Hackin9

iT News (blog)

Australia's new cyber security policy must consider past mistakes
iT News (blog)
And, as was demonstrated by tracking a United States congressman and recording his calls and text messages, it's not secure. This is not news. In 2008, old-school hackers Chaos Computer Club got security researcher Tobias Engel to demonstrate how you ...

and more »
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Enlarge (credit: CloudFlare)

In less than two months, online businesses have paid more than $100,000 to scammers who set up a fake distributed denial-of-service gang that has yet to launch a single attack.

The charlatans sent businesses around the globe extortion e-mails threatening debilitating DDoS attacks unless the recipients paid as much as $23,000 by Bitcoin in protection money, according to a blog post published Monday by CloudFlare, a service that helps protect businesses from such attacks. Stealing the name of an established gang that was well known for waging such extortion rackets, the scammers called themselves the Armada Collective.

"If you don't pay by [date], attack will start, yours service going down permanently price to stop will increase to increase to 20 BTC and will go up 10 BTC for every day of the attack," the typical demand stated. "This is not a joke."

Read 3 remaining paragraphs | Comments

 

The Bangladesh central bank had no firewall and was using a second-hand $10 network when it was hacked earlier this year. Investigation by British defense contractor BAE Systems has also shown that the SWIFT software used to make payments was compromised, enabling the hackers to send money around the world without leaving any trace in Bangladesh.

In February, unknown hackers broke into the Bangladesh Bank and almost got away with just shy of $1 billion. In the event, their fraudulent transactions were cancelled after they managed to transfer $81 million when a typo raised concerns about one of the transactions. That money is still unrecovered, but BAE has published some of its findings.

The SWIFT organization is owned by 3,000 financial companies and operates a network for sending financial transactions between financial institutions. Institutions using the network must have existing banking relationships; SWIFT transactions do not actually send money but instead send payment orders that must then be settled by having the institutions involved moving money between accounts.

Read 7 remaining paragraphs | Comments

 

(credit: US DefenseImagery)

Opening a new front in its campaign to defeat Islamic State terrorists, the US military has for the first time directed its Cyber Command to mount hacking attacks against ISIS computers and networks, The New York Times reported Sunday.

While US National Security Agency hackers have targeted ISIS members for years, its military counterpart, the Cyber Command, conducted no virtual attacks against the terrorist organization. The new campaign reflects President Obama's desire to bring the types of clandestine military hacking operations that have targeted Iran and other nations to the battle against ISIS. According to the NYT:

The goal of the new campaign is to disrupt the ability of the Islamic State to spread its message, attract new adherents, circulate orders from commanders and carry out day-to-day functions, like paying its fighters. A benefit of the administration’s exceedingly rare public discussion of the campaign, officials said, is to rattle the Islamic State’s commanders, who have begun to realize that sophisticated hacking efforts are manipulating their data. Potential recruits may also be deterred if they come to worry about the security of their communications with the militant group.

Defense Secretary Ashton B. Carter is among those who have publicly discussed the new mission, but only in broad terms, and this month the deputy secretary of defense, Robert O. Work, was more colorful in describing the effort.

“We are dropping cyberbombs,” Mr. Work said. “We have never done that before.”

The campaign began by installing several implants in the militants’ networks to learn the online habits of commanders. Now, Cyber Command members plan to imitate the commanders or alter their messages. The goal is to redirect militants to areas more vulnerable to attack by American drones or local ground forces. In other cases, officials said, US military hackers may use attacks to interrupt electronic transfers and misdirect payments.

Read 1 remaining paragraphs | Comments

 

Director of National Intelligence James Clapper, seen here in 2013. (credit: Partnership for Public Service)

Director of National Intelligence James Clapper said Monday that the Snowden revelations have sped up the sophistication of encryption by "about seven years," according to the Christian Science Monitor.

"From our standpoint, it’s not a good thing," Clapper reportedly said at CSM's breakfast event. When asked how he came up with that figure, he cited the National Security Agency.

“The projected growth, maturation, and installation of commercially available encryption—what they had forecasted for seven years ahead, three years ago—was accelerated to now because of the revelation of the leaks," Clapper continued.

Read 5 remaining paragraphs | Comments

 
[security bulletin] HPSBGN03582 rev.1 - HPE Helion CloudSystem using glibc, Remote Code Execution, Denial of Service (DoS)
 

Dark Reading

Dark Reading Marks 10th Anniversary With Month Of Special Coverage
Dark Reading
He and a couple of other editors planned to start a new publication about IT security – a publication that would be very different than anything else the infosec industry had seen before. He wanted to know if I wanted in on it. On May 1, 2006 – 10 ...

and more »
 
Negin Group CMS - (v) Multiple Web Vulnerabilities
 
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability
 
Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities
 
UBNT Bug Bounty #2 - XML External Entity Vulnerability
 

Enlarge (credit: Blue Coat)

An ongoing drive-by attack is forcing ransomware onto Android smartphones by exploiting critical vulnerabilities in older versions of Google's mobile operating system still in use by millions of people, according to research scheduled to be published Monday.

The attack combines exploits for at least two critical vulnerabilities contained in Android versions 4.0 through 4.3, including an exploit known as Towelroot, which gives attackers unfettered "root" access to vulnerable phones. The exploit code appears to borrow heavily from, if not copy outright, some of these Android attack scripts, which leaked to the world following the embarrassing breach of Italy-based Hacking Team in July. Additional data indicates devices running Android 4.4 may also be infected, possibly by exploiting a different set of vulnerabilities.

It's the first time—or at least one of only a handful of times—Android vulnerabilities have been exploited in real-world drive-by attacks. For years, most Android malware has spread by social engineering campaigns that trick a user into installing a malicious app posing as something useful and benign. The drive-by attack—which has been active for at least the past 60 days and was discovered by security firm Blue Coat Systems—is notable because it's completely stealthy and requires no user interaction. The company's findings have been published here.

Read 11 remaining paragraphs | Comments

 
Telisca IPS Lock 2 Vulnerability
 
C & C++ for OS - Filter Bypass & Persistent Vulnerability
 
Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability
 

Waterbury Republican American

That USB drive you found has more than just spring break photos
Waterbury Republican American
... has more than just spring break photos. By Ally Marotti TRIBUNE NEWS SERVICE ... Jack Koziol, president and founder of InfoSec Institute, an Elmwood Park-based information security training company, agreed. "I don't think most people realize that ...

and more »
 
Internet Storm Center Infocon Status