Information Security News
by Sean Gallagher
On June 14, someone using what appears to have been a list of e-mail addresses and passwords obtained from the breach of "other online services" made a massive number of login attempts to GitHub's repository service. A review of logins by GitHub's administrators found that the attacker had gained access to a number of accounts, according to a blog post by Shawn Davenport, Vice President of Security at GitHub.
It’s not clear what the source of the e-mail/password combinations was, but there are certainly plenty of them out there right now—the recent bounty of "megabreaches," consisting of aged passwords from MySpace, Tumblr, LinkedIn and the dating site Fling, totaled more than 642 million accounts in all. And though they date back more than three years, there may have still been some that were being re-used by their owners on GitHub.
Davenport said that the passwords of the accounts accessed successfully by the attacker have all been reset. GitHub has begun contacting each affected user individually with instructions on how to get back into their account. He also urged GitHub users to enable two-factor authentication for the service and to "practice good password hygiene"—providing a link to an xkcd comic on password strength to explain.
Adobe did not release a patch for Flash on Tuesday, but instead alerted users of an unpatched, and actively exploited, vulnerability (CVE-2016-4171).
Today, Adobe did release a patch that fixes this vulnerability (and others). This is a PATCH NOW vulnerability that needs to be addressed as soon as possible.
We still don't know who he is or whether he works for the Russian government, but one thing is for sure: Guccifer 2.0—the nom de guerre of the person claiming he hacked the Democratic National Committee and published hundreds of pages that appeared to prove it—left behind fingerprints implicating a Russian-speaking person with a nostalgia for the country's lost Soviet era.
Exhibit A in the case is this document created and later edited in the ubiquitous Microsoft Word format. Metadata left inside the file shows it was last edited by someone using the computer name "Феликс Эдмундович." That means the computer was configured to use the Russian language and that it was connected to a Russian-language keyboard. More intriguing still, "Феликс Эдмундович" is the colloquial name that translates to Felix Dzerzhinsky, the 20th Century Russian statesman who is best known for founding the Soviet secret police. (The metadata also shows that the purported DNC strategy memo was originally created by someone named Warren Flood, which happens to be the name of a LinkedIn user claiming to provide strategy and data analytics services to Democratic candidates.)
Infosec 2016: While cybercriminals cooperate, cops and businesses stumble
SC Magazine UK
The wheels of cooperation between private business and public law enforcement need greasing, was the main takeaway from the “Fostering Better Engagement Between Business & Law Enforcement to Effectively Respond to Cyber-crime” panel at Infosec ...
InfoSec 2016: Businesses, Beware The Ransomware Threat, Says Rik Ferguson
British businesses need to boost their cyber-security protection to deal with the growing ransomware threats that are increasingly targeting companies around the world, a leading security researcher has said. Advertising. Speaking to TechWeekEurope at ...
InfoSec 2016: Watch Out For The Professional Cybercriminal, Warns Mikko Hyppönen
Online crime is evolving to become more business-like and professional, a leading security expert has warned. Advertising. Speaking to TechWeekEurope at the recent InfoSecurity Europe 2016 event in London, Mikko Hyppönen, chief research officer at ...