Tagged: Hackers Toggle Comment Threads | Keyboard Shortcuts

  • jkabtech 12:17 pm on April 17, 2018 Permalink | Reply
    Tags: , Expose, , Hackers,   

    Microsoft, Experts Push for Global NGO to Expose Hackers 

    Photo Credit: Sam Yeh/ AFP

    Highlights Microsoft and independent experts are pushing for a new global NGO It will be aimed at unmasking the hackers behind several cyber-attacks Microsoft already floated the idea of an anti-hacking NGO in June 2016

    As cyber-attacks sow ever greater chaos worldwide, IT titan Microsoft and independent experts are pushing for a new global NGO tasked with the tricky job of unmasking the hackers behind them.

    Dubbed the “Global Cyber Attribution Consortium”, according to a recent report by the Rand Corporation think-tank, the NGO would probe major cyber-attacks and publish, when possible, the identities of their perpetrators, whether they be criminals, global hacker networks or states.

    “This is something that we don’t have today: a trusted international organisation for cyber-attribution,” Paul Nicholas, director of Microsoft’s Global Security Strategy, told NATO’s Cycon cyber-security conference in Tallinn last week.

    With state and private companies having “skills and technologies scattered around the globe” Nicholas admits it becomes “really difficult when you have certain types of complex international offensives occurring.”

    “The main actors look at each other and they sort of know who they think it was, but nobody wants to make an affirmation.”

    Microsoft already floated the idea of an anti-hacking NGO in a June 2016 report that urged the adoption of international standards on cyber-security.

    The report by Rand commissioned by Microsoft called “Stateless Attribution – Toward international accountability in Cyberspace” analyses a string of major cyber-attacks.

    They include offensives on Ukraine’s electricity grid, the Stuxnet virus that ravaged an Iranian nuclear facility, the theft of tens of millions of confidential files from the US Office of Personnel Management (OPM) or the notorious WannaCry ransomware virus.

    Duping investigators
    “In the absence of credible institutional mechanisms to contain hazards in cyberspace, there are risks that an incident could threaten international peace and the global economy,” the report’s authors conclude.

    They recommend the creation of an NGO bringing together independent experts and computer scientists that specifically excludes state actors, who could be bound by policy or politics to conceal their methods and sources.

    Rand experts suggest funding for the consortium could come from international philanthropic organisations, institutions like the United Nations, or major computer or telecommunications firms.

    Pinning down the identity of hackers in cyberspace can be next to impossible, according to experts who attended Cycon.

    “There are ways to refurbish an attack in a way that 98 percent of the digital traces point to someone else,” Sandro Gaycken, founder and director of the Digital Society Institute at ESMT Berlin, told AFP in Tallinn.

    “There is a strong interest from criminals to look like nation-states, a strong interest from nation-states to look like criminals,” he said.

    “It’s quite easy to make your attack look like it comes from North Korea.”

    According to experts at Cycon, hackers need only include three lines of code in Cyrillic script in a virus in order to make investigators wrongly believe it came from Russian hackers.

    Similarly, launching attacks during working hours in China raises suspicions about Chinese involvement.

    Hackers can also cover their tracks by copying and pasting bits and pieces of well known Trojan viruses, something that points the finger at their original authors.

    For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

    Tags: Microsoft, Hackers, Cyber Security, Cyber Attack, WannaCry, WannaCry Ransomware, Internet

    View the Original article

  • jkabtech 4:17 am on December 8, 2017 Permalink | Reply
    Tags: breached, filing, , Hackers, SEC's,   

    Hackers breached SEC’s financial filing system 


    View the Original article

  • jkabtech 12:17 pm on December 5, 2017 Permalink | Reply
    Tags: , Hackers,   

    SEC hackers saw real financial data used in tests 

    Companies meant to be using dummy data.

    Hackers breached the US Securities and Exchange Commission’s computer system last year by taking advantage of companies that used authentic financial data when they were testing the agency’s corporate filing system, according to sources familiar with the matter.

    The FBI and the US Secret Service have since launched an investigation into a 2016 hack into the SEC‘S EDGAR system, several of those people said.

    The sources spoke anonymously because it is not a public investigation.

    The SEC’s EDGAR system is a crucial network used by companies to file earnings reports and other material information.

    Spokesmen for the FBI, the Secret Service and the SEC all declined to comment, saying they could neither confirm nor deny the existence of an investigation.

    The breach occurred in October 2016 and was detected that same month.

    The attack appeared to have been routed through a server in Eastern Europe, according to an internal government memo describing the incident, which was seen by Reuters.

    There was no evidence at the time that data had been improperly retrieved, according to one source familiar with the matter, and the issue was handled internally by the SEC’s Office of Information Technology.

    Only after the SEC’s Enforcement Division detected a pattern of suspicious trading ahead of company public disclosures did officials go back to the agency’s technology staff and ask if some companies were using authentic data when they were testing the EDGAR system, one of the people said.

    The person said that “not many companies” had submitted real data that is believed to have been hacked.

    The test process “is for people to submit test filings to ensure that they format correctly and don’t have submission errors,” the person said.

    ”They normally use that right before they file their normal reports. They are supposed to use dummy data,“ the person said.

    ”However, it is still supposed to be protected the same way in case they do something stupid. A couple companies did, and it wasn’t protected properly.”

    SEC chair to confirm probe

    SEC Chairman Jay Clayton will confirm the enforcement division’s ongoing investigation when he testifies Tuesday before the Senate Banking Committee, according to prepared testimony reviewed by Reuters.

    He has also asked the SEC’s Office of Inspector General to investigate the intrusion itself, the scope of non-public information that was stolen and how the SEC responded to the incident, which he said was properly reported to the Department of Homeland Security’s Computer Emergency Readiness Team.

    The FBI’s investigation is focusing specifically on the trading activity in connection with the breach, according to several sources.

    One possibility the FBI is considering is that the SEC breach was connected to a group of hackers that intercepted electronic corporate press releases in a previous case which the FBI in New Jersey helped investigate, several of the sources said.

    In that case, federal prosecutors in the New York borough of Brooklyn and New Jersey, as well as the SEC, charged an alliance of stock traders and suspected computer hackers based in the United States and Ukraine.

    Clayton, who was installed as chairman in May, only learned of the 2016 breach in August through the enforcement investigation.

    SEC Commissioners Kara Stein and Mike Piwowar, who are the only other two sitting members of the agency at the moment, also only learned of it recently.

    Some SEC enforcement attorneys not involved in the matter learned about it when they read it in the newspaper, sources said.

    The delay in disclosing the hack and the months-long gap between uncovering it and discovering the potential insider trading are particularly embarrassing for an agency that has pushed companies to bolster their cyber capabilities and which investigates companies for failing to disclose breaches to investors faster.

    While no company has ever been charged for flawed disclosures, the SEC has previously brought charges against brokerage firms over poor cyber security practices.

    The SEC has experienced other cyber incidents in recent months.

    Between October 2016 and April 2017, the SEC documented a variety of various cyber security incidents, according to one source familiar with the matter.

    Reuters was not immediately able to ascertain the nature of all of the incidents, though the source said several involved EDGAR.

    In one other case that was not related to EDGAR, a server being set up for SEC use had not been updated to fix known vulnerabilities, one person familiar with the matter said.

    The SEC detected unauthorised communications from it.

    The FBI watched the traffic, which was early signalling or “beaconing” rather than the export of important information, and the hole was closed.

    In that case, the signal from the beacon was sent to a server in Ukraine, the person added.

    The SEC has been criticised for its cyber defences.

    The US Department of Homeland Security detected 5 “critical” vulnerabilities that needed to be fixed when it scanned a sample of the agency’s computers and devices the week of January 23. 

    View the Original article

  • jkabtech 4:17 am on October 27, 2017 Permalink | Reply
    Tags: , , compete, , , , Hackers   

    Hackers to compete in Australia’s first defence cyber challenge 

    Seeking to fill skills shortage.

    Australia’s first defence industry cyber challenge will kick off at the University of Adelaide today, in an effort to upskill and nurture home-grown infosec talent.

    The competition seeks to address fast-growing demand for cyber security workers, according to AustCyber (formerly known as the Australian Cyber Security Growth Network) chief Craig Davies.

    Davies said at least 11,000 qualified cyber security personnel are needed in Australia today.

    The competition is sponsored by security vendors Dtex and ThreatMetrix, with Saab Australia, Boeing Defence, and Nova Systems also chipping in. 

    It will be officially launched today by the federal minister for the defence industry, Christopher Pyne. 

    There are two challenges for competition participants: the first is a capture-the-flag pentesting challenge in which participants have to gain access to a restricted payment processor portal and retrieve a file with historical transactions.

    In the second challenge, participants will be given metadata to analyse in order to investigate a data breach.

    Among the prizes to be won are three- and five-day security workshops in Canberra. Boeing is also offering a customisable paid internship for undergraduates.

    Female participants can win a 13-inch MacBook Pro as well as 12-month mentoring program by a group of prominent female cyber security experts.

    Entries close September 9, and winners in the defence industry cyber challenge will be announced in Sydney on September 27.

    View the Original article

  • jkabtech 12:17 pm on October 26, 2017 Permalink | Reply
    Tags: campaign, Hackers, , Locky, ,   

    Hackers launch massive Locky ransomware campaign 

    More than 23 million messages sent.

    Researchers are warning that miscreants have sent a massive amount of phishing emails that will attempt to download the Locky ransomware and encrypt user files.

    Security vendor AppRiver said it has seen more than 23 million messages sent in the attack. It claims the campaign is one of the largest ransomware attacks seen so far.

    The email messages are non-descript with subject lines such as “please print”, “documents” and “scans”, AppRiver said.

    Clicking on the ZIP compressed attachment launches a Visual Basic Script file that downloads Locky and executes the ransomware.

    Locky encrypts files on victims’ computers, appending the .lukitus suffix to them. Users are instructed to pay a ransom of 0.5 Bitcoin (A$2975) to decrypt the files.

    Victims are asked to install the anonymising The Onion Router (TOR) network browser, which takes users to a decryption service if they pay the ransom. Whether or not the attackers will provide a working decryptor after being paid is unclear.

    Locky has been active since early 2016 and has been updated this year. It spreads as an attachment to spam emails.

    There is currently no way to decrypt the scrambled files created by the Locky Lukitus variant.

    View the Original article

  • jkabtech 4:17 am on September 16, 2017 Permalink | Reply
    Tags: , Hackers, infiltrated, Mandiant   

    Hackers claim to have infiltrated Mandiant 

    Leak analyst’s creds.

    Cybersecurity company Mandiant appears to have had its IT systems compromised by hackers, with sensitive information belonging to one of its security analysts posted on the internet.

    Anonymous hackers claimed they have had access to Mandiant’s internal networks since 2016, publishing 32 megabytes of data belonging to one of the company’s analysts, Adi Peretz, as proof.

    The hack has been dubbed Operation LeakTheAnalyst.

    Peretz’s Microsoft account login details are in the data archive sighted by iTnews, along with his contacts, screenshots of the Windows Find My Device geolocator, client correspondence and presentations. 

    Among the clients in the data archive is the Israeli Defence Force (IDF).

    The hackers also defaced Peretz’s LinkedIn page, and claim to have remotely wiped his mobile devices.

    At this stage, it is not known who conducted the attack, which appears to be motivated by a desire to get even with security analysts who investigate cyber crime.

    Further leaks from Mandiant might appear, the hackers threatened.

    “This leak was just a glimpse of how deep we breached into Mandiant, we might publish more critical data in the future,” they wrote.

    Mandiant owner FireEye said the hack appeared limited to one individual.

    “We are aware of reports that a Mandiant employee’s social media accounts were compromised. We immediately began investigating this situation, and took steps to limit further exposure,” a spokesperson said.

    “Our investigation continues, but thus far it, we have found no evidence FireEye or Mandiant systems were compromised.”

    View the Original article

  • jkabtech 4:46 am on June 22, 2016 Permalink | Reply
    Tags: , fraud:, Hackers, sought, , , wire-transfer   

    Hackers sought to steal over $3 billion through wire-transfer fraud: FBI 

    Getty Images

    Hackers have sought to steal more than $3 billion from businesses in a pernicious, fast-growing type of scam in which criminals impersonate company executives in emails ordering large wire transfers, the Federal Bureau of Investigation warned on Tuesday.

    The FBI disclosed the data as it launched a public awareness campaign providing tips on how to defend against such scams. The cases, which are widely known as business email compromise, target businesses and not consumers.

    U.S. and foreign victims reported 22,143 cases involving business email compromise cases in which cyber criminals sent requests for some $3.1 billion in fraudulent transfers from October 2013 through last month, according to the FBI. That represents a significant increase from the agency’s previous tally, which put attempted losses at $2.3 billion through February of this year.

    Supervisory Special Agent Mitchell Thompson said victims should notify the FBI immediately if they find they have been victimized in such scams, so the bureau can work with agents overseas to ask foreign banks to freeze the funds before fraudsters pull them out of the banking system.

    “The sooner somebody reports this to the FBI, the better the possibility they can get their money back,” he said at a news conference in New York.

    The bulk of the cases involved requests to transfer funds to banks in Hong Kong and China, though a total of 79 countries have been identified to date, according to the bureau.

    Thompson said he could not say how much money victims actually lost through the schemes, but said about one in four U.S. victims respond by wiring money to fraudsters.

    The FBI said the sharp jump in cases since its last tally was due to the high level of recent activity, as well as an effort by law enforcement agencies around the world to identify such scams as business email compromise, rather than generic wire fraud.

    The FBI said it has seen a 1,300 percent increase in identified exposed losses since January 2015.
    The size of the losses vary widely from case to case, from about $10,000 to tens of millions of dollars, according to Thompson.

    Austrian aircraft parts FACC said in January that it lost about 50 million euros ($55 million) through such a scam.

    SHOW COMMENTSPlease add a username to view or add commentsPublic Username for Commenting

    JOIN THE DISCUSSIONTo learn more about how we use your information, please read ourPrivacy Policy and Terms of Service.

    View the Original article

  • jkabtech 2:16 am on June 12, 2016 Permalink | Reply
    Tags: , , gaining, Hackers   

    How are hackers gaining access into banks? 

    View the Original article

  • jkabtech 2:01 am on June 12, 2016 Permalink | Reply
    Tags: , disturbing, Hackers, shaking   

    The disturbing new way hackers are shaking down big business 

    View the Original article

  • jkabtech 8:31 pm on June 11, 2016 Permalink | Reply
    Tags: , , Hackers, heats   

    Hackers vs. banks battle heats up 

    9:31 AM ETCNBC.comSHARES

    Anonymous has launched a 30-day attack against “all central banks” and major financial institutions, the activist-hacking group warned this week, after recent strikes on several major banks around the world by different hackers.

    Anonymous claimed responsibility for a cyberattack on the National Bank of Greece on Tuesday, just a week after Qatar National Bank suffered a major data breach attributed by the media to a Turkish group called Bozkurt Hackers.

    View the Original article

Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc
%d bloggers like this: