 |
****NEWS FLASH****
19 November, 2022Get the best and latest techniques to secure your systems here perhaps? https://www.sans.org/cyber-security-training-events/japan-november-2022/
31 October, 2022BIGGEST Roblox Halloween hacker is coming...according to a Youtube video - no one seems to be taking this seriously though because it is just a game (just sonme fun?) What is not so much fun is other Halloween attacks
25 October, 2022New York Times - Fake Headlines by Hackers. Hackers manage to post fake offensive headlines about key US politians in the New York Post - see the more detailed New York Times article on this Blog.
11 October, 2022Email Redirections and account takeovers possible from Hidden DNS (domain name system) resolvers A type of cache poisoning attack is possible with closed resolvers. Researchers say it might be possible for external attackers to take advantage of the functionalities of web applications to infiltrate closed resolvers. This has to do with closed resolvers and spam protection processes. They found that attack reconnaissance is possible by exploiting how closed DNS resolvers interact with spam protection mechanisms on the open internet. This could help an attacker understand DNS security features such as DNSSEC, IP fragmentation, source port random generation as well asregistration, password-reset, newsletters in web apps that use closed resolvers. Static source ports seem to be the key vulnerability here.
September, 2022Australian Telco had a massive data breach which compromised 10 Million people's personal data by an attacker in September 2022. A cyber hacker shared samples of the data they had breached in an online forum and said they would release all of the data if a $USD 1M wasnt paid. They chatted with a reporter about how accessible the data was for anyone to access from telecommunications firm Optus. They later retracted their statement about a ransom with an apology and recalled the data after they had leaked at least 10,000 records already to potential criminals - see the more detailed Optus article on this Blog.
September, 2022Uber is probing claims its systems have been compromised by an attacker in September 2022. The cyber attacker offered substantiation that they had successfully violated numerous of the lift- participating app company’s internal networks by posting a variety of screenshots and boasting about their exploits to the media and security experts. The hacker claimed that they simulated an employee to gain access to Ubers VPN credentials. This compromised access subsequentially allowed them to hack into its network and checkup Uber’s intranet. Uber appears to have confirmed that such a breach could be possible on the 3rd party platform they use.
7 July, 2022North Korean Government Deloys Randsomware attack on Healthcare North Korea’s nationally sponsored hackers have targeted the health care sector with ransomware, the US government agencies said on Wednesday, warning of further potential ransomware cyberattacks. The the US Treasury Department, FBI and Cybersecurity and Infrastructure Security Agency issued a joint cybersecurity advisory to alert those who manage OT infrastructure in the healthcare sector about ransomware threats so they can prioritise mitigating and preventing North Korean ransomware attacks. This is probably not concidential that US and South Korea have been more active in the saber rattling with the latest contingent of stealth fighters doing exercises of the Korean peninsular.
22nd of June, 2022Cyber Attack suspected for sparking a War? The Israel National Cyber Directorate (INCD) stated on Monday morning that a cyberattack is most likely to blame for the false rocket warning sirens that went out in Jerusalem and Eilat on Sunday evening. By Monday, there was widespread speculation that Iran was the hacker, and numerous cyber specialists expressed this view in interviews regarding the likelihood of Iranian involvement. A diplomatic source claimed that it was still unclear whether the strike originated in the Islamic Republic. --------------------
Ransomware Attack on Final Exams in the United States: Last week, Public Schools in New Jersey discovered ransomware had encrypted data on certain computers on the district's network, forcing exams to be cancelled and schools to return to paper, pencils, and overhead projectors.--------------------
10th of June, 2022 Ukrainian hackers take vengeance on a Russian radio station that was broadcasting the national anthem.: The noon bulletin of the targeted radio which is a radio offshoot of the Kommersant newspaper, was disrupted by the hackers. According to BBC Monitoring correspondent Francis Scarr, the radio station played the Ukrainian national anthem. In a second incident, the Russian Ministry of Construction, Housing, and Utilities website was purportedly hacked, with a "Glory to Ukraine" sign in Ukrainian appearing while searching for the site on the internet.--------------------
10th of June, 2022 Attacks on the Vice Society ransomware: On Monday, the authorities acknowledged the seriousness of the event and indicated that all systems had to be brought offline to mitigate the damage, predicting that the outages would continue a few more days.--------------------
10th of June, 2022 Hacktivists in Russia have launched espionage attacks on NATO. : Cyber Spetsnaz, a new hacktivist group, has been targeting NATO infrastructure. With a team of skilled penetration testers, OSINT specialists, and hackers, Cyber Spetsnaz launched its first division, Zarya, in April. Is it possible that this is state-sponsored?--------------------
10th of June, 2022 MyEasyDocs on Azure exposes Indian and Israeli students' personal information: A misconfigured Microsoft Azure server discovered by vpnMentor's IT security researchers, led by Noam Rotem, exposed 30GB of personal and educational records of tens of thousands of students from India and Israel. Another unrelated breach this month exposed the data of over 30,000 students, including full names, email addresses, and phone numbers, as well as payment card information, transaction and purchased meal details, and login information stored in plain text in another location.--------------------
10th of June, 2022 Anti-malware was disabled in a cyberattack on Japanese hospitals, as well as a data breach at a hospital in the United States: According to a report published in June, a cyberattack on a hospital in Tokushima Prefecture occurred in October when a firm disabled anti-virus software on the hospital's computers. That reminds me of a data breach at the Waikato Hospital in New Zealand earlier this year, which caused major disruptions. After hackers infiltrated their network and stole data, Shields Health Care Group (Shields) experienced a data breach that exposed the personal information of about 2,000,000 persons in the United States. --------------------
•June 2022 Costa Rica – an attack by Conti ransomware Lapsus$ group is reeking havoc Cryptocurrencies have been hacked Marriott data breach (again)
• 9 June 2022 After a hacker stole $113 million, a decentralised cryptocurrency exchange has gone offline. According to Foudres, a blockchain analyst, the hacker took roughly 1,650,000 EGLD, the Elrond network's native coin, valued at around $113 million at the time of the attack. Who said cryptography was impenetrable?--------------------
8th of June, 2022 Two online gun shops in the United States were hacked in order to steal credit cards. The Skimmer operators acquired access to credit card information including personal identification information at a time when the USA is talking about tighting up on gun legislation. If skimmers can access and alter personal information at gun stores, what sort of real security will there be?-------------------->
Other News: In Australasia - merely stumbling into the backend of a network or website/device without permission could lead to 2 years jail!: It is a crime in certain Australasian countries in the Crimes Act to access a computer system without authorisation. That includes all unauthorised or non pre-arranged access into websites, devices, networks, IOT etc. whether for good or bad purposes. The penalty can be up to 2 years in jail - for merely access the unauthorised network. One recent example which could have gone to court was when one Government carelessly released their budget on a private website, pre-budget night but it got tracked on google and therefore people accessed it, probably knowing that they ought not to be accessing it. Those who accessed the site where not prosecuted in this case, but in theory the law is so loosely worded that they could have been had the Police wanted to make arrests and then the case could have been tried and tested in court. The questions one might still have are: 1) what is defined as a computer system? 2) Can a noob hack quite happily as long as they dont gain access? (since there is no law about hacking). What if they never gain access and they suddenly realise that they are about to gain access to a computer system and then stop? 3) What if the owner of the system is informed of the successful hack at the point of the access and a report is provided? - would they not praise instead of pursue legal action against a cyber security expert if the target was provided with full details of the vulnerability? 4) If the attack was performed by a minor using a Raspberry pi on Public Wifi - would legal action against a minor really be worth pursuing? 5) What if the accessing of a computer system occured outside of the Australasian country and against a clandestine regime or criminal organisation? - would a prosecution really take place against the hacker by an Australasian Government?--------------------
Parrot is the up and coming hacker instrument of choice - move over Kali Linux! In the fast paced world of cyber crime, new techniques and developments always keep us on our toes. The emergence of Parrot as a programming language is proving it can give Kali Linux - the mainstay of hackers, a run for its money. According to Avast - IN March 2022, Parrot TDS, manipulated malicious JavaScript code to infected more than 16,500 websites, across the board. The key thing in common with the severs that werre impacted by this malware was that many hosted poorly secured content management systems, mainly on WordPress, with bareley passable login credentials. The prime victims appeared to be those with a lower level of security as opposed to other vulnerabilities or value. Unlike previous malicious DTS such as Prometheus, Parrot has much greater reach. Avast purports that Parrot TDS is believed to have been in operation since October 2021, with heightened levels of activity observed in February and March 2022. Victims in the latest attacks appear to have mainly been in Brazil, India, USA, Singapore, Indonesia, Thailand, Philippines, Argentina, Mexico, France, Pakistan, and Russia. Backdoors are the primary means of entry for these attacks and they are typically extremely hard to detect and irradicate, though clearly Avast is picking them up. Websites infected with Parrot DTS are manipulated by SocGholish to initiate a drive-by-download attack. The JavaScript code displays a fraudulent yet authentic-looking software update page, e.g. Google Chrome, to trick users into clicking the malicious link. Once clicked, Parrot DTS, via a malicious PHP script compiled into the compromised web server, filters users based on various criteria, such as IP address, user agreement, referrer, and cookies. The requests of users who are deemed to be of interest are then forwarded to the command and control server under the attacker's control. Then, the malicious PHP script allows attackers to perform arbitrary code execution on the compromised servers creating the insidious backdoor for more convenient access to the victim's precious data.
Photo attribution: Photo by Nahel Abdul Hadi https://unsplash.com/s/photos/hacking?utm_source=unsplash& https://unsplash.com/es/@nahelabdlhadi?utm_source=unsplash&utm_medium=referral&utm_content=credit
0 Comments