Sunday, 19 June 2016
Wednesday, 15 June 2016
Microsoft release tons of security updates to patch 44 vulnerabilities
Microsoft has released 16 security bulletins on Tuesday
resolving a total of 44 security holes in its software, including Windows,
Office, Exchange Server, Internet Explorer and Edge.
Five bulletins have been rated “critical” that could be used
to carry out remote code execution and affected: Windows, Internet Explorer
(IE), Edge (the new, improved IE), Microsoft Office and Office services; and
the remaining 11 are marked important.
One of the critical issues, MS16-071 that caused alarm bells
to go off for many security experts involves a Use-After-Free bug
(CVE-2016-3227), which affects Microsoft Windows Domain Name System (DNS)
servers for Windows Server 2012 and 2012 R2.
The vulnerability resides in the way servers handle
requests. Attackers could send a specially crafted request to a DNS server and
convinced it to run arbitrary code in the context of the Local System Account,
Microsoft’s advisory warns.
Another critical vulnerability is addressed in MS16-070,
which patches some security holes in Microsoft Office.
The crucial Memory Corruption Vulnerability (CVE-2016-0025)
resides in Microsoft Word RTF format that could allow an attacker to run
arbitrary code and take control of the system if its user was logged on with
administrator rights.
An attacker could trigger the exploit with a simple e-mail
containing a Microsoft Word RTF file without user interaction.
The remaining two critical bulletins address multiple remote
code execution vulnerabilities in Microsoft’s browsers Internet Explorer and
Edge.
Rest of the bulletins addresses vulnerabilities in Windows
SMB Server, Windows NetLogon, Web Proxy Auto-Discovery (WPAD), Microsoft
Exchange, Active Directory, Windows PDF and more.
Meanwhile, Adobe also rolled out security patches for DNG
Software Development Kit, Brackets, Creative Cloud Desktop App, and hotfixes
for ColdFusion.
However, a patch for a zero-day vulnerability
(CVE-2016-4171) in Adobe Flash Player that Adobe claims is being exploited in
"limited, targeted attacks" was expected today but will arrive later
this week.
Anton Ivanov and Costin Raiu of Kaspersky Labs discovered
and reported the zero-day vulnerability in Flash Player version 21.0.0.242 and
earlier versions for Windows, Macintosh, Linux, and Chrome OS. The Flash
zero-day exploit is being deployed in active espionage attacks.
Monday, 13 June 2016
North Korean hackers steal defense files from South.........................
Seoul police say the hackers were also able to plant malicious code into
the computers in an attempt to use them as 'zombie' machines
SEOUL, South Korea – North
Korean hackers managed to steal thousands of records from private firms
and state agencies in the South including defense industry information
and files from Korean Air, Seoul police said Monday, June 13.
The hacking originated from 16 servers
based in the North's capital Pyongyang, police said, adding the North
had stolen more than 42,000 internal records.
The North gained access to the internal
systems of the firms and agencies at some point after hacking in 2014
into computer management software developed by a Seoul IT firm,
according to the police.
The breach was discovered earlier this year.
The hackers also planted 33 types of
malicious code into the computers in an apparent bid to use them as
"zombie" machines to launch future cyberattacks on other organizations
in the South, it said.
The companies that were hacked include
South Korea's flagship air carrier Korean Air and SK Networks, a sister
company of South Korea's top wireless operator, SK Telecom, Yonhap news
agency said.
"We worked with the organizations that
were targeted to recover the lost records and fortify their computer
security to prevent further infiltration," the police said in a
statement.
Some of the stolen records however
contained information about the defense industry or network data
essential to stage cyberattacks, it added.
The records include designs of military aircraft and Internet facilities at South Korean army barracks, according to the Yonhap.
Police added that some of the 16 servers
in Pyongyang had the same IP addresses as those that had staged a
crippling cyberattack on Seoul's banks and TV broadcasters in 2013.
Seoul has in recent years blamed the
North's hackers for a series of cyberattacks on military institutions,
banks, state agencies, TV broadcasters, media websites, and a nuclear
power plant.
The attack in March 2013 left the
websites and tens of thousands of computers at several TV stations and
banks paralyzed for hours.
Pyongyang has angrily denied involvement
in the attacks and accused Seoul of spreading fabrications aimed at
slandering its leader.
The North operates an army of more than
1,000 hackers who stage hacking or cyberattacks targeting Seoul's major
institutions or key officials, according to the South's spy agency. Mafiaboy grows up: computer hacking taught him how to protect companies..................................
Mafiaboy is now a man and he’s on a mission.
As a 15-year-old hacker in 2000, Mafiaboy (real name: Michael Calce) paralyzed the websites of the biggest names in media and e-commerce, including CNN, Amazon and eBay. The RCMP and FBI tracked him down in Île-Bizard. He pleaded guilty to 58 charges and spent eight months in a youth detention centre.
Now 31, Calce recently started a cyber-security company — Optimal Secure — focusing on the financial sector in Montreal, Toronto and Vancouver. His specialty: “penetration testing.” Companies hire him to try to penetrate their computer defences so they can secure systems before hackers strike.
Computer hacking is a constant threat. In recent weeks alone, hackers have: broken into some of Facebook’s Mark Zuckerberg’s accounts; forced the University of Calgary to pay a $20,000 ransom after crippling its computer systems; stolen $81 million U.S. from the Federal Reserve Bank of New York.
The Montreal Gazette sat down with Calce and learned that “spear-phishing email attacks” are among the scary things to fear online today. (This interview has been edited and condensed.)
Q. What does your company do?
A. I provide ethical, real-time hacks. I simulate what a hacker would do. I show companies what I found to be their weakest point. We do penetration testing — testing to see if we can penetrate a company’s systems. Companies give me authorization to attempt to pick their locks.
Q. What kinds of things do you do when you’re simulating a hacker attack?
A. Sometimes, “pen-testers” case the place as if they’re detectives. In one case, a pen-tester noticed a routine: an individual would leave and come to work with his laptop, so it was likely he was plugging his laptop into the company network. The pen-tester also noticed he would take the train every morning, so one day he drove along a road next to the train while this employee was going to work. He hacked into the Wi-Fi on the train, booted the guy off the router, then tricked the employee into logging into the pen-tester’s laptop. The second he did that, the pen-tester put all kinds of malware and backdoors on his laptop. As soon as the employee got to work and plugged his laptop into the network, the malware spread. Voilà, the whole company is owned.
Q. What problems do you uncover?
A. It’s really quite disturbing, the vulnerabilities that are discovered. They may be using out of date software that hasn’t been patched in three years. They may not be budgeting enough. Or they think because they have an IT department, they’re secure. They don’t understand that most IT departments have a lot of other tasks that are not associated with security or they may not be trained as security professionals. Many companies think they’re not at risk but they are. A hacker may not be specifically targeting your company, but you do have an IP address and you have a server, so you’re at risk. Hackers don’t know or care what the company is, if they scan and see a vulnerability, they’ll exploit it. Typically, hackers will just run a remote scan and see if they can get into you. Unless the guy is paid to target you or has a personal vendetta against your company, they’re not going to waste too much time. If they can’t get in within a couple of hours or even less, they’ll move on. There are easier fish in the sea.
Q. What tricks are hackers using these days to target companies?
A. Spear-phishing email attacks are probably the most effective. (Phishing involves fraudulently obtaining valuable information using authentic-looking emails and websites; spear-phishing is a more targeted version). Basically, hackers send an email to someone within a company, but they have the ability to spoof the email and make it appear as if it’s coming from someone they have on their contact list. It could be their boss, a superior, saying, “Hey, here’s the quarterly report” or whatever catchphrase they want to use, and as soon as they click that attachment the whole company is compromised. Some companies put too much information about their employees online. It says ‘”our team” and it shows every person, with email addresses. So the whole map of the company is right there for me. I know who to email, from what account and what to tell them. If it shows their position, it tells me who the boss is and why he would be emailing this person. Hackers are doing this. With our customer’s consent, we can simulate this type of attack.
Q. How would you rate the average person’s home computer security?
A. Terrible. Absolutely terrible. Most people don’t run firewalls. They run either the basic Windows Defender or some antivirus software that they haven’t updated and is probably not even functioning anymore. You need a good two-in-one firewall/antivirus. Always use complex passwords — 10-12 characters in length, with both upper- and lowercase, numbers and asterisks and don’t use words that would be in a dictionary. And use different passwords for different sites because databases get hacked and if they get your one password, they can get into all your accounts. That’s what happened to Mark Zuckerberg. Also, be careful about what you’re downloading, what you’re clicking. I can set up a clone website where the second you visit a website, you’re hacked.
Q. But smartphones are safer, right?
A. Not really. Smartphones are basically computers — you have a hard drive, a processor, an operating system, Internet access. Hackers are starting to specifically code malware for smartphones. Be careful about what apps you’re downloading, check the reviews, check how many people have downloaded it. And be careful about doing your online banking and what kind of information you’re using your phone to transmit. Certain apps can steal data from your phone. Your Bluetooth should be off. And don’t connect random networks you don’t know. Be conscious about what hot spots you’re logging into on your cellphone. I can sit in a hotel room and log into the Wi-Fi and literally steal all the data going over the Wi-Fi using very basic software.
Q. What did you learn as a hacker that you’re using now?
Techniques to circumvent administrators and detection software, how to hide back doors. You want to secure a bank, you hire an ex-bank robber. He knows the ins and outs of the bank. You might be looking at four walls, but this guy’s looking at coming through the floor. That’s the difference. It’s the mentality.
Q. Why should companies trust you?
A. I’ve been reformed for a long time now and I never want to go back there. Over the past 10, 15 years I’ve rebuilt my credibility. I get paid to do keynotes for a reason. I was a hacker when I was 15 years old. I’m 31 now. Within Canada, I’m one of the leading IT security experts that is bringing the most awareness to this topic. I’ve dedicated my life to this because I believe in raising awareness. I love helping people and helping companies, and if I can make a living doing it that’s fantastic — I have my dream job...........
As a 15-year-old hacker in 2000, Mafiaboy (real name: Michael Calce) paralyzed the websites of the biggest names in media and e-commerce, including CNN, Amazon and eBay. The RCMP and FBI tracked him down in Île-Bizard. He pleaded guilty to 58 charges and spent eight months in a youth detention centre.
Now 31, Calce recently started a cyber-security company — Optimal Secure — focusing on the financial sector in Montreal, Toronto and Vancouver. His specialty: “penetration testing.” Companies hire him to try to penetrate their computer defences so they can secure systems before hackers strike.
The Montreal Gazette sat down with Calce and learned that “spear-phishing email attacks” are among the scary things to fear online today. (This interview has been edited and condensed.)
Q. What does your company do?
A. I provide ethical, real-time hacks. I simulate what a hacker would do. I show companies what I found to be their weakest point. We do penetration testing — testing to see if we can penetrate a company’s systems. Companies give me authorization to attempt to pick their locks.
Q. What kinds of things do you do when you’re simulating a hacker attack?
A. Sometimes, “pen-testers” case the place as if they’re detectives. In one case, a pen-tester noticed a routine: an individual would leave and come to work with his laptop, so it was likely he was plugging his laptop into the company network. The pen-tester also noticed he would take the train every morning, so one day he drove along a road next to the train while this employee was going to work. He hacked into the Wi-Fi on the train, booted the guy off the router, then tricked the employee into logging into the pen-tester’s laptop. The second he did that, the pen-tester put all kinds of malware and backdoors on his laptop. As soon as the employee got to work and plugged his laptop into the network, the malware spread. Voilà, the whole company is owned.
A. It’s really quite disturbing, the vulnerabilities that are discovered. They may be using out of date software that hasn’t been patched in three years. They may not be budgeting enough. Or they think because they have an IT department, they’re secure. They don’t understand that most IT departments have a lot of other tasks that are not associated with security or they may not be trained as security professionals. Many companies think they’re not at risk but they are. A hacker may not be specifically targeting your company, but you do have an IP address and you have a server, so you’re at risk. Hackers don’t know or care what the company is, if they scan and see a vulnerability, they’ll exploit it. Typically, hackers will just run a remote scan and see if they can get into you. Unless the guy is paid to target you or has a personal vendetta against your company, they’re not going to waste too much time. If they can’t get in within a couple of hours or even less, they’ll move on. There are easier fish in the sea.
Q. What tricks are hackers using these days to target companies?
A. Spear-phishing email attacks are probably the most effective. (Phishing involves fraudulently obtaining valuable information using authentic-looking emails and websites; spear-phishing is a more targeted version). Basically, hackers send an email to someone within a company, but they have the ability to spoof the email and make it appear as if it’s coming from someone they have on their contact list. It could be their boss, a superior, saying, “Hey, here’s the quarterly report” or whatever catchphrase they want to use, and as soon as they click that attachment the whole company is compromised. Some companies put too much information about their employees online. It says ‘”our team” and it shows every person, with email addresses. So the whole map of the company is right there for me. I know who to email, from what account and what to tell them. If it shows their position, it tells me who the boss is and why he would be emailing this person. Hackers are doing this. With our customer’s consent, we can simulate this type of attack.
Q. How would you rate the average person’s home computer security?
A. Terrible. Absolutely terrible. Most people don’t run firewalls. They run either the basic Windows Defender or some antivirus software that they haven’t updated and is probably not even functioning anymore. You need a good two-in-one firewall/antivirus. Always use complex passwords — 10-12 characters in length, with both upper- and lowercase, numbers and asterisks and don’t use words that would be in a dictionary. And use different passwords for different sites because databases get hacked and if they get your one password, they can get into all your accounts. That’s what happened to Mark Zuckerberg. Also, be careful about what you’re downloading, what you’re clicking. I can set up a clone website where the second you visit a website, you’re hacked.
Q. But smartphones are safer, right?
A. Not really. Smartphones are basically computers — you have a hard drive, a processor, an operating system, Internet access. Hackers are starting to specifically code malware for smartphones. Be careful about what apps you’re downloading, check the reviews, check how many people have downloaded it. And be careful about doing your online banking and what kind of information you’re using your phone to transmit. Certain apps can steal data from your phone. Your Bluetooth should be off. And don’t connect random networks you don’t know. Be conscious about what hot spots you’re logging into on your cellphone. I can sit in a hotel room and log into the Wi-Fi and literally steal all the data going over the Wi-Fi using very basic software.
Q. What did you learn as a hacker that you’re using now?
Techniques to circumvent administrators and detection software, how to hide back doors. You want to secure a bank, you hire an ex-bank robber. He knows the ins and outs of the bank. You might be looking at four walls, but this guy’s looking at coming through the floor. That’s the difference. It’s the mentality.
Q. Why should companies trust you?
A. I’ve been reformed for a long time now and I never want to go back there. Over the past 10, 15 years I’ve rebuilt my credibility. I get paid to do keynotes for a reason. I was a hacker when I was 15 years old. I’m 31 now. Within Canada, I’m one of the leading IT security experts that is bringing the most awareness to this topic. I’ve dedicated my life to this because I believe in raising awareness. I love helping people and helping companies, and if I can make a living doing it that’s fantastic — I have my dream job...........
North Korea mounts long-running hack of South Korea computers, says Seoul.................
South Korea has been on heightened alert against cyber attacks by the North after Pyongyang conducted a nuclear test in January and a long-range rocket launch in February that led to new U.N. sanctions.
The North has always denied wrongdoing.
The hacking began in 2014 and was detected in February, after North Korea managed to steal information from two conglomerates including defense-related material, South Korea's police cyber investigation unit said.
"There is a high possibility that the North aimed to cause confusion on a national scale by launching a simultaneous attack after securing many targets of cyber terror, or intended to continuously steal industrial and military secrets," it said.
The hackers took no action after gaining control of servers and computers at some corporate groups and waited, as they continued to hack into more targets in what police said was likely an effort to build the scale of a planned attack.
Reclusive North Korea and the rich, democratic South are technically still at war because their 1950-53 conflict ended in an armistice, not a peace treaty. The North regularly threatens to destroy the South and its main ally, the United States.
In March, the South's spy agency said it had intercepted an attempt to hack into South Korean computer networks to attack the transport system's control network, blaming the North for the attempt.
"F-15 FIGHTER JET WINGS BLUEPRINT"
The United States accused North Korea of a cyber attack against Sony Pictures in 2014 that led to the studio cancelling the release of a comedy based on the fictional assassination of leader Kim Jong Un. North Korea denied the accusation.
In the most recent case, documents stolen from the two conglomerates included blueprints for the wings of F-15 fighter jets, an official at the cyber investigation unit told Reuters by telephone.
Of the more than 42,000 materials stolen, more than 40,000 were defense-related.
South Korean media said the two conglomerates were the SK and Hanjin groups, but police declined to confirm that.
A spokesman at SK Holdings said four group affiliates were affected by the hacking but they worked with the police to quickly close the breach and the leaked documents were not classified.
A spokesman at Korean Air Lines, part of Hanjin Group, said the documents leaked from its network were not classified and no other group affiliates were affected.
A Defense Ministry official said none of the defense-related materials stolen was secret and there was no security breach.
The hacking originated from an IP address traced to the North Korean capital and targeted network management software that is widely used by private companies and government agencies, police said, declining to identify the software.
The IP address was identical to one used in a 2013 cyber attack against South Korean banks and broadcasters that froze computer systems for more than a week. South Korea blamed the North for that attack, and the North denied responsibility.
Police said they worked with the affected companies and agencies to neutralize the malicious codes and prevent them from being used in a large-scale cyber attack.
Sunday, 12 June 2016
eBay vulnerability put millions of user at risk...................
Even though this flaw was privately notified to eBay a month ago, no act was taken until the matter got the attention of the media.
Short YouTube video on how the XSS security vulnerability works.
Using the method user
can allow attackers easily steal usernames and passwords, since many people use the same details, it could have resulted in heavy data loss.
According to security researcher, This was a simple vulnerability which would have allowed the attacker to use iframe to insert their own malicious page into eBay.”
Now the vulnerability is patched.
Saturday, 11 June 2016
Twitter Locks Down Compromised Accounts After Mega Breach.....................
Twitter also specified that it is "confident that the information was not obtained from a hack of Twitter's servers", technology website The Verge reported on Friday.
It is not clear how many accounts Twitter chose to lock, but the company told the Wall Street Journal the number was in the millions, and that those affected will have already received an e-mail explaining the situation, the report noted.
The news of leaked passwords was first provided by LeakedSource, a site with a search engine of leaked login credentials and said that the cache of Twitter data contains 32,888,300 records, including e-mail addresses, usernames and passwords.
LeakedSource noted that "the user credentials were collected by malware infecting browsers like Firefox or Chrome rather than stolen directly from Twitter".
Facebook CEO Zuckerberg's Twitter, Pintrest account Hacked.... And the Password was.............
The
man who runs the biggest social network and continuously implements new
security measures to boost its billion users security, himself failed
to follow basics of Internet security for his own online accounts.Yes, I’m talking about Facebook CEO Mark Zuckerberg, who had his Twitter and Pinterest accounts compromised on Sunday.
The hacker group from Saudi Arabia, dubbed OurMine, claimed responsibility for the hack and guess how the group did it?
Thanks to the LinkedIn data breach!
The hackers tweeted that they found Zuck's account credentials in the recent LinkedIn data breach, from which they took his SHA1-hashed password string and then broke it and tried on several social media accounts.
27 million Mate1.com account hacked and sold
If you have an account on online dating website Mate1.com then it is very high probability that your account has been hacked.
A hacker has claimed of accessing the account usernames, passwords and email addresses for 27 million people by posting a Hell.
According to the Motherboard Vice, who first reported about the hack said that hacker has hacked over 27 million users account details, and sold them to someone else through a deal brokered on the Hell forum.
The hacker told to Motherboard Vice that he managed to compromise the Mate1.com server, and used command access to look at the MySQL database and then download parts of it.
Further adding he said that the online dating website has lax a security flaw which allow users to log onto the website without authenticating their email-id to complete the sign-up process, which means that you just have to log onto the website, create your account with an email address that belongs to you or to someone eases.
The hacker reveals that Mate1 does not use any encryption technique to store passwords, so don't worry if you have forgotten your password, it will be sent to the corresponding email in plain text.
It is not clear how much the hacker eventually sold the data for, although he was offering it
A hacker has claimed of accessing the account usernames, passwords and email addresses for 27 million people by posting a Hell.
According to the Motherboard Vice, who first reported about the hack said that hacker has hacked over 27 million users account details, and sold them to someone else through a deal brokered on the Hell forum.
The hacker told to Motherboard Vice that he managed to compromise the Mate1.com server, and used command access to look at the MySQL database and then download parts of it.
Further adding he said that the online dating website has lax a security flaw which allow users to log onto the website without authenticating their email-id to complete the sign-up process, which means that you just have to log onto the website, create your account with an email address that belongs to you or to someone eases.
The hacker reveals that Mate1 does not use any encryption technique to store passwords, so don't worry if you have forgotten your password, it will be sent to the corresponding email in plain text.
It is not clear how much the hacker eventually sold the data for, although he was offering it
Subscribe to:
Posts (Atom)