March 13, 2013 in News by Admin
Hackers Post ‘Private Data’ of Michelle Obama, FBI Head
By AFP on March 12, 2013
WASHINGTON – US authorities were investigating Tuesday after hackers posted personal financial data belonging to First Lady Michelle Obama, the head of the FBI and several A-list celebrities online.
Hackers using a Russian web address published the credit reports and social security numbers for Obama, Federal Bureau of Investigation Director Robert Mueller, US Attorney General Eric Holder, and Los Angeles Police Chief Charles Beck.
They also posted social security numbers and other personal information relating to Vice President Joe Biden and former first lady and secretary of state Hillary Clinton.
Entertainment stars Beyonce and husband Jay-Z, Paris Hilton, Kim Kardashian and Britney Spears also saw details leaked, as did tycoon Donald Trump, former Alaska governor Sarah Palin and bodybuilder-turned-actor and former California governor Arnold Schwarzenegger.
The three leading personal credit-rating agencies acknowledged the files were accessed illegally, but said it was done through other firms by someone using the personal data of the victims, and not by hacking their own computers.
“This looks to be an isolated situation in which criminals accessed personal credential information through various outside sources, which provided them with sufficient information to illegally access a limited number of individual reports from some US credit reporting agencies,” said Experian.
“Upon learning of the situation, we took immediate action to freeze the credit files of those victimized by this malicious attack in an effort to minimize impact to those individuals.”
Transunion, the source of Michelle Obama’s credit report, said its own systems “were not hacked or compromised in any way.”
The perpetrators “had considerable amounts of information about the victims, including social security numbers and other sensitive, personal identifying information that enabled them to successfully impersonate the victims over the Internet,” it said.
The data also came from two others services, Equifax and CreditKarma.
The US Secret Service, which protects the president and his family, and the Federal Bureau of Investigation both said they were investigating the matter.
FBI spokeswoman Jennifer Shearer said she could not provide any details on the probe or confirm the identities of the victims.
Although they are supposed to be restricted, financial companies vetting individuals for loans and credit cards have easy access to the records.
Individuals can also obtain their own credit records online.
It was not clear who posted the records. The data was placed on a website with a web address with the “.su” root indicating the Soviet Union — an address still controlled by Russia.
The website led with a quote from the US cable television series “Dexter” about a policeman-turned-serial killer: “If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve.”
January 5, 2013 in News by Admin
Now That The World Didn’t End, What’s Next for IT Security in 2013?
By Dr. Mike Lloyd PhD on January 04, 2013 on SecurityWeek
2012 was an interesting year in security – lots of publicity around breaches, leading to greater awareness than we’ve seen in years. This new attention is now encouraging many in the Federal sector to look into our corner of IT. Inside the beltway, all things Cyber were hot items – even in times of shrinking budgets, it’s hard to eliminate spending on security when we can see mounting evidence that:
1. Nation state actors (ourselves included) are turning to cyber weaponry for “diplomacy by other means”
2. Our own defenses are seriously weak – I’ve written previously about the drum-beat of reporting on breach after successful breach
It makes for an interesting setup for 2013. In the current context, any prognostication depends on one key question: who will work most effectively on defensive readiness – the Federal government, or the private sector?
For many business people, the question almost sounds farcical – it’s an article of faith that government can never be more effective than private enterprise. But people who really internalize what “risk management” means can see there’s a problem here. A CEO of a business has to ask “what level of risk is acceptable?” We can no longer flippantly assume all IT risks can be eliminated; failures of defenses at major and well-funded corporations show what we’re up against. Putting the “acceptable risk” question in terms of shareholder value, and quarter-by-quarter pressure to perform, makes it clear that we expect our CEOs to think like racing drivers. No team wants their driver to crash, but the driver who minimizes risk loses races. The pressure is on to take as MUCH risk as you can tolerate, because reducing risk costs money. If your competitors spend less than you, and we all make it through the year, then they will have done better, and frankly put, your peer CEO’s will make more money than you do. What’s a CEO to do?
Many business questions can be interesting, but don’t really have to be answered – we can let the market sort it all out (or so the theory goes). But in our environment, some of our most critical infrastructure is run under this “racing driver” pressure. Energy company CEO’s and heads of Wall Street firms are just as vulnerable to the tradeoff, where maximum personal income comes from spending as LITTLE on security as you can get away with.
This is why the question of Federal regulation is so essential as we look at security events of 2012 and try to look forward into 2013. The government attempted to answer this question last year, with the failed Cybersecurity Act of 2012.
So what will happen in 2013?
1. No New Legislation
Leading off, I do NOT think we will see a successful attempt to pass a new Cybersecurity Act, or an executive order to the same effect. (Presidential Policy Directive 20 already got into this space, although more from an offensive or policing aspect than a defensive one.) As the dust settles from the 2012 US elections, it doesn’t seem there’s legislative will, or sufficient numbers, to push the issue through.
2. The Year of Continuous Monitoring
Having started with a negative prediction – no new law – I want to make clear that I don’t think this does anything to derail the train that’s already moving at speed down the tracks. It goes by the name continuous monitoring, and like a good steam train, there’s more than enough momentum there to cause changes throughout the year. Today, continuous monitoring is primarily a US, and specifically Federal, set of requirements for how to make sure all the money we’ve spent on defensive technologies is actually doing something. It’s not just a good idea; it’s the law – specifically, FISMA, an act from 2002. Hey, I said the Federal government was highly significant in this arena, not that they are quick. Ten years on, we’ve seen mountains of paperwork, producing little benefit. Continuous monitoring is the battle cry of those leading the charge to turn FISMA into a successful program of actual defensive gains, and they are winning hearts and minds.
3. FISMA Beyond the Beltway
Continuous monitoring isn’t just a theme of the New Year for Federal workers. During 2013, the mandates will increasingly be applied to those who do business with the US Federal government – which, in the US, is very roughly everybody. Indeed, I’m willing to suggest that during 2013, commercial security teams will voluntarily pick up continuous monitoring as a way to defend their budget and drive some much-needed change in the risk assessment used in “racing car driver” organizations
4. Cross-over Weaponry
So far, I’ve emphasized deliberate interactions between private and public security efforts. However, it seems likely that when we summarize 2013 next December, we’ll look back on some unwelcome public/private crossovers, specifically in the form of malware re-use. During 2012, a succession of attacks with the hallmarks of nation state actors or national spy networks took place. These attacks got a lot of press when they are “zero day” (indeed, the hype curve around zero day exploits still won’t peek during 2013, but I expect it’ll be close and audience fatigue won’t be far off). But there’s abundant evidence that you don’t need “zero day” attacks to hit most commercial enterprises – good, old-fashioned time-worn attacks work just fine, and are much cheaper.
So let’s assume I’m right about prediction three – that companies will (voluntarily or otherwise) get better at defense. Now what’s the next step up for attackers? Build their own malware? Of course not – that’s far too much effort. Far easier to pick up and re-use the code from sophisticated attacks. Today, there’s a degree of difference between the tools used by nation states and criminals, but during 2013, I predict that will erode – we’ll see the rise of cross-over weaponry. After all, it’s not hard to copy an effective executable, as we’ve seen for years in this business. The trick, as we move into 2013, is the increasingly public behavior of a new kind of supplier – nation state intelligence “factories,” whose weapons are a lot easier to clone than kinetic domain armaments.
So those are my predictions for 2013. Do I sound pessimistic? I hope not. I do expect some spectacular breach reports, and highly news-worthy breaches. But for all that, I believe that in this arms race, the defenders are making great strides, adopting automation, and identifying and fixing weaknesses faster than ever. Defensive success is a lot less news-worthy, but done right, it does quietly build careers and lead to both greater attack readiness and greater demonstrability of solid controls.
October 20, 2012 in News by Admin
Saudi Insider Likely Key to Aramco Cyber-Attack
By Richard Sale via IPS, WASHINGTON, Oct 19 2012 (IPS)
Last weekend’s disclosure that Iranian cyber warriors had disabled some 30,000 computers owned by the Saudi oil giant Aramco is attracting considerable attention here, particularly in light of a warning last week by Pentagon chief Leon Panetta that Washington could face a “cyber-Pearl Harbor”.
The alleged Iranian hand behind the attack, first reported Saturday by the Wall Street Journal, was described as one of several forays by the increasingly sophisticated “Iran’s Cyber Army” whose existence first surfaced in 2009, according to experts here.
One key element of the Aramco attack, however, has not yet been reported. Two former senior CIA officials told IPS that it appears to have been carried out with the help of personnel inside Aramco. They said that the Saudi regime has been detaining and questioning staff with access to the affected work stations.
The fact that the work stations were not connected to the Internet lends credence to reports that the attack was facilitated by a Saudi Aramco employee.
“The attackers knew what they were doing, and it is clear they had inside knowledge. They had people inside that could move about,” according to one of the sources who asked not to be named.
Both said that one or more operators were involved.
Saudi Aramco has hired at least six firms with expertise in computer hacking, as well as outside experts, to repair the computers and to try and identify the perpetrators, according to the former CIA officials.
The virus is being called “Shamoon” after a word in its code, according to New York Times technology blogger Nicole Perlroth, who wrote in late August that key data on three-quarters of the company’s office computers were overwritten and replaced with the image of a burning U.S. flag, an account confirmed by U.S. officials here.
U.S. intelligence sources stressed that the damage was limited to those computers. Software used for the company’s massive technical operations, including pumping operations, remained untouched.
The attack is believed to have been fueled in part by sectarian, as well as political differences.
Richard Stiennon at IT-Harvest, a company that tracks evolving cyber threats, told IPS in an interview that Iranian-trained hackers probably launched the attack “in deep wrath” at the long-time mistreatment of the Shiites in Saudi Arabia’s Eastern province where most of Aramco’s operations are based.
Unrest among the Shia Muslims in the region has increased sharply since Riyadh sent troops into Bahrain 18 months ago as part of a crackdown by that sheikhdom’s Sunni monarchy against the Shiite majority and other opposition forces.
Syria’s civil war – which pits the Iranian-backed Alawite-led government of President Bashar Al-Assad against a mainly Sunni insurgency supported by Saudi Arabia, Qatar and Turkey – has also stoked sectarian tensions around the region. An offshoot of Shi’a Islam, Alawites are considered heretics by conservative Sunnis who dominate the Saudi kingdom.
Saudi Arabia also provided support to Sunni tribes in Iraq after a predominantly Shi’ite government took power there following the 2003 U.S. invasion.
The attack on Aramco, as well as an August attack against a Qatari natural gas company – now being attributed to Iran – are also seen as retaliation for the Stuxnet virus that was reportedly developed jointly by the U.S. and Israel as part of a larger effort designed to disrupt Iran’s nuclear programme. Stuxnet destroyed up to 1,000 centrifuges at the Natanz enrichment facility.
Recent cyber-attacks on major U.S. bank websites have also been blamed on Iran, whose economy has been sent into a tailspin in major part due to the effectiveness of far-reaching U.S. and European economic sanctions that are also designed to curb Iran’s nuclear programme.
A small group of hackers, numbering about 100 operatives and calling themselves “The Cutting Sword of Justice”, claimed responsibility for the attack. Reports of similar attacks on other oil and gas firms in the Middle East, including in neighbouring Qatar, suggest that Iran is positioning itself as a regional cyber power.
Iran’s Cyber Army (ICA) began as a group within the Iranian military, according to Paulo Shakarian, an expert at the West Point Military Academy and co-author with Andrew Ruef of a book called “Introduction to Cyber Warfare: A Multidisciplinary Approach”. Shakarian said the ICA uses equipment and tactics far less potent than more advanced cyber powers, including the U.S., Israel, Russia and China, but the group is fast learning more effective tactics.
If the alleged Iranian hackers used one or more insiders to launch the Shamoon virus, they might have been inspired by perhaps their most determined enemies.
The Stuxnet virus that damaged Iran’s nuclear programme was allegedly implanted by an Israeli proxy – an Iranian, who used a corrupt “memory stick.32?, former and serving U.S. intelligence officials said. They said using a person on the ground would greatly increase the probability of computer infection, as opposed to passively waiting for the software to spread through the computer facility.
“Iranian double agents” would have helped to target the most vulnerable spots in the system, one source said.
According to James Lewis, a cyber expert at the Center for International and Strategic Studies (CSIS), here, “The memory stick is the perfect tool. It can be left behind in a men’s room or left in a parking lot, and someone will at last plug it in and set the virus running. It’s human nature.”
“It’s basically a kind of low-grade cyber war,” said Vincent Cannistraro, former head of the CIA’s Counter-Terrorism office.
Israel has allegedly used cruder methods than Stuxnet to attack Iran’s nuclear programme, including the assassination of several scientists associated with it.
A senior State Department official said last month that such attacks were considered “terrorism” by Washington, which denounced the killing last January of a deputy director of the Natanz facility in unusually vehement terms. The same official insisted that the U.S. had no information as to who was behind the assassination, however.
Former and senior U.S. intelligence officials believe Israel has used recruits from the Mujahedeen-e-Khalq (MEK) for the assassinations.
“The MEK is being used as the assassination arm of Israel’s Mossad intelligence service,” said Cannistraro. He said the MEK is in charge of executing “the motorcycle attacks on Iranian targets chosen by Israel. They go to Israel for training, and Israel pays them.”
In his remarks last week, Panetta did charge Iran with responsibility for the attacks on Aramco, but he described them as “probably the most destructive attack that the private sector has seen to date.”
After the existence of Stuxnet was disclosed in June 2010, many international legal and exports noted that it would likely set an unfortunate precedent that could blow back against its creators.
*Richard Sale is author of the 2009 book, ‘Clinton’s Secret Wars: The Evolution of a Commander in Chief”.
http://www.ipsnews.net/2012/10/saudi-insider-likely-key-to-aramco-cyber-attack/
October 20, 2012 in News by Admin
HSBC is Latest Target in Cyber Attack Spree
By Adam Samson , Published October 19, 2012 FOXBusiness
HSBC (HBC) experienced widespread disruptions to several of its websites Thursday, becoming one of the highest-profile victims yet in a series of attacks by a group claiming to be allied with Islamic terrorism.
“HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world,” the London-based banking giant said in a statement. “This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking.”
HSBC said it had the situation under control in the early morning hours of Friday London time.
The Izz ad-Din al-Qassam Cyber Fighters took responsibility for the attack that at points crippled users’ access to hsbc.com and other HSBC-owned properties on the Web. The group, which has also disrupted the websites of scores of other banks including J.P. Morgan Chase (JPM) and Bank of America (BAC), said the attacks will continue until the anti-Islamic ‘Innocence of Muslims’ film trailer is removed from the Internet.
In this case, a group claiming to be aligned with the loosely-defined brigade of hackers called Anonymous also took responsibility. However, a source in the computer security field who has been monitoring the attacks told FOX Business “the technique and systems used against HSBC were the same as the other banks.” However, the person who requested anonymity noted that Anonymous “may have joined in, but the damage was done by” al-Qassam.
The people behind al-Qassam have yet to be unmasked. Several published reports citing unnamed U.S. officials have pointed to Iran as a potential culprit, but multiple security researchers have told FOX Business the attacks don’t show the hallmarks of an attack from that country.
There is a consensus, however, that the group is likely using a fairly sophisticated type of denial-of-service attack. Essentially, al-Qassam has leveraged exploits in Web server software to take servers over and then use them as weapons. Once they are taken over, they slam the Web servers hosting bank websites with a deluge of requests, making access either very slow or completely impossible. Servers have an especially high level of connectivity to the Internet, giving al-Qassam more horsepower with fewer machines.
Here’s a look at the banks that have been targeted over the past two weeks:
| Week of October 8 | |
| Tuesday | Capital One (COF) |
| Wednesday | SunTrust (STI) |
| Thursday | Regions Financial (RF) |
| Week of October 15 | |
| Tuesday | Capital One |
| Wednesday | BB&T (BBT) |
| Thursday | HSBC (HBC) |
September 8, 2012 in News by Admin
Insiders suspected in Saudi cyber attack
By Jim Finkle via Reuters
One or more insiders with high-level access are suspected of assisting the hackers who damaged some 30,000 computers at Saudi Arabia’s national oil company last month, sources familiar with the company’s investigation say.
The attack using a computer virus known as Shamoon against Saudi Aramco – the world’s biggest oil company – is one of the most destructive cyber strikes conducted against a single business.
Shamoon spread through the company’s network and wiped computers’ hard drives clean. Saudi Aramco says damage was limited to office computers and did not affect systems software that might hurt technical operations.
The hackers’ apparent access to a mole, willing to take personal risk to help, is an extraordinary development in a country where open dissent is banned.
“It was someone who had inside knowledge and inside privileges within the company,” said a source familiar with the ongoing forensic examination.
Hackers from a group called “The Cutting Sword of Justice” claimed responsibility for the attack. They say the computer virus gave them access to documents from Aramco’s computers, and have threatened to release secrets. No documents have so far been published.
Reports of similar attacks on other oil and gas firms in the Middle East, including in neighboring Qatar, suggest there may be similar activity elsewhere in the region, although the attacks have not been linked.
Saudi Aramco declined to comment. “Saudi Aramco doesn’t comment on rumors and conjectures amidst an ongoing probe,” it said.
The hacking group that claimed responsibility for the attack described its motives as political.
In a posting on an online bulletin board the day the files were wiped, the group said Saudi Aramco was the main source of income for the Saudi government, which it blamed for “crimes and atrocities” in several countries, including Syria and Bahrain.
The Saudi interior ministry did not respond to requests for comment. The foreign ministry was not available for comment.
Saudi Arabia sent troops into Bahrain last year to back the Gulf state’s rulers, fellow Sunni Muslims, against Shi’ite-led protesters. Riyadh is also sympathetic to mainly Sunni rebels in Syria.
Saudi Arabia’s economy is heavily dependent on oil. Oil export revenues have accounted for 80-90 percent of total Saudi revenues and above 40 percent of the country’s gross domestic product, according to U.S. data.
DESTRUCTIVE
Saudi Aramco, which supplies about a tenth of the world’s oil, has hired at least six firms with expertise in hacking attacks, bringing in dozens of outside experts to investigate the attack and repair computers, the sources say.
According to analysis of Shamoon by computer security firm Symantec, the way the virus gets into networks may vary, but once inside it tries to infect every computer in the local area network before erasing files to render PCs useless.
“We don’t normally see threats that are so destructive,” Liam O Murchu, who helped lead Symantec’s research into the virus, said. “It’s probably been 10 years since we saw something so destructive.”
The state-run oil company – whose 260 billion barrels of crude oil alone would value it at over 8 trillion dollars, or 14 times the market value of Apple Inc. – was well protected against break-in attempts over the Internet, according to people familiar with its network operations.
Yet those sources say such protections could not prevent an attack by an insider with high-level access.
It is unusual for insiders to be fingered in cyber attacks. Verizon Business, which publishes the most comprehensive annual survey of data breaches, said that insiders were implicated in just 4 percent of cases last year.
The hackers behind the Shamoon attack siphoned off data from a relatively small number of computers, delivering it to a remote server, the sources said. They later threatened to release that information.
Because the virus wiped the hard drives, it is difficult for Saudi Aramco to determine exactly what information the hackers obtained.
An email address and password, which the poster claimed belonged to Aramco CEO Khalid Al-Falih, was posted on a website often used by hackers to show off their achievements, this time signed by the “Angry Internet Lovers”. No sensitive Aramco files have been uploaded on that site.
Sources who spoke to Reuters said they were not aware whether the hackers had made specific demands, what they might have been or whether they were met.
The sources would not say whether the suspected mole or moles are Saudi Aramco employees or outside contractors, or whether they accessed a workstation inside Saudi Aramco’s offices or accessed the network remotely.
The Saudi interior ministry was unavailable to comment on whether anyone has been arrested as part of the investigation.
VIRUS TARGETS PCS
The Shamoon virus is designed to attack ordinary business computers. It does not belong to the category of sophisticated cyber warfare tools – like the Stuxnet virus that attacked Iran’s nuclear program in 2010 – which target industrial control systems and can paralyze critical infrastructure.
“Based on initial reporting and analysis of the malware, no evidence exists that Shamoon specifically targets industrial control systems components or U.S. government agencies,” the Department of Homeland Security’s United States Computer Emergency Readiness Team said in an August 29 advisory.
Saudi Aramco has said that only office PCs running Microsoft Windows were damaged. Its oil exploration, production, export, sales and database systems all remained intact as they ran on isolated and heavily protected systems.
“All our core operations continued smoothly,” CEO Khalid Al-Falih told Saudi government and business officials at a security workshop on Wednesday.
“Not a single drop of oil was lost. No critical service or business transaction was directly impacted by the virus.”
It is standard industry practice to shield plant operating networks from hackers by running them on separate operating systems that are protected from the Internet.
Qatar’s natural gas firm Rasgas was also hit by a cyber attack last week, although it has not said how much damage was caused or whether Shamoon was the virus involved. Qatar, also a Sunni Gulf kingdom, has similar foes to Saudi Arabia.
Its parent firm Qatar Petroleum, which also owns Qatar’s other main natural gas firm Qatargas, said it was unaffected but implied that other companies had been hit.
“Qatar Petroleum has not been affected by the computer virus that hit several oil and gas firms. All QP operations are continuing as normal,” it said in an official tweet on Monday.
(Additional reporting by Daniel Fineren and Humeyra Pamuk in Dubai; Editing by Peter Graff and Janet McBride)
http://www.reuters.com/article/2012/09/07/net-us-saudi-aramco-hack-idUSBRE8860CR20120907
August 27, 2012 in News by Admin
Connecting the Dots After Cyberattack on Saudi Aramco
By NICOLE PERLROTH via BITS, NY Times
Publicly released details of a cyberattack on Saudi Aramco, the world’s largest oil producer, appear to confirm reports that critical data on three-quarters of the company’s PCs was replaced with the image of a burning American flag.
In a statement on Sunday, Khalid al-Falih, Aramco’s chief executive, said Aramco had restored its main internal network services after they were “impacted on Aug. 15, 2012, by a malicious virus that originated from external sources and affected about 30,000 workstations.”
That seemed to confirm a version of events put forth by the hackers who had claimed responsibility for the attack. The hackers, who called themselves Cutting Sword of Justice, said that they had slipped a malicious virus into Saudi Aramco on Aug. 15 that destroyed 30,000 computers.
To support their claim, they posted blocks of what they claimed were the infected I.P. addresses to Pastebin, a Web site often used by hackers to post data from such attacks. The group said it had attacked the government-owned oil company in retribution for what it said was the Saudi government’s support for “oppressive measures” in the Middle East.
The attack was the first significant use of malware by so-called hacktivists — hackers who attack for political reasons rather than for profit. Hacktivist groups like LulzSec and Anonymous typically recruit volunteers to flood a Web site with traffic until it goes offline. In this case, hackers used a malicious virus that was intended to inflict more harm.
Security researchers at Symantec, the computer security firm, said that hours after the attack, they received a sample of the virus they believe was responsible. The virus, named Shamoon after a word in its code, was designed to overwrite critical files with an image of a burning American flag. The researchers discovered instructions in Shamoon’s code, what is known as a “kill timer,” to attack at 4:08 a.m. on Aug. 15 — the same time hackers said they had destroyed Saudi Aramco’s computers.
Symantec’s researchers said that they had received the sample of malware from an outside security researcher who discovered it on a computer “in the Middle East.” They declined to identify that researcher or specify the country or organization where the virus was found. But Vikram Thakur, a senior researcher with Symantec’s response team, said it was “extremely likely” that Shamoon was used in the attack on Saudi Aramco.
Shamoon tells compromised computers to report their infection back to one I.P. address. That I.P. address, Symantec’s researchers say, belongs to a computer in the same network as other compromised computers but not connected to the Internet. They said it was unclear how that computer had been initially infected. The fact that it was not connected to the Internet lends credence to reports that the attack may have been facilitated by a Saudi Aramco employee.
Mr. al-Falih acknowledged that the company had been attacked before.
“Saudi Aramco is not the only company that became a target for such attempts, and this was not the first nor will it be the last illegal attempt to intrude into our systems,” he said. “We will ensure that we will further reinforce our systems with all available means to protect against a recurrence of this type of cyberattack.”
http://bits.blogs.nytimes.com/2012/08/27/connecting-the-dots-after-cyberattack-on-saudi-aramco/
June 7, 2012 in News by Admin
‘I wish I was dead’: Leaked LinkedIn passwords show that not EVERYONE is in love with their job
Many of the 6.5 million passwords dumped on a Russian cybercrime forum from work-oriented social network LinkedIn reveal that not EVERYONE is entirely happy at work.
Examples include ‘hopeless,’ ‘killmenow’, ‘iwishiwasdead’, and ‘hatemyjob’.
The 150-million-strong social network is unlike rivals such as Facebook and Twitter in that it is built entirely around work connections – and many are clearly less than happy with how their career is progressing.
June 6, 2012 in News by Admin
Russian hacker leaks 6.5million LinkedIn account passwords on cybercrime forum
Around six million users of the social networking site LinkedIn have had their passwords stolen, according to technology experts. The website, popular with businessmen and women, has confirmed that it was hacked after a file containing 6.5million encrypted passwords was published on a Russian hackers’ web forum.
Experts are now advising users to change their passwords on LinkedIn and other websites for which they use the same password.
Read more: http://www.dailymail.co.uk/sciencetech/article-2155368/LinkedIn-passwords-leaked-Russian-hacker-puts-6-5m-account-details-cybercrime-forum.html#ixzz1xB7EsfLp
March 25, 2012 in News by Admin
Facebook: Don’t reveal your password to snooping employers
As more companies ask workers for access to their Facebook accounts, the social network says that sharing or soliciting a password is a violation of its own guidelines.
Has an employer or potential employer ever requested access to your Facebook account? If so, Facebook itself advises you to just say no.
Responding to growing complaints from employees over the practice, Facebook made its own position quite clear in a post published today. Noting an increase in the number of such requests from employers, the social network said they undermine both the security and the privacy of the user and the user’s friends.
And the practice can put employers themselves at risk.
Companies making such requests may not have the right policies or training in place to deal with private information, according to Facebook. Further, companies might be held liable if the information they find proves problematic, such as a post that “suggests the commission of a crime.”
Employers could face other thorny legal issues, noted Facebook. “For example, if an employer sees on Facebook that someone is a member of a protected group (e.g. over a certain age, etc.) that employer may open themselves up to claims of discrimination if they don’t hire that person.”
Given the rise of these requests and the resulting concerns, Facebook is pointing to certain guidelines on its end.
“As a user, you shouldn’t be forced to share your private information and communications just to get a job,” Facebook said in its post. “And as the friend of a user, you shouldn’t have to worry that your private information or communications will be revealed to someone you don’t know and didn’t intend to share with just because that user is looking for a job. That’s why we’ve made it a violation of Facebook’s Statement of Rights and Responsibilities to share or solicit a Facebook password.”
Of course, some employers aren’t likely to care about violating Facebook’s guidelines, which don’t carry any legal weight. So the company is also promising to work with lawmakers and even take legal action to protect the accounts and privacy of its users.
Facebook’s strong stance on this issue is certainly welcome. The social network often finds itself on the receiving end of complaints that it doesn’t respect or protect the privacy of its users.
But the trend of companies asking an employee or job applicant for their Facebook account has touched a nerve.
One recent report detailed job applicants for Maryland’s Division of Corrections being asked to log into their Facebook accounts during the interview and showing the interviewer all of the posts, friends, and other “private” information.
The controversy has even reached beyond the corporate world into the classroom. A 12-year-old girl has launched a lawsuit against her school for pressuring her to reveal her Facebook password.
And, of course, lawmakers are now getting into the act. Sen. Richard Blumenthal, a Democrat from Connecticut, is gearing up a bill that would prevent employers from asking for a job applicant’s password on Facebook and other social networks. The senator told the Associated Press yesterday that such a practice is an “unreasonable invasion of privacy for people seeking work.”
February 7, 2012 in News by Admin
US-CERT Paper on Cyber Threats to Mobile Devices
Back in 2010 US-CERT has issued Technical Information Paper-TIP-10-105-01 on Cyber Threats to Mobile Devices.
Although this document is not new, we recommend organizations and individuals who rely their daily activities on mobile devices to read this document.
Below is the overview:
Today’s advanced mobile devices are well integrated with the Internet and have far more
functionality than mobile phones of the past. They are increasingly used in the same way
as personal computers (PCs), potentially making them susceptible to similar threats
affecting PCs connected to the Internet. Since mobile devices can contain vast amounts
of sensitive and personal information, they are attractive targets that provide unique
opportunities for criminals intent on exploiting them. Both individuals and society as a
whole can suffer serious consequences if these devices are compromised. This paper
introduces emerging threats likely to have a significant impact on mobile devices and
their users.
Full document is downloadable via this link http://www.us-cert.gov/reading_room/TIP10-105-01.pdf
Search the site
Security Breaking News
- Vuln: Linux Kernel CVE-2013-2094 Local Privilege Escalation Vulnerability
- Vuln: OpenStack Keystone Tokens Validation Security Bypass Vulnerability
- Vuln: RETIRED: ownCloud Multiple Security Vulnerabilities
- Vuln: OpenStack Compute (Nova) CVE-2013-2096 Denial of Service Vulnerability
- Bugtraq: CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!
- Bugtraq: [slackware-security] ruby (SSA:2013-136-02)
- Bugtraq: [slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01)