Hackers crippled US internet

Friday morning was quite unusual for most of the people living across the parts of the United States as they were unable to access several world's best-known websites.

A company, Dyn, which manages crucial parts of the internet’s infrastructure was hacked by hackers that affected their switchboard for the internet.

According to the users they had problems in reaching several websites, including Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times.

The company's  spokeswoman said that the  Federal Bureau of Investigation and the Department of Homeland Security are investigating the incident and also looking  at all the potential causes that might have resulted in the hack.

A spokeswoman said the Federal Bureau of Investigation and the Department of Homeland Security were looking into the incident and all potential causes, including criminal activity and a nation-state attack.

 Dyn’s chief strategist, Kyle York said, "The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise.”

"The complexity of the attacks is what's making it very challenging for us," York, told Reuters.

York further informed that the malicious traffic was coming from connected devices, including webcams and digital video recorders.

Security researchers have always raised their voice of concerns about the connected devices, sometimes they referred it as the lack proper security.

On Friday, Dyn tweeted that they have resolved the issue but they are still investigating the attack.
"Our advanced service monitoring issue is currently resolved. We are still investigating and mitigating the attacks on our infrastructure," Dyn tweeted.

Axis Bank Claims No Monetary Loss From Cyber Attack

(pc-Google Images)
In the last three months, three financial institutions have faced data breaches. The most recent case of breach was seen in the case of Axis Bank- India’s third largest private sector lender.

The bank’s servers were hacked by an unauthorised login from an unnamed offshore hacker. This after the bank received an unexpected call from an engineer at Kaspersky Lab.

Last week, Axis filed a preliminary report about the breach to RBI. The bank has hired EY, the audit and advisory firm, to carry out an investigation. Till now there are no reports of any fund transfers but the bank and EY are trying to figure out the extent of damage and data loss, if any.

In a statement, a bank spokesperson said, “Axis Bank, like many other large financial institutions, often receives security threats from across the globe. The bank has strict security protocols and procedures in place and all its online properties are monitored round the clock by its in-house team of security experts. The bank also engages best in class international and national agencies who regularly identify and neutralize threats and audit the Bank's online ecosystem.” “Safety and security of our systems and processes is of paramount importance to us and we constantly monitor and are vigilant in our efforts to combat any potential threats. We would like to state that there has been no monetary loss.”

Over the past few years, banks have been fighting cyber strikes like “distributed denial of service” (or DDoS) which slows down a bank’s system, worms that make ATMs spew out cash, and some that can divert funds to a secret destination.

Netscape co-founder blames passwords for cyberattacks

While discussing rising  security breaches in businesses and organizations, co-founder of Netscape and Shutterfly, Jim Clark weighed in on flaws which can be avoided to prevent hacks.

He referred DNC hack, machine encryption of business owners and demand of Bitcoin ransom during the discussion where he said that majority of cyber attacks take place due to the use of a weak link in cyber security well known as, passwords.

“In the end it all, in one way or another, points to this deficiency I call it, that we call a password,” Clark told the FOX Business Network’s Maria Bartiromo.

On describing in detail the flaw of using passwords, Clark said that passwords are like secrets which are shared with one person at a time and some are not shared at all.

Clark threw light on certificate concept to authenticate websites which are there to make sure that one is connected to Google or Yahoo. He said that any site visited has a certificate which is issued by a certification authority which can be implemented for users as well to replace the need for passwords.

This mechanism, says Clark, if used to authenticate users will no longer need the password. Users can be issued the certificate which can be shared with everyone because it can’t be altered and if done so, it will no longer be valid. This mechanism can end the struggle of maintaining different passwords for all online activities.

Former CIA chief admits of hacking foreign political parties

A Former CIA chief has admitted that US spy agencies have hacked thousands of international   political parties in the past.

In an interview with the  Heritage Foundation on Tuesday, Retired Gen. Michael Hayden said the main difference between the US and Russian intelligence groups that Kremlin intentionally use the stolen data as their weapon against the political parties.

Hayden said that he doesn't think that the Russian President Vladimir Putin is backing the  Republican nominee Donal Trump and want him to win the elections, but according to him they are using the hacked information to disrupt the election  process.

“This is too much of a carom shot for Putin to think he knows where that ball's going to end," says Mr. Hayden.  "I think they're doing this to mess with our heads, to erode confidence in our political process."

He continued: "By the way, I would not want to be in an American court of law and be forced to deny that I never did anything like that as director of the NSA, because I could not."

In the past, he was a director of the National Security Agency and is now heading the Chertoff Group. There is also  discussed the challenges faced by the  cyber security.

"My definition of what the Russians did is, unfortunately, honorable state espionage," Hayden said. "A foreign intelligence service getting the internal political emails of a major political party of a major foreign adversary? Ah, game on. That's what we'd do."

Recently the US intelligence community released an official statement that declares the Russia's involvement in the recent email hacks of the Democratic National Committee (DNC) and the Democratic Congressional Campaign Committee (DCCC).

The statement read, "These thefts and disclosures are intended to interfere with the US election process. Such activity is not new to Moscow — the Russians have used similar tactics and techniques across Europe and Eurasia, for example, to influence public opinion there." 

58 Million Customer Data Hacked From Modern Business Solutions

(pc-Google Images)
Another massive data breach and this time the victim is- Austin headquartered Modern Business Systems. Better known as MBS, it provides businesses with database hosting solutions and data storage, among other services.

(pc-Google Images)
A hacker going by the handle 0x2Taylor has leaked personal and sensitive information of 58 million customers including names, email and postal addresses, phone numbers, IP addresses from an unsecured MongoDB database, operated by a US-based data storage company.

The hacker claimed to have used search site Shodan.io to uncover the open database. The stolen data was posted multiple times over the past weekend and was quickly removed each time.

The hacker also shared a screenshot containing a table of 258 million rows of personal data with security researchers, which indicated that he may be in possession of additional records.

The hacker 0x2Taylor has earlier claimed to have breached Amazon servers, publishing customer credentials on Twitter.

Cybercrime costs UK £10.9 bn each year

The United Kingdom lost around £10.9 billion last year due to prevalent cyber crime in the country which accounts to an individual over the age of 16 losing around £210. However, victims of online crime must have lost an average of £523 each–this being more than the average weekly earnings figure for the UK which currently stands at £505.

The loss occurred in the country in online fraud during 12 months includes fraudulent phishing messages to extract the personal details of victims, so-called ransomware and the theft of dating through hacking.

National Fraud Intelligence Bureau and crime awareness group Get Safe Online (GSO) figures would have been higher if reported. The survey conducted by GSO found that 39% of victims did not report the cyber crime incident.

The survey which was conducted on Wednesday (October 18) to mark Get Safe Online day, also found that a quarter of the UK public has a limited understanding of the risks they face when going online and most of them have doubt on what constitutes an online crime.

The UK public and small businesses are being urged to start making every day safer. Organisation is calling on individuals to ask them to use different strong passwords and not rely on just a few easily remembered words for maintaining their online activities. They are also advised to update their operating systems and security software. It also advises tightening social media security to ensure only friends and family can view status updates.

People are also advised to backup important files and documents to hard drives or cloud storage services.

Hackers crowdfunding NSA hacking tools

A hacking group, The Shadow Brokers, who stole the hacking tools from National Security Agency (NSA) in August is  now trying to crowdfund campaign instead of selling it at  10,000 bitcoin ($6.38 million). No one was interested in buying it because of it's overpriced.

The group was allegedly formed by Russians and was state-sponsored. They claim to have obtained “many many Equation Group cyber weapons.”

After hacking the tools, the group released more than half of it for free and decided to sell the rest half part. But recently only  the group complained that they couldn’t find a buyer.

According to the reports, ShadowBrokers said that they "would keep all the bitcoins,  even from those who had lost the auction, but would release other free hacking tools in consolation."

"TheShadowBrokers is being bored with auction so no more auction. Auction off. Auction finish. Auction done. No winners. So who is wanting a password? TheShadowBrokers is publicly posting the password when to receive 10,000 btc (ten thousand bitcoins). Same bitcoin address, same file, the password is crowdfunding. Sharing risk. Sharing reward. Everyone winning".

Security Week reported that the group is interested in making money from it, "TheShadowBrokers is not being interested in fame. TheShadowBrokers is selling to be making money and you peoples is never hearing from TheShadowBrokers again!. TheShadowBrokers is being disappointed peoples no seeing novelty of auction solution. Auction is design for to make benefit TheShadowBrokers.”

Previously  they have been named as the most destructive and advanced hacking group by the Kaspersky Lab. It is alleged that this group has helped Edward Snowden in releasing the top secret documents against NSA.

The hacking tools  are working perfectly and is even capable of bypassing all the enterprise firewalls.

Cybersecurity fines to rise in UK

After European Union's General Data Protection Regulation (GDPR) is applied in 2018, British business establishments not adhering to cybersecurity practices will risk the fine of either £18 million or 4% of their annual global turnover.

The PCI Security Standards Council came with this step after around 90% of large organizations and 74% of small and medium-sized enterprises suffered security breach last year, costing them up to £1.4 billion in regulatory fines. National statistics office suggests that there were 2.46 million cyber incidents in 2015.

The PCI SSC has warned that if the level of cyber security incidents against organizations does not improve after the GDPR is implemented, then the fine can be raised by as much as £122bn. Current maximum for fines is set at £500,000.

Consumer identity and access management (CIAM) projects are being driven by business demand and new European data protection rules.

As businesses are taking digital form, the establishments are realizing they need to connect with the customers more than employee-partner relationship which includes protecting the customer’s identity.

Identity management helps companies deliver more personal, convenient and trusted mobile experiences to customers, employee and partners, while enabling secure access to apps and data in the cloud.

The new EU legislation will act as a transformation for both large organizations and SMEs and it will be interesting to see how the businesses will be able to shoulder the costs.

It’s high time, small and large companies start acting and put robust standards and procedures to counter cyber security threat.

33M accounts hacked of Evony data breach

A data breach database website, Leaked Source has listed publicly available data for users involved in the website breach of Evony Gaming Company which took place in June this year and again in August.

While the first hack resulted in the theft of data for more than 33 Million registered user accounts or 33, 40, 472 users to be precise, the similar breach in August on the site’s forums resulted in compromise of 938,000 more accounts. The data stolen on this occasion included usernames, passwords, e-mail addresses and I.P addresses.

Evony is the company that developed the popular game Evony: Age II that is played by more of 18 Million gamers in over 167 countries.

Leaked Source also claims to have cracked the majority of the passwords involved, stating they were stored using unsalted MD5 and SHA1 hashing (a relatively weak encryption) which are more vulnerable to conventional password cracking software.

Evony also allows users to sign using Facebook connect which mean that stolen data could also contain Facebook login credentials, however short term access codes used by the single sign-on application mean that the Company would never have access to the specific login details in question.

The top most passwords and e-mail domains used by users in the website are stated below:

Rank       Password       Frequency      Email                domain Frequency
1             123456            714, 466     @yahoo.com     7, 464, 078
2              fuk19600         208, 121    @hotmail.com    6, 493, 345
3              123456789      163, 318    @gmail.com       3, 593, 315
4               mynoob           119, 365     NONE              3, 453, 701
5               password         96, 151     @aol.com           1, 005, 343
6               111111             82, 593    @hotmail.co.uk    667, 075
7               google              74, 051    @live.com            630, 399
8               evildick             70, 546   @msn.com           330, 372
9               qwerty              55, 872   @ymail.com         253, 433
10             1234567          52, 902   @yahoo.co.uk      259, 153

The list seems to highlight that a lack of data security awareness is still rife among online players.

Till now no official security notice has been sent out by the Gaming Company regarding the breach to affected users. While the forum contains a post on potential breach, it does not indicate the data loss.

Scammers targeting students in spreading Ascesso Malware

Yes, it's quite easy to target students. Especially when it comes to waving off a student loan. Recently a group of scammers is targeting the students and sending them false loan forgiveness spam mail through this they are  trying to distribute Ascesso malware.

According to the reports, the scammers  have launched many spam runs which emphasis  on American college graduates who collectively owe more than $1.3 trillion to banks. “Student Help” help and assist students with their student loans.

The hackers are so shrewd that to look authentic, the spam mail sent to students are framed  as a response to an inquiry that students alleged made to forgive their student loan in the past.

The spam mail sent by them  don’t provide any details or help to the student how their service could help the student  with their loan payments.

According to Symantec Security Response: “The student loan scam spam comes in a variety of forms but typically offers a reduction in student debt, consolidation of debt, or student loan forgiveness. The scam emails will entice readers with offers that seem, and are, too good to be true, such as qualifying for zero payment or having their entire loan forgiven. Others may try to charge for services that can be accessed for free from the government, your lender, college, university, or other sources.”

The form of  each spam mail might be different but it every mail leads to the same destination: Ascesso, that is a type of  trojan which circulates via social engineering, exploit kits, and spam.

This malware enables hackers for  further attacks, including malware campaigns, distributed denial-of-service (DDoS) offensives, and more.

The student should pay a little bit of attention to all the emails that they receive regarding waiving off the loans. And should check that they actually did  inquire about student loan forgiveness from where they received email.