Breaking News »

Latest Hacking News

UK parliament hit by cyber attack, hackers tried to access MPs' email account

The  Houses of Parliament in  Britain has shut down the external access of e-mail accounts after they discovered a cyberattack on Friday.

Spokeswoman of a House of Commons said that "the Houses of Parliament have discovered unauthorised attempts to access parliamentary user accounts.

"We are continuing to investigate this incident and take further measures to secure the computer network, liaising with the National Cyber Security Centre (NCSC)."

“We have systems in place to protect member and staff accounts and are taking the necessary steps to protect our systems.”

Hackers tried to break into the servers used by the British Parliament, and gain access to the personal email accounts of the politicians and their staff. However, British security officials blocked the access to servers

Members of Parliament first learned about the cyber attack on Friday night. They were unable to login to their emails the following morning.

It is not clear who is behind the cyber attack as he U.K.'s National Cyber Security Centre, is still investigating the incident.

An email was  sent to every MP  using a parliamentary address said “unusual activity and evidence of an attempted cyber attack” had been discovered.

“Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts in attempt to identify weak passwords."

“These attempts specifically were trying to gain access to users’ emails.”

North Korean firm behind WannaCry ransomware attack

According to the experts of UK and the US, the recent global WannaCryptor ransomware attack was initiated by the North Korean Lazarus Group.

While the National Cyber Security Centre in the UK has declined to comment on the reports. However, sources close to the 'The  Guardian' says that for the last few weeks the organization had completed an assessment on the group.

Even another security source has revealed BBC that the NCSC believes that the Lazarus Group was very much behind the WannaCry attack, which spread like a fire around the world over, affecting the computer systems.

 Rob Wainwright, executive director of Europol, said that the attack was unique because of its  “unprecedented” global reach.

Researchers at Elliptic, a British firm that specializes in bitcoin payments, said that " there is no evidence of withdrawals out of the wallets into which money was paid, although people are still paying for them."

Mac Apple Computers Targeted By Ransomware & Spyware

(pc-Google Images)
Mac Apple computers are now targeted by new forms of malwares and ransomwares.

The ransomware encrypts data stored on the Mac and demands payment for it to be released. The spyware, known as Macspy, keeps track on a victim’s every move before stealing important information and private data, relaying it back to a server controlled by the hackers behind the malicious software.

The two programs were uncovered by the security firms Fortinet and AlienVault, which found a portal on the Tor "dark web" network that acted as a shopfront for both.

The firms warned the threats were particularly bad as they were designed by professional software developers with “extensive experience” of creating malicious code.

Researchers also warned that the ransomware targeting Mac users isn’t as sophisticated as the type typically used to target Windows machines.

They said that that encrypted files can be lost indefinitely as an error in the tool used to decrypt data meant that files could not always be restored properly.

“Even if it is far inferior to most current ransomware targeting Windows, it doesn’t fail to encrypt victim’s files or prevent access to important files, thereby causing real damage,” researchers said.

Mac users are advised to make sure their devices are kept up to date with the latest security and software updates and that antivirus software should also be installed.

US-CERT Warns Against North Korean Cyberattacks


(pc-Google Images) 
The United States Computer Emergency Readiness Team (US-CERT) has issued a warning that North Korea has stepped up its efforts to attack media, aerospace, and financial companies in the United States.

The United States has been critical of North Korea since the high-profile attack on Sony in 2014. The warning has been made public by the US Department of Homeland Security (DHS) and the FBI through US-CERT.

The advisory’s first message is that anyone detecting activities by the DPRK (Democratic People’s Republic of Korea), codenamed “Hidden Cobra” (aka the Lazarus Group or Guardians of Peace), should report activity through the DHS National Cybersecurity Communications and Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch).

This alert identifies IP addresses linked to systems infected with DeltaCharlie malware and provides descriptions of the malware and associated malware signatures. DHS and FBI are distributing these IP addresses to enable network defense activities and reduce exposure to the DDoS command-and-control network.

The takeaway for Naked Security readers is to patch the older applications alleged North Korean cyberattacks like to prey on, particularly the following CVEs:

• CVE-2015-6585: Hangul Word Processor Vulnerability
• CVE-2015-8651: Adobe Flash Player 18.0.0.324 and 19.x Vulnerability
• CVE-2016-0034: Microsoft Silverlight 5.1.41212.0 Vulnerability
• CVE-2016-1019: Adobe Flash Player 21.0.0.197 Vulnerability
• CVE-2016-4117: Adobe Flash Player 21.0.0.226 Vulnerability 

Interestingly, although these emerged as zero-day vulnerabilities, it’s likely that Hidden Cobra exploited them after patches appeared. The full US-CERT report goes into detail on the specific DDoS and hacking tool (DeltaCharlie) used by the organization.