Tagged: Hacking Toggle Comment Threads | Keyboard Shortcuts

  • jkabtech 8:17 pm on December 8, 2017 Permalink | Reply
    Tags: , FireEye, govt-linked, , Hacking,   

    FireEye identifies alleged Iran govt-linked hacking group 

    APT33 left tracks in malware launched at aviation, energy firms.

    Researchers at security vendor FireEye have identified a new hacking group with alleged ties to the Iranian government, and which is currently engaged in cyber espionage operations.

    Dubbed Advanced Persistent Threat 33 (APT33) the group sent spearphishing emails purporting to be from Boeing, Northrop Grumman Aviation Arabia, Vinnel Arabia and other companies, using bogus domains.

    Aviation and energy companies in the United States, South Korea and Saudi Arabia have been targetted by APT33.

    Targets were tricked to click on HTML application files to view links to legitimate job postings.

    However, the files also contained Microsoft Windows PowerShell attack scripts, which downloaded a custom APT33 backdoor called TURNEDUP onto the victims’ computers.

    APT33 made several mistakes in its attacks, including leaving the handle of a person – which FireEye alleged was “tied to an Iranian persona who may have been employed by the Iranian government to conduct cyber threat activity against its adversaries” – in the malware the group deployed.

    FireEye researchers found the handle “xman_1365_x” in the file path of many TURNED UP samples, pointing to the user being involved in the development and use of the malware.

    The security vendor said “open source reporting links the ‘xman_1365_x’ actor to the ‘Nasr Institute’, which is purported to be equivalent to Iran’s ‘cyber army’ and controlled by the Iranian government.”

    FireEye said its suspicions that APT33 were Iranian-based were also roused because it appeared to follow Iranian business hours, and used popular hacking tools and domain name servers used by other alleged threat actors from that country.

    View the Original article

    Advertisements
     
  • jkabtech 5:51 pm on July 19, 2017 Permalink | Reply
    Tags: , Hacking, Pulses, Screens,   

    Hacking Touch Screens to Count Pulses 

    Heart rate sensors available for DIY use employ photoplethysmography which illuminates the skin and measures changes in light absorption. These sensors are cheap, however, the circuitry required to interface them to other devices is not.

    View the Original article

     
  • jkabtech 3:01 am on June 12, 2016 Permalink | Reply
    Tags: Hacking, schools, , who's   

    Who’s hacking schools now? The students 

    HOMEEDITIONNewsEconomyFinanceHealth CareReal EstateWealthAutosEarningsEnergyLifeMediaPoliticsRetailCommentarySpecial ReportsAsiaEuropeCFO CouncilMarketsPre-MarketsU.S.AsiaEuropeStocksCommoditiesCurrenciesBondsFundsETFsInvestingTrading NationFinancial AdvisorsPersonal FinanceCNBC ExplainsPortfolioWatchlistStock ScreenerFund ScreenerTechRecodeMobileSocial MediaEnterpriseGamingCybersecurityMake ItInspireGuideIn DepthAttendVideoTop VideoLatest VideoU.S. VideoAsia VideoEurope VideoCEO InterviewsAnalyst InterviewsFull EpisodesShowsWatch LiveCNBC U.S.CNBC Asia-PacificCNBC EuropeCNBC WorldFull EpisodesPrimetimePrimeMoreLog In

    View the Original article

     
  • jkabtech 11:39 pm on March 30, 2016 Permalink | Reply
    Tags: Hacking,   

    The FBI Warns That Car Hacking Is a Real Risk 

    Caption: Andy Greenberg/WIRED

    Skip Article Header. Skip to: Start of Article. IMG_0724.jpgAndy Greenberg/WIRED
     
  • jkabtech 12:54 am on March 24, 2016 Permalink | Reply
    Tags: , , Hacking, ,   

    Ex-FBI official: IRS is a favorite hacking target 

    Wednesday, 10 Feb 2016 | 4:27 PM ETCNBC.com

    An automated attack on the IRS’ computer systems in January used stolen personal data to create fake logins through the agency’s Electronic Filing PIN service.

    About 464,000 Social Security numbers were used in the attack on the IRS.gov system, the agency said late Tuesday, and 101,000 of those numbers allowed the attackers to get at an E-file PIN. The PIN can be used to electronically file a tax return.

    “No personal taxpayer data was compromised or disclosed by IRS systems,” the IRS said in a statement Tuesday. “The IRS also is taking immediate steps to notify affected taxpayers by mail that their personal information was used in an attempt to access the IRS application. The IRS is also protecting their accounts by marking them to protect against tax-related identity theft.”

    The IRS also said that the attack was not related to an outage of its computer systems that hampered its ability to process tax returns last week.

    “The IRS and taxpayer data is the gold standard. It’s the treasure trove of information that they’re looking for. They can do a lot with it,” said former FBI Assistant Director Chris Swecker on CNBC’s “Power Lunch” on Wednesday.

    Though the culprit behind the attack has not yet been confirmed, the IRS is “the favorite target” of Russian criminal organizations, which were involved in previous IRS hacking attacks, Swecker added.

    Hackers in 2015 were able to access tax information for what may have been as many 338,000 victims through the IRS’ Get Transcript system, the IRS previously reported. That system allows taxpayers to pull up returns and filings from years past.

    “Taxpayer data or taxpayer returns have so much information that not only can they file false tax returns and get refunds, they can also sell that data on the black market and make an additional profit,” he said.

    Using publicly available data to authenticate taxpayers is one of the main problems with the current system, Swecker noted. People oftentimes use questions that can be answered by looking at their Facebook or LinkedIn pages, which are easily accessible to hackers.

    “This is what organized crime looks like in the year 2016. These are the most profitable, most capable criminals in the world and we’ve got to do a better job of keeping them out.”

    — NBC News contributed to this report.

    SHOW COMMENTS Please add a username to view or add commentsPublic Username for Commenting

    View the original article here

     
  • jkabtech 11:37 am on March 21, 2016 Permalink | Reply
    Tags: , , , Hacking, ,   

    Apple and FBI Take Their iPhone Hacking Fight to Congress 

    Caption: FBI Director James Comey is sworn in on Capitol Hill in Washington prior to testifying before the House Judiciary Committee hearing on ‘The Encryption Tightrope: Balancing Americans’ Security and Privacy,’ March 1, 2016. Jose Luis Magana/AP

    Skip Article Header. Skip to: Start of Article. FBI Director James Comey is sworn in on Capitol Hill in Washington prior to testifying before the House Judiciary Committee hearing on 'The Encryption Tightrope: Balancing Americans' Security and Privacy,' March 1, 2016. FBI Director James Comey is sworn in on Capitol Hill in Washington prior to testifying before the House Judiciary Committee hearing on ‘The Encryption Tightrope: Balancing Americans’ Security and Privacy,’ March 1, 2016. Jose Luis Magana/AP
     
  • jkabtech 7:32 am on March 20, 2016 Permalink | Reply
    Tags: , automakers, Hacking, , ,   

    FBI warns automakers, owners about hacking risks 

    Friday, 18 Mar 2016 | 6:22 AM ETReuters

    The FBI and U.S. National Highway Traffic Safety Administration (NHTSA) issued a bulletin Thursday warning that motor vehicles are “increasingly vulnerable” to hacking.

    “The FBI and NHTSA are warning the general public and manufacturers — of vehicles, vehicle components, and aftermarket devices — to maintain awareness of potential issues and cybersecurity threats related to connected vehicle technologies in modern vehicles,” the agencies said in the bulletin.

    In July 2015, Fiat Chrysler Automobiles recalled 1.4 million U.S. vehicles to install software after a magazine report raised concerns about hacking, the first action of its kind for the auto industry.

    Also last year, General Motors issued a security update for a smartphone app that could have allowed a hacker to take control of some functions of a plug-in hybrid electric Chevrolet Volt, like starting the engine and unlocking the doors.

    In January 2015, BMW said it had fixed a security flaw that could have allowed up to 2.2 million vehicles to have doors remotely opened by hackers.

    “While not all hacking incidents may result in a risk to safety – such as an attacker taking control of a vehicle — it is important that consumers take appropriate steps to minimize risk,” the FBI bulletin said Thursday.

    NHTSA Administrator Mark Rosekind told reporters in July 2015 that automakers must move fast to address hacking issues.

    The Fiat Chrysler recall came after Wired magazine reported hackers could remotely take control of some functions of a 2014 Jeep Cherokee, including steering, transmission and brakes. NHTSA has said there has never been a real-world example of a hacker taking control of a vehicle.

    Two major U.S. auto trade associations — the Alliance of Automobile Manufacturers and Association of Global Automakers — ate last year opened an Information Sharing and Analysis Center. The groups share cyber-threat information and potential vulnerabilities in vehicles.

    The FBI bulletin Thursday warned that criminals could exploit online vehicle software updates by sending fake “e-mail messages to vehicle owners who are looking to obtain legitimate software updates. Instead, the recipients could be tricked into clicking links to malicious Web sites or opening attachments containing malicious software.”

    SHOW COMMENTS Please add a username to view or add commentsPublic Username for Commenting

    View the original article here

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel
%d bloggers like this: