Tag Archives: cyber warfare

ROBOT exploit from 1998 resurrected, leaves top websites’ crypto vulnerable

Source: ZDNet

“A number of the most popular websites and services online, including Facebook and PayPal, are vulnerable to an exploit which has resurfaced from 1998. The security flaw, dubbed ROBOT, was first discovered almost two decades ago by Daniel Bleichenbacher. PKCS #1 1.5 padding error messages produced by secure sockets layer (SSL) servers allow for an adaptive-chosen ciphertext attack which ‘fully breaks the confidentiality of TLS when used with RSA encryption,’ according to researchers Hanno Bock and Juraj Somorovsky from Hackmanit GmbH, Ruhr-Universitat Bochum, and Tripwire VERT’s Craig Young. The server implementation bug could be used to perform RSA decryption and key signing in order to decrypt traffic. ‘We discovered that by using some slight variations this vulnerability can still be used against many HTTPS hosts in today’s Internet,’ the team says.” (12/13/17)

http://www.zdnet.com/article/robot-exploit-from-1998-resurrected-leaves-top-sites-crypto-vulnerable/

Email pointed Trump campaign to WikiLeaks documents that were already public

Source: Washington Post

“A 2016 email sent to President Trump and top aides pointed the campaign to hacked [sic] documents from the Democratic National Committee that had already been made public by the group WikiLeaks a day earlier. The email — sent the afternoon of Sept. 14, 2016 — noted that ‘Wikileaks has uploaded another (huge 678 mb) archive of files from the DNC’ and included a link and a ‘decryption key,’ according to a copy obtained by The Washington Post. … The full email — which was first described to CNN as being sent on Sept. 4, 10 days earlier — indicates that the writer may have simply been flagging information that was already widely available.” [editor’s note: The emails were “leaked.” Whether or not they were “hacked” remains an open question – TLK] (12/08/17)

https://www.washingtonpost.com/politics/email-offering-trump-campaign-wikileaks-documents-referred-to-information-already-public/2017/12/08/61dc2356-dc37-11e7-a841-2066faf731ef_story.html

Uber concealed hack of 57 million accounts, paid hackers $100k to delete info

Source: Bloomberg

“Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers. Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers was accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said.” (11/21/17)

https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data

The US’s most secretive intelligence agency was embarrassingly robbed [sic] and mocked by anonymous hackers

Source: Business Insider

“The National Security Agency, the US’s largest and most secretive intelligence agency, has been hacked, robbed [sic], mocked, and deeply infiltrated by anonymous hackers, according to a new New York Times expose. Essentially, the NSA, which compiles massive troves of data on US citizens and organizes cyber offensives against the US’s enemies, was deeply breached by a group known as the ‘Shadow Brokers.’ Those brokers now post cryptic, mocking messages pointed towards the NSA as they sell the cyber weapons, created at huge cost to US taxpayers, to any and all buyers, including the US’s enemies like North Korea and Russia.” [editor’s note: The cyber weapons were likely copied, not stolen. The NSA presumably still has them, unfortunately – TLK] (11/13/17)

http://www.businessinsider.com/nsa-embarrassingly-robbed-mocked-by-shadow-brokers-2017-11

You against the government’s tools

Source: CounterPunch
by Ebonique Boyd

“Julian Assange calls the events in Catalonia an ‘internet war.’ The Spanish government has raided Catalonian government offices, arrested government officials, frozen telecommunications links, and censored hundreds of internet sites. The government has refused to accept that secession is happening …. Other parts of the world, such as China and Venezuela, have also faced oppressive government internet restrictions and similar retaliations for voicing opposition to government bureaucrats. This internet war has grown in many of these non-English countries to an unlimited extent because most computer programming languages are English-based. For many non-native English speakers, learning computer programming and implementing the tools to navigate around oppressive government restrictions is almost an impossible task. This emboldens these countries’ public officials to continue to legislate more restrictive laws to a populace that isn’t equipped to navigate around those laws.” (11/02/17)

https://www.counterpunch.org/2017/11/02/you-against-the-governments-tools/

On election security, feds flounder while states make strides

Source: The American Prospect
by Eliza Newlin Carney

“The debate over the Russian election interference and American election security is a case study in the utter dysfunctionality of Beltway politics. By contrast, a number of states have already embarked on practical, problem-solving innovations in securing the ballot in future elections. On the national stage, President Trump’s ‘election integrity’ commission has careened from one controversy to another, taking steps that actually threaten to undermine ballot security. Outside the spotlight, state election officials are quietly taking steps to respond to the Russian threat and upgrade American election systems with better machines, more accurate voter rolls, and firewalls against hacking.” (10/26/17)

http://prospect.org/article/election-security-feds-flounder-while-states-make-strides

Bad Rabbit: New cyber attack hits Russia, Ukraine

Source: Hindustan Times [India]

“A new cyber attack, dubbed as Bad Rabbit, hit a Ukrainian international airport and three Russian media outlets on Tuesday. The cyber attack comes just four months after the ‘NotPetya’ malware spread from the two countries to other parts of the world. Cybersecurity experts said the computer virus also appeared to have spread to Turkey and Germany as the day progressed — but that its size appeared to be relatively small.” (10/25/17)

http://www.hindustantimes.com/tech/bad-rabbit-new-cyber-attack-hits-russia-and-ukraine/story-BHUfNuUmjIxwbjdk8on4jN.html

US Heimatsicherheitsdienst orders federal agencies to start encrypting sites, emails

Source: ZDNet

“Homeland Security is ordering federal agencies to deploy basic web and email security features in an effort to boost cybersecurity across government. Up until now, Homeland Security had been pushing businesses and enterprise customers to enable HTTPS web encryption across the board, which helps secure data in transit but also ensures that nobody can alter the contents of the website you’re visiting. The agency has also pushed DMARC, an email validation system used to verify the identity of an email sender, which helps to protect against inbound spoofed emails and phishing attacks. Now, the Homeland Security has set its sights on government agencies, which have for years fallen behind. The agency has issued a binding operational directive, giving all federal agencies three months to roll out DMARC across their networks. Enabling that email policy will prevent spammers from impersonating federal email addresses to send spoofed email. The agency is also requiring within the next four months for all federal agencies to employ HTTPS.” (10/16/17)

http://www.zdnet.com/article/homeland-security-orders-federal-agencies-to-encrypt-email-website/

Severe WiFi security flaw puts millions of devices at risk

Source: Engadget

“Researchers have discovered a key flaw in the WPA2 WiFi encryption protocol that could allow hackers to intercept your credit card numbers, passwords, photos and other sensitive information. The flaws, dubbed ‘Key Reinstallation Attacks,’ or ‘Krack Attacks,’ are in the WiFi standard and not specific products. That means that just about every router, smartphone and PC out there could be impacted, though attacks against Linux and Android 6.0 or greater devices may be ‘particularly devastating,’ according to KU Leuven University’s Mathy Vanhoef and Frank Piessens, who found the flaw.” (10/16/17)

https://www.engadget.com/2017/10/16/wifi-vulnerability-krack-attack/

Equifax website hacked again, this time to redirect to fake Flash update

Source: Ars Technica

“In May credit reporting service Equifax’s website was breached by attackers who eventually made off with Social Security numbers, names, and a dizzying amount of other details for some 145.5 million US consumers. For several hours on Wednesday the site was compromised again, this time to deliver fraudulent Adobe Flash updates, which when clicked, infected visitors’ computers with adware that was detected by only three of 65 antivirus providers.” (10/12/17)

https://arstechnica.com/information-technology/2017/10/equifax-website-hacked-again-this-time-to-redirect-to-fake-flash-update/