Cyber Attacks and Hacking

[Volkonski]

FBI investigating ransomware attack on Steamship Authority

https://www.capecodtimes.com/story/news ... 504952002/

The Woods Hole, Martha’s Vineyard and Nantucket Steamship Authority was the target of a ransomware attack Wednesday morning, and the extent and origin of the attack is under investigation by the FBI and other agencies.

The FBI is now taking lead on the investigation, working in conjunction with the Coast Guard and the Massachusetts State Police Cyber Security Unit, Coast Guard First District Petty Officer Amanda Wyrick said in an email.

There is no impact to the safety of vessel operations since the issue did not affect radar or GPS functions, according to the Authority.

Scheduled trips to Martha’s Vineyard and Nantucket are still happening, and the Steamship Authority posted its schedules on its social media. Customers may experience some delays during the ticketing process, and customers are unable to book or change vehicle reservations online or by phone, according to the Steamship Authority.

[RTH10260]

nothing new, I bet you have already changed your passwords

Billions of passwords leaked online from past data breaches
Dubbed RockYou2021, the list as revealed on a hacker forum contains 8.4 billion password entries, says CyberNews.

A list of leaked passwords discovered on a hacker forum may be one of the largest such collections of all time. A 100GB text file leaked by a user on a popular hacker forum contains 8.4 billion passwords, likely gathered from past data breaches, tech news site CyberNews said on Monday.

Based on comments from the user, the passwords in the collection range from 6 to 20 characters with non-ASCII characters and white spaces removed. The user actually claimed that the list has 82 billion passwords.

But CyberNews refuted that claim, saying that its own test found around 10 times fewer entries, putting the figure closer to 8.4 billion. That's still a substantial number, especially considering that there are 4.7 billion active internet users around the world.

The forum user named the collection RockYou2021, which CyberNews said it believes is a reference to the 2009 RockYou data breach in which social game developer RockYou was hit by an attack that exploited a SQL injection flaw. In this incident, the 32 million leaked passwords had been stored in an unencrypted format, making it easy for hackers to obtain them through brute force.



https://www.techrepublic.com/article/bi ... -breaches/

[Volkonski]

[keith]

Dunno if this is a Cyber Attack or Hack job, but according to "ISITDOWNRIGHTNOW" "Above Top Secret" has been down for more than 2 days

Where am I supposed to report the grey lizard man living next door?

[tek]

Dunno if this is a Cyber Attack or Hack job, but according to "ISITDOWNRIGHTNOW" "Above Top Secret" has been down for more than 2 days

Where am I supposed to report the grey lizard man living next door?

Off Topic

Truth Social!

[RTH10260]

Yandex Go hacked, someone orders all cabs in Moscow to the square (Sept. 1, 2022)

Posted on 2022-09-02
by guenni

Since the invasion of Ukraine, Russia has also been targeted by various hacker groups. The days hackers probably managed to hack the service Yandex Taxi. Then the attackers simply ordered all available cabs to a certain address in the center of Moscow. It is easy to imagine the traffic chaos that must have prevailed there.

I found the first news on reddit.com, with this post referring to a Twitter post about the event. According to Forbes Russia, on the morning of September 1, 2022, motorists in Moscow complained about the unusual accumulation of cabs on Kutuzovsky Avenue in the west of the capital. Motorists were stuck in the traffic jam caused by the accumulation of cabs for about 40 minutes.



https://borncity.com/win/2022/09/02/yan ... sept-2022/

[raison de arizona]

Word on the bird site is that Uber has gotten Uber hacked!

[raison de arizona]

NY Post claims they were hacked, but some claim the salacious headlines are typical for them!

[keith]

Australian systems are being attacked just about every day for the last month or so.

Optus, Australia's 2nd largest telecoms had zillions of customer accounts stolen with ID documentation, including MY driver's license number. ( I think that the license they had was from at least 15 years ago, so no longer valid, but I can't remember if they record it each time I go in to swap/re-up the phone). The hacker made a ransom demand, then released a few thousand accounts to prove intent, then appologized and claimed they had destroyed the info.

Last week they hit Medibank, the largest health insurer. I dunno the details of that one, I am not insured with them.

I understand that dozens of other companies have been hit. It makes one wonder what has happened to the focus on security that I experienced when I was still working. Complacency I guess.

Oh, here is a story from 2121, maybe this is what is encouraging the hackers:

Australian organisations are quietly paying hackers millions in a 'tsunami of cyber crime'

I recommend you don't pay these clowns, instead have distributed backups that you test regularly, use transaction mirroring. set up a DMZ that isolates data from web based services ANY web based service. If you do get popped, rebuild your entire system from scratch from your backups.

The Optus and Medibank hack was not targeting wiping out the data, but getting customer data they could sell on. This data should not, under any circumstances, have been 'exposed' to the web. That is criminal negligence, in my opinion.

Front line services should NOT interact with databases - they should interact with servers that respond to defined queries and are not connected to the web. Those defined queries should not include "gimme everything you got".

There are more issues, but mainly, there really is NO excuse for this kind of hacking to go on.

[keith]

Australian systems are being attacked just about every day for the last month or so.

Optus, Australia's 2nd largest telecoms had zillions of customer accounts stolen with ID documentation, including MY driver's license number. ( I think that the license they had was from at least 15 years ago, so no longer valid, but I can't remember if they record it each time I go in to swap/re-up the phone). The hacker made a ransom demand, then released a few thousand accounts to prove intent, then appologized and claimed they had destroyed the info.

Last week they hit Medibank, the largest health insurer. I dunno the details of that one, I am not insured with them.

EDIT TO ADD: Medibank cyber attack and ransom demand referred to Australian Federal Police

I understand that dozens of other companies have been hit. It makes one wonder what has happened to the focus on security that I experienced when I was still working. Complacency I guess.

Oh, here is a story from 2121, maybe this is what is encouraging the hackers:

Australian organisations are quietly paying hackers millions in a 'tsunami of cyber crime'

I recommend you don't pay these clowns, instead have distributed backups that you test regularly, use transaction mirroring. set up a DMZ that isolates data from web based services ANY web based service. If you do get popped, rebuild your entire system from scratch from your backups.

The Optus and Medibank hack was not targeting wiping out the data, but getting customer data they could sell on. This data should not, under any circumstances, have been 'exposed' to the web. That is criminal negligence, in my opinion.

Front line services should NOT interact with databases - they should interact with servers that respond to defined queries and are not connected to the web. Those defined queries should not include "gimme everything you got".

There are more issues, but mainly, there really is NO excuse for this kind of hacking to go on.

EDIT TO ADD: I hate using the word 'hack' or 'hacker' or 'hacking' for this criminal enterprise. To me hacking is an honourable profession - it brought us the electric light bulb, the telephone, and the personal computer. Criminal breaking and entering, theft of intellectual property, and extortion are criminal activities that should not be confused with hacking. But I don't control the English language so there you have it.

[Foggy]

I make complete backups of both my main computers every Sunday on a 2TB external drive that I keep in the car. The phone and tablet are backed up to the cloud.

[neonzx]

I make complete backups of both my main computers every Sunday on a 2TB external drive that I keep in the car.

Now I know why you were never in the IT field.

[Foggy]

Yeah? Explain, por favor. I keep it in the car in case the house burns down.

[neonzx]

Yeah? Explain, por favor. I keep it in the car in case the house burns down.

Car-- not environmentally controlled. They also sometimes go missing/get stolen.

[Sam the Centipede]

Aaaagghh! Now they know about it, Russians/Chinese/Martians/Lizards could steal the Fogdrive and user the super -excellent information and the cultivated wisdom of the Fogistas to take over the free world!!

[Tiredretiredlawyer]

That is a SKEERY Halloween thought!!!!!!!!!!

[RTH10260]

Aaaagghh! Now they know about it, Russians/Chinese/Martians/Lizards could steal the Fogdrive and user the super -excellent information and the cultivated wisdom of the Fogistas to take over the free world!!

BUT... But... but... I thought we had a tough WALL surrounding the US that will never let them evaporate out of the country, just need to find the needle in the haystack of the Bundy ranchers...

[Foggy]

No one is allowed to steal my stuff.


And of course, my backups are password protected and the password is not in a text file at the root of the external drive.

And it's not in the house, neither, so if the house burns down I can still replace everything if the stupid external drive is in the car.

The password is in my poor little brainbone, where I can access it.

[Frater I*I]

No one is allowed to steal my stuff.


And of course, my backups are password protected and the password is not in a text file at the root of the external drive.

And it's not in the house, neither, so if the house burns down I can still replace everything if the stupid external drive is in the car.

The password is in my poor little brainbone, where I can access it.

Yeah, but how hard is it going to be for them to figure out it's 1-2-3-4-5....

[Foggy]

Wait, are you saying I shouldn't use that as a password?

Edit: Winter is coming, so I can't use a password that makes me take off my shoes and socks for counting.

[Foggy]

Oh man, looky thar.

How secure is my password?

It says mine can be solved in 4 septemvigintillion years.

But the tech might could change a little by then ...

[Sam the Centipede]

Foggy's password is "ilurvorlytaitz". Totes deffo.

[Foggy]

Yeah see? And if anybody else types that password they'll burst into flames.

Oh, wait. How did Sam with all the Laigs type it?

[RTH10260]

Can we continue after the next ice age please, something like in 1 hundred thousand years

Of course we can also discuss our regenerative powers in creating more oil resources, we cannot leave that to the last generation of dinosaurs alone...

[RTH10260]

How Russia’s war in Ukraine helped the FBI crack one of the biggest cybercrime cases in years

Last Updated: Nov. 1, 2022 at 5:01 p.m. ET
First Published: Nov. 1, 2022 at 3:06 p.m. ET
By Lukas I. AlpertFollow

Three weeks after Russia started dropping bombs on Ukraine in late February, a talented young computer programmer named Mark Sokolovsky climbed into a Porsche Cayenne with his girlfriend to get away from the fighting.

The pair made their way through Poland and then Germany before stopping in the Netherlands, where they thought they were safe. Little did they know that the U.S. Federal Bureau of Investigation and investigators in Europe had been watching them all along.

Sokolovsky, 26, had been named late last year in a sealed criminal indictment in federal court in Texas that alleged he was a key figure behind a pervasive type of malware known as Raccoon Infostealer that prosecutors say has infected millions of computers around the world, stealing financial login credentials and money from an untold number of victims.

Days after Sokolovsky crossed into the country, Dutch police arrested him in Amsterdam on charges of computer fraud, wire fraud, money laundering and identity theft. He faces more than 20 years in prison if convicted and remains in custody in the Netherlands while fighting an extradition proceeding that would send him to the U.S.



https://www.marketwatch.com/story/how-r ... 1667329599