and allegations judging from the past are fictitious and China has itself been on the wrong end of cyber espionage according to revelations by Snowden.

With 2 weeks to go before President Barrack Obama gives Beijing a visit, cyber security will be a high priority agenda to discuss. Washington has previously tried hard enough to pressurize China over issues of possible state-sponsored cyber warfare against the US but has failed to sustain it after the Snowden revelations.

Novetta however hopes that the example set by the coalition will be followed in future to fight cyber terrorism. However, it will be very stupid to think that Axiom is gone for good. The operation was more of a remediation than knock-out blow and chances are that Axiom will be back soon though with probably different tools and strategies this time around.

The group has amassed lots of technical data regarding the threat and its workings which will help in future in fighting against such groups.

Getting To Grips with Online Security

For any business security is important, yet small companies often face a more difficult challenge than larger firms. As a business with limited financial resources, you can't always afford large in-house IT teams or rely on custom-built software.

As a result, the best entrepreneur needs to find cost effective methods that remain just as efficient. In an age dominated by online data protection, performance is something that cannot be compromised. Fortunately, there are a number of steps you can take, such as an SSL certificate.

What is SSL? 

SSL stands for Secure Sockets Layer and refers to private communications between your server and other users. This is what keeps customer information from leaking: by encrypting the data sent back and forth, it is all the more difficult for would-be data thieves to listen in. Consequently, the better the SSL, the more difficult it is for thieves to intercept, which makes it more likely that hackers will look elsewhere.

OpenSSL is an open-source version which is ideal for use with smaller businesses. As an open-source variant, OpenSSL is easy to tailor and customise to your needs. Many companies use this across the globe because it is affordable, regularly updated and enables your company to obtain an SSL certificate.

How do certificates help? 

Having security in place is pointless if people are not aware of it, so you need a way to show off your efforts. Not only does it provide official proof of your protection, an SSL certificate can keep your business secure at the same time. A certificate represents a certain recognised grade of achievement, which will often result in a green padlock symbol appearing in various web browsers. This small symbol reassures customers that the information they give you is safe, helping to build further trust between you and them.

There are different certificates available. Depending on the nature of your business, you may want to invest in an Extended Validation Secure Sockets Layer certificate, or EV SSL for short. EV SSL goes even further to check information being sent back and forth. If anything happens in between, such as someone trying to steal data, you’ll be aware.

When dealing with the likes of B2B, this extra precaution is something many will expect as standard practise. The right SSL certificate proves you take your business and its data protection obligations seriously without breaking the bank.