Category: Security

Yahoo suffers major hack

59cbc5d3dbfa46a01d5469bd0fbdd1e7Troubled search engine Yahoo has confirmed a large-scale data breach in which 500 million accounts were turned over in a state-sponsored hack.

Users’ “names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers” may have all be acquired in the breach.

A spokesYahoo said: “Yahoo believes that information associated with at least 500 million user accounts was stolen and the investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network. Yahoo is working closely with law enforcement on this matter.”

Yahoo said it would notify users who may have been affected and urged those who had not changed their Yahoo passwords since 2014 to do so.

The company also noted that they believed “unprotected passwords, payment card data, or bank account information; payment card data and bank account information” were not compromised in the hack.

Yahoo has previously had several issues with hackers and data breaches.

In 2015, hackers  hijacked Yahoo’s ad network for a week, spreading malware via advertisements to millions of users.

In 2012, users sued Yahoo over a breach in which passwords from 450,000 accounts were stolen.

HP programmed its cartridges to fail

myce-hp-error-message-670x447The maker of expensive printer ink, HP, appears to have programmed all its printers to reject other people’s electronic cartridges  on 13 September.

Thousands of HP printers around the world started to show error messages on the same day, saying that non-HP cartridges were damaged. It called on customers to Remove them and replace them with new cartridges.

On HP’s support forums numerous complaints were posted and Dutch online retailer 123inkt also received a large amount of complaints on that day and decided to investigate the matter.

Looking under the bonnet of their test printers they found a large scale problem with their private label brand cartridges with several HP printers. When they emailed their customers asking them if they wanted to check if their printer also had problems, they received replies from more than 1,000 customers confirming it.

The problem existed in the printer’s firmware although HP claimed it was unaware of the fact. People who complained to HP were told the error was caused by using non-HP cartridges. A day later HP withdrew that statement and explained the problems were a side effect of an firmware update.

But HP didn’t release a firmware update at any date near the 13 September – in fact the last time the printers with problems received a firmware update was March. The firmware has been hanging around since 2015. Also printers with firmware released before March 2016 suffered from the problem and printers without any internet access started to reject non-HP cartridges.

In other words, the problem was not caused by a firmware update and HP programmed a date in its firmware on which non-HP cartridges would no longer be accepted.

On its website 123inkt said: “This problem is not unique. Printer manufacturers regularly release firmware updates which are said to enhance the printer’s performance or address security issues. The (un) intended result, however, is that the use of cheaper private label cartridges is made difficult and / or that error messages are caused. This time the problem was not the result of an update to improve the operation of the printer, but HP apparently programmed a date in its firmware on which the issues should start, the 13 September, 2016.”

US intelligence has not forgiven Snowden

687474703a2f2f696d61676573352e66616e706f702e636f6d2f696d6167652f70686f746f732f32393530303030302f41726961476966732d617269612d6d6f6e74676f6d6572792d32393536333539302d3530302d3238302e676966While there are calls for the whistleblower Edward Snowden to be pardoned, the House intelligence committee yesterday unanimously approved a blistering report on him.

The report claims Snowden’s disclosures of top-secret documents and programmes did “tremendous damage” to national security.

The report by staff members of the House Permanent Select Committee on Intelligence claimed that the great unwashed did not know the truth about Snowden because their version of events was rife with falsehoods, exaggerations, and crucial omission.

Snowden said he would return to the US if he thought he could get a fair trial. But he said federal espionage laws do not recognize a defence of acting in the public interest or as a whistleblower.

The report said that the vast majority of the 1.5 million documents he stole “have nothing to do with programmes impacting individual privacy interests. They instead pertain to military, defense, and intelligence programs of great interest to America’s adversaries.”

His disclosures led Congress to eliminate a programme that allowed the NSA to store the numbers dialled by US telephone customers.

The report said Snowden did not, as he claimed, try to express his concerns about potentially illegal intelligence gathering in a way that would qualify him as a whistleblower.

“The Committee found no evidence that Snowden took any official effort to express concerns about US intelligence activities — legal, moral, or otherwise — to any oversight officials within the U.S. government, despite numerous avenues for him to do so.”

Two weeks before he began to download classified documents at an NSA installation in Hawaii, the report said, he was reprimanded after “engaging in a workplace spat” with managers. And he was repeatedly counselled regarding his behaviour at work, it said.

While he has claimed that statements made by US intelligence official James Clapper at a March 2013 congressional hearing amounted to a “breaking point” for him, the report said Snowden began to download classified documents eight months earlier.

Snowden’s ACLU-provided attorney, Ben Wizner, disputed the report.

“This is a dishonest report that attempts to discredit a genuine American hero, after years of ‘investigation,’ the committee still can’t point to any remotely credible evidence that Snowden’s disclosures caused harm.”

He added, “The truth is that Edward Snowden and the journalists with whom he worked did the job that the House Intelligence Committee was supposed to do: bring meaningful oversight to the US intelligence community. He did so responsibly and carefully, and their efforts have led to historic reforms.”

Katz are on a legal hot tin roof

elon-musk-tesla-109Car maker Tesla is suing an oil executive claiming he tried to impersonate Elon Musk to dig up confidential financial information from the company.

The lawsuit filed in the Superior Court of Santa Clara County, claimed that the chief financial officer for Quest Integrity Group, Todd Katz, emailed Tesla’s chief financial officer using a similar email address to  Musk’s.

Telsa claims he was looking to gain information that wasn’t disclosed in an earnings call with investors.

Quest Integrity Group has ties to BP, Chevron, and ExxonMobil.

Katz apparently used “elontesla@yahoo.com” to send an email to Tesla CFO Jason Wheeler asking about the company’s sales and financial projections.

Tesla’s brief John Hueston said that the point of this action is that this was perceived as an effort to gain inside information, non-public information.

“Although it was caught here, Tesla is worried about this happening in some other form. This could have resulted in highly valuable information being improperly disclosed,” he said.

However one of the key parts of the story is that whoever sent the email actually thought that no one would notice Tesla using a yahoo account.

 

Hackers aim to take out the whole net

Mr Robot A bunch of unidentified hackers is carrying out a campaign to find out how to take down the net, warns a security expert.

Writing in his bog, security expert Bruce Schneier said “precisely calibrated” attacks on key net firms had been seen for over a year and are probing weaknesses in the defences of organisations that oversaw critical parts of the net.

It is possible that the attackers are Chinese or Russian and the range of attacks he described was “the new normal” for many of the organisations.

The attacks are not clever they use DDoS attacks to probe defences, to knock it out by overwhelming it with data. But in this case they were “significantly larger” and lasted longer than most such attacks.

There was also a science involved with the amount of data being directed at victims was slowly turned up. Often, he said, the peak data rate of one series of attacks would be the starting point for the next wave.

The attackers were trying several different types of DDoS attack to see how the companies would respond.

Verisign has backed Schneier’s conclusions. In the latest edition of a regularly issued report, it said it had seen DDoS attacks become “more frequent, persistent and complex”.

Arbor Networks, which helps defend firms against DDoS attacks, said they had been growing in “frequency, volume, and sophistication” for many years.

However Roland Dobbins, principal engineer at Arbor, told the BBC it was “manifestly untrue” that only state-sponsored hackers could mount the most sophisticated and sizeable attacks as  the attacks could be done by anyone.

“Some are nation-state actors, some are affiliated with nation-states at arm’s length, many are non-state ideological actors, and many are commercially driven criminal actors,” Dobbins said.

US arrests CIA hackers

arrestInspector Knacker of the North Carolina Yard has fingered the collar of two men and charged them with hacking into the private email accounts of high-ranking US intelligence officials.

Andrew Otto Boggs, a.k.a. “INCURSIO,” 22, of North Wilkesboro, N.C., and Justin Gray Liverman, a.k.a. “D3F4ULT,” 24, of Morehead City, N.C., will be extradited next week to Alexandria, where federal prosecutors for the Eastern District of Virginia have spent months building a case against a an outfit which dubs itself Crackas With Attitude.

The group included three teenage boys being investigated in the UK.

The group gained access to the private email accounts of CIA ­Director John Brennan and Director of National Intelligence James R. Clapper Jr..

They hacked into the accounts of Mark Giuliano, a former FBI deputy director; Amy Hess, the FBI executive assistant director for science and technology; Gregory Mecher, who is married to White House communications director Jen Psaki; and Harold Rosenbaum, chief executive of CIA contractor Centra Technology.

“Cracka,” one of the British teens, took the lead in hacking the accounts, while Boggs and Liverman encouraged him and used the exposed information to harass the targets.

The “hacks” were based on “social engineering” to gain access to social media, phone and email accounts. For example Cracka gained access to Brennan’s account by posing as a Verizon technician and tricking the company’s tech-support unit into revealing the CIA director’s account number, password and other details.

That information was used to lock Brennan out of his AOL account. Later, he released the form Brennan filled out to obtain his top-secret security clearance, a 47-page document full of personal details.

Cracka gained access to Giuliano’s Comcast account information and began forwarding the official’s mobile number to the Free Palestine Movement.

Liverman allegedly texted threats to Giuliano, calling him a “f—ing boomer” and paid for a campaign of harassing phone calls to Giuliano’s mobile.

Though Giuliano’s accounts he got his paws on some sensitive law enforcement information. A file of on 80 Miami-area officers was found on his computer. Those names and numbers were released online.

Boggs allegedly used the information to post online the prison booking report for Chicago hacker Jeremy Hammond. The work emails and phone numbers for thousands of law enforcement personnel across the country were also posted online.

What was worrying is that Cracka appears to have gotten into the law enforcement database simply by calling an FBI help desk and asking for Giuliano’s password to be reset.

Last year, before his arrest, Cracka told the New York Post that he was motivated by “opposition to U.S. foreign policy and support to Palestine.”

Security expert jailed for 20 days for “political stunt”

jailA security researcher will be jailed for 20 days after hacking two websites belonging to the Florida state elections department.

David Levin, 31, of Estero, Florida was indicted on three hacking-related charges, pleaded guilty after turning himself in, in early May.

Leven is also the owner of Vanguard Cybersecurity. He will serve his prison sentence during the weekends so he can attend law school during the week. He also received two years of probation.

Coppers had no difficulty finding that Leven was the bloke they were after. He posted details of his hack of Lee County Elections Department on You Tube.

Levin recorded the video with Dan Sinclair, a candidate at the time in the local election’s supervisor race, revealing how easily he hacked the Lee County Elections website.

Police searched his home in February and seized his computers as evidence. Levin confessed to police, revealing that, on December 19, 2015, he illegally accessed the Lee County Elections website, and then on January 4 and 31, 2016, he gained access to the Department the State Elections website as well.

The cyber-security expert says he forwarded a report to the Florida Department of Elections about the issues he discovered in their websites.

Police charged Levin regardless because he didn’t ask for permission before performing the hacks. L

Levin also used credentials he found on one of the websites to access the account of then current Supervisor of Elections, Sharon Harrington.

In court, Levin described the whole incident as a “political stunt.” Sinclair, the person with whom Levin appears in the video detailing the hack, lost the election which made it all pointless.

Intel spins off McAfee

ElderlyspinneraIntel has admitted that its $8 billion acquisition of security outfit McAfee never quite worked out and is spinning the business off.

Under the deal Intel will collect $3.1 billion in cash and retain a 49 percent ownership stake of McAfee. Meanwhile TPG will own 51 percent of the new company.

TPG will make a $1.1 billion equity investment in McAfee, which will also take on $2 billion of debt. The deal is expected to close in the second quarter of 2017, Intel said.

Analysts and investors have favoured disposing of the business. It sort of made sense in the days when the PC did well but it did not add much to Intel’s chip sales and now the PC is less important it was better off somewhere else.

It does make money. The unit reported $1.1 billion of revenue in the first half of the year, up 11 per cent  from the same period of 2015, and operating income of $182 million, a 391 per cent jump.

Chris Young will be CEO of the new company. He said as standalone company supported by these two partners, we will be in an even greater position of strength, committed to being the best provider the cybersecurity industry has ever seen.

Intel said it still plans to collaborate with McAfee to add security features across its product lines.

Dusting off the McAfee name explains why Intel was not so keen to give the brand back to its colourful founder, John McAfee earlier this week.

 

 

New Snowden leak shows British and US cooperation

snooperNew leaks from whistle-blower Edward Snowden have lifted the lid on the UK’s use of US intelligence spy techniques.

According to the Intercept the UK’s Menwith Hill base is being used by the US NSA to aid “a significant number of capture-kill operations” across the Middle East and North Africa.

These ops are arranged thanks to powerful eavesdropping technology that can harvest data from more than 300 million emails and phone calls a day.

NSA has pioneered new spying programmes at Menwith Hill to pinpoint the locations of suspected terrorists accessing the internet in remote parts of the world. GHOSTHUNTER and GHOSTWOLF programmes have supported conventional British and American military operations in Iraq and Afghanistan.

However, they also were used for covert missions in countries where the US has not declared war. NSA employees at Menwith Hill collaborated on a project to help “eliminate” terrorism targets in Yemen.

The documents raise the question about British complicity in US drone strikes and other targeted killing missions. There are some suggestions that some of these attacks violated international laws or constituted war crimes.

 

Warner Bros names itself as a pirate

Captain_Hook_(Hook)Dumb-arse legal enforcers working for Warner Bros ordered a takedown of studio’s own site on Google claiming it was a pirate site.

Vobile, a company that files hundreds of thousands of takedown requests every month asked the search giant to remove links to legitimate movie streaming websites run by Amazon and Sky, as well as the film database IMDB.

According to Torrent Freak Vobile had made some “glaring errors” including asking Google to remove links to the official websites for films such as Batman: The Dark Knight and The Matrix. Licensed online movie portals such as Amazon and Sky Cinema were also reported for copyright infringement.

 Companies such as Vobile typically work on behalf of major film studios, reporting illegally uploaded copies of movies and television programmes.

Google’s transparency report says Vobile has submitted more than 13 million links for removal. Most of this is done automatically and the links are never checked. For some reason Vobile does not white-list obvious sites like warnerbros.com and amazon.com – but apparently.

Fortunately for Warner Brothers Google decided not to remove links to Amazon, IMDB and Sky Cinema from its results. It would have been amusing if it had done what it was told, or that Vobile threatens to sue over its actions.