Security and high profile sites get 'pwned'

Nigerian scams, chain letters, pyramid schemes and anything not auction related.
User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Codespaces Spaced Out

Post by Foggyone » Wed Jun 18, 2014 9:24 pm

Source code hosting provider Cloud Spaces has suffered the ultimate cloud nightmare, having been effectively forced out of business by the actions of an attacker who managed to gain access to its Amazon EC2 control panel.

The devastating incident began on June 17 when Cloud Spaces – a company that claimed to offer "Rock Solid, Secure and Affordable Svn Hosting, Git Hosting and Project Management" – became the target of a DDoS attack from an unknown party who demanded "a large fee" to make it stop.
The net effect was that, once the smoke cleared, Cloud Spaces no longer had any service to offer its customers.
Full story here.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Today it's European Central Bank

Post by Foggyone » Thu Jul 24, 2014 6:55 pm

Cyber-robbers hack European Central Bank's... website

Not the bit where the cash is, the bit where identities can be compromised.
The European Central Bank has written to 20,000 people to warn them their personal data may have been stolen during a huge cyber-heist.

ECB said crooks had attempted to extort money from the bank after hacking into a database containing email addresses, phone numbers and addresses of people who had registered to attend events.

An ECB spokeswoman told us that all the people affected had been contacted, but stressed that it was not known whether all 20,000 people on the database were affected.

She said that as far as the bank knows, the information has not yet been dumped online. This suggests the attack was carried out purely for financial gain, as hackers often like to show off the results of their work by publishing their haul online.
quelle horreur!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Chinese for tea, anyone?

Post by Foggyone » Tue Aug 05, 2014 7:25 pm

If you ate at one of these PF Chang's restaurants, your bank card is at risk
US eatery chain P.F. Chang's has named 33 of its restaurants that were compromised by bank card fraudsters this year.

The company said payment systems at its Chinese bistros in states from California to Florida were infiltrated, allowing crooks to siphon off victims' credit and debit card details.
Now, the PR speak starts.
"We have determined that the security of our card processing systems was compromised, and we have reason to believe that the intruder may have stolen some data from certain credit and debit cards that were used during specified time frames at 33 P.F. Chang's China Bistro branded restaurant locations in the continental United States," the company said.
No mention of how many were affected. Just bland, soothing non statements.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Wed Aug 06, 2014 5:08 am

Here's a truly massive hack. The biggest the world has ever known.
A mysterious Russian crime gang has reportedly amassed the largest ever cache of stolen website passwords – more than a billion, swiped from poorly secured user databases.

A network of computers quietly hijacked by malware, and controlled from afar by the crooks, identified more than 420,000 websites vulnerable to SQL injection attacks, we're told. These sites were flagged up to the malware's masters, who then returned to harvest 1.2 billion unique records by exploiting those website vulnerabilities.

The hackers – based in south central Russia – ended up with 4.5 billion username and password combinations, although many were duplicates, it's reported. Of these username records, there were 542 million unique email addresses, apparently.

The hacked websites ranged from household names to small businesses located all over the world, security researcher Alex Hold told The New York Times.

http://www.theregister.co.uk/2014/08/05 ... passwords/" onclick="window.open(this.href);return false;
A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable. At the request of The New York Times, a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.

http://www.nytimes.com/2014/08/06/techn ... tials.html" onclick="window.open(this.href);return false;

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Re: Security and high profile sites get 'pwned'

Post by Foggyone » Wed Aug 06, 2014 6:34 pm

With this data the gang are well placed to do all sorts of mischief. Here's hoping they are just naughty schoolboys, and not hardened criminals.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Wed Aug 06, 2014 7:29 pm

I hope you're right Foggy, but I suspect that anyone capable of stealing more than a billion user names and passwords is a step up from a typical schoolboy hacker.

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Embassy Watering Hole Attacks

Post by Foggyone » Tue Aug 12, 2014 6:46 pm

Fifteen countries KO'd in malware one-two punch
Someone suspected to be backed by a nation state is attacking embassies of former soviet states with a malware tool that has infiltrated networks across more than 15 countries.

Hacked embassies of unnamed former soviet states include those located in: France; Belgium; Ukraine; China; Jordan; Greece; Kazakhstan; Armenia; Poland, and Germany.
Infection began like many targeted campaigns through infection of various websites likely to be visited by embassy staff -- a tactic known as watering hole attacks. Malware was only foisted on users visiting from specific internet protocol addresses.

At least 84 websites have been turned into watering holes.

If the Wipbot or Tavdig malware foisted on embassy computers to establish a network foothold returned interesting and high profile targets, the unnamed actors would distribute the more complex malware known variously as Turla, Uroboros, Snake, or Carbon.
Possibly connected with the Ukraine situation.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Supermarket Snafu

Post by Foggyone » Sat Aug 16, 2014 6:34 pm

Supervalu supermarket stores stung by sneaky sales system scammers

Up to 1,000 stores could have been hacked
Supervalu, one of the biggest supermarket chains in the US, is warning customers who shopped with them between June 22 and July 17 to check their bank statements, after investigators discovered hackers have been at work.

"The safety of our customers' personal information is a top priority for us," said CEO Sam Duncan. "The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data. I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores."

Supervalu and parent company AB Acquisition have warned that crooks may have collected credit card numbers, expiration dates, other numerical information and/or the cardholder's name from point of sale terminals in its stores, as well as the Cub Foods, Farm Fresh, Hornbacher's, Shop 'n Save and Shoppers Food & Pharmacy franchises.

In addition, the hackers may also have hit stores that the Supervalu chain sold off last year but which still handles some financial transactions for. These include the Albertson's, Acme, Shaw's and Star Market chains.
The highlighted text is the start of the usual PR spin.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Oops for UPS

Post by Foggyone » Thu Aug 21, 2014 6:29 pm

Did you swipe your card through one of these UPS Store tills? You may have been pwned - As many as 100k transactions spied upon by malware
UPS has discovered an outbreak of debit and credit-card-reading malware in 51 of its branches in the US.

Exactly which strain of malware was involved is not known; a spokesperson told The Register today: "We're still investigating the infection." It's hoped the identity of the malware will be revealed once that probe is complete.

The shipping biz has issued a statement explaining that the software nasty was detected during an audit by an outside consultant.

That probe was in response to an American government security alert warning organizations to check for “a broad-based malware intrusion not identified by current anti-virus software”, the company says.
Luckily this is not likely to impact Kiwis.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

56,000,000

Post by Foggyone » Fri Sep 19, 2014 7:17 pm

Home Depot: 56 million bank cards pwned by malware in our tills
Home Depot today admitted 56 million bank cards are at risk after they were used in malware-infected tills.

The DIY giant on Thursday revealed that a software nasty infiltrated its PC-powered registers between April and September in the US and Canada. Cards swiped through the compromised machines could be accessed by the malware and siphoned off to crooks, and their account details are now feared to be in the hands of identity thieves, thieves and other miscreants.
No mention of the OS powering the PC's. Wonder if they were still using Microsoft XP powered PC's? If so, this will be the first major oppsie since the end of Microsofts XP suppport.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: 56,000,000

Post by digidog » Fri Sep 19, 2014 11:56 pm

Foggyone wrote:No mention of the OS powering the PC's. Wonder if they were still using Microsoft XP powered PC's?
Commenters on the Register story have picked up on that very thought...
XP based self checkouts

I know for a fact those self checkouts were XP based.
And probably hadn't had an update or security fix applied since they day they were installed. Which is much more likely to be a problem than the simple fact that they're running XP, which was still a supported OS at the time the malware was alleged to be introduced.

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Sat Sep 20, 2014 1:48 am

There's a local hacking story running today.
Police are investigating after attempts were allegedly made to hack a nationwide patient database.

In an email obtained by the Otago Daily Times, Southern Primary Health Organisation clinical adviser Keith Abbott, of Dunedin, warned GPs and health organisations about the ''significant hacking attempt'' on September 9.

He said the hacker tried to gain access to DrInfo, which is used by health boards, including the Southern District Health Board, medical centres and GPs around the country.

''Starting at 11am on September 9, in one case continuously lasting for 12 hours, a single IP [internet protocol] address has made over 20 million attempts to guess the passwords of practices, PHOs and DHBs in New Zealand,'' Dr Abbott said.
To me this demonstrates total incompetence on the part of the people running the site. This started at 11am on a Tuesday morning and was allowed to continue for 12 hours without anybody thinking to block the "single IP address" responsible? And we entrust confidential data to these people?

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Fri Oct 03, 2014 7:00 am

One of the world's largest ever hacks has been reported. JP Morgan Chase in the US says a massive hack has affected the accounts of 76m households and about 7m small businesses. They're blaming "Russian hackers".
The bank said financial information was not compromised and that there had been no breach of login information such as account or social security numbers, passwords or dates of birth. However names, email addresses, phone numbers and addresses of account holders were captured by hackers.

http://www.theguardian.com/business/201 ... ata-breach" onclick="window.open(this.href);return false;

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Wed Oct 15, 2014 3:52 am

South Korea's national identity card system has been seriously hacked. Their government says it might have to issue new ID numbers to every citizen over 17 at a possible cost of billions of dollars.
ID numbers and personal details of an estimated 80 percent of South Korea's 50 million people have been stolen from banks and other targets since 2004, according to experts.

Those numbers stay with South Koreans for life and, instead of being picked randomly, are based on their age, sex and other details. They are used to confirm identity, get a job or government services and even to buy cigarettes. A thief who gets a number and a name to match can set up phone, email or bank accounts.

The problems stem from South Korea's enthusiasm for the Internet and information technology, which grew faster than security measures.

Hoping to spur technology development, the government rolled out fast Internet access to nearly every home and business. About 85 percent of South Korea's people are online and the country has 40 million smartphones.

But critics say that instead of protecting users, the online identity system mandated by Seoul makes them more vulnerable to theft.

Everyone is tied to identity numbers created by a dictatorship in the 1960s to control the public, with no thought to privacy. The first few digits are the user's birth date, followed by a "1'' for male or "2'' for female and then other details.

"Resident registration numbers' usage across different sectors made them 'master keys' for hackers to open every door and steal whole packages of personal information from unassuming victims," said researcher Geum Chang-ho at the state-run Korea Research Institute for Local Administration. The agency carried out the study of possible new models for personal codes.

"Even if their numbers are leaked, people are unable to change them, so hackers are constantly trying to obtain these numbers and are managing it easily," said Geum.
And there's a Microsoft connection.
The government required Web surfers who wanted to deal with banks or shop online to use ActiveX, a Microsoft Corp. product that provides a digital signature.

Critics say the ActiveX signature was no more than a simple password and could easily be duplicated. They said another weakness is that the program runs only on Microsoft's operating system and browser and requires full access to the computer's operating system. Thieves who learned to hack that system could steal from any computer.

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Re: Security and high profile sites get 'pwned'

Post by Foggyone » Wed Oct 15, 2014 6:03 pm

Ouch. The dangers of BIG government!
Google, the answer to so many questions!
-----------------------------------------------------

Post Reply

Who is online

Users browsing this forum: No registered users and 3 guests