Tag Archives: cyber warfare

Scammer uses fake Tor browser to lure victimst to supposed Dark Web marketplace

Source: BleepingComputer

"A malicious app disguised as a modified version of the Tor Browser is targeting users looking to buy illegal products off the Dark Web. Discovered by BleepingComputer's Lawrence Abrams last week, this malicious app is distributed using YouTube videos that teach non-technical users how to buy products from a Dark Web marketplace called The Rodeo. Instructions in the YouTube videos tell users to download the Rodeo Browser, which is a modified version of the Tor Browser specifically built to let users access The Rodeo marketplace." (07/13/17)

https://www.bleepingcomputer.com/news/security/scammer-uses-fake-tor-browser-to-lure-victims-to-supposed-dark-web-marketplace/

Millions of Verizon customer records exposed in security lapse

Source: ZDNet

"An Israeli technology company has exposed millions of Verizon customer records, ZDNet has learned. As many as 14 million records of subscribers who called the phone giant's customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra'anana, Israel-based company. The data was downloadable by anyone with the easy-to-guess web address. … Privacy watchdogs have linked the company to several government intelligence agencies, and it's known to work closely with surveillance and phone cracking firms Hacking Team and Cellebrite." (07/12/17)

http://www.zdnet.com/article/millions-verizon-customer-records-israeli-data/

Someone named Jayden K. Smith is not trying to hack your Facebook

Source: Mashable

"Here's a story you've probably heard before: A viral hoax is spreading on Facebook, that, when you stop and think about it, really doesn't make any damn sense. Monday's hoax involves a supposed hacker named Jayden K. Smith. … users are warned about an incoming friend request from a user named 'Jayden K. Smith,' who is reportedly a hacker. Then the user is encouraged to share the warning with all of their friends to protect one's Facebook network from Jayden." (07/10/17)

http://mashable.com/2017/07/10/facebook-viral-hoax-jayden-k-smith/

Vault 7: WikiLeaks dump reveals how the CIA can track your exact location

Source: Wired

"How many people specifically know where you are right now? Some friends and family? Your coworkers, maybe? If you're using a Windows laptop or PC you could add another group to the list: the CIA. New documents released on Wednesday as part of WikiLeaks' series of CIA hacking revelations detail a method the agency uses to geolocate computers and the people using them. The agency infects target devices with malware that can then check which public Wi-Fi networks a given computer can connect to at a given moment, as well as the signal strengths of those networks. From there, the malware compares the list of available Wi-Fi options to databases of public Wi-Fi networks to figure out roughly where the device is. The leaked documents detailing the project, which is known as ELSA, date back to 2013, and specifically address laptops and PCs running Windows 7. But experts say that the technique is straightforward enough that the CIA could have a version of it for every Windows release." (06/29/17)

http://www.wired.co.uk/article/wikileaks-cia-tracking

Petya ransomware slams Windows PCs shut in massive attack

Source: CNet News

"Another widespread ransomware attack is threatening to wreak havoc across the world. Businesses and government agencies have been hit with a variation of the Petya ransomware — that is, malware that holds crucial files hostage. The malware is demanding $300 in bitcoin before victims can regain access. The new ransomware, identified by security firm Bitdefender as GoldenEye, has two layers of encryption, researchers said. It locks up both your files and your computer's file system. 'Just like Petya, it is particularly dangerous because it doesn't only encrypt files, it also encrypts the hard drive as well,' said Bogdan Botezatu, a senior threat analyst with Bitdefender. The malware forces an infected PC to reboot as soon as it finishes encrypting files, so you'll see the ransom demands as soon as possible. Researchers at Recorded Future said there's also a hidden Trojan on Petya that steals victims' usernames and passwords." (06/27/17)

https://www.cnet.com/g00/au/news/unprecedented-cyberattack-hits-businesses-across-europe/

UK: "Sustained" cyber attack targets politicians

Source: The Wire [India]

"Britain’s parliament was hit by a 'sustained and determined' cyber attack on Saturday designed to identify weak email passwords, just over a month after a ransomware worm crippled parts of the country’s health service. The House of Commons said it was working with the National Cyber Security Centre to defend parliament’s network and was confident it had protected all accounts and systems. … The National Cyber Security Centre is part of Britain’s GCHQ spy agency, set up last year to tackle what the government believes is one of the biggest threats to British security." (06/25/17)

https://thewire.in/151118/sustained-cyber-attack-targets-uk-legislators/

Hack brief: Dangerous Fireball adware infects a quarter billion PCs

Source: Wired

"Adware that infects your computer to display pop-ups is an annoyance. But when it infects as many as one in five networks in the world, and hides the capability to do far more serious damage to its victims, it’s an epidemic waiting to happen. The security firm Check Point has warned of a massive new outbreak: They count 250 million PCs infected with malicious code they’ve called Fireball, designed to hijack browsers to change the default search engine, and track their web traffic on behalf of a Beijing-based digital marketing firm called Rafotech. But more disturbingly, Check Point says it found that the malware also has the ability to remotely run any code on the victim’s machine, or download new malicious files. It’s potentially serious malware, disguised as something more trivial." (06/02/17)

https://www.wired.com/2017/06/hack-brief-dangerous-fireball-adware-infects-quarter-billion-pcs/

Most Chipotle restaurants hacked with credit card stealing malware

Source: CNN

"A cybersecurity attack that hit most Chipotle restaurants allowed hackers to steal credit card information from customers, the burrito chain confirmed. The company first acknowledged the breach on April 25. But a blog post on Friday revealed the kind of malware used in the attack and the restaurants that were affected. The list of attacked locations is extensive and includes many major U.S. cities. When CNNMoney asked the company Sunday about the scale of the attack, spokesman Chris Arnold said that 'most, but not all restaurants may have been involved.'" (05/28/17)

http://money.cnn.com/2017/05/28/technology/chipotle-credit-card-hack/

Security experts: Hackers are hiding computer viruses in film subtitles

Source: Telegraph [UK]

"Hackers can hide computer viruses in online video subtitles and use them to take control of computers, security experts have warned. The attacks are embedded within the subtitle files that accompany many illegally downloaded films, and easily bypass security software and antivirus programs designed to keep computers safe. Check Point, the security group that discovered the flaw, said millions of people who use video software including to stream or play films and TV shows on computers could be at risk. They warned that the attack lets hackers take 'complete control' over any type of device using the software, including smart TVs. It identified four programs — VLC, Kodi, Popcorn Time and Stremio — but said there could be more." (05/25/17)

http://www.telegraph.co.uk/technology/2017/05/25/hackers-hiding-computer-viruses-film-subtitles-experts-warn/

FCC won't publish evidence of alleged DDoS attack

Source: ZDNet

"The FCC will not publish evidence of an alleged distributed denial-of-service attack, which critics say prevented a flood of people from leaving messages on the agency's support of net neutrality. Call for the release of the agency's log files came after security experts and pro-net neutrality groups disputed the agency's claims that someone attempted to 'bombard the FCC's comment system with a high amount of traffic' in the hours after the John Oliver's 'Last Week Tonight' show, which rallied viewers to leave feedback in favor of net neutrality rules, which the FCC currently wants to roll back." (05/21/17)

http://www.zdnet.com/article/fcc-will-not-publish-evidence-of-alleged-ddos-attack/