Tuesday, 16 February 2016

Hack' on DoJ and DHS downplayed

DHS

Data Breach – DoJ/DHS

The US authorities had approved a data breach disturbing the Department of Justice, DoJ as well as the Department of Homeland Security – DHS, though restrained its severity. As per technology news site, Motherboard, the hacker has stated that they would soon share personal information of around 20,000 DoJ employees comprising of staff at the FBI.

It was informed by the news site that it had verified small parts of the breach, but had also observed that some of the details listed seemed to be improper or probably out-dated. The Department of Justice too restrained the significance of the breach. DoJ spokesman, Peter Carr had informed Guardian that `the department has been looking into the unauthorized access of a system which was operated by one of its components comprising of employee contact information and this unauthorized access is under investigation.

However, there is no indication at this time that there is any breach of sensitive personally identifiable information. The department has taken this very seriously and is continuing to arrange protection as well as defensive measure in safeguarding information. Any activity which is determined to be criminal in nature would be referred to law enforcement for investigation’

Hacked Data Posted on Encrypted Website

Hacked data which had been anonymously posted on encrypted website and reviewed by the Guardian comprise of a DHS personnel directory and the information listed included phone numbers together with email addresses. These were for individuals who have not worked for DHS for years. Besides this, some of the listings also had out-dated titles.

The encrypted DHS directory had appeared online prior to 7 pm EDT on Sunday and the password seemed to be `lol’. A source demanding responsibility had informed Motherboard who had revealed the story of the hack, that they had compromised the employee account of DHS and had then used the information from it to convince an FBI phone operator to provide access to the computer system of DoJ.

 The hackers had promised to release the information from the DoJ on Monday. At 4 pm EDT, an identical list had been posted on the same site with a DoJ staff directory which had also appeared to be out-dated. In order to assess the hack, during a government wide-meeting, an official compared it to stealing a years old AT&T phone book after the telecom had digitized most of its data already.

Disruption Regularly in Government Data Security

However, experienced officials state that it should be less simple in obtaining access token by imitating an official from a different department over the phone to a help desk.Things tend to be disrupted regularly in government data security and the OPM hack, exposed in June, revealed the deeply researched security clearance of 21.5m present and former government employees together with contractors from phone numbers to fingerprints.

 But the DHS breach seems to be far less severe and it is especially embarrassing considering that the department has been selected the point of entry for all corporate data shared with government agencies in the debated information sharing program between government and industry developed last year, by the Cybersecurity Information Sharing Act. The program wherein private companies tend to share user information with the government in exchange for immunity from regulation had not been accepted from its start at the DHS, which is left holding the bag in the incident of a breach.

Alejandro Mayorkas, DHS deputy secretary cited troubling provision from the bill to Senator Al Franken in a letter sent in July, wrote that `the authorization to share cyber threat indicators and defensive measures with any other entity or the Federal Government, notwithstanding any other provision of law, could sweep away important privacy protection’

Monday, 15 February 2016

Mysterious Spike in Wordpress Hacks Silently Delivers Ransomware to Visitors

ransomeware_hack

WordPress Content Management System – Hacked


A large number of websites which tend to run on the WordPress content management system are getting hacked to deliver crypto ransom-ware together with other malicious software to ignorant end users. Researchers from three different security firms, in the last few days have reported that a huge number of legitimate WordPress sites are hacked, silently redirecting visitors to a sequences of malicious site.

The attack sites tend to host code from Nuclear exploit kit which is available for sale in black market all over the Internet. People who tend to visit the WordPress sites and use out-of-date versions of Adobe Flash Player, Adobe Reader Internet Explorer or Microsoft Silverlight would find that their computers are infected with the Teslacrypt ransomware package which encrypts user files, demanding a heavy ransom for the decryption key required to restore them.

According to Malwarebytes Senior Security Researcher, Jerome Segura who had mentioned in his blog post published recently stated that WordPress sites are considered to be injected with enormous recommendations of rogue code which tends to silently perform redirection to domain appearing to be hosting ads. This could be a distraction and fraud since the ad comes with more code which sends the visitor to the Nuclear Exploit Kit.

Google’s Safe Browsing Mechanism


The compromised WordPress sites observed, had been hacked to include encrypted code towards the end of all legitimate JavaScript files according to the latest blog post published by website security firm Sucuri. It is said that the encrypted content seems to vary from site to site.

To avoid detection from researchers visiting the compromised site, the code makes efforts to infect only first time visitors and to further hide the attack, the code then redirects end users through a series of sites prior to delivering the ultimate malicious payload. Google’s Safe Browsing mechanism, Sucuri which browser maker then to use in helping users to avoid malicious websites had mentioned that Google had blacklisted some of the Internet domains that were utilised in the scam.

However, a post published recently by Heimdal Security listed an altered domain with the probability that the attackers seem to frequently refreshing as the old ones tend to get identified. Moreover, Heimdal Security also cautioned about antivirus programs could do little in protecting end users.

Enhanced Mitigation Experience Toolkit - Microsoft


The exploit code for instance had been detected by only two of 66 leading AV packages, towards the latest part of the campaign, while the payload it delivered has also been limited.The most recent reminder of the attacks are that people could be exposed to powerful malware attacks even while visiting legitimate websites which could be trusted.

 The best defense would be to install security updates as soon as they tend to become available for such drive by attacks. Other systems comprise of running Enhanced Mitigation Experience Toolkit of Microsoft on any of the Window based computers using the 64-bit version, if possible, of Google’s Chrome browser. It is not known how the WordPress sites tend to get infected.

 There could be a possibility that administrators may be failing in locking down the login identifications which may enable the site content to be changed. It could also be likely that the attackers may be exploiting unknown vulnerability in the CMS, which is one of the plugins used, or the operating system they tend to run on. When a system is infected, the website malware tends to install various backdoors on the webserver, a feature which could result in several hacked sites being repeatedly re-infected.

Police Train Eagles to Take Down Drones on Sight


eagle

Eagles Trained to Bring Unmanned Drones Down in Emergency


The Dutch National Police force has revealed that it would be training eagles in bringing down unmanned drones in emergency cases. The purpose is to disable a drone which may for instance, tend to wander in the airspace of a city centre or an airport or without the danger of falling from the sky and on anyone below.

Development of anti-drone UAV are also taking place though it presently seems to be simpler and cheaper in the use of nature’s greatest hunters instead of one of humanity’s lest dependable robots to do the task. It is reported that the Dutch police will be working with a company known as `Guard From Above’, or a translation of that name for training of the eagles, a firm in The Hague who tend to specialize in training birds of prey for private security, in helping to protect the skies from rogue drones.

With the training, the eagle tends to recognise the drones as prey which they disable with the claws. Thereafter the eagle deposits the drone in a space which is distanced from civilians. A specific example, which was posted to YouTube, the eagle picks out a DJI model and does it quite effectively.

Drones Getting Cheaper & Accessible


So far, the project seems to be under trail with the police assessing if they want a full fleet of drone busting birds of prey. The police have also been working on other systems to take the drone out from the sky including hacking the drone as well as just using a net or the combination of both.

However, the potential of the eagle tends to provide more flexibility once the machine is recovered. Eagles in the wild have portrayed a natural inclination in attacking drones on sight as hawks, rams and chimps and thus it may not be the most awful idea if the safety of the animal can be assured.

Drones are getting cheaper and much more accessible, increasing the apprehension that they could be utilised by criminals or terrorist groups. Taking this into consideration, recently the Japanese police force has announced that they would organise a battalion of anti-drone officers and disable drones.

Animal Instinct of Bird of Prey – Exceptional


The Netherland’s Police had mentioned in a statement that `in future, drones would be used progressively and hence it would increase the number of incidents regarding drones and could also be utilised for criminal purposes. The security firm state that the technique used is not harmful to the birds and is not dangerous than the scraps they get into with prey in the wild.

 Their feet are heavily scaled to precisely protect them from sharp bites, scratches and slashes. Nonetheless, the company has been working with the Dutch Organization for Applied Scientific Research to evaluate whether the propellers of the drone tend to affect the claws of the bird. `Guards from Above’ had mentioned in a press release that they used birds’ natural hunting instincts to intercept drones and this was done safely, accurately and quickly.

The animal instinct of a bird of prey is exceptional and capable of overpowering fast-moving prey. At times the solution to a hypermodern problem is more obvious than one might imagine.

Friday, 12 February 2016

Google Now Blocking Websites That Show Fake Download Buttons

Blocking

Blocking Deceptive Content/Ads through Google’s Safe Browsing


As reported by online source, Google will be helping more users in avoiding sites which post deceptive ads and content has begun blocking website that tend to do so, to ensure that users do not indulge in fake download button.

This may appear right near the real download button or pup-ups, challenging phone tech support to remove million malware infections which may be deceptively found on the computer. The blocking would take place through Google’s Safe Browsing tech that one would have perhaps seen earlier. It is the big red interstitial which seems to appear when one clicks on a dodgy search result.

Safe Browsing has been for some time though it only prevents the user from visiting sites which were serving up malware or sites which Google had considered unsafe. However, in November, Google had begun blocking sites that utilised `social engineering attacks, in order to get the user to install unwanted software or to reveal sensitive information.

Presently Google has been expanding that to websites which tend to serve up deceptive embedded contents. The new block, specially is against deceptive embedded content which translates to `deceptive ads’.

Google to Display a Big Red Warning


When searching for something, the sites with the shady misleading ads which tend to claim that you need to install a certain type of plugin, product or a toolbar would generate a big red scary unfriendly STOP screen, misleading the user to a deceptive button.

 This is a development to a change which Google has made to search returns back in November when it began blocking sites it envisaged were utilising some type of social engineering attack to make you divulge information which otherwise one would not reveal. As Google had explained on its Online Security Blog, sites that have any kind of ads which deceptively attempt to imitate actual site functionality would now be considered as `social engineering’.

 This would comprise of fake download buttons, cautioning that software that one has is `out of date’ and fake notifications to update like Flash player. Whenever a site tends to use this tricks, Google would be displaying a big red warning prior to the visits of the site by the user. This would discourage shadier sites from utilising underhand attempts to trick users on clicking on ads or make attempts in preventing them from getting tricked.

Essential to Refresh Page Prior to Viewing Social Engineering Ads


For the webmasters, this change would be especially difficult. Hosting of deceptive content on the site is one thing though deceptive third party content served by casual ad server would be a bit difficult to police. Webmaster knowledge base of Google does not seem to provide much help, though to note that `ad networks could be rotating the ads shown on the site’s pages.

 Hence it could be essential to refresh a page a few times prior to viewing any social engineering ads that appear. For the others, this would be a longed-for change. Though the usage pattern seem to be unstable, Google Search tends to drive billion of website clicks each day and several of these websites tend to still depend on Google traffic to stay afloat and this could be the start to an end for fake download buttons.

Tuesday, 9 February 2016

Microsoft Recalls Millions of Fire-Risk Power Cords

Surface_pro

Microsoft Announced a Recall Related to Power Cords


Microsoft has voluntarily announced the recall after 56 reports of over two million power cords sold with Surface tablets all over the world were overheated, emitting flames. It had also received five reports from customers who had received electrical shocks. The US Consumer Product Safety Commission has informed users to unplug the cords and get in touch with Microsoft for a free replacement.

The recall is related to power cords which had been sold with the Surface Pro, Surface Pro 2 and Surface Pro 3 tablets prior to March 2015 in Canada and the US and July 2015 beyond those countries. Though Microsoft is yet to go public on the number of Surface Pro power cords it intends to recall over fire concerns, the US Consumer Product Safety Commission has conveyed that it is more than two million, stateside alone.

Microsoft claims that it received reports that cord for the first, second and third generation of the slab-book sold prior to March 15 could be defective, as exposed last month. It has informed that this could be the outcome of them being wound too tightly, twisted or pinched over an extended period of time.

Microsoft to Provide One AC Power Cord Free of Charge


Microsoft has informed that it will be providing one AC power cord free of charge and proof of damage is not essential. People with more than one Surface device would need to submit a claim for each device and it is not essential to send the old cords to them. Microsoft had sold around five million Surface devices since the launch, up to and inclusive of the first calendar quarter of last year, according to estimates from channel analyst Canalys.

Recently Apple is also said to be in the process of recalling for certain types of AC wall plug adapters which were included in some iPhone, iPad and Mac products, owing to danger of the adapters breaking and resulting in electric shock. As per the company, the recall comprise of two pronged wall plugs adapters incorporated with Mac computers and 10-watt adapters included with certain iOS devices between 2003 and 2015.

Consumers to Recycle/Dispose Defective Cords


Generally speaking, the responsibility is on the consumer for the problem which Microsoft has been addressing. If one has been rolling the power cord up in a way so as to make them more portable, one would probably damage the cord.

This could not only be the case of Microsoft cord but the cords in general. When one tends to roll up a cord against its natural shape there could be chances of fatigue wherein the complete length of the cord may tend to twist in a direction away from the length of the cord. According to Albert Cardenas, Product Manager for Consumer Audio at Monoprice, when asked for his advice explained that the stress against the natural coil could tend to twist the cord, ultimately weakening the cord to the point of irregular performance or even failure of the cord.

Microsoft has confirmed that a very small section of Surface Pro customers had reported of overheating problems with regards to their power cables. Consumers will be advised to recycle or dispose their defective cords in order to avoid the probability of future dangers.