Hacking & Cracking

User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#151

Post by RTH10260 » Tue Jul 30, 2019 9:22 am

same - mmore like an insiders job
A hacker gained access to 100 million Capital One credit card applications and accounts
By Rob McLean, CNN Business

Updated 1246 GMT (2046 HKT) July 30, 2019
Capital One hack exposes 100 million customers

New York (CNN Business)In one of the biggest data breaches ever, a hacker gained access to more than 100 million Capital One customers' accounts and credit card applications earlier this year.

Paige Thompson is accused of breaking into a Capital One server and gaining access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, in addition to an undisclosed number of people's names, addresses, credit scores, credit limits, balances, and other information, according to the bank and the US Department of Justice.

A criminal complaint says Thompson tried to share the information with others online. The 33-year-old, who lives in Seattle, had previously worked as a tech company software engineer for Amazon (AMZN) Web Services, the cloud hosting company that Capital One was using, the Justice Department said. She was able to gain access by exploiting a misconfigured web application firewall, according to a court filing.


https://edition.cnn.com/2019/07/29/busi ... index.html



User avatar
tek
Posts: 3856
Joined: Fri Nov 16, 2012 6:02 pm
Location: Happy Valley, MA
Occupation: Damned if I know

Re: Hacking & Cracking

#152

Post by tek » Tue Jul 30, 2019 9:40 am

I think not really "inside" .. all speculation on my part, of course..

She probably just knew that a lot of companies misconfigure their firewalls when setting up in the cloud (and, in fact, when setting up their own datacenter)... and because she had deep S3 experience, she probably probed around AWS-hosted sites.. and when she found a crack she knew what to go look for to get at the storage.


There's no way back
from there to here

User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#153

Post by RTH10260 » Thu Sep 05, 2019 11:33 am

Websites have been quietly hacking iPhones for years, says Google
Websites delivered iOS malware to thousands of visitors in the biggest iPhone hack ever. There’s no telling who was infected—or who was behind it.
by Patrick Howell O'Neill
Aug 30, 2019

Malware could steal passwords, encrypted messages and contacts
It's not clear who was behind the hacking campaign or who was targeted
If you have updated your iPhone you are protected


The largest ever known attack against iPhone users lasted at least two years and hit potentially thousands of people, according to research published by Google.

The malware could ransack the entire iPhone to steal passwords, encrypted messages, location, contacts, and other extremely sensitive information. The data was then sent to a command and control server which the hackers used to run the operation. The scope, execution, and persistence of the unprecedented hacking campaign points to a potential nation-backed operation but the identity of both the hackers and their targets is still unknown.

“The data taken is the ‘juicy’ data," says Jonathan Levin, an author of three books on the internals of Apple's operating systems. "Take all the passwords from the keychain, location data, chats/contacts/etc, and build a shadow network of connections of all your victims. Surely by six degrees of separation you'll find interesting targets there."

Apple patched the bugs quickly in February 2019 so everyone who has updated their iPhone since then is protected. Rebooting the iPhone wiped the malware but the data had already been taken. Exactly who was infected remains an open question. iPhone users themselves likely wouldn’t know because the malware runs in the background with no visual indicator and no way for an iOS user to view the processes running on the device.


https://www.technologyreview.com/s/6142 ... ys-google/



User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#154

Post by RTH10260 » Tue Sep 10, 2019 11:32 am

Cybercriminals Impersonate Chief Exec's Voice with AI Software
Scammers leveraged artificial intelligence software to mimic the voice of a chief executive and successfully request $243,000.

Fraudsters are constantly looking for new ways to scam their victims. One unique case gives the security industry a glimpse of what they could do with artificial intelligence (AI) and voice recording.

As part of an incident in March, an attacker called the CEO of a UK-based energy business pretending to be the head of its German parent company. Analysts believe AI-based software was used to impersonate the chief executive's voice, as it had the slight German accent and other qualities the UK CEO recognized in his boss's voice — qualities that led him to believe the call was legitimate. The caller issued an "urgent" request to the CEO, demanding he transfer $243,000 to a Hungarian supplier within an hour's time.

The transfer went through and the money was later moved to other countries. Scammers continued to contact the UK company and make additional payment requests, according to Euler Hermes, the organization's insurer. However, the CEO grew suspicious and did not transfer the funds.

While this incident is still under investigation, the Wall Street Journal cites officials saying this impersonation attack is the first in which fraudsters "clearly" leveraged AI to mimic someone's voice. It's believed this technology could make it easier for scammers to manipulate enterprise victims, complicating matters for defenders who don't yet have the technology to detect them.


https://www.darkreading.com/risk/cyberc ... id/1335722



User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#155

Post by RTH10260 » Wed Oct 02, 2019 12:33 am

some food delivery service is eating crow
Important security notice about your DoorDash account
DoorDash

We take the security of our community very seriously. Earlier this month, we became aware of unusual activity involving a third-party service provider. We immediately launched an investigation and outside security experts were engaged to assess what occurred. We were subsequently able to determine that an unauthorized third party accessed some DoorDash user data on May 4, 2019. We took immediate steps to block further access by the unauthorized third party and to enhance security across our platform. We are reaching out directly to affected users.

Who was affected and what data was accessed?

Not every user was affected. Approximately 4.9 million consumers, Dashers, and merchants who joined our platform on or before April 5, 2018, are affected. Users who joined after April 5, 2018 are not affected. The type of user data accessed could include:


https://blog.doordash.com/important-sec ... d90ddf5996



User avatar
Volkonski
Posts: 23928
Joined: Sat Mar 02, 2013 4:44 pm
Location: Texas Gulf Coast and North Fork of Long Island
Occupation: Retired Mechanical Engineer

Re: Hacking & Cracking

#156

Post by Volkonski » Fri Oct 04, 2019 1:11 pm

Shimon Prokupecz
@ShimonPro
·
9m
Hackers linked to the Iranian government attempted to attack a 2020 U.S. presidential campaign, Microsoft revealed Friday. The group Microsoft calls “Phosphorus” attempted to hack the campaign between August and September, the company said.
@donie


Image“If everyone fought for their own convictions there would be no war.”
― Leo Tolstoy, War and Peace

User avatar
Volkonski
Posts: 23928
Joined: Sat Mar 02, 2013 4:44 pm
Location: Texas Gulf Coast and North Fork of Long Island
Occupation: Retired Mechanical Engineer

Re: Hacking & Cracking

#157

Post by Volkonski » Fri Oct 04, 2019 3:52 pm

Exclusive: Trump campaign targeted by Iran-linked hackers - sources

https://www.reuters.com/article/us-cybe ... SKBN1WJ2B4
A hacking group that appears to be linked to the Iranian government attempted to break into President Donald Trump’s re-election campaign, but did not succeed, sources familiar with the operation said on Friday.

Earlier in the day, Microsoft Corp (MSFT.O) said that an unnamed presidential campaign was targeted by hackers, which the software company linked to Iran.

The Trump campaign’s Director of Communications Tim Murtaugh said, “We have no indication that any of our campaign infrastructure was targeted.”


Image“If everyone fought for their own convictions there would be no war.”
― Leo Tolstoy, War and Peace

User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#158

Post by RTH10260 » Fri Oct 11, 2019 6:53 am

"Data Security Incident" at CafePress.com

We are writing to notify you of a data security incident involving your personal information. This email explains what happened and provides information about what you can do in response. We are taking this matter very seriously and sincerely regret any concern it may cause you.

What Happened

CafePress recently discovered that an unidentified third party obtained customer information, without authorization, that was contained in a CafePress database. Based on our investigation to date, this may have occurred on or about February 19, 2019.

What Information Was Involved

The information may have included your name, email address, the password to your customer CafePress account, and other information.
Source: email



User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#159

Post by RTH10260 » Tue Nov 05, 2019 12:25 am

It happens even to the best ...
Adobe exposed nearly 7.5 million Creative Cloud accounts to the public

BY MATT BINDER
OCT 25, 2019

Graphic designers, video editors, and other creatives beware: Nearly 7.5 million Adobe Creative Cloud accounts were exposed to the public.

The database containing the sensitive user info, discovered by security researcher Bob Diachenko and Comparitech, was accessible to anyone through a web browser.

The exposed user data for the nearly 7.5 million accounts included email addresses, the Adobe products they subscribed to, account creation date, subscription and payment status, local timezone, member ID, time of last login, and whether they were an Adobe employee.

While no passwords or financial information such as credit card numbers were exposed, the data is sensitive enough to cause real problems for Creative Cloud users.

It’s easy to see how a bad actor could use this data to create highly targeted and convincing phishing campaigns.

Adobe Creative Cloud includes industry standard software and some of the most popular apps for creatives such as Photoshop, Premiere, Illustrator, After Effects, InDesign, and more.

According to Comparitech, Diachenko immediately reached out to Adobe upon discovering the open database on Oct. 19. Adobe addressed the issue immediately and secured the database on the same day.

Diachenko believes the data was left exposed for about a week, however it’s unclear when the database first became publicly accessible or if there was any unauthorized access.

Adobe was last hit with a major data leak in 2013 when a hacker gained access to 38 million customers' usernames, encrypted passwords, and credit card info.

Creative Cloud customers should be wary of any suspicious emails they receive claiming to be from the company.


https://mashable.com/article/adobe-crea ... s-exposed/



User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#160

Post by RTH10260 » Tue Nov 12, 2019 9:42 pm

Breaches at NetworkSolutions, Register.com, and Web.com
Top domain name registrars NetworkSolutions.com, Register.com and Web.com are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed.


A notice to customers at notice.web.com:
“On October 16, 2019, Web.com determined that a third-party gained unauthorized access to a limited number of its computer systems in late August 2019, and as a result, account information may have been accessed,” Web.com said in a written statement. “No credit card data was compromised as a result of this incident.”
Jacksonville, Fla.-based Web.com said the information exposed includes “contact details such as name, address, phone numbers, email address and information about the services that we offer to a given account holder.”

The “such as” wording made me ask whether the company has any reason to believe passwords — scrambled or otherwise — were accessed.

A spokesperson for Web.com later clarified that the company does not believe customer passwords were accessed.



https://krebsonsecurity.com/2019/10/bre ... d-web-com/



User avatar
Notorial Dissent
Posts: 13003
Joined: Thu Oct 17, 2013 8:21 pm

Re: Hacking & Cracking

#161

Post by Notorial Dissent » Wed Nov 13, 2019 9:15 am

Not comforting I would say, and they are just now figuring this out.....


The fact that you sincerely and wholeheartedly believe that the “Law of Gravity” is unconstitutional and a violation of your sovereign rights, does not absolve you of adherence to it.

User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#162

Post by RTH10260 » Wed Nov 20, 2019 7:09 pm

Macy’s Suffers Data Breach by Magecart Cybercriminals

Lindsey O'Donnell
November 19, 2019 9:56 am

Obfuscated Magecart script was discovered on two Macys.com webpages, scooping up holiday shoppers’ payment card information.

The department store Macy’s is warning that web skimmer malware was discovered on Macys.com collecting customers’ payment card information. The attack has been linked to Magecart, a notorious umbrella group made up of various cybercriminal affiliates that is known for injecting payment card skimmers into ecommerce websites.

According to a data breach notice sent to customers, “an unauthorized third party added unauthorized computer code” to Macys.com on Oct. 7. The code, which was discovered and removed on Oct. 15, was collecting customers’ first and last names, addresses, phone number and email addresses, payment card information (including number, security code, and expiration dates).

“There is no reason to believe that this incident could be used by cybercriminals to open new accounts in your name. Nonetheless, you should remain vigilant for incidents of financial fraud and identify theft by regularly reviewing your account statements and immediately reporting any suspicious activity to your card issuer,” said Macy’s in its data breach notice.


https://threatpost.com/macys-data-breac ... rt/150393/



User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#163

Post by RTH10260 » Sat Nov 23, 2019 12:42 pm

T-Mobile says some prepaid customers' info affected by breach

BY TAL AXELROD

T-Mobile disclosed Friday that a hacker gained access to information such as billing addresses and phone numbers from prepaid user accounts.

The mobile network said it discovered the breach earlier this month and said it impacted less than 1.5 percent of T-Mobile customers before being shut down by the company’s cybersecurity team.

The information that was hacked included names, billing addresses and phone numbers, among other info. T-Mobile assured customers that no financial data was included in the hack and that no passwords were compromised.

“Our Cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities. None of your financial data (including credit card information) or social security numbers was involved, and no passwords were compromised,” T-Mobile said in a statement.



https://thehill.com/policy/technology/4 ... -by-breach



User avatar
Slim Cognito
Posts: 6914
Joined: Fri Aug 29, 2014 8:37 am

Re: Hacking & Cracking

#164

Post by Slim Cognito » Mon Dec 02, 2019 10:06 am

https://finance.yahoo.com/news/now-even ... _test=1_04
Now even the FBI is warning about your smart TV's security
If I'm summarizing correctly, the article says your tv is waaaaaay easier to hack than your computer, giving hackers the opportunity to access your modem and the tv's camera and microphone.

We just bought a black Friday* smart tv, but it's on the cheaper side. We couldn't find a camera, which this article advises you cover with black tape.

It does have a microphone, which we thought would be cool when we bought the tv but it's a pain in the ass. Some character on tv will say what is apparently a wakeup word, and then the tv opens a small browser window giving us the option to search. After reading this article, my plan is to figure out how to turn the microphone off.

Thoughts?

*not in-store on Black Friday. We aren't crazy. Black Friday deals started in mid November, both in-store and on-line.

Well...we aren't THAT crazy.


ImageImageImage x4

User avatar
Notorial Dissent
Posts: 13003
Joined: Thu Oct 17, 2013 8:21 pm

Re: Hacking & Cracking

#165

Post by Notorial Dissent » Mon Dec 02, 2019 3:06 pm

Definitely black tape. The instructions should show where the microphone and camera are. There should also be control settings in the setup to shut them off, for whatever good that will do.


The fact that you sincerely and wholeheartedly believe that the “Law of Gravity” is unconstitutional and a violation of your sovereign rights, does not absolve you of adherence to it.

User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#166

Post by RTH10260 » Tue Dec 03, 2019 10:27 am

Data of 21 million Mixcloud users put up for sale on the dark web
Emails, usernames, and strong-hashed passwords sold for $2,000.

By Catalin Cimpanu for Zero Day | December 1, 2019 -- 14:37 GMT (14:37 GMT) | Topic: Security

A hacker has breached online music streaming service Mixcloud earlier this month, and is now selling the site's user data online, on a dark web marketplace.

The hack came to light on Friday, when the hacker contacted several journalists to share news of the breach and to provide data samples, including to ZDNet.

Accordig to a sample of the stolen data, the hacker is selling Mixcloud user information that includes details such as usernames, email addresses, hashed password strings, users' country of origin, registration dates, last login dates, and IP addresses.

The breach appears to have taken place on or before November 13, which is the registration date for the last user profile included in the data dump.

ZDNet emailed several users whose data was included in the sample we received, and several have confirmed they had recently registered a Mixcloud account. Tech news sites TechCrunch and Motherboard also verified the data authenticity through other means, as well.

Mixcloud confirmed the breach in a blog post on Saturday.

The company said that most users had signed up through Facebook, and did not have a password associated with their account.

For those that did, Mixcloud said that passwords should be safe, as each one was salted and passed through a strong hashing function (SHA256 algorightm, accordng to the sample we received), making it currently impossible to reverse back to its cleartext form.



User avatar
RTH10260
Posts: 22631
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Hacking & Cracking

#167

Post by RTH10260 » Tue Dec 03, 2019 8:51 pm

110 Nursing Homes Cut Off from Health Records in Ransomware Attack

A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The ongoing attack is preventing these care centers from accessing crucial patient medical records, and the IT company’s owner says she fears this incident could soon lead not only to the closure of her business, but also to the untimely demise of some patients.

Milwaukee, Wisc. based Virtual Care Provider Inc. (VCPI) provides IT consulting, Internet access, data storage and security services to some 110 nursing homes and acute-care facilities in 45 states. All told, VCPI is responsible for maintaining approximately 80,000 computers and servers that assist those facilities.

At around 1:30 a.m. CT on Nov. 17, unknown attackers launched a ransomware strain known as Ryuk inside VCPI’s networks, encrypting all data the company hosts for its clients and demanding a whopping $14 million ransom in exchange for a digital key needed to unlock access to the files. Ryuk has made a name for itself targeting businesses that supply services to other companies — particularly cloud-data firms — with the ransom demands set according to the victim’s perceived ability to pay.

In an interview with KrebsOnSecurity today, VCPI chief executive and owner Karen Christianson said the attack had affected virtually all of their core offerings, including Internet service and email, access to patient records, client billing and phone systems, and even VCPI’s own payroll operations that serve nearly 150 company employees.



User avatar
Volkonski
Posts: 23928
Joined: Sat Mar 02, 2013 4:44 pm
Location: Texas Gulf Coast and North Fork of Long Island
Occupation: Retired Mechanical Engineer

Re: Hacking & Cracking

#168

Post by Volkonski » Thu Dec 05, 2019 3:51 pm

MSNBC
@MSNBC
·
48m
US federal prosecutors have filed charges against 2 Russian nationals who are accused of a string of attacks on computer systems in the US that netted them over $3M.
Image


Image“If everyone fought for their own convictions there would be no war.”
― Leo Tolstoy, War and Peace

Post Reply

Return to “Computers & Internet”