Recent Posts

Pages: [1] 2 3 ... 10
BY: July 19, 2018  By Pierluigi Paganini

The presence of the files suggests that the threat actors that collected them also accessed to each account and listed its content.

Wardle discovered the file after it was uploaded to the VirusTotal service some months earlier by a user purportedly in Vietnam.

Wardle passed the data to ZDNet that verified the huge trove of data belongs to the Mega service.

ZDNet contacted many users that confirmed the authenticity of the content of the file.

The data appears to date back to 2013, when Kim Dotcom launched the service.

ZDNet asked the popular expert Troy Hunt, who runs the data breach notification site Have I Been Pwned, to analyze the files.

Hunt believes the hackers collected the credentials from other data breaches (credential stuffing).

98 percent of the addresses in the file had already been included in a previous data breach and listed in the Hunt’ service.

full article here:
Security & Technology News / Human Resources Firm ComplyRight Breached
« Last post by Antus67 on Today at 02:43:39 am »
BY: Brian Krebs:

Cloud-based human resources company ComplyRight said this week that a security breach of its Web site may have jeopardized sensitive consumer information — including names, addresses, phone numbers, email addresses and Social Security numbers — from tax forms submitted by the company’s thousands of clients on behalf of employees.

Pompano Beach, Fla-based ComplyRight began mailing breach notification letters to affected consumers late last week, but the form letters are extremely vague about the scope and cause of the breach. Indeed, many readers who received these letters wrote to KrebsOnSecurity asking for more information, as the company hadn’t yet published any details about the breach on its Web site. Also, most of those folks said they’d never heard of ComplyRight and could not remember ever doing business with a company by that name.

Krebs On Security:

By Eduard Kovacs on July 19, 2018
The U.S. last week indicted 12 Russian intelligence officers over their alleged role in a hacking operation targeting the Democratic National Committee (DNC) and Hillary Clinton’s 2016 presidential campaign.

The charges, part of special counsel Robert Mueller’s investigation into Russia’s attempt to interfere in the presidential election, were announced just days before President Donald Trump met his Russian counterpart, Vladimir Putin.

Industry professionals have commented on the charges, their impact, the possible threat actors responsible for the operation, and how these types of attacks can be avoided.

full article here:

BY: Lindsey O'Donnell
July 19, 2018 2:55 pm

Two vulnerabilities were discovered on Dongguan Diqee-branded vacuum cleaners, Thursday.

Researchers have uncovered vulnerabilities in an connected vacuum cleaner lineup that could allow attackers to eavesdrop, perform video surveillance and steal private data from victims.

Two vulnerabilities were discovered in Dongguan Diqee 360 vacuum cleaners, which tout Wi-Fi capabilities, a webcam with night vision, and smartphone-controlled navigation controls. These would allow control over the device as well as the ability to  intercept data on a home Wi-Fi network.

full article here:
BY: By Lawrence Abrams

Last week we reported how scammers were using extortion spam to try and blackmail recipients into paying bitcoins or supposed video of them using an adult site would be released. Since that article was written, over $50,000 USD in bitcoin payments have been made to bitcoin addresses associated with these emails.

When this latest extortion campaign started, security researcher SecGuru began tracking the bitcoin addresses used by these scammers. While doing so, he noticed an alarming trend. People were actually paying these blackmail demands.

According to SecGuru, after examining 42 bitcoin addresses used in this scam, he discovered that 30 victims have paid the blackmail demand for a total of over $50,000 USD.

full article here:
By Catalin Cimpanu

The botnet has been built by exploiting a vulnerability in Huawei HG532 routers, tracked as CVE-2017-17215.

Scans for this vulnerability, which can be exploited via port 37215, started yesterday morning, July 18, according to data collected by Netlab's NetScan system.
By late in the evening, NewSky security researcher Ankit Anubhav says the botnet had already gathered 18,000 routers.

Anubhav told Bleeping Computer the botnet author reached out to him to brag about his actions, even sharing a list with the IP addresses of all of the botnet's victims.

full article here:
By Catalin Cimpanu

A notorious hacker group known as MoneyTaker has stolen roughly $1 million from a Russian bank after breaching its network via an outdated router.

The victim of the hack is PIR Bank, which lost at least $920,000 in money it had stored in a corresponding account at the Bank of Russia.

Group-IB, a Russian cyber-security firm that was called in to investigate the incident, says that after studying infected workstations and servers at PIR Bank, they collected "irrefutable digital evidence implicating MoneyTaker in the theft."

Group-IB are experts in MoneyTaker tactics because they unmasked the group's existence and operations last December when they published a report on their past attacks.

Experts tied the group to thefts at US, UK, and Russian banks and financial institutions going back as far as 2016. According to Group-IB, the MoneyTaker attacks that hit banks were focused on infiltrating inter-banking money transfer and card processing systems such as the First Data STAR Network and the Automated Work Station Client of the Russian Central Bank (AWS CBR) system.

full article here:
Security & Technology News / How hackers exploit critical infrastructure
« Last post by Antus67 on Today at 02:20:56 am »
BY: Edward Amoroso, CEO, TAG CyberJuly 19, 2018
The traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value. It should come as no surprise, therefore, that as operational technology (OT) and industrial control system (ICS) infrastructure have become much more prominent components of national critical infrastructure, that malicious hacking activity would be increasingly targeted in this direction.

It also stands to reason that the salient aspects of hacking – namely, remote access, automated tools, and weak attribution – would extend naturally to malicious targeting of critical OT/ICS infrastructure. These attributes are particularly attractive in this context, because criminals interested in disrupting factories, production systems, and other tangible infrastructure, previously had to establish physical presence or compromise some group with local access.

full article here:
BY: Help Net SecurityJuly 19, 2018
Coronet released a report identifying San Diego International Airport, John Wayne Airport-Orange County (CA) International Airport and Houston’s William P. Hobby International Airport as America’s most cyber insecure airports.

The purpose of the report is to inform business travelers of how insecure airport Wi-Fi can inadvertently put the integrity and confidentiality of their essential cloud-based work apps (G-Suite, Dropbox, Office 365, etc.) at risk, and to educate all other flyers on the dangers of connecting to unencrypted, unsecured or improperly configured networks.

Currently, Chicago-Midway, Raleigh-Durham and Nashville International lead the pack as the least vulnerable.

full article here:
BY:  Help Net SecurityJuly 19, 2018
Shape Security released its Credential Spill Report, shedding light on the extent to which the consumer banking, retail, airline and hospitality industries are impacted by credential stuffing attacks and account takeover. The report analyzes attacks that took place in 2017 and reveals 2.3 billion account credentials were compromised as a result of 51 independent credential spill incidents.

Credential stuffing collectively costs U.S. businesses over $5 billion a year. When usernames and passwords are exposed, or “spilled,” through a data breach or attack on users, criminals harvest these credentials and test them on a wide range of websites and mobile applications.

There is up to a three percent success rate for account takeover from credential stuffing attacks because the majority of the population reuses passwords. The attackers then drain those accounts of value to commit all types of fraud, from unauthorized bank transfers to illicit online purchases.

full article here:
Pages: [1] 2 3 ... 10