Breaking News »

Latest Hacking News

Rudy Giuliani to defend US from hackers

Last week on January 12, US president-elect Donald Trump named former New York City mayor, Rudolph Giuliani as the head of cybersecurity advisory group and the decision was followed by an instant kerfuffle questioning his digital defense chops.

On January 10, Trump claimed he would soon assemble “some of the greatest computer minds anywhere in the world” to tackle the US government’s cybersecurity problem but two days later he went on an opposite route by hiring Giuliani.

Giuliani will coordinate “cybersecurity” issues between the federal government and the private sector.

Giuliani doesn’t seem to be fit for the position though due to his lack of knowledge in the field of cybersecurity which may not prove beneficial for hardening America’s infrastructure against attacks.

The former New York City Mayor originally aspired to the rank of Secretary of State as part of Trump's White House. Giuliani bowed out of the running last year when it became clear he would not land the one job he coveted.

Giuliani may be best remembered for helping to unify New York City in aftermath of the September 11 2001 attacks on the World Trade Center. He’d personally chosen the World Trade Center to house New York’s emergency command center, even after it had been attacked by terrorists in 1993—overriding NYPD experts advised by the Secret Service. The command center itself was destroyed on 9/11, making it worthless in New York’s greatest emergency.

More recently, Giuliani has emerged as one of America’s fiercer voices in favor of more aggressive surveillance of Muslims. So it wasn’t a shock that he became one of candidate Trump’s most prominent early supporters, serving up a red-meat Republican convention speech and rushing to Trump’s side after October’s exposure of Trump’s notorious woman-groping tapes. Some observers expected Giuliani to get a plum cabinet role like Secretary of State or Homeland Security, but it didn’t happen.

Industry pros questioned Trump’s decision stating that the website advertising Giuliani’s own security and crisis management consultancy, Giuliani Partners, had glaring vulnerabilities, including an expired cryptographic certification, lack of encryption, an exposed remote login, outdated software and scripting languages, open server ports and Adobe Flash, a notoriously insecure bit of software. The site may as well have been a honeypot for hackers which could be attacked even with SQL injection technique. As soon as computer sleuths took to twitter to point out the shortcomings in the site, it was taken down.

Appearing on Fox & Friends, a Fox News morning show, to reveal his appointment, Giuliani said that we basically don't have a cyber defense, which is actually true in some sense.

Italian siblings arrested for cyberattack

Italian police have arrested a nuclear engineer, Giulio Occhionero, 45 and his sister, Francesca Maria Occhionero, 49 for hacking into 18,000 high-profile email accounts, including the former Prime Minister.

Authorities suspect that the siblings may have ties to the Freemasons, because the malware used in the hack was called “Eye Pyramid,” believed to be a reference to the all-seeing eye of God, or Eye of Providence, a symbol typically associated with Freemasonry. The name of the software may also have been a play on his own surname – Occhionero means “black eye” in Italian.

The widespread cyber-attack compromised communications of prominent Italian institutions and individuals, including Vatican’s two former Prime Ministers, Vatican cardinals, bank executives and other high profile targets, which prosecutors claim was used to conduct insider trading. Mario Draghi, the president of the European Central Bank was also among the targeted individuals. Former Prime Minister, Matteo Renzi was also one who resigned in December last year after losing a constitutional reform referendum.

The attackers, who have dual residencies in London and Rome, are accused of spearphishing attacks using malware to gain access to victims' email accounts and illegally accessing classified information and breaching and intercepting information technology systems and data communications since 2012. The siblings were most recently living in Italy.

Vatican officials have not yet commented on the attack and it is yet unknown to what extent sensitive Vatican information may have been compromised.

There are indications the malware campaign may have been running from as early as 2008. In total, just under 1800 passwords were allegedly captured by the Occhionero siblings, who exfiltrated around 87 gigabytes of data to servers in the United States.

Mr Occhionero who had strong links to the Masonic movement allegedly developed software that infected email accounts, enabling him to access the information. Several of the compromised accounts belonged to Mason members.

Whether or not there are ties to the Masons, cyber security experts believe it is highly unlikely that the sibling pair acted alone.

The illegally accessed information was stored on servers in the United States, leading to an ongoing investigation with the assistance of the FBI’s cyberdivision. The stolen data has been seized by Italian police and the FBI.

Italian police believe the siblings used the stolen confidential information to make investments through a firm operated by Mr Occhionero, a nuclear engineer by profession.

Supreme Court issue notice to WhatsApp and Facebook over privacy policy

The Supreme Court of India has issued notices to central government,  Telecom Regulatory Authority of India (TRAI), WhatsApp, and Facebook over a plea seeking privacy on data.

The petition was filed by two law students against the  WhatsApp's proposal to start sharing some of the user data with the parent company, Facebook.

The Delhi High Court had earlier denied the petition and refused to interfere with matter. However, the Apex court has directed the companies to reply to the notices within two weeks.

"What is disturbing here is you want to continue using this private service and at the same time want to protect your privacy... You can choose not avail of it [WhatsApp], you walk out of it,” Chief Justice of India J.S. Khehar said.

According to the petitioner, there are 157 million users on WhatsApp and Facebook.

It's not that Facebook and WhatsApp are facing privacy issue in India only, the even European Union has raised questions about Facebook's privacy policy.

Last month the European Union  Commissioner, Margrethe Vestager,   had said that "Facebook was misleading it about WhatsApp.Companies are obliged to give the Commission accurate information during merger investigations... In this specific case, the Commission's preliminary view is that Facebook gave us incorrect or misleading information during the investigation into its acquisition of WhatsApp. Facebook now has the opportunity to respond."

Trump's appoints a cybersecurity adviser whose own website is a mess

President-elect Donald Trump has nominated former New York mayor Rudolph W. Giuliani as an informal adviser on cybersecurity.

According to the Presidential transition office,  Trump's transition team will include Giuliani as a cyber security adviser.

"This is a rapidly evolving field both as to intrusions and solutions and it is critically important to get timely information from all sources," the transition team said in a statement.

"Mr. Giuliani was asked to initiate this process because of his long and very successful government career in law enforcement and his now sixteen years of work providing security solutions in the private sector," the statement continued.

Giuliani is the CEO of his own cybersecurity consulting firm Giuliani Partners, will assist in finding solutions to cyber security issues and will help the government to tackle the different cybersecurity issues.

As he was selected as an adviser of the cyber security, people started visiting his website "" and found that the site has no cyber security itself and is very vulnerable to attacks.

The website runs on an old version of Joomla, which is aa free, open-source content management system (CMS). It also uses an outdated version of the script language PHP, uses an expired SSL certificate, runs over a 10-year-old version of FreeBSD OS server and even fails to follow other basic security practices.

A security researcher at Errata Security, Robert Graham said that Giuliani did not build the site himself; instead he "contracted with some generic web designer to put up a simple page with just some basic content."

"There's nothing on Giuliani's server worth hacking. The drama over his security, while an amazing joke, is actually meaningless," Graham said in a blog post. "All this tells us is that Verio/ is a crappy hosting provider, not that Giuliani has done anything wrong."

Vulnerability »

Malware Report »

Defacements »

Spam Report »