Security and high profile sites get 'pwned'

Nigerian scams, chain letters, pyramid schemes and anything not auction related.
User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

56,000,000 Update

Post by Foggyone » Mon Nov 10, 2014 6:22 pm

Further to the Home Depot story above.

Home Depot blames Windows for record hack, rushes out to buy Macs and iPhones afterward

Home Depot has confirmed in recent months that it too has been the victim of a complex malware attack, with hackers reportedly stealing more than 56 million credit cards and over 53 million emails in a record cyber heist. (new info).

......hackers used a Windows machine as a point of entry, from which they were able to spread the malware and collect customer data. (new info).

......one of the first moves Home Depot made after learning about the attack was to purchase new, secure, MacBooks and iPhones for execs. (new info).

It’s not clear what vulnerability in Windows the hackers exploited, but Microsoft patched it after the breach began .

That final sentence shows the ineptness of Home Depots IT department. They apparently let Microsoft do whatever changes they want without oversight or explanation. This is in stark contrast to the almost obsessive care taken by most IT departments where any changes are thoroughly vetted before being accepted.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

United States Postal Service

Post by Foggyone » Tue Nov 11, 2014 6:10 pm

Names, ages, addresses, SSNs of US postal staff slurped in 'mega-hack'
The US Postal Service has called in the FBI after hackers apparently grabbed names, addresses, social security numbers and other sensitive records from its staff database.
In addition to cracking the postal service payroll servers, the infiltrators also appear to have successfully taken root in one of the USPS’ callcenters – and could have collected the names, addresses, telephone numbers, email addresses and other information of people dialing in, the USPS warned. Anyone who called the center between January 1 and August 16 this year are at risk.
The usual placebo comments about no credit card details, and Chinese state sponsored hackers being responsible (no proof, just the usual excuse) have been made. Given the extended time this has the potential to be a large problem.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Sony Pictures Sacked!

Post by Foggyone » Wed Dec 03, 2014 6:23 pm

Sony employees face 'weeks of pen and paper' after crippling network hack
Sony Pictures still hasn't recovered from a comprehensive attack on its computer networks – and staff have been reduced to doing their work by hand – according to insiders.
Sony, the parent corporation, is best known for installing rootkits on people's PCs, back in the mid-2000s.

Earlier this week, miscreants calling themselves the Guardians of Peace claimed responsibility for breaking into computer systems and vandalism the intranet of Sony Pictures – an intrusion that left the firm's computers and movie-promoting Twitter accounts under outside control.

The group is also drip-feeding swiped internal documents to the online world. It's not clear if they came from individuals' PCs within Sony, or if the hackers got into protected corporate servers. These files apparently include passport scans for actors Jonah Hill, Cameron Diaz and Angelina Jolie.
Followup stories are telling of dumps including salary details of execs, including bonuses and severance packages. Dirty laundry available to world and dog!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Sony Sadness Continues

Post by Foggyone » Sat Dec 06, 2014 5:34 pm

Sources within Sony Pictures have told The Register staff received bizarre emails on Friday threatening them and their families if they don't take the side of hackers who raided the firm's corporate servers.

The hackers, working under the moniker Guardians of Peace or GOP, have spent the past week dumping onto file-sharing networks information taken from Sony's servers – including employees' home addresses, social security numbers for 47,000 people, health records, and salary details.
'We're having panic attacks' ... Now Sony staff and families threatened in emails

I feel sorry for the employees. But for the company itself, this is payback for their release of the original rootkit back in 2005. Karma is very patient, with a long memory.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Sony Sadness Sequel

Post by Foggyone » Mon Dec 08, 2014 5:58 pm

PlayStation Network offline AGAIN.
Sony has been battling another PlayStation Network outage: the PlayStation store went titsup in the early hours of Monday, UK time.

Hacktivist group the Lizard Squad claimed responsibility for flooding the servers off the internet using a distributed denial-of-service attack.
Black Fridays happen daily at Sony!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Massive Data Haul

Post by Foggyone » Thu Feb 05, 2015 6:03 pm

Anthem, America's second biggest health insurer, HACKED: Millions hit by breach
Hackers have invaded the servers of Anthem, a health insurer used by tens of millions of Americans, and stolen social security numbers, employment records, personal contact details and more. A veritable treasure trove for identity thieves.
Oops
If your plan is branded Anthem Blue Cross; Anthem Blue Cross and Blue Shield; Blue Cross and Blue Shield of Georgia; Empire Blue Cross and Blue Shield; Amerigroup; Caremore; Unicare; Healthlink; or DeCare, you are at risk – your data may have been taken by thieves.

Former Anthem customers are just as affected, we're told. Jackpot.
This will cause a stink.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Another Bitcoin Byebye??

Post by Foggyone » Tue Feb 10, 2015 11:32 pm

Bitcoin trade biz MyCoin goes dark, investors fear $387 MEEELLION lost
Investors fear they may be $387m (£254m) in the red after a Hong Kong Bitcoin biz fell silent.

The investment and trading website MyCoin reportedly closed its Kowloon offices a few weeks ago, and the company has not yet responded to inquiries from The Reg and other publications.
Reading the story brings to mind that this outfit apprears to have morphed into a ponzi scheme before it went toes up.
The South China Morning Post reports that back in November, the sole director of MyCoin's parent company resigned and transferred his shares to a company based in the British Virgin Islands.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

US IRS

Post by Foggyone » Wed May 27, 2015 7:43 pm

This is an odd one.

The US Internal Revenue Service said on Tuesday that info including tax returns and income forms for some 100,000 people were illegally accessed this year.

The naughties gathered sufficient information from other sources to trick the IRS system into disgorging records of their customers (victims). There was no breaking into servers involved, just plain old out thinking the system.

Red face day! :smt013
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Sat Jun 06, 2015 10:25 pm

This is a big one.

The US Office of Personnel Management was hacked in December 2014 and the personal data of around 4 million current and former federal employees was compromised. The FBI suspects Chinese hackers are responsible. The hack was only discovered in April this year when the agency began using "new tools" to check for intrusions.

I fear that the Washington Post may have confused the means of access.
The intruders used a “zero-day” — a previously unknown cyber-tool — to take advantage of a vulnerability that allowed the intruders to gain access into the system.
Zero-day is not a tool -- nor was it previously unknown. The term refers to any exploit which takes advantage of a security vulnerability on the same day that vulnerability becomes publicly or generally known. Thus the target has "zero days" warning.

The US (with a little help from their Five Eyes friends) operate the most intensive, intrusive and we're told, sophisticated cyber-defence systems in the world. How could offshore hackers suck down huge amounts of highly-sensitive US govt data, yet nobody noticed at the time? Surely those little lights on the server stacks would be flashing incessantly for days on end. And why did it take four whole months to finally discover the breach? Is it possible that the billion of dollars the Five Eyes partners spend on surveillance of their own citizens is wasted money?

God bless America.

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Thu Jun 11, 2015 2:43 am

Both the US Army and US Strategic Command sites have been taken down by Syrian hackers. The latter is still out of action.

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

US Office of Personnel Management

Post by Foggyone » Fri Jun 12, 2015 6:42 pm

As detailed by Digidog two posts previously, more information is coming to light about this hack.
Hackers were able to steal far more data than first thought on every US federal employee, a government workers union has said.

A letter dated Thursday sent by J. David Cox, president of the American Federal of Government Employees (AFGE) which represents more than 670,000 federal employees, claimed the breach of the Office of Personnel Management (OPM) in early June was significantly worse than what the Obama administration first claimed.
.....

The data breach, said to be one of the biggest in the federal government's history, affects around four million former and current civil servants.

From the letter, widely circulated after it was sent, the union claims "all personnel data for every federal employee, every federal retiree, and up to one million federal employees" was stolen.

That's also thought to include Social Security numbers that were "not encrypted," said the letter, adding that it was "absolutely indefensible and outrageous."

.....

That directly challenges the government's position that the stolen database was not thought to have contained information on employees applying for security clearance.
Read more...

4 new twists that push the hacker attack on millions of US govt workers into WTF land

The breach is thought to have been ongoing for a year before detected. And it was detected accidentally during a product demonstration.

Very red faces all round.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

German Parliamentary Services

Post by Foggyone » Fri Jun 12, 2015 7:07 pm

Confusion reigns as Bundestag malware clean-up staggers on
A malware infestation at the Bundestag is proving harder to clean up than first predicted, with several unconfirmed local reports going as far as suggesting that techies might have to rebuild the entire network from scratch.

As previously reported, a state-sponsored attack is suspected for the widespread infection of systems connected to the German parliament's network by a sophisticated trojan late last month. Code analysis points towards Russia as the most likely suspect, based on similarities to previous attacks, but this remains wide open to doubt.

thelocal.de reports that the security mess at the Bundestag is so bad that an "entirely new network will have to be built". According to these reports, the Federal Office of Information Technology Security (BSI) has decided on the extreme "nuke it from orbit" option as the only way to eradicate the infestation.
That is embarrassing.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Did They Really Have To Tell Them This?

Post by Foggyone » Sat Jun 13, 2015 7:04 pm

Further to the story about the US Office of Personnel Management, this gem has been published
In a statement today, officials at the White House's Office of Management and Budget said federal agency sysadmins have been told to take steps including:

1. Install software patches for critical vulnerabilities "without delay."
2. Use antivirus and check log files for "indicators" of malware infection or intrusion.
3. Start using two-factor authentication.
4. Slash the number of people with administrator-level access and limit what they can do and for how long per-login-session, and "ensure that privileged user activities are logged and that such logs are reviewed regularly."
If they need to be told these elementary steps, then there was no need to use a valuable zero day vulnerability for entry!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
digidog
Site Admin
Posts: 15014
Joined: Wed May 05, 2004 2:25 am
First Name: Alfie
Location: Otago
Contact:

Re: Security and high profile sites get 'pwned'

Post by digidog » Sun Jun 14, 2015 4:45 am

It just gets worse for US security. Previous statements that the records of "four million current and former civilian U.S. government employees" have been upgraded -- the number is actually nearer 14 million. Whoops!

And they've just owned up to yet another major hack -- this time into their security clearance database. The White House has confirmed that this is a separate hack from the previously announced breach of federal personnel data.
The forms authorities believed may have been stolen en masse, known as Standard Form 86, require applicants to fill out deeply personal information about mental illnesses, drug and alcohol use, past arrests and bankruptcies. They also require the listing of contacts and relatives, potentially exposing any foreign relatives of U.S. intelligence employees to coercion. Both the applicant's Social Security number and that of his or her cohabitant is required.

In a statement, the White House said that on June 8, investigators concluded there was "a high degree of confidence that ... systems containing information related to the background investigations of current, former and prospective federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated."

"This tells the Chinese the identities of almost everybody who has got a United States security clearance," said Joel Brenner, a former top U.S. counterintelligence official. "That makes it very hard for any of those people to function as an intelligence officer. The database also tells the Chinese an enormous amount of information about almost everyone with a security clearance. That's a gold mine. It helps you approach and recruit spies."
It beggars belief that the country which runs the most intrusive cyber-spying network in the world failed to encrypt sensitive information. Would you trust these people with your phone and email records? Well bad news because... five eyes.

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

A Biggie For Repressive Regimes

Post by Foggyone » Mon Jul 06, 2015 6:44 pm

Italian surveillance-ware maker Hacking Team has been cracked, with a substantial 400 gigabytes of its internal data pillaged and leaked online, it appears.

The plunder has been uploaded to BitTorrent in a mighty listing of directories, allegedly including audio recordings, emails, and source code.

Hacking Team sells the Da Vinci surveillance software to law enforcement agencies, though it claims to only deal with ethical governments. It is marked as an Enemy of the Internet by activist outfit Reporters Without Borders.
The trove also allegedly reveals all Hacking Team customers and when they purchased the software.

The company is said to count Saudi Arabia, Oman, and Lebanon among its customers.

Chile allegedly bought the software last year for $US2.85 million, according to exploit activist Christopher Soghoian (@csoghoian) who is analysing the data.

Some of those may in coming days be scrambling to switch off the surveillance-ware due to source code being made public.
Source : Hacked Hacking Team: Spyware torrentblurts list of govt customers
Google, the answer to so many questions!
-----------------------------------------------------

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests