Canadian hacker behind 500M Yahoo hack reveals Russian connection​

By Carolina
In 2014, Yahoo announced that it had suffered a massive
This is a post from HackRead.com Read the original post: Canadian hacker behind 500M Yahoo hack reveals Russian connection​
Continue reading Canadian hacker behind 500M Yahoo hack reveals Russian connection​

Guilty plea for Canadian charged in 2014 Yahoo hacking case

A man pleaded guilty in federal court in San Francisco on Tuesday for his role in helping Russian spies hack into email accounts. Karim Baratov, a 22-year-old Kazakhstan-born Canadian citizen, was arrested in Toronto in March before waiving his right to fight extradition to the U.S. earlier this year. Baratov is charged, along with three other men including two intelligence agents from Russia’s Federal Security Service (FSB), for a role in the 2014 data breach where information tied to 500 million Yahoo accounts was stolen. Baratov pleaded guilty to eight criminal counts including conspiracy to commit computer fraud and abuse and aggravated identity theft. American prosecutors say Baratov worked under the order and pay of the FSB officers Dmitry Dokuchaev and Igor Sushchin. When FSB targets had non-Yahoo emails, the agency allegedly paid Baratov to break into at least 80 accounts. At least 50 of the targets Baratov allegedly hacked used Gmail. The defendant’s lawyers […]

The post Guilty plea for Canadian charged in 2014 Yahoo hacking case appeared first on Cyberscoop.

Continue reading Guilty plea for Canadian charged in 2014 Yahoo hacking case

Yahoo, Equifax still don’t know who was behind their massive hacks

Two of the most impactful data breaches in history remain unsolved mysteries. Yahoo’s 2013 breach that impacted all 3 billion of the company’s users remains an open case, former CEO Marissa Mayer told the Senate Commerce Committee on Wednesday, testifying alongside to the interim and former CEOs of Equifax and a senior Verizon executive. Yahoo didn’t even know of the record-setting 2013 breach until a U.S. indictment in November 2016, more than three years later. An FBI investigation of the 2013 breach is ongoing. This year’s Equifax breach has smaller numbers (145 million people affected) but the data stolen is extremely sensitive and may end up causing more harm than Yahoo. Like Yahoo, the interim and former CEOs of Equifax don’t know who breached their company. There are now multiple ongoing federal investigations into both the breach and the company itself, interim CEO Paulino Barros told the committee. Yahoo’s 2014 breach, which impacted 500 million users, […]

The post Yahoo, Equifax still don’t know who was behind their massive hacks appeared first on Cyberscoop.

Continue reading Yahoo, Equifax still don’t know who was behind their massive hacks

Cyber Security Roundup for October 2017

State-orchestrated cyber attacks have dominated the media headlines in October, with rogue state North Korea and its alleged 6,800 strong cyber force blamed for several cyber attacks. International intelligence scholars believe the North Korean leadership are using cyber warfare to up the political ante with their ongoing dispute with the United States. The North Koreans, as well as terrible security practices, were directly blamed by the UK National Audit Office for the recent NHS WannaCry attack (despite North Korea denying it). North Korea was also reported to be implicated in the stealing US War Plans from South Korea, and for a spear phishing campaign against the US Power Grid. The possible Russian manipulation of the US election with cyber attacks and rogue social media campaigns is still a story not going away, while the Chinese are alleged to be behind the data theft of Australian F-35 fighter jet, in what is described as an ‘extensive’ Cyberattack. The finger was pointed at Iran for the recent Parliamentary Emails cyber attacks in the UK, meanwhile, EU governments venting their cyber concern, warning that Cyber Attacks can be an Act of War.

Stephen Hawking caused controversy in both the science and tech industry last year when he said Artificial Intelligence could be a serious threat to human existence, could the plot of The Terminator really come to fruition? Perhaps so, as it was reported that AI had already defeated the Captcha Security Check system. Personally, I believe both AI and Quantum Computing will pose significant new threats to cybersecurity space in the next decade.
A far higher number of personal records were compromised in the Equifax data breach than was previously thought, with millions of UK citizens confirmed to be impacted by the US-based credit checking agency hack. Equifax’s now ex-CEO provided an interesting blow-by-blow account of the cyber-attack at a US government hearing, even though Equifax technical staff were specifically warned about a critical Apache Struts (web server) patch, it was ignored and not applied, which in turn allowed hackers to take full advantage of vulnerability to steal the Equifax data on mass. To make matters even worse, the Equifax consumer breach help website was found to be infecting visitors with spyware.

Yahoo revealed all 3 Billion of its user accounts had in fact been breached, in what is truly an astonishing mammoth sized hack, biggest in all history, so far. Elsewhere on the commercial hacking front, Pizza Hut’s website was reported to be hacked with customer financial information taken, and Disqus said a 2012 breach it discovered in October exposed the information of 17.5 million its users from as far back as 2007.
It was a super busy month for security vulnerability notifications and patch releases, with Microsoft, Netgear, Oracle, Google, and Apple all releasing rafts of critical level patches. A serious weakness in the wireless networking WPA2 protocol was made public to great fanfare after researchers suggested all Wifi devices using WPA2 on the planet were vulnerable to an attack called Krack, which exploited the WPA2 weakness. Krack is a man-in-the-middle attack which allows an attacker to eavesdrop or redirect users to fake websites over Wifi networks secured using the WPA2 protocol. At the time of writing most wireless access point vendors and operating system providers had released patches to close the WPA2 vulnerability, and there have been no known exploits of the vulnerability reported in the wild.

BadRabbit is a new strain of ransomware which is emerging and is reported to be infecting systems and networks in Russia and the Ukraine at the moment. BadRabbit is the latest network self-propagating malware, like NotPeyta and WannaCry, to use the NSA EternalRomance hacking tool. A massive new IoT botnet was discovered, its continued growth is fuelled by malware said to be more sophisticated than previous IoT botnet king, Mirai. Russian based threat actor group APT28 is said to be targeting the exploitation of a recently patched Adobe vulnerability (CVE-2017-11292), in using malicious Microsoft Word attachment, so ensure you keep on top of your system patching and always be careful when opening email attachments. 

Finally, the UK National Cyber Security Centre (NCSC) released its first annual report, as it seeks to improve cybersecurity across the UK. Among NCSC achievements cited in the report are:

  • The launch of Active Cyber Defence, credited with reducing average time a phishing site is online from 27 hours to 1 hour
  • Led UK response to WannaCry
  • Advice website with up to 100,000 visitors per month
  • Three-day Cyber UK Conference in Liverpool
  • 43% increase in visits to the Cyber Security Information Sharing Partnership (CiSP)
  • Produced 200,000 physical items for 190 customer departments via UK Key Production authority to secure and protect communications of Armed Forces and national security
  • 1,000 youngsters on CyberFirst courses and 8,000 young women on CyberFirst Girls competition.
  • Worked with 50 countries, including signing Nato’s MoU

NEWS

AWARENESS, EDUCATION AND THREAT INTELLIGENCE

REPORTS

The post Cyber Security Roundup for October 2017 appeared first on Security Boulevard.

Continue reading Cyber Security Roundup for October 2017

Why DHS is telling all feds to implement DMARC email security

An email security program that the Department of Homeland Security has made mandatory for U.S. agencies will stop hackers, online scammers and spies from impersonating federal email addresses — and boy, is it ever needed. It comes as new figures suggest that more than 1 in 4 emails from .gov addresses might be malicious criminal spam. Domain-based Message Authentication, Reporting and Conformance (DMARC) is the industry standard measure to prevent the spoofing of emails — when hackers make their messages appear as if they come from trusted correspondents, explained DHS Assistant Secretary for Cybersecurity and Communications Jeanette Manfra. “It’s a reasonable action that agencies can take; it’s in line with industry best practices; and it has broad, scalable impact across the whole [online] ecosystem,” Manfra told CyberScoop in an interview, outlining her rationale. “It was one of the first things we started work on” after she was appointed acting assistant secretary earlier this year. Agari, a company […]

The post Why DHS is telling all feds to implement DMARC email security appeared first on Cyberscoop.

Continue reading Why DHS is telling all feds to implement DMARC email security