Zaid Shoorbajee – Page 17 – WindowsTechs.com

Alaska election website was hacked on election day in 2016: report

Posted on May 8, 2018 by Zaid Shoorbajee

Hackers reportedly breached election systems in a third state, in addition to the already disclosed incidents involving Arizona and Illinois, during the 2016 campaign cycle. On election day 2016, a hacker successfully penetrated a server hosting Alaska’s main election website, the Anchorage Daily News reported on Monday night, citing documents obtained through a public records request. The breach is not connected to the previously reported hacking attempt made by Russia-linked hackers to access Alaska’s primary voter registration database. Alaska was one of 21 states that were previously informed by the Department of Homeland Security of similar Russian probing activity on their election systems. Security experts told ADN that, although the newly reported incident was a successful intrusion, the Alaska Division of Elections’ appear to have prevented the attackers from changing content on the server. ADN reports that the hacker exploited a vulnerability in the Alaska election website’s PHP script, a commonly used web […]

The post Alaska election website was hacked on election day in 2016: report appeared first on Cyberscoop.

Continue reading Alaska election website was hacked on election day in 2016: report→

Carbon Black stocks close 26 percent up on first day of public trading

Posted on May 4, 2018 by Zaid Shoorbajee

Cloud-based endpoint security company Carbon Black started trading shares on the Nasdaq on Friday, closing at 26 percent above its initial public offering price of $19 per share. In a filing with the Securities and Exchange Commission, Carbon Black said that it is hoping to raise $152 million in its initial public offering by selling 8 million shares. It had set its price range between $17 and $19 — after upping it from a previous filing — and opened on Friday to trades of about $24.50 per share. Stocks were at $23.94 when markets closed at 4 p.m. EDT. Carbon Black, Inc. is a security company based in Waltham, Massachusetts and was founded in December 2007. @carbonblack_inc #CarbonBlackIPO #CBLK⚡️ pic.twitter.com/jgkGBBazjM — Nasdaq (@Nasdaq) May 4, 2018 The Waltham, Mass., company has yet to turn a profit, but reports consistent increases in revenue in its SEC filings: $162 million in 2017, up from $116.2 million in 2016 and $70.6 […]

The post Carbon Black stocks close 26 percent up on first day of public trading appeared first on Cyberscoop.

Continue reading Carbon Black stocks close 26 percent up on first day of public trading→

ZooPark malware targets Android users though Telegram, watering holes

Posted on May 4, 2018 by Zaid Shoorbajee

A newly uncovered cyber-espionage campaign targets Android users in the Middle East and North Africa through the chat app Telegram and compromised websites, according to a report published Thursday by Kaspersky Lab. Kaspersky says it identified four different iterations of “ZooPark,” malware apparently developed between 2015 and 2017, each one expanding on the previous. The latest version has the capability to exfiltrate a wide range of data, including contacts, GPS location, text messages, call audio, keylogs and others. The malware can also take pictures, video and screenshots as well as record audio. “This last step is especially interesting, showing a big leap from straightforward code functionality to highly sophisticated malware,” the report says. “This suggests the latest version may have been bought from vendors of specialist surveillance tools.” The campaign spreads spyware focusing on victims in Iran, Morocco, Egypt, Jordan and Lebanon, the report says. One of the vectors by which […]

The post ZooPark malware targets Android users though Telegram, watering holes appeared first on Cyberscoop.

Continue reading ZooPark malware targets Android users though Telegram, watering holes→

ZooPark malware targets Android users though Telegram, watering holes

Posted on May 4, 2018 by Zaid Shoorbajee

The post ZooPark malware targets Android users though Telegram, watering holes appeared first on Cyberscoop.

Continue reading ZooPark malware targets Android users though Telegram, watering holes→

Twitter warns all users to change passwords after discovering internal bug

Posted on May 3, 2018 by Zaid Shoorbajee

Happy World Password Day! Twitter is asking all of its 330 million users to change their passwords “out of an abundance caution” after it discovered a bug that stored passwords in an unprotected manner. “When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log,” wrote Paraga Agarwal, Twitter’s chief technology officer, in a blog post on Thursday. I’m sorry that this happened, but am proud to work at a company that puts people who use our service first. — Parag Agrawal (@paraga) May 3, 2018 The cause of the issue doesn’t appear to be a hack. Twitter says that there’s no evidence of a breach or misuse of data. Agrawal says that, in accordance with industry standards, Twitter hashes its passwords using the bcrypt […]

The post Twitter warns all users to change passwords after discovering internal bug appeared first on Cyberscoop.

Continue reading Twitter warns all users to change passwords after discovering internal bug→

Pentagon bars Huawei, ZTE devices from sale on military bases

Posted on May 2, 2018 by Zaid Shoorbajee

The Department of Defense is telling vendors on military bases to stop selling smartphones and other devices made by Chinese companies Huawei and ZTE, citing security concerns, according to a Pentagon statement. The news comes as the U.S. government scrutinizes the two companies for potentially enabling Chinese espionage through their technology. “Huawei and ZTE devices may pose an unacceptable risk to Department’s personnel, information and mission,” Pentagon spokesperson Major David Eastburb said in a statement. “In light of this information, it was not prudent for the Department’s exchanges to continue selling them to DoD personnel.” Pentagon-affiliated news outlet Stars and Stripes reported last month that Huawei phones were being sold by a TKS, a vendor to U.S. military bases in Germany. The company markets telecommunications services and devices to U.S. service members abroad. Eastburn says the order to stop selling Huawei-made phones, modems and other devices went out on Friday and the […]

The post Pentagon bars Huawei, ZTE devices from sale on military bases appeared first on Cyberscoop.

Continue reading Pentagon bars Huawei, ZTE devices from sale on military bases→

Chrome malware targets cryptocurrency, spreads through Facebook’s Messenger

Posted on May 2, 2018 by Zaid Shoorbajee

Researchers with cybersecurity firm Trend Micro have uncovered a malicious extension in Google’s Chrome web browser that uses a multitude of methods to steal and mine cryptocurrency from infected users. The malware, which Trend Micro calls “FacexWorm”, makes its way onto a victim’s browser via social engineering tactics conducted through Facebook Messenger. A target would receive a link leading to a fake YouTube page that would prompt the user to install an extension in order to play the video. Once the extension is installed, it’s programmed to hijack users’ Facebook accounts and spread the link throughout their friends list. FacexWorm appears to be a Swiss Army knife of cryptocurrency-oriented malware. According to Trend Micro, the malicious extension has various capabilities: If an infected user tries logs into Google, MyMonero or Coinhive, FacexWorm will intercept the credentials. When a victim tries to go to a specified set of cryptocurrency trading platforms, […]

The post Chrome malware targets cryptocurrency, spreads through Facebook’s Messenger appeared first on Cyberscoop.

Continue reading Chrome malware targets cryptocurrency, spreads through Facebook’s Messenger→

Former Dyn exec spins up IoT security startup to avoid the next Mirai

Posted on May 1, 2018 by Zaid Shoorbajee

The former head of the company that was at the center of the Mirai botnet attack is now jump-starting a new venture that aims to protect the devices which were co-opted into the attack. Minim, an internet of things security startup based in Manchester, N.H., announced on Monday that it has brought in $2.5 million in seed funding. The genesis of Minim is rooted in that 2016 distributed denial of service (DDoS) attack that targeted DNS provider Dyn and paralyzed several popular websites. Minim CEO Jeremy Hitchcock co-founded Dyn and served is its CEO until a few months before the attack. “The Dyn attack was a huge red flag,” Hitchcock told CyberScoop in an email. “It showed that IoT device hacking is easy (accomplished by a dorm room Minecraft scam for fun), undetectable by the average consumer, and a big problem for internet services such as Dyn.” Mirai leveraged hundreds of thousands […]

The post Former Dyn exec spins up IoT security startup to avoid the next Mirai appeared first on Cyberscoop.

Continue reading Former Dyn exec spins up IoT security startup to avoid the next Mirai→

Intel Committee blasts FBI for not notifying Russian hacking victims

Posted on April 27, 2018 by Zaid Shoorbajee

The FBI is catching heat from Congress again. In a report released Friday by the House Intelligence Committee about their own investigation into Russian interference in the 2016 election, lawmakers argued that the FBI didn’t do enough to notify victims that were targeted by Russian cyberattacks. “The Federal Bureau of Investigation’s notification to numerous Russian hacking victims was largely inadequate,” the committee wrote. “The Committee is also concerned that many, perhaps even a majority, of Russia’s known victims were never contacted by the FBI.” Much of the committee’s notes on this subject are redacted, but the panel appears to base its assessment at least partially on reporting from the Associate Press in November 2017. The AP reported that the FBI was aware of Russian hacking group Fancy Bear attempting to break into scores of U.S. officials’ Gmail accounts, but only notified a small fraction. The committee also highlighted the fact that Hillary Clinton campaign staffer […]

The post Intel Committee blasts FBI for not notifying Russian hacking victims appeared first on Cyberscoop.

Continue reading Intel Committee blasts FBI for not notifying Russian hacking victims→

Google and Microsoft ask Georgia governor to veto ‘hack back’ bill

Posted on April 27, 2018 by Zaid Shoorbajee

Google and Microsoft are asking Georgia Gov. Nathan Deal to veto a controversial bill that would criminalize “unauthorized computer access” and potentially allow companies to conduct offensive hacking operations. The Georgia General Assembly passed the bill in late March and sent it over to Deal, who has 40 days to sign it. The legislation has been met with outcries from the security researcher community. Critics say it would put a chilling effect on legitimate cybersecurity research, in which ethical hackers find and report vulnerabilities in organizations’ networks. But in a in a letter dated April 16, representatives from Microsoft and Google focus on one of the bill’s provisions exempting “active defense measures that are designed to prevent or detect unauthorized computer access.” The companies say that this exemption gives companies broad authority to “hack back” if said hacking is deemed to be for the sake of cybersecurity. “On its face, this provision broadly authorizes the hacking of […]

The post Google and Microsoft ask Georgia governor to veto ‘hack back’ bill appeared first on Cyberscoop.

Continue reading Google and Microsoft ask Georgia governor to veto ‘hack back’ bill→