Tumblr saw it all

seen from United States

seen from Germany

seen from Germany

seen from United States
seen from China

seen from Brazil
seen from United States

seen from United States

seen from United States
seen from Germany

seen from United States
seen from United States

seen from Malaysia

seen from United Kingdom

seen from Malaysia
seen from United States
seen from United States

seen from United Kingdom

seen from United States
seen from India
Tumblr saw it all
WASHINGTON | Prosecutors: Russian hackers exploit US cyber vulnerability
New Post has been published on https://is.gd/xPNv41
WASHINGTON | Prosecutors: Russian hackers exploit US cyber vulnerability
WASHINGTON — Exactly seven months before the 2016 presidential election, Russian government hackers made it onto a Democratic committee’s network.
One of their carefully crafted fraudulent emails had hit pay dirt, enticing an employee to click a link and enter her password.
That breach of the Democratic Congressional Campaign Committee was the first significant step in gaining access to the Democratic National Committee network.
To steal politically sensitive information, prosecutors say, the hackers exploited some of the United States’ own computer infrastructure against it, using servers they leased in Arizona and Illinois. The details were included in an indictment released Friday by special counsel Robert Mueller, who accused the GRU, Russia’s military intelligence agency, of taking part in a wide-ranging conspiracy to interfere in the 2016 presidential election. The companies operating the servers were not identified in the court papers.
The Russians are accused of exploiting their access to inexpensive, powerful servers worldwide — conveniently available for rental — that can be used to commit crimes with impunity. Reaching across oceans and into networks without borders can obfuscate their origins.
The indictment painstakingly reconstructs the hackers’ movements using web servers and a complex bitcoin financing operation.
Two Russian hacking units were charged with tasks, including the creation and management of a hacking tool called “X-agent” that was implanted onto computers. The software allowed them to monitor activity on computers by individuals, steal passwords and maintain access to hacked networks. It captured each keystroke on infected computers and took screenshots of activity displayed on computer screens, including an employee viewing the DCCC’s online banking information.
From April to June 2016, the hackers installed updated versions of their software on at least 10 Democratic computers. The software transmitted information from the infected computers to a GRU-leased server in Arizona, the indictment said. The hackers also created an overseas computer to act as a “middle server” to obscure the connection between the DCCC and the hackers’ Arizona-based server.
Once hackers gained access to the DCCC network, it searched one computer for terms that included “hillary,” ”cruz,” and “trump” and copied select folders, including “Benghazi Investigations.”
In emails, the hackers embedded a link that purported to be a spreadsheet of Clinton’s favorability ratings, but instead it directed the computers to send its data to a GRU-created website.
Meanwhile, around the same time, the hackers broke into 33 DNC computers and installed their software on their network. Captured keystrokes and screenshots from the DCCC and DNC computers, including an employee viewing the DCCC’s banking information, were sent back to the Arizona server.
The Russian hackers used other software they developed called X-Tunnel to move stolen documents through encrypted channels to another computer the GRU leased in Illinois.
Despite the use of U.S.-based servers, such vendors typically aren’t legally liable for criminal activities unless it can be proved in federal court that the operator was party to the criminal activity.
A 1996 federal statute protects internet vendors from being held liable for how customers use their service, and except for a few exceptions, provides immunity to the providers. The law is considered a key part of the legal infrastructure of the internet, preventing providers from being saddled with the behemoth task of monitoring activity on their servers.
“The fact that someone provided equipment and or connectivity that was used to engage in data theft is not going to be attributed to the vendor in that circumstance,” Eric Goldman, a professor of law and co-director of the High Tech Law Institute at Santa Clara University School of Law, said. A notable exception, however, is if federal prosecutors are bringing a criminal charge for violations of a federal criminal law.
In that case, “we’re going to require a high level of knowledge of their activity or intent,” Goldman said.
When the DNC and DCCC became aware they had been hacked, they hired a cybersecurity firm, Crowdstrike, to determine the extent of the intrusions. Crowdstrike, referred to as “Company 1” in the indictment, took steps to kick the hackers off the networks around June 2016. But for months the Russians eluded their investigators and a version of the malware remained on the network through October — programed to communicate back to a GRU-registered internet address.
“We do not have any information to suggest that it successfully communicated,” said Adrienne Watson, the DNC’s deputy communications director.
As the company worked to kick them off, GRU officials allegedly searched online for information on Company 1 and what it had reported about its use of X-Agent malware and tried to delete their traces on the DCCC network by using commercial software known as CCleaner. Though Crowdstrike disabled X-agent on the DCCC network, the hackers spent seven hours unsuccessfully trying to connect to their malware and tried using previously stolen credentials to access the network on June 20, 2016.
The indictment also shows the reliance of Russian government hackers on American technology companies such as Twitter, to spread its stolen documents.
The hackers also accessed DNC data in September 2016 by breaking into DNC computers hosted on the Amazon Web Services’ cloud. The hackers used Amazon Web Services’ backup feature to create “snapshots” that they moved onto their own Amazon cloud accounts. Amazon also provides cloud computing services for various government agencies, including the Central Intelligence Agency.
__
By TAMI ABDOLLAH, Associated Press
WhatsApp blocked in Brazil again — TechCrunch
WhatsApp blocked in Brazil again — TechCrunch
SÃO PAULO—A Rio de Janeiro criminal court on Tuesday ordered Brazilian mobile-phone companies to block the popular WhatsApp chat service after the social-media company allegedly failed to turn over messages sought by authorities as part of a criminal investigation. Brazil’s battle with Facebook over its encrypted messaging app, WhatsApp, continues to rage. A Brazilian judge ordered telephone…
View On WordPress
TechCrunch Reports Passwords for 32M Twitter accounts may have been hacked and leaked #DCTech
TechCrunch Reports Passwords for 32M Twitter accounts may have been hacked and leaked #DCTech
There is yet another hack for users of popular social media sites to worry about. More than 32 million Twitter credentials may have been stolen by hackers and are now being sold on the dark web. LeakedSource, a site with a search engine of hacked information, said in a blog post that it received a copy of the user information from “[email protected],” the same alias used by the person who gave…
View On WordPress
The Challenges of Deterring Cyber-Attacks
The Challenges of Deterring Cyber-Attacks
By Joshua Tromp
Small Wars Journal
Recent history is full of events demonstrating the serious effects of cyber-attacks and the prominent role they play in global events. Incidents such as the 2010 Stuxnet attack on an Iranian Uranium enrichment facility, the 2008 Russian cyber-attack on the country of Georgia, the 2014 attack on Sony Pictures Entertainment, and the 2015 discovery of a…
View On WordPress
CYBER SECURITY: Hope Is Nature’s Veil For Hiding Truth’s Nakedness
Governments have made cyber security a cornerstone of their policies. Regulators are desperately trying to implement various rules and regulations in order to keep our key infrastructure protected in a world where just about everything is now plugged into the www. Even tooth brushes and TVs are now connected – and providing unprotected routes into our most secret data.
Various agencies are tasked with the job of making sure that our concatenated world is secure. Some are not tasked but stick their ore in anyway. Over in the US, for example, almost 50 government departments are running many initiatives intended to keep our data safe. It is inevitable that amongst such complexity, like the systems which all these organisations attempt to police, holes in the coverage are missed or new ones created.
Regulators are kept awake at night worrying about financial companies. These are the axles around which are complicated 21st Century lives rotate. If the banks go, we’re all in deep doodoo. The banks are twixt the rock and the hard place. Customers demand ever more convenient methods of getting at their assets. The banks run just to stand still. Developers, who frequently know nothing about security, develop. Security becomes more complex. Holes are missed and new ones created. Most of them are subsequently seen. Some of them are not. Meanwhile, the criminals work diligently away to find vulnerabilities and, once they do, ways to exploit them. Technology advances, holes are left behind – perhaps they have been overlooked, maybe they have been forgotten about. Holes equal vulnerabilities. Vulnerabilties are the hackers’ bread and butter. Lined up to assist them are millions of little people who unknowingly do daft things on their computers on a daily basis. Often, the hard bit for the hacker is finding the vulnerability and creating the exploit which may take months to construct. The easier job, frequently, is to gather the data he needs to execute it. There are criminal gangs who make a healthy living selling huge quantities of personal data to hackers so that they can target and socially engineer hundreds, thousands or millions of victims for an exploit. Take it from me, a mega-breach is coming.
Criminal hackers are always going to be more agile than the monoliths against which they operate. The recent Ebay/Paypal incident in Australia is a good case in point. An ethical hacker reported a vulnerability and described how it could be exploited to the companies and was, apparently, fobbed off. The companies then, apparently, did nothing with his report. Three months later, the vulnerability was still there. Apparently, nothing had been done. Our experience tells us that the word apparently can probably be removed. The chances are that large corporate inefficiency led to poor housekeeping. Hubris may also have been present.
The problem for all institutions is that they face millions of attacks on a daily basis. Under such sustained and incessant attacks, things will inevitably give. Only one has to get through. Imagine, if you will, a bank which is breached. The customer can’t identify the attack and the bank cannot either. To both everything seems ticketyboo. Eventually, the attacks will come to light when a customer notifies the bank that he is short some cash – this could be weeks if the hacker is careful and the customer does not diligently check his account frequently. It might take customers a long time to notice that tiny amounts – a couple of £’s or $’s here, a couple more there – are bleeding from their accounts. Worse, are there any other victims? How to identify them? What to do? How to stop it once the exploit has been identified? Clever, devious and dedicated hackers will eventually outwit the defences arrayed against them, if only because those defences are so complex that there are bound to be some gaping holes in them.
But it is not just our financial institutions which are being targeted. Hackers are sniffing around all manner of other targets; hospitals, sewerage systems, traffic lights, oil terminals, airports, etc. Some of these systems are woefully unprotected and relatively easy to disrupt or even destroy. Most are vulnerable to malicious attacks. Just think, if the Iranian’s can take control of a US drone and land it, and if the Chinese can hack into Israel’s Iron Dome missile defences, it is highly likely that the banks will be a relative cakewalk for competent hackers.
Regulators are straining every sinew in the Sisyphean task of ensuring our institutions and key infrastructure are protected and safe. But the nature of government and their agencies is that they are conservative, clunky and, often, hugely inefficient. Hiring good staff is becoming a huge problem, simply because the demand for skills is so much higher than the supply. To make matters worse, governments usually don’t pay that well so business gets the cream. That means that it is very easy for everyone to end up with decidedly suboptimal defences where assurance is given when it most definitely should not be.
So What? So a lot actually. For lack of alternative options and the shortage of hands at the pump, there is, now, far too much reliance on automated defences. When the machine goes wrong and no-one is watching except another machine, the results can be carnage. There are too many systems which use out of date software and hardware. Many systems are poorly patched. Hackers can see this during a virtual drive-past. They don’t have to go anywhere near systems. End-point security is a nightmare akin to cutting the head off of a Hydra. If there is one thing you can guarantee, it is the multitude of bad things that individuals will do to undermine good security. Entering through a third party’s portal makes life even easier. Unusual activity sniffing software doesn’t, can’t, spot everything. Denial of vulnerability, often after assurances from the in-house (or third party vendor) help, is standard fare. Denial is frequently automatic – and is often a lie. Post Steinhafel, the head shed, the ‘C Suite’, is looking straight down the barrel of personal responsibility gun. Permission to quiver bottom lip Sir?
Bronzeye Group is a Business Risk Management company. We have a wide array of programs which help our clients to stay out of harm’s way and at the head of the ‘threat curve’. Please call us to investigate how we can assist you in ensuring your information assurance.
Until you do, mind your eye………….
Malaysia Airlines Flight MH370 Vulnerable to a Cyber Intrusion
Malaysia Airlines Flight MH370 Vulnerable to a Cyber Intrusion
Aircraft Cyber Vulnerability back on August 21, 2012, Boeing requested permission to make changes to the equipment that had been installed as part of 777’s series of aircraft onboard data network system upgrade. This request was ruled on November 18, 2013.
Reference: https://www.federalregister.gov/articles/2013/11/18/2013-27343/special-conditions-boeing-model-777-200–300-and–300er-series-airplan…
View On WordPress
Watch World Cyber Attacks As They Happen
BERLIN – A German company has created a world map that show live cyber attacks around the globe as they happen, according to InfoWorld. Sicherheitstacho.eu presented the map this week during the Cebit Tech Fair. “The Honeypot Project is an instant view of cyber attacks across the...