Articles about Hacking

Black Hat keynote speaker Shawn Henry, the former executive assistant director of the FBI’s Criminal, Cyber, Response and Service Branch, started off the day after opening remarks from Jeff Moss, founder of Blackhat. Moss wondered if now was the time for the cyber-security sector to take a more aggressive/offensive approach. Moss mentioned working for a former employer years back, a firewall manufacturer that had a product that would launch specially crafted code in response to an attacker, sort of an early offensive DoS attack. This was an early attempt by security professionals to cause pain by going on the offensive.

But since DoS attacks aren’t exactly a legal offensive tactic nowadays, what to do? He recommends civil action, a la recent Facebook actions where attackers were sued in civil court. But what happens when attackers are overseas? Mr. Moss is hopeful that responding in a civil manner would “encourage” other countries to implement legal protections to stop current and future attack attempts abroad.

Continue reading →

In what the loosely-tied hacker group Anonymous calls #OpSaveTheArctic, over 1,000 email credentials and Hash checks of email passwords from five major international oil giants were released. The companies targeted included Exxon Mobil Corporation, Shell Petrochemical Corp., and BP Global; as well as the Russian based Gazprom Corporation and Rosneft Petroleum Corp.

The data dumped on anonymous text post website Pastebin includes 317 emails and their unsalted MD5 hashed passwords from a hack on Exxon mobil from June. Added July 13th: a further 724 emails and hashed passwords from BP, Gazprom, and Rosneft, and 26 emails with clear-text passwords from Shell Petroleum. Also listed: all of the internal mail system information, detailing routers, operating system type, database details and server hardware vendor. Further detailing of the type of data gained is available at the DC/Nova/Maryland network security blog site NovaInfoSeco.com.

Continue reading →

The battle for your network revolves increasingly around Information Superiority. When your network is breached, the attackers leverage Information Superiority -- they know something you don’t about your environment and they’re using that to gain access to your network and digital assets.

Unfortunately the typical organization doesn’t know enough about its environment to effectively defend it. Perhaps nowhere is this lack of Information Superiority more apparent than in the mobile enterprise. A study conducted by IDC finds that 40 percent of IT decision makers say that workers access corporate information from employee-owned devices, but in stark contrast more than 80-percent of employees indicate they access corporate networks this way. To protect our corporate assets we need to close this gap.

Continue reading →

Small businesses have their hands full these days in light of a down economy, tightening budgets and the steepening pace of business, but with nation-state hacks front and center in the threatscape, should you worry about those, too, or are you (and your customers) safe?

Nation-state hacks bring to mind images of large defense contractors, big government offices, and/or high profile financial institutions. After all, if a bad actor overseas stole the cutting edge design of a new nuclear reactor, it would be quite a haul for that government and its cronies -- and worth their time, money and effort to go after. But you’re a small business, too small to garner that kind of attention, right?

Continue reading →

A couple of days ago Microsoft researcher Terry Zink claimed he’d uncovered evidence of Android phones being used as part of a botnet to send spam from Yahoo Mail servers. In his blog post on July 3rd he reported that the spam, which included "androidMobile" in the message header, and "Sent from Yahoo! Mail on Android" at the bottom of the emails, was being sent from devices located in Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine and Venezuela. He then went on to speculate that users of the infected phones might have installed Trojanized pirated versions of legitimate apps, and become infected that way.

Security experts Sophos, agreed with his findings after running investigations of its own on the spam messages, but didn’t actually find or test any of the supposed malware itself. Google has since denied that any Android devices have been compromised in this way, stating there was no evidence to prove Zink’s claim, and that the junk messages had just been formatted to look as if they originated on Android handsets.

Continue reading →

Apple is one of the single software companies that hasn't really faced the problem of viruses, for years claiming their operating system is the most secure among all. Seemingly every Mac user claims that his or her computer is the safest and greatest -- they’re invincible!

But those claims collapse as Apple products grow in popularity. Back in April 2012, Flashback infected 670,000 Macs worldwide. The Mac maker responded so well it needed to do the job twice, as the first security patch wasn’t so good. In light of all this one has to wonder whether Apple needs to call it quits and just admit defeat.

Continue reading →

This morning when I logged into LinkedIn I was greeted with several front page references to the reported hacking of the site, and instructions for changing my password, which I did immediately. This is a good time to change all of your social media passwords, making sure you create a fresh password that is hard to guess and unique to each site. It is not unusual for malicious parties who grab a bunch of passwords from one site to try those same passwords on other sites.

Over 6.5 million account passwords showed up on a Russian forum in SHA-1 (hashed) format to prove that the hackers had indeed succeeded in penetrating LinkedIn. There is a good chance that if the hacker(s) achieved access to LinkedIn passwords then they also know the corresponding LinkedIn usernames, i.e. the matching email address of the account owner.

Continue reading →

Today's LinkedIn hack, exposing more than 6 million encrypted passwords, is more serious than it might appear and reveals one of the biggest security shortcomings social networks pose: Linked or shared data. Literally linked-in accounts expose information from others -- then there is the sheer amount of personal data hackers can siphon.

LinkedIn hasn't confirmed the hack, but is investigating. Meanwhile the stolen data already is available on the Internet. Cyber-security expert Robert David Graham says he has confirmed "this hack is real". The stolen data was published as password hashes. He created a SHA-1 hash of his password and found it in the dumped data. "The password I use for LinkedIn is in that list", he explains. "I use that password nowhere else. Furthermore, it's long/complex enough that I'm confident nobody else uses the same password.

Continue reading →

With the recent talk of state-sanctioned malware like Stuxnet and Flame, Google on Tuesday announced it has taken measures to alert its users when it believes they are the target of state-sponsored cyber attacks.

Google Vice President of Security Engineering Eric Grosse said on Tuesday that targeted users will receive an alert like the one pictured above. This alert warns when Google's internal analytics have sniffed out patterns that look like their email is the target of phishing or malware.

Continue reading →

A hacker going by the handle ".c0mrade" claims to have hacked the U.S. Navy's site navy.mil, and has published a partial list of the information he obtained in a pastebin dump.

According to security analysis group IdentityFinder, the breach includes the "Data Profiles" of 29 accounts on navy.mil servers, as well as a description of navy.mil subdomains and servers.

Continue reading →

Security researchers are warning of what they call one of the most sophisticated worms to date, and believe that this time, the worm may be the work of a nation-state rather than hackers. Called "Flame", the Trojan has hit Middle Eastern countries particularly hard, most notably Iran.

According to Kaspersky, Flame is capable of stealing "computer display contents, information about targeted systems, stored files, contact data and even audio conversations". The worm appears to be targeted to specific computers, likely indicating its creators are searching for specific information.

Continue reading →

On Monday, hacktivist group Anonymous announced it will be releasing 1.7 gigabytes of private data it has acquired from the United States Department of Justice, in an event it called "Monday Mail Mayhem." The group claimed the act was being done to "spread information, to allow the people to be heard and to know the corruption in their government. We are releasing it to end the corruption that exists, and truly make those who are being oppressed free."

New York-based security company Identity Finder ran an analysis on the data after it was released on Tuesday, and found the file dump actually contained no sensitive personal information, no secret internal documents, and no internal emails.

Continue reading →

VMware has confirmed that a portion the the source code for its ESX hypervisor was compromised, although the code dates back as early as 2003. That said, a fairly significant portion of the company's customers are still using the platform as VMware works to push them towards its newer hypervisor called ESXi.

A hypervisor in the simplest terms is a virtual machine management platform on which several virtual machines can run concurrently. The hypervisor controls the sharing of virtualized hardware resources. ESXi has a far smaller attack surface, which limits the available avenues of attack on a installation.

Continue reading →

Streaming music content is too restrictive, believes hacktivists Anonymous. Six members of the group have released Anontune, a web-based application that aims to aggregate streaming music online and place it in a central location. AnonTune currently accesses the catalogs of YouTube and SoundCloud, although the developers plan to add content from other services including Yahoo Music, Myspace Music, Bandcamp and others in the future.

True to the groups name, users will be able to listen to tracks anonymously, and Anonymous itself will not store the tracks. Instead it depends on the catalogs of the services it aggregates, thus leaving the sticky copyright issues to those sites. Recording Industry Association of America's Waterloo, indeed. The next one, if Napster wasn't enough a computing generation ago.

Continue reading →

Today, hacktavist group Anonymous put to rest one of the most important debates about Barack Obama. Is he really a US citizen? Only native-born Americans are legally permitted to be president, and early during his 2008 election campaign Obama fought off accusations that he was born in another country and not the great state of Hawaii. The accusations turn out to be true. But his place of origin is farther out. Barack Obama was born on another planet.

Anonymous published the stunning revelatory material to Pastebin, marking its most courageous hack to date. For anyone questioning the group's motivations, the stolen material puts to rest any doubt about being a force of good. Hacktavists obtained emails and other documents from Obama's BlackBerry, along with foiled plans to invade the earth. The White House immediately issued a denial, calling the disclosure a prank.

Continue reading →