nastiest-of-all-ransomware-mamba-encrypts-entire-hard-drive-3Ransomware is indeed a growing threat for anything that is connected to the Internet but what Brazil-based security firm Morphus Labs has discovered has surpassed all previous discoveries in this domain. Yes, the IT security researchers at Morphus Labs have discovered a ransomware malware that’s not only locking up victims’ files but also encrypting their hard drives. Mamba ransomware is attacking computer around the globe; it is a Windows-based ransomware that was discovered to be infecting computers in Brazil, India and the United States.

Read more at
https://www.hackread.com/mamba-ransomware-encrypts-hard-drive/

openssl-ddos-attackThe OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks. OpenSSL is a widely used open-source cryptographic library that provides encrypted Internet connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the majority of websites, as well as other secure services. The vulnerabilities exist in OpenSSL versions 1.0.1, 1.0.2 and 1.1.0 and patched in OpenSSL versions 1.1.0a, 1.0.2i and 1.0.1u. The Critical-rated bug (CVE-2016-6304) can be exploited by sending a large OCSP Status Request extension on the targeted server during connection negotiations, which causes memory exhaustion to launch DoS attacks, the OpenSSL Project said.

Read more at
http://thehackernews.com/2016/09/openssl-dos-attack.html

nsa-hacking-tool-exploitsIf you are a hacker, you might have enjoyed the NSA’s private zero-day exploits, malware and hacking tools that were leaked last month. But the question is: How these hacking tools ended up into the hands of hackers? It has been found that the NSA itself was not directly hacked, but a former NSA employee carelessly left those hacking tools on a remote server three years ago after an operation and a group of Russian hackers found them, sources close to the investigation told Reuters. The leaked hacking tools, which enable hackers to exploit vulnerabilities in systems from big vendors like Cisco Systems, Juniper, and Fortinet, were dumped publicly online by the group calling itself “The Shadow Brokers.”

Read more at
http://thehackernews.com/2016/09/nsa-hacking-tool-exploits.html

malware-usb-driveAustralia’s Victoria Police Force has issued a warning regarding unmarked USB flash drives containing harmful malware being dropped inside random people’s letterboxes in the Melbourne suburb of Pakenham. It seems to one of the latest tactics of cyber criminals to target people by dropping malware-laden USB sticks into their mailboxes, in the hope unsuspecting users will plug the infected devices into their personal or home computers. The warning, published on the official website of the Victoria Police, one of Australia’s state police departments, reads: “Members of the public are allegedly finding unmarked USB drives in their letterboxes. Upon inserting the USB drives into their computers victims have experienced fraudulent media streaming service offers, as well as other serious issues [malware]. The USB drives are believed to be extremely harmful and members of the public are urged to avoid plugging them into their computers or other devices.”The warning comes after a recent flood of reports from residents in the suburb of Pakenham who found compromised unmarked drives in their mailboxes and inserted them into their computers.

Read more at
http://thehackernews.com/2016/09/usb-malware.html

 

gchqThe Government Communications Headquarters (GCHQ), the UK’s secretive signals intelligence agency, is developing ‘automated defence’ tools – already dubbed the ‘Great British Firewall’ – to help combat a spike in cyberattacks over the past year. The scheme, which is still in the early planning stages, would see major UK service providers working alongside GCHQ in a voluntary capacity to help filter malicious website domains that could potentially be used by hackers or state-sponsored rivals to infect computer systems. The main base for the operation is likely to be the agency’s upcoming National Cyber Security Centre (NCSC), set to launch later this year, which will bring together experts from MI5, Cert, local law enforcement and private industry to help fight the threat of hacking. “We know automated defences work on the internet,” Ciaran Martin, GCHQ’s director-general for cyber security, said during a conference in Washington DC on 13 September.

Read more at
http://www.ibtimes.co.uk/gchq-plans-great-british-firewall-protect-uk-against-hackers-1581299

edward-snowden-nsaA former National Security Agency (NSA) intelligence analyst has hit out at agency whistleblower Edward Snowden for urging US president Barack Obama to grant him a presidential pardon on the grounds his infamous disclosures were beneficial to the public. Snowden, who currently resides in Russia under asylum after handing over one million secret NSA documents to journalists, previously said that he would return home to the US if he could be guaranteed a fair trial – an option that seems unlikely under the current administration.

Read more at
http://www.ibtimes.co.uk/former-nsa-intelligence-analyst-snowden-pardon-request-height-absurdity-1581366

email-is-not-privateThis “post-Sony attack” tweet from Olivia Nuzzi of The Daily Beast should have been framed and hung as motivational artwork on every office wall. Instead, a year and a half and numerous publicized email hacks later, it stands to remind us that people will continue to get caught with their pants down because they refuse to accept two simple certainties: Email is forever; and forever is a long time to keep anything truly secure. With more recent hacks on entities like the Democratic National Convention (DNC) and the State Department what’s particularly frustrating—beyond the hacks themselves, which are almost foregone conclusions in today’s connected world—is that people continue to send inappropriate emails. Why does it seem no one is learning from these blunders?

Read more at
http://www.securityweek.com/email-forever-and-its-not-private

911-emergency-callWhat would it take for hackers to significantly disrupt the US’ 911 emergency call system? It only takes 6,000 Smartphones. Yes, you heard it right! According to new research published last week, a malicious attacker can leverage a botnet of infected smartphone devices located throughout the country to knock the 911 service offline in an entire state, and possibly the whole United States, for days. The attacker would only need 6,000 infected smartphones to launch automated Distributed Denial of Service (DDoS) attacks against 911 service in an entire state by placing simultaneous calls from the botnet devices to the emergency numbers. However, as little as 200,000 infected mobile phones could knock the 911 emergency call system offline across the entire US.

Read more at
http://thehackernews.com/2016/09/hacking-911-emegency.html

hack-mysql-databaseTwo critical zero-day vulnerabilities have been discovered in the world’s 2nd most popular database management software MySQL that could allow an attacker to take full control over the database. Polish security researcher Dawid Golunski has discovered two zero-days, CVE-2016-6662 and CVE-2016-6663, that affect all currently supported MySQL versions as well as its forked such as MariaDB and PerconaDB. Golunski further went on to publish details and a proof-of-concept exploit code for CVE-2016-6662 after informing Oracle of both issues, along with vendors of MariaDB and PerconaDB.Both MariaDB and PerconaDB had fixed the vulnerabilities, but Oracle had not. The vulnerability (CVE-2016-6662) can be exploited by hackers to inject malicious settings into MySQL configuration files or create their own malicious ones.

Read more at
http://thehackernews.com/2016/09/hack-mysql-database.html

fbi-cia-director-hacked-crackas-with-attitudeUS authorities have arrested two North Carolina men on charges that they were part of the notorious hacking group “Crackas With Attitude.” Crackas with Attitude is the group of hackers who allegedly was behind a series of audacious and embarrassing hacks that targeted personal email accounts of senior officials at the CIA, FBI, the White House, Homeland Security Department, and other US federal agencies. Andrew Otto Boggs, 22, of North Wilkesboro, N.C., who allegedly used the handle “INCURSIO,” and Justin Gray Liverman, 24, of Morehead City, who known online as “D3F4ULT,” were arrested on Thursday morning on charges related to their alleged roles in the computer hacking, according to a press release by Department of Justice. A 16-year-old British teenager suspected of being part of the group was arrested in February by the FBI and British police.

Read more at
http://thehackernews.com/2016/09/fbi-cia-hacker-arrested.html

US-EU-Privacy-ShieldGoogle has become the latest American tech giant to sign on to the US-EU Privacy Shield. “We are committed to applying the protections of the Privacy Shield to personal data transferred between Europe and the United States,” Google’s Caroline Atkinson, head of Global Public Policy, noted in a blog. “As a company operating on both sides of the Atlantic, we welcome the legal certainty the Privacy Shield brings. Restoring trust—in international data flows and in the Transatlantic Digital Agenda—is crucial to continued growth in the digital economy.” Microsoft, Salesforce.com and Workday got on board with the joint initiative between the US Department of Commerce and European Commission earlier this month.

Read more at
http://www.infosecurity-magazine.com/news/google-signs-on-for-useu-privacy/

e-Voting

Threats to our electoral process can come from outside the country or nefarious insiders. Our country needs to be better prepared. After Russian state security personnel were accused of hacking the Democratic National Committee, the possibility of outsiders manipulating the American political process became a reality. With the reliance on computers to collect votes, report results, communicate campaign strategies, and coordinate voter registration activities, the electoral process has new vulnerabilities. In addition, rogue countries aren’t the only threats; insiders are also capable of manipulating election results. Here are six ways that elections can be hacked.

Read more at
http://www.darkreading.com/endpoint/6-ways-to-hack-an-election/a/d-id/1326762?

Mikko_HypponenAt some point in the recent past — he is not sure exactly when — F-Secure’s Chief Research Officer Mikko Hypponen coined the term ‘cyber crime unicorn’. His purpose was to highlight the growing professionalism of cyber criminals; and the term caught on. Now he has asked the question seriously: could a ransomware product actually be a criminal tech unicorn; that is, a start-up business valued at more than $1 billion? In a new article his short answer is No; but that’s only because it would be impossible for the founders to cash-out through the traditional IPO route. By most other yardsticks, cyber crime relates favorably to legal business. Consider one of today’s prime businesses, Uber. According to a Thursday report in Bloomberg, Uber is on course to recording a $2 Billion loss this year following a similar loss last year — and yet its latest valuation is $69 billion. Cyber criminals do not make losses.

Read more at
http://www.securityweek.com/f-secures-mikko-hypponen-talks-cyber-crime-and-cyber-unicorns

NIST-New-Password-RulesIt’s no secret. We’re really bad at passwords. Nevertheless, they aren’t going away any time soon. With so many websites and online applications requiring us to create accounts and think up passwords in a hurry, it’s no wonder so many of us struggle to follow the advice of so-called password security experts. At the same time, the computing power available for password cracking just gets bigger and bigger. OK, so I started with the bad news, but this cloud does have a silver lining. It doesn’t need to be as hard as we make it and the government is here to help. That’s right, the United States National Institute for Standards and Technology (NIST) is formulating new guidelines for password policies to be used in the whole of the US government (the public sector). Why is this important? Because the policies are sensible and a great template for all of us to use within our own organizations and application development programs.

Read more at
https://nakedsecurity.sophos.com/2016/08/18/nists-new-password-rules-what-you-need-to-know/

NSA-Exploits-Cisco-extrabacon-modifiedRecently released NSA exploit from “The Shadow Brokers” leak that affects older versions of Cisco System firewalls can work against newer models as well. Dubbed ExtraBacon, the exploit was restricted to versions 8.4.(4) and earlier versions of Cisco’s Adaptive Security Appliance (ASA) – a line of firewalls designed to protect corporate, government networks and data centers. However, the exploit has now been expanded to 9.2.(4) after researchers from Hungary-based security consultancy SilentSignal  were able to modify the code of ExtraBacon to make it work on a much newer version of Cisco’s ASA software. Both Cisco and Fortinet have confirmed their firewalls are affected by exploits listed in the Shadow Brokers cache that contained a set of “cyber weapons” stolen from the Equation Group.

Read more at
http://thehackernews.com/2016/08/cisco-firewall-hack.html

Cyber security concep with lock.Android has Fallen! Yet another set of Android security vulnerabilities has been discovered in Qualcomm chipsets that affect more than 900 Million Android smartphones and tablets worldwide. What’s even worse: Most of those affected Android devices will probably never be patched. Dubbed “Quadrooter,” the set of four vulnerabilities discovered in devices running Android Marshmallow and earlier that ship with Qualcomm chip could allow an attacker to gain root-level access to any Qualcomm device. The chip, according to the latest statistics, is found in more than 900 Million Android tablets and smartphones. That’s a very big number. The vulnerabilities have been disclosed by a team of Check Point researchers at the DEF CON 24 security conference in Las Vegas.

SMS-Two-Factor-AuthenticationSMS-based Two-Factor Authentication (2FA) has been declared insecure and soon it might be a thing of the past. Two-Factor Authentication or 2FA adds an extra step of entering a random passcode sent to you via an SMS or call when you log in to your account as an added layer of protection. For example, if you have 2FA enabled on Gmail, the platform will send a six-digit passcode to your mobile phone every time you sign in to your account. But, the US National Institute of Standards and Technology (NIST) has released a new draft of its Digital Authentication Guideline that says SMS-based two-factor authentication should be banned in future due to security concerns.

Read more at
http://thehackernews.com/2016/07/two-factor-authentication.html

 

TOR-Spying-Nodes

Read more at
http://thehackernews.com/2016/07/tor-deep-web-spying.html

KeySniffer-Wireless-Keyboard-Hacking
Radio-based wireless keyboards and mice that use a special USB dongle to communicate with your PC can expose all your secrets – your passwords, credit card numbers and everything you type. Back in February, researchers from the Internet of things security firm Bastille Networks demonstrated how they could take control of wireless keyboards and mice from several top vendors using so-called MouseJack attacks. The latest findings by the same security firm are even worse.Researchers have discovered a new hacking technique that can allow hackers to take over your wireless keyboard and secretly record every key you press on it. Dubbed KeySniffer, the hack is death for millions of wireless, radio-based keyboards.

Read more at
http://thehackernews.com/2016/07/wireless-keylogger.html

TOR-Exit-nodeAnother blow to the Tor Project: One of the Tor Project’s earliest contributors has decided to quit the project and shut down all of the important Tor nodes under his administration. Lucky Green was part of the Tor Project before the anonymity network was known as TOR. He probably ran one of the first 5 nodes in the TOR network at its inception and managed special nodes inside the anonymity network. However, Green announced last weekend that “it is no longer appropriate” for him to be part of the Tor Project, whether it is financially or by providing computing resources.TOR, also known as The Onion Router , is an anonymity network that makes use of a series of nodes and relays to mask its users’ traffic and hide their identity by disguising IP addresses and origins. The TOR network is used by privacy-conscious people, activists, journalists and users from countries with strict censorship rules.

Hillary-Clinton-Presidential-Campaign-hackedThere’s a lot more to come from the DNC Hack. The Associated Press confirmed yesterday that the computer systems used by Hillary Clinton’s presidential campaign were hacked as part of the recent Democratic National Convention (DNC) hack.

Last week’s email dump containing almost 20,000 emails from top DNC officials was just the beginning, which led DNC Chairwoman Debbie Wasserman Schultz to resign as the group’s leader, as WikiLeaks announced that it was part one of its new Hillary Leaks series.

This suggests WikiLeaks Founder Julian Assange has had his hands on more data from the DNC hack that, according to him, could eventually result in the arrest of Hillary Clinton.

Assange — Wikileaks’ Next Leak will lead to Arrest of Hillary Clinton

In an interview with Robert Preston of ITV last month, Assange made it clear that he hopes to harm Hillary Clinton’s chances from becoming president of the United States, opposing her candidacy on both policies as well as personal grounds.

Read more at
http://thehackernews.com/2016/07/hillary-clinton-hacked.html

CyberGhostIf you get caught using a VPN (Virtual Private Network) in Abu Dhabi, Dubai and the broader of United Arab Emirates (UAE), you could face temporary imprisonment and fines of up to $545,000 (~Dhs2 Million). Yes, you heard that right.

Online Privacy is one of the biggest challenges in today’s interconnected world. The governments across the world have been found to be using the Internet to track people’s information and conduct mass surveillance. Here VPNs and proxy servers come into Play.

VPNs and proxy servers are being used by many digital activists and protesters, who are living under the most oppressive regimes, to protect their online activity from prying eyes.

However, using VPN or proxy in the UAE could land you into great difficulty

Read more at
http://thehackernews.com/2016/07/vpn-is-illegal-in-uae.html

 

FILE - In this Friday, Jan. 16, 2015 file photo, a man walks past the European police agency Europol in The Hague, Netherlands. The head of European Union police organization Europol said at a meeting on Monday, Feb. 23, 2015 that intelligence and law enforcement agencies across the continent have to co-operate better to fight against the threat of terrorism. (AP Photo/Peter Dejong, File)The European Police agency Europol has joined forces with police and cyber security companies to launch a worldwide initiative to combat and tackle together the exponential growth of Ransomware used by cyber criminals.

Europol announced today the initiative, dubbed NO More Ransom, that has been backed by technology giant Intel, cyber security firm Kaspersky Lab and the Netherlands police, aiming at decreasing an “exponential” rise in Ransomware threat.

Ransomware is a piece of malware that typically locks victim’s device using encryption and demands a fee to decrypt the important data. The estimated number of ransomware victims tripled in the first quarter of this year alone.

Read more at
http://thehackernews.com/2016/07/ransomware-decrypt-tool.html

Lastpass

Password managers seem like a great idea, given rampant password reuse, poor abilities to create strong passwords by the average user and the sheer number of credentials we’re supposed to remember. But major vulnerabilities have been found in LastPass—opening the door to a full remote compromise for its users.

Independent security researcher Tavis Ormandy said that the zero-day flaw can be exploited using a drive-by technique with a malicious website. If successful, the attacker gains the digital keys to the kingdom—all of the credentials that the user has stored for online services.

“Are people really using this lastpass [sic] thing?” Ormandy tweeted. “I took a quick look and can see a bunch of obvious critical problems.”

One Ormandy Twitter follower responded, “I’m perplexed anyone uses an online service to store passwords”—to which Ormandy responded, “Yeah, me too.”

Read more at
http://www.infosecurity-magazine.com/news/major-lastpass-flaw-compromises/

BlackHatAh, the irony: As the security community gears up for Black Hat USA 2016, a flaw in the official conference app enables attackers to become anyone or spy on attendees.

Conference attendees can install the app on their mobile devices to browse the conference’s agenda, get exhibitor info, message attendees, schedule events they will attend and participate in a conference-wide Twitter-like activity feed. According to Lookout Security, a flaw opens the door to attendee impersonation—so users should be cautious of any activity or messages that are posted or received within the app.

“While investigating both the iOS and Android versions of the Black Hat USA 2016 app, we discovered that a user could register using any email address they want (as long as it hasn’t already been used to register with the app previously),” explained Lookout researcher Andrew Blaich, in a blog. “This includes any email address, whether or not the person signing up owns the email address. It doesn’t even matter if the email address exists at all.” Further, to log in, the Black Hat app does not require confirmation; the user is immediately logged into the app after typing in any email address.

Read more at
http://www.infosecurity-magazine.com/news/official-black-hat-usa-app-allows/