Greg Otto – Page 2 – WindowsTechs.com

Former Yahoo engineer admits to hacking accounts in search for sexual images

Posted on October 1, 2019 by Greg Otto

A former Yahoo software engineer pleaded guilty Monday to hacking into about 6,000 Yahoo accounts for the purpose of finding nude images and videos of the account holders. Reyes Daniel Ruiz, 34, admitted in federal court Monday that he targeted the accounts of younger women, including his personal friends and work colleagues, in order to pull images and videos from the various accounts. Ruiz cracked the accounts by accessing various internal Yahoo systems, and then using that information to access iCloud, Facebook, Gmail, Dropbox and other online services to find more private images and videos. Ruiz, who left the company in July 2018, also admitted to the court that once Yahoo was started investigating, he destroyed the computer and hard drive on which he stored the images. Under a plea agreement in the San Jose, California, federal court, Ruiz will be charged with one count of computer intrusion. The charge carries a […]

The post Former Yahoo engineer admits to hacking accounts in search for sexual images appeared first on CyberScoop.

Continue reading Former Yahoo engineer admits to hacking accounts in search for sexual images→

‘Unpatchable’ iOS exploit sends jailbreak enthusiasts into a frenzy

Posted on September 27, 2019 by Greg Otto

A researcher released an “unpatchable” iOS exploit Friday that could make any iPhone from model 4S to 11 susceptible to a permanent jailbreak. First pushed to Twitter by a researcher known as @axi0mX , the exploit works on devices with Apple chipsets from A5 to A11, which have powered iPhones and iPads since 2011. Apple’s newer chip models — A12 and A13 — are not affected. EPIC JAILBREAK: Introducing checkm8 (read “checkmate”), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices. Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG — axi0mX (@axi0mX) September 27, 2019 The exploit, known as “checkm8,” takes advantages of flaws in Apple’s secure boot ROM (bootrom) and allows users to remove restrictions imposed on the devices by Apple or various telecom carriers. On a normal device, users are confined to using Apple’s App […]

The post ‘Unpatchable’ iOS exploit sends jailbreak enthusiasts into a frenzy appeared first on CyberScoop.

Continue reading ‘Unpatchable’ iOS exploit sends jailbreak enthusiasts into a frenzy→

‘No more away games’: Former Cyber Command official says Russia and China have leveled the playing field

Posted on September 20, 2019 by Greg Otto

A former U.S. Cyber Command official said Thursday that China and Russia’s use of cyberattacks has upended the way the U.S. military thinks about warfare, given the incidents’ direct impact on civilians rather than armed forces. Brett Williams, a former deputy of operations for the command, said at an IT conference in New York City that the two adversaries have made it so the military can no longer “play an away game.” “What I mean by that is [the U.S. likes] to fight away games,” Williams said at an event held by Tierpoint, held during CyberScoop’s NY CyberWeek. “We don’t want to have to fight here [on U.S. soil]. Anything we get into with China and Russia, the first impact is going to be felt on our civilian population.” Williams also said he believes both countries’ actions — he spoke specifically on China’s intellectual property theft and Russia’s targeting of […]

The post ‘No more away games’: Former Cyber Command official says Russia and China have leveled the playing field appeared first on CyberScoop.

Continue reading ‘No more away games’: Former Cyber Command official says Russia and China have leveled the playing field→

Supermicro BMCs were susceptible to remote attacks, according to firmware security startup

Posted on September 3, 2019 by Greg Otto

Researchers from an enterprise firmware security startup have found an issue with a key component in various Supermicro motherboards that could allow attackers to remotely access some of an organization’s most valuable assets. Issues in the baseboard management controllers of Supermicro’s X9, X10 and X11 platforms that could allow an attacker to easily connect to a server and mount a virtual disk drive to the BMC, according to researchers from Eclypsium. After mounting a drive, an attacker could modify a server, implant malware, or even disable the device entirely. “Threats operating at this level can easily subvert traditional security measures and put the device and the integrity of all its data at risk,” Eclypsium notes in its research, which was released Tuesday. “As such, organizations should begin to treat these layers of security with the attention that it deserves.” The BMC is a processor that measures the physical state of a […]

The post Supermicro BMCs were susceptible to remote attacks, according to firmware security startup appeared first on CyberScoop.

Continue reading Supermicro BMCs were susceptible to remote attacks, according to firmware security startup→

Alleged Capital One hacker may have taken data from dozens of companies, feds say

Posted on August 14, 2019 by Greg Otto

The person allegedly behind the recent Capital One hack may have siphoned data from more than 30 other companies, according to federal court filings made public Wednesday. In a motion for detention filed in the Western District of Washington state, the U.S. government said investigators found that Paige Thompson took data from multiple companies, and not just Virginia-based bank. The revelation was part of the evidence used to argue that Thompson must be detained before trial, or else pose a danger to the community and a risk of skipping out on further court dates. Thompson, who is currently in federal custody in Washington state, has been charged with stealing data on 106 million Capital One customers after taking advantage of a misconfigured firewall in the bank’s cloud computing system. According to the latest filing, the government has allegedly found terabytes of additional data Thompson took from more than 30 “companies, educational institutions, and […]

The post Alleged Capital One hacker may have taken data from dozens of companies, feds say appeared first on CyberScoop.

Continue reading Alleged Capital One hacker may have taken data from dozens of companies, feds say→

What Capital One’s cybersecurity team did (and did not) get right

Posted on August 2, 2019 by Greg Otto

There was no months-old, unpatched Apache flaw. A S3 bucket wasn’t publicly accessible to anyone with an internet connection. There was no effort to hide what happened behind the company’s bug bounty program. When taken at face value, the Capital One breach looks awfully similar to other massive security failures that have made national news in the past few years. But while people fixate on the amount of information taken, there are some in cybersecurity circles that see a silver lining in the way the bank has handled the incident. Multiple security experts told CyberScoop that while the incident is clearly severe and there are still questions that need to be answered, actions taken by the Virginia-based bank — who did not respond to CyberScoop’s request for comment — prevented this breach from becoming another example of extreme corporate cybersecurity negligence. “While it’s tempting to knock Capital One for this […]

The post What Capital One’s cybersecurity team did (and did not) get right appeared first on CyberScoop.

Continue reading What Capital One’s cybersecurity team did (and did not) get right→

Capital One announces massive data breach; lone suspect arrested in Seattle

Posted on July 29, 2019 by Greg Otto

Financial giant Capital One announced a large data breach Monday, with the company saying that one person accessed personal information of approximately 100 million people in the United States and 6 million in Canada who had applied for or are currently considered users of the company’s credit cards. Additionally, the FBI arrested a woman in Washington state who is suspected of hacking into the company to obtain that information. Paige A. Thompson was arrested Monday and appeared in federal court in Seattle. According to the complaint, Thompson allegedly took wide swaths of personal information from Capital One’s cloud storage instances on March 22 and March 23. The company stored the data taken by Thompson on Amazon Web Services. The company says this information included names, addresses, zip codes/postal codes, phone numbers, email addresses, dates of birth and self-reported income. The information ranged from 2005 to early 2019. Additionally, Capital One […]

The post Capital One announces massive data breach; lone suspect arrested in Seattle appeared first on CyberScoop.

Continue reading Capital One announces massive data breach; lone suspect arrested in Seattle→

Stock trading app Robinhood says user passwords were readable on internal systems

Posted on July 24, 2019 by Greg Otto

Stock trading service Robinhood sent an email to users Wednesday informing them that user credentials were stored in an insecure format inside the company’s internal systems. According to the email obtained by CyberScoop, the problem was discovered Monday night by the company’s security team. “We resolved this issue, and after thorough review, found no evidence that this information was accessed by anyone outside of our response team,” the email reads. A Robinhood spokesperson told CyberScoop that the company has no evidence users’ information was accessed, or that the issue meant user information was breached. “Out of an abundance of caution, we have notified customers who may have been impacted and encouraged them to reset their passwords,” a Robinhood spokesperson told CyberScoop. “We take our responsibility to customers seriously and place an immense focus on working to ensure their information is secure.” Robinhood would not divulge how the error was found […]

The post Stock trading app Robinhood says user passwords were readable on internal systems appeared first on CyberScoop.

Continue reading Stock trading app Robinhood says user passwords were readable on internal systems→

Cybersecurity has done more to drive government cloud use than any other feature, intel official says

Posted on June 12, 2019 by Greg Otto

The cybersecurity features built into cloud computing have allowed the CIA to quickly achieve its technological goals, a top U.S. intelligence official said Tuesday. Sue Gordon, principal deputy director of national intelligence, said that of all the improvements that the cloud has brought to the intelligence community, the protections built into the technology provide the trust needed to handle some of the most sensitive work done by the U.S. government. “The advances we’ve made in security are probably what have allowed the greatest movement of mission,” Gordon said Tuesday at the Amazon Web Services Public Sector Summit in Washington, D.C. “Because of our insistence in the confidence of our processes and our data, and our commitment to the trust the American people place in us, we now have an environment that we trust.” It was a watershed moment for cloud computing when the CIA announced in 2013 that it would […]

The post Cybersecurity has done more to drive government cloud use than any other feature, intel official says appeared first on CyberScoop.

Continue reading Cybersecurity has done more to drive government cloud use than any other feature, intel official says→

Chinese hackers found and repurposed elite NSA-linked tools

Posted on May 7, 2019 by Greg Otto

A hacking group with ties to Chinese intelligence has been using tools linked to the National Security Agency as far back as March 2016, according to research from security firm Symantec. The tools include some released by the Shadow Brokers, a mysterious group that dumped computer exploits once used by the NSA on the open internet in April 2017. Symantec’s research suggests that the Chinese-linked group, which the company calls “Buckeye,” was using the same NSA-linked tools at least a year before they were publicly leaked. According to Symantec, one of the tools used by Buckeye was DoublePulsar, a backdoor implant that allows attackers to stealthily collect information and run malicious code on a target’s machine. DoublePulsar was used in conjunction with another tool, which Symantec calls Trojan.Bemstour, that took advantage of various Microsoft Windows vulnerabilities in order to secretly siphon information off targeted computers. The Trojan.Bemstour exploit allowed attackers […]

The post Chinese hackers found and repurposed elite NSA-linked tools appeared first on CyberScoop.

Continue reading Chinese hackers found and repurposed elite NSA-linked tools→