Moonpig hacked, Emial IDs, passwords compromised


The online personalized card company, Moonpig, has blocked an unspecified number of accounts of customers after users’ details were published online.

According to the company’s website, customers’ email addresses, passwords and account balance had been made public. However, they stress that the source of passwords was not their site, but from other online sites where users use similar passwords.

“As a precautionary measure, we promptly closed our Moonpig site and apps to help us investigate and contain this issue. Following these investigations, we now have strong evidence that the customer email addresses and passwords we identified were taken previously from other third party websites, and not directly from Moonpig.com."

"This data was then used to access the account balances of some of our Moonpig.com customers. As a reminder, we do not store full credit card information ourselves so this data was not accessible in any event.”

Moonpig  has contacted affected customers, and advised  them to  reset their passwords and ensure that they are not reusing the same passwords anywhere else on the net

United States Census Bureau hacked by Anonymous hacktivists


A group of cyber activists who refer to themselves as 'Anonymous' have taken full credit for a cyber attack on a US Government website, which has led to a leak of several employee data.

Anonymous has taken credit for hacking the United States Census Bureau website and have published the data which includes names, telephone numbers, email addresses, addresses and the ranks of employees within the US Government. The breached and published data also consists of the much difficult but yet not impossible to crack password hashes.

Anonymous claims that the reason behind the hack is the Trans-Pacific Partnership and the Transatlantic Trade and Investment Partnership which stands Numero Uno in the list of priorities for the American administration and claim a progressive reform in the politico-economic platform of the nation, by creating an alliance with the major Atlantic and Pacific nations. Despite of the numerous opposition the twin pact has gathered in this short period of time, Anonymous is the only group that has raised its opposition vocally.

However, the data breach is not one the most feared activities that the government could with at the moment, such as a massive data breach in the Office of Personnel Management; it is nonetheless embarrassing.

The US Census Bureau, in an emailed statement has confirmed the data breach and that a investigation has been initiated by the IT forensics team. The bureau spokesperson has launched a statement that none of the stolen data 'confidential'.

Now a more lucid investigation can only tell if the data that is being published online is a federal threat or not.

British man arrested for allegedly hacking US government networks

Lauri Love, a 30 year old resident of Suffolk has been arrested for allegedly hacking classified networks of the US government.

Mr. Love is accused of hacking Department of Energy, the Federal Reserve, Nasa, the Environmental Protection Agency, the US Army and the US Missile Defense Agency.

The US government has put in an extradition request for Love, who has currently been released on bail. He will undergo an extradition hearing in September.

This is the second time Love has been arrested, his first being in October 2013. The Us government had not sought an extradition request at that time.

The need of infidelity takes a twist on the privacy front


The very popular website among infidels, AshleyMadison.com has faced a huge data breach of user data, that has created a chaos amongst the users as well as the service provider who are being threatened by the hackers to release the information.

The breach was first reported by a blogger, Brian Krebs, who wrote that the main objective of the hackers was to break into the servers to get hold of the customer information, which could be used to threaten the web site to shut down.

The 'Impact Team' as the hackers are referring themselves, have got hold of information that contains profiles of the customers', secret sexual fantasies, credit card transactions, real names and addresses, and employee documents and emails.

Ashley Madison boasts of having 37 million users, who have been attracted to their motto 'Life is Short, Have an Affair'. Now, all the data is threatened to be exposed and the customers are not sure if their decision of having an online extramarital affair was foolproof enough.

Impact team has taken this step after geting upset about the web site's full delete service, that promises to remove every information of the customer on the server for a $19 one-time fee. This feature bagged up $1.7 million back in 2014, however the outcomes were not satisfactory. This was because the users who wanted access to the service were using their credit card to conduct the transaction, thus leaving behind the purchase information including the names and addresses.

The company finally spoke up about the breach and defended the full-delete service by announcing the service to turn free, on Monday afternoon. They have also hired the world's top IT security firm to investigate the breach.

A similar event took place in March, when the dating site adultfriendfinder.com was hacked and vital information was stolen.

So, is it actually viable to provide your personal information that includes sexual priorities and fetishes to dating sites, when the risk of data breach is so legitimate?

NIS official, alleged of operating a hacking software, killed himself

A 45-year-old official of National Intelligence Service (NIS), who was in the charge of implementing and operating a hacking software developed by Hacking team dubbed Remote Control System (RCS), killed himself on July 18, according to a report on ABC.

As per the news report, the man was found dead in his car on a mountain road in Yongin, about 40 kilometres south of Seoul.

According to his suicide note, which was released by the police, the agent, identified only by his surname Lim, deleted relevant records on the NIS computer network before committing suicide

According to police, the man committed suicide after writing a handwritten note in his car giving details of how the NIS had used a controversial hacking software.

Lim wrote in the suicide note that he had insisted the NIS had not spied on South Koreans and apologized for deleting files relating to the software.

"There was no monitoring of people at home. I deleted information that created misunderstandings about our counter-terrorism and covert operations on North Korea ... It was a mistake on my part. But there is nothing to be worried about over any of my actions," he said.

Although, the government and NIS officials have admitted purchasing the software from the Hacking Team, they claimed that it was only used to boost Seoul's cyber warfare capabilities against Pyongyang and not for any domestic monitoring.

“Lee Chul-woo, a ruling party legislator who heads a parliamentary intelligence committee, said Mr Lim had purchased and run the hacking software, which allows users to track smartphones and computers by installing spyware,” the news report read.

Epic Games shut down its website after a hack



Epic Games,  an American video game development company based in Cary, North Carolina, now associate of Chinese Tencent Holdings, has taken down its website after they had discovered it's forums (forums.epicgames.com) were “compromised by a hacker”.

The company is now sending emails to its Epic Games Forum members informing them about that of their forums have been taken offline. 

“We are sorry to report that the incident may have resulted in unauthorized access to your username, email address, password, and the date of birth you provided at registration,” the email reads.

The company has said that there is a possibility of any information stored or sent by its users’ using the forums may have been accessed.

However, the company has not collected or maintained any financial information. It has advised its user to be alert for suspicious email such as phishing attempts.

It has said that when the site reopens, the forum member’s password will be reset.

“If you use the same password on this site which you use on other sites, we recommend immediately changing your password on those sites as well,” the email explained.

It is said that the affected forum site covers UDK, Infinity Blade, Gears of War, Bulletstorm, and prior Unreal Tournament games but the separate forum sites covering Unreal Engine 4, Fortnite, and the new Unreal Tournament were not affected.

“To further understand what’s happened and prevent it in the future, we’re working with a computer security firm to identify the nature of the compromise. We will report further information on the forums when they reopen,” the company explained in the mail.

Edinburgh Council cyber attack, details of more than 13,000 stolen

For the second time in five years, Edinburgh City Council has been hacked again. More than 13,000 email addresses were stolen from the counsel’s database after a “malicious cyber attack” on 26 June.

A spokesman of the council said, “This was a malicious cyber attack on the council’s website which is hosted in a UK data centre. It was dealt with swiftly and at no point were any council services affected.”

“We want to reassure the public the ongoing security of our website is critically important,” he added.

According to a news report published on Edinburgh Evening News, cyber security experts have warned local authorities “don’t stand a chance” against hackers.

“The attack is believed to have taken place on Friday, June 26, with council officials alerted by its data centre provider. No details have been released regarding the source of the attack, which targeted 
the council’s website service provider,” the report read.

The Information Commissioner has been informed of the incident, as has the UK government’s computer emergency response team, which monitors incidents of hacking against the public sector.

The council is now contacting 13,134 individuals who have had their details stolen. Similarly, the city’s director of corporate governance, Alastair Maclean, has been asking them to change any passwords used to access the council’s website.

Napier University cyber security expert Professor Bill Buchanan warned that hackers would be likely to try to use the data in “phishing” scams, which attempt to con victims out of sensitive information like bank details and passwords using bogus e-mails.

“Data like this is worth a lot. It is really quite sloppy to lose that information. Without a doubt, in this case, the intruders could link e-mails to the council in some way. A targeted phishing e-mail could say, in regards to a parking ticket, ‘You contacted us in May, please could you click on this link and give your details. G-mail addresses in particular are quite sensitive because they tend to be the core of your online identity. If an intruder can get into that address, they can access every single account,” Buchanan added.

In December 2011, the personal information of people who had contacted the council’s debt advice service was taken, with potential victims advised to check bank and credit card statements.

Detroit Zoo victim of a data breach


Service Systems Associates,  third-party operator of the  Detroit Zoo was recently the victim of a data security breach.

The credit and debit card information’s were used for purchases at the zoo’s gift shops over a three-month period.

Patricia Janeway, zoo spokeswoman said that “In addition to credit and debit card numbers, the cyber hackers reportedly gained access to card holders’ names, card expiration dates and three-digit CVV security codes.”

After SSA learned of the data breach, they  installed a separate credit card processing system at its retail outlets.

In preliminary forensic  investigation it was revealed that there was a malicious software,  in SSA’s software.

“We are obviously concerned that the vendor’s system was compromised,” said Gerry VanAcker, chief operating officer of the zoo. “Transactions made since June 26 are not affected by the previous break and it is safe to use a credit or debit card at SSA’s retail locations.”

“The zoo’s IT systems -- including those used for ticket and membership sales -- were not affected by the data breach and are secure,” Janeway said.

Up-to-date information has been provided by the vendor at www.detroitzoo.org/Plan/shopping-in-the-zoo.

For additional information visit www.kmssa.com/creditcardbreach/

Hackers behind Canadian security intelligence service

In less than two weeks the Canadian Security Intelligence Service (CSIS) website was temporarily down for the second  time on 29 June.

According to the CTV News reports the latest hit was a denial of service attack. Jean-Christophe de Le Rue, a spokesman for the ministry of public safety and emergency preparedness, said, that the website was temporarily offline and that "no information has been breached. We are taking cyber security very seriously."

The report said, citing sources, several attacks on many Canadian municipal and police websites has been conducted by the person behind the latest attack. A local news website reported that the responsibility for the attack was claimed by a person using the Twitter account @TWITRis4tards. However, authorities have not confirmed the identity of the hacker.

The main motive behind the attack is unknown but it is suspected that hacker tried to  drive the attention of the authorities toward Bill C-51, which gave the Canadian government power to intervene and stop "violent Islamic jihadi terrorists" supporting the Islamic State group.

Many government websites, including ServiceCanada.gc.ca and Parl.gc.ca, were attacked, for which the Anonymous group claimed responsibility. However,  sources told CTV News that this time the person was working alone, unlike previous attacks.

Penn State University Becomes Victim To Yet Another Cyberattack


Penn State announced that it has detected another cyber attack.  The recent attack has been confirmed by the university on its’s College of Liberal Arts server. 
Penn State has stated that several systems have been compromised by cyberattacks; which have been accounted as two in number by anonymous threats.

FireEye cyber forensic unit, Mandiant has taken over the case and has been trying to investigate and analyse the attacks, that took place on the 4th of May; Seven weeks since then, the university now states that no harm has occurred in regards to the personally identifiable information(PII) or any other research data, since the it had introduced advances cybersecurity measures after the attacks on the College of Engineering servers.

Mandiant’s spokesperson, Nick Pelletier revealed that the attacks took place for the first time in 2014 within a 24-hour time period, while the latter breach was taken into action during March to May in 2015. Mandiant is not sure if the attackers are the same chinese group that attacked engineering.

Nick Jones, vice-president of Penn State in an official statement said that advanced monitoring systems have been introduced into the entire university network with constant support of Mandiant and the the attackers will be soon tracked down.

The attacks in the state university systems have created a threat for federal systems. Where any PII or research data was not compromised, some college-issued usernames and passwords were stolen and accessed. As a result, all the compromised accounts are being renewed and more information can be gathered from http://securepennstate.psu.edu.

LastPass network hacked, is your Password safe?


LastPass, a password manager that saves its users passwords and gives them secure access to them from every computer and mobile devices, has detected an intrusion on its network.

According to the official statement, information including users' email addresses, password remainders, server per user salts, and authentication hashes were compromised.

“In our investigation, we have found no evidence that encrypted user vault data was taken, nor were that LastPass users’ accounts accessed. "  the statement reads.

He added, “We are confident that our encryption measures are sufficient to protect the vast majority of users. It strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side. This additional strengthening makes it difficult to attack the stolen hashes with any significant speed.”

In order to secure its data, the company is taking additional measures. It has asked all the users who are logging in from a new device or IP address first verify their account by email, unless they have multifactor authentication enabled.

According to the notice, emails have been sent to all users regarding the security incident.

“We are working to notify users as fast as possible,” Siegrist said.

Moreover, the company will also be prompting users to update their master password.

“However, if you have reused your master password on any other website, you should replace the passwords on those other websites,” he said.

Though the passwords stored in the vault is not said to be compromised, it is better to change those passwords also- Don't give a chance to hackers.  

Algonquin College server hacked but no information stolen

The information of more than a thousand former students was put at risk when somebody hacked the servers of Algonquin College in Ottawa.

According to college authorities, 1,225 students in the Bachelor of Information Technology and Bachelor of Science in Nursing programs are affected by the data breach.

The college immediately shut down the servers as soon as it became aware about the hack and claims that no data was transferred or taken from the servers.

A cyber team is determining how the attack could have happened and has said that it has found many more intruders in the system.

The college is covering the expenses for credit monitoring services for all those whose information was put at risk due to the hack.

Lithuanian Military Website hacked to post false information

If we had to believe what we saw on Lithuanian Armed Forces website on Thursday morning, then the North Atlantic Treaty Organization (NATO), an alliance of countries from North America and Europe committed to fulfilling the goals of the North Atlantic Treaty signed in 1949, is preparing for the annexation of Kaliningrad, Russia’s seaport city which is sandwiched between Poland to the south and Lithuania to the north and east.

However, Victoria Cemenite, spokesperson at the Lithuanian Defense Ministry, confirmed that the website had been hacked and that the false information has since been removed by the security experts from the National Cyber Security Centre.

And an investigation has been launched.

The ministry said a private company, which provided server for the Army website, is responsible for its maintenance and security.

Baltic country's National Defence Minister Juozas Olekas says that the hacking attack was aimed to harm the reputation of Lithuania and the NATO. Similarly, security measures will be taken to avoid vulnerabilities.    

“We are carrying out an investigation to identify what measures are necessary to avoid such incidents in the future. The contents was provocative and aimed at discrediting Lithuania and NATO," Olekas told journalists on Thursday.

“It is undoubtedly an initiative of people or institutions unfriendly for Lithuania and NATO. Now, both the sides are improving, hackers and institutions in charge of cyber security. It will be a good lesson for future considerations of additional security measures.”

iiNet urges its Westnet users to change their password after an alleged hack of customer database


iiNet, Australia's’ second largest internet service provider, has urged its more than 30,000 Westnet internet users to change their passwords after a hacker claimed to have gained access to the customer database and put them on sale.

According to a tweet posted by Cyber War News, the unknown hacker claimed to have hacked important details of the customers like passwords, email-addresses, telephone numbers etc.

He is now offering to ‘sell or trade’ Westnet's customer database.

However, he has not mentioned any rate for the information.

Matthew Toohey, chief information officer at iiNet, told Mashable Australia that the hack, which could be an unauthorized access to old customer information stored on a legacy Westnet system, was under investigation and had been reported to law enforcement agencies.

"iiNet takes the privacy and security of customer information extremely seriously," he said. "The 30,827 impacted customers are being contacted with a recommendation they change passwords associated with their accounts as this is the most effective way to ensure security. As a precaution, additional steps have been taken to increase the monitoring of impacted accounts."

The system is now offline.

Arizona’s department website shuts down after hacking attack


One after another, Middle East Cyber Army, a hacking group, is attacking government websites of various countries.

After Myanmar’s Ministry of Mines, the hacker group has hacked the website of Arizona’s Department of Weights and Measures’. As a result, the website has been shut down for the last one week.

The hackers left a message on the website, “Hacked by Middle East Cyber Army” and slogans like such as, “In Allah we trust. For Allah we work. Death to Israel. Free Palestine. Jerusalem is ours” along with a masked figure in front of the Dome of the Rock.

Andy Tobin, director at the department, confirmed that the department’s website was hacked on Sunday.

Today, the department’s website is still down for maintenance.

“The web-site you were attempting to access is currently undergoing maintenance activities. We apologize for the inconvenience. Please retry again later. Thank you for your patience,” the website read.

According to Tobin, soon after they got to know about the hacking attack, they shut down their website and database.

He said that the agency got its backup database running on Tuesday so its investigators can continue their work.

Tobin said the agency is investigating the matter collaborating with the Arizona Department of Administration. Similarly, they have also informed the U.S. Department of Homeland Security about the hacking attack.

The department is still trying to sort out the issue. It has yet to be determined whether the department to resume its website or shift its components over to the Arizona Department of Agriculture, which is scheduled to take over many of the department’s duties next year.

The hacking group had hacked many other websites like in December the group hacked the website for a school district in Little Rock, Ark. It took over the website for the small Quebec town of Terrasse-Vaudreuil in January. Similarly, in May, it targeted Auckland University in New Zealand. And in April, it hacked Art and Sol, a Scottsdale-based performing arts program for children.

Pro Syrian group hacked US Army's official website

 
The US Army's official website was hacked  by the "Syrian Electronic Army", and posted a message on its twitter account, criticizing the training of rebel fighters inside Syria.

According to the army officials, no personal or classified data has been stolen. The army has decided to temporarily shut down the website.

One of the messages reads as, "Your commanders admit they are training the people they have sent you to die fighting."

This pro-Syrian group has been blamed for various hacking and denial of service attacks of  numerous news media sites, including the Twitter account of AFP's photo service.

Army spokesman Brigadier General Malcolm Frost said in a statement, "Today an element of the Army.mil service provider's content was compromised. After this came to our attention, the Army took appropriate preventive measures to ensure there was no breach of Army data by taking down the website temporarily."

This is not the first time they have hacked website, in 2013 they created confusion in the stock market briefly by putting  out a fake media tweet falsely claiming the White House was under attack.

But officials said “It was possibly the first time a US military website had been penetrated, as previous hacking had targeted Twitter accounts.”

China blamed for Security breach at OPM, affects current and former federal employees


 
The computer system of the Unites State’s Office of Personal Management was hacked by the  Chinese hackers. They  will send notifications to approximately 4 million individuals whose personal data including personally identifiable information (PII) may have been compromised.

OPM detected a cyber-intrusion affecting its information technology (IT) systems and data in April 2015. The  hackers used the tougher security controls to intrude.

The U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) and the Federal Bureau of Investigation (FBI)  are investigating the full impact to Federal personnel.

After the intrusion additional network security precautions has been added  by the OPM. These includes: restricting remote access for network administrators and restricting network administration functions remotely; a review of all connections to ensure that only legitimate business connections have access to the internet; and deploying anti-malware software across the environment to protect and prevent the deployment or execution of tools that could compromise the network.

Credit monitoring and identify theft insurance, and recovery services are offered by OPM to  potentially affected individuals through CSID®, a company that specializes in these services.

“Protecting our Federal employee data from malicious cyber incidents is of the highest priority at OPM,” said OPM Director Katherine Archuleta. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”

This hack was second major intrusion by China in less than a year, and largest breach of federal employee data in recent years.

“China is everywhere,” said Austin Berglas, head of cyber investigations at K2 Intelligence and a former top cyber official at the FBI’s New York field office. “They’re looking to gain social and economic and political advantage over the United States in any way they can. The easiest way to do that is through theft of intellectual property and theft of sensitive information.”

Open garage doors within ten seconds with a hacked kid’s toy


Most of us may find it hard to believe that a hacked kid’s toy can open a garage door in less than ten seconds. However, a security researcher has discovered a new tool, which he dubbed OpenSesame, an app for hacked IM-ME texting toys that can open millions of fixed-code garage doors in less than a minute.

Samy Kamkar claims that the toy can open any garage door that uses an insecure “fixed code” system for its wireless communication with a remote.

The researcher reprogrammed the children’s toy, which is designed for short-distance texting called Radica Girl Tech IM-me.

Moreover, the toy (remote control) is in ‘pink’ color which is Kamkar’s favorite color.

With a fixed code garage door opener, the remote control always transmits the same 8 to 12-bit binary code. For a 12-bit code, there are 4,096 possible combinations strings of 1s and 0s.

The fact that openers’ fixed-codes can be cracked through brute-force is a known issue, but doing so was believed to take longer. A typical clicker resend the same code 5 times, with a transmission time of 2 milliseconds per bit and an additional wait time of 2 milliseconds between each bit.

The researcher has calculated that the process to repeat through all possible combinations for 8, 9, 10, 11 and 12-bit codes would take 29 minutes.

However, he found out that to re-transmit the same code 5 times is unnecessary. Once he removed all the unnecessary bits, the researcher noticed that the time needed to brute-force a fixed garage door opener code was reduced to 3 minutes.

In order to reduce the time, Kamkar discovered that the first n bits in the string can be 8, 9, 10, 11 or 12, depending on which code length is expected. For example, if the expected length would be 3 bits and the opener would receive a 101011 sequence, it would first try 101, then 010, then 101 and so on.

As per his findings and based on the formula of Dutch mathematician Nicolaas Govert de Bruijn, Kamkar developed a De Bruijn sequence which includes each combination of bits only once.

“OpenSesame implements this algorithm to produce every possible overlapping sequence of 8-12 bits in the least amount of time,” Kamkar said. “How little time? 8.214 seconds.”

However, there are now, new types of garage door openers which use Intellicode, which are not vulnerable to the attack.

“Vulnerable products are still sold by some manufacturers and many discontinued ones are likely still in use,” the researcher said.

There is proof-of-concept code for his attack which he published on GitHub, but the code is intentionally incomplete to avoid abuse by criminals.

“It almost works, but just not quite, and is released to educate,” he said. “If you are an expert in RF and microcontrollers, you could fix it, but then you wouldn’t need my help in the first place, would you.”

Japan Pension System hacked, millions of personal data leaked

 The personal data of more than one million Japanese citizens have been obtained by hackers, Japan Pension Service (JPS), an organization which manages Japan’s universal public pension system, said on Monday.

Toichiro Mizushima, president of Japan Pension System, told in a news conference that the Japan Pension Service staff computers were accessed by an external email virus, which led to the leak of almost 1.25 million cases of personal data.

During the conference, he apologized for the leak. He said that the combinations of names, identification numbers, birth dates and addresses of the Japanese citizens had been compromised.

“The organization is setting up a team to investigate the cause and prevent a recurrence,” Mizushima said.

According to a news report broadcasted on NHK public television, Abe said, "These are the people's vital pensions. I have instructed Health and Welfare Minister (Yasuhisa) Shiozaki to consider the pension recipients and do everything possible,"

Shiozaki also apologized in the conference for failing to prevent the personal data from the hackers. He had instructed the Japan Pension Service to set top priority on protecting the public's pensions.

Copart.com hacked, requests all members to change passwords


Copart, a Texas-based company which provides online vehicle auction and remarketing services, is urging its member to change their password for their Copart.com account after the company discovered that an authorized person gained access to its computer network.


“As part of our efforts to address the problem, the Copart is requiring all members to change the password for their Copart.com account,” Sean Eldridge, senior vice-president & chief operating officer at the Copart, wrote in a letter.


“If you have not already recently been required to reset your password, simply sign into your Copart account and go to the Change Password option under the My Account tab. Also, if you use the same username and password for any other account, we recommend that you change your password there as well,” he added.

On 31 March 2015, when the company identified that the unauthorized person accessed to its network, the company immediately worked to block any further unauthorized access.

A leading cyber-security firm has been hired for the investigation. It helps the company to help determine what had happened to the company’s system and to assists in implementing enhanced security measures.

“Based on the investigation, we determined that the unauthorized person may have accessed the member’s name, address, driver’s license number, telephone number, e-mail address, and the username and password for their Copart.com account,” said Eldridge.

In order to protect, the company has recommended its members to remain vigilant by reviewing their account statements and credit reports for any unauthorized activity.

Similarly, the members can also get a copy of their credit report, free of charge, in every 12 months from each of the three nationwide credit reporting companies: Equifax, Experian and TransUnion.

According to the letter, in order to order the free credit report, the members should visit www.annualcreditreport.com or call toll free at 1-877-322-8228.

Eldridge said that if any member believed that his/her personal information has been misused, he/she should immediately contact the Federal Trade Commission and/or the attorney general’s office in respective Home State.