1-15 March 2014 Cyber Attacks Timeline

Paolo Passeri

http://hackmageddon.com/2014/03/31/1-15-march-2014-cyber-attacks-timeline/

Excerpt:

“Even if globally the number of attacks seems to keep on its decreasing trend, one event in particular will probably be remembered in the chronicles of 2014: definitely the breach to KT Corp. in Korea (12 million customers compromised) deserves a special mention (despite this is not the only one in this first half of the month), even if, apparently, the authors have been immediately busted.”

 


How a Chinese Tech Firm Became the NSA’s Surveillance Nightmare

 

Kim Zetter

http://www.wired.com/2014/03/how-huawei-became-nsa-nightmare/

Excerpt:

“The NSA’s global spy operation may seem unstoppable, but there’s at least one target that has proven to be a formidable obstacle: the Chinese communications technology firm Huawei, whose growth could threaten the agency’s much-publicized digital spying powers.”

 


Twelve Really Useful Links You Need to Know to Stay Safe on the Internet

 

v.laurie

https://www.techsupportalert.com/content/twelve-really-useful-links-you-need-know-stay-safe-internet.htm

Excerpt:

“Want to be safe on the Internet? Here is a collection of articles that will help you understand the tricks and tactics used by malware writers and that explain how to set up some powerful computer defenses. Read these and you will be well prepared to protect your computer against hackers and cyber criminals.”

 


25 Million 'NAVER' Accounts Breached using Stolen Data

 

Sudhir K Bansal

https://thehackernews.com/2014/03/25-million-naver-accounts-breached.html

Excerpt:

“A 31-year-old South Korean has been recently accused by the police for the allegation of infiltrating and hacking the accounts of 25 million users of Naver, one of the popular search portal in South Korea. On Wednesday, the Asian National Police Agency revealed that the suspect purchased the private information of 25 million users, including names, residential numbers, Internet IDs and passwords from a Korean-Chinese, back in August last year, Korea Herald reported.”

 


Hackonomics: 'Cyber Black Market' more profitable than illegal drug trade

 

Violet Blue

http://www.zdnet.com/hackonomics-cyber-black-market-more-profitable-than-illegal-drug-trade-7000027729/

Excerpt:

“RAND Corporation's newest report tells us the black market for cybercrime, a "varied landscape of discrete, ad hoc networks of individuals motivated by ego and notoriety, has now become a burgeoning powerhouse of highly organized groups, often connected with traditional crime groups (e.g., drug cartels, mafias, terrorist cells) and nation-states."

 


Two Ukrainians and One American Charged for Role in Global Cybercrime Operation

 

Eduard Kovacs

http://news.softpedia.com/news/Two-Ukrainians-and-One-American-Charged-for-Role-in-Global-Cybercrime-Operation-432716.shtml

Excerpt:

“Three men have been charged with conspiracy to commit wire fraud, conspiracy to commit access device fraud and identity theft, and aggravated identity theft. They’re believed to be part of an international cybercrime operation that targeted financial institutions and other major organizations in the Unites States.”

 


Malaysia Airlines Flight 370 News Used To Spread Online Threats

 

Rika Joi Gregorio

https://blog.trendmicro.com/trendlabs-security-intelligence/malaysia-airlines-flight-370-news-used-to-spread-online-threats/

Excerpt:

One involves a fake video about this flight, which we believe is spreading via email. The video is supposedly a five-minute clip about MH70 named Malaysian Airlines MH370 5m Video.exe. In reality, it is a backdoor detected as detected as BKDR_OTOPROXY.WR. As is the case with most backdoors, this malware allows a remote attacker to execute various commands on the system, including downloading and running files from its servers  and collect various system information.”

 


Google’s Public DNS Hijacked for 22 Minutes

 

Eduard Kovacs

http://news.softpedia.com/news/Google-s-Public-DNS-Hijacked-for-22-Minutes-432502.shtml

Excerpt:

“The attackers hijacked the 8.8.8.8/32 DNS server for approximately 22 minutes. According to BGPmon, networks in Brazil and Venezuela were impacted. A screenshot published by the company shows that the traffic was redirected to BT Latin America’s networks.”

 


8 Ways to Improve Wired Network Security

 

Eric Geier

http://www.cio.com/article/749810/8_Ways_to_Improve_Wired_Network_Security

Excerpt:

“Network World — We sometimes focus more on the wireless side of the network when it comes to security because Wi-Fi has no physical fences. After all, a war-driver can detect your SSID and launch an attack while sitting out in the parking lot.”

 


Cybercriminals Tell Users They Might Have Cancer to Trick Them into Installing Malware

 

Eduard Kovacs

http://news.softpedia.com/news/Cybercriminals-Tell-Users-They-Might-Have-Cancer-to-Trick-Them-into-Installing-Malware-431968.shtml

Excerpt:

“Cybercriminals have hit a new low. They’re telling users they might have cancer just to trick them into installing a piece of malware on their computers.”

 


The Smart Car Will Be Hacked

 

Selena Larson

https://readwrite.com/2014/03/13/smart-car-hacks-vulnerability-security#awesm=~oA9fjR54xbL4YA

Excerpt:

“Connected cars are computers on wheels, and before long they'll do most everything our phones and tablets do now—store personal data, finalize transactions, play games. Oh, and catch viruses and other malware."

 


Harvard Law National Security Journal Hacked, Abused to Promote Rogue Pharmacies

 

Eduard Kovacs

http://news.softpedia.com/news/Harvard-Law-National-Security-Journal-Hacked-Abused-to-Promote-Rogue-Pharmacies-431767.shtml

Excerpt:

“The website of the Harvard Law School National Security Journal (harvardnsj.org) has been compromised. The attackers are abusing the site to promote various rogue pharmacies.”

 


Hackers Can Steal Private WhatsApp Chats with Other Android Apps

 

Eduard Kovacs

http://news.softpedia.com/news/Hackers-Can-Steal-Private-WhatsApp-Chats-with-Other-Android-Apps-431783.shtml

Excerpt:

“A security consultant has uncovered a security hole in WhatsApp, the instant messaging platform recently acquired by Facebook. The flaw can be leveraged to gain access to the private chats of Android device owners.”

 


Twitter Account of Adviser to Turkish Prime Minister Hijacked by Hacktivists

 

Eduard Kovacs

http://news.softpedia.com/news/Twitter-Account-of-Adviser-to-Turkish-Prime-Minister-Hijacked-by-Hacktivists-431799.shtml

Excerpt:

“The official Twitter account of Mustafa Varank, one of the top advisers of Turkish Prime Minister Recep Tayyip Erdoğan, has been hijacked by hacktivists.”

 


66% of Top UK e-Commerce Websites Allow Users to Set Weak Passwords

Eduard Kovacs

http://news.softpedia.com/news/66-of-Top-UK-e-Commerce-Websites-Allow-Users-to-Set-Weak-Passwords-431647.shtml

Excerpt:

“After examining the password policies of the top 100 e-commerce websites in France and the United States, Dashlane has also reviewed the most popular sites in the United Kingdom. Internet users will often set weak passwords such as “123456” or “password” because they’re easy to remember. The worst part is that they use the same password for all their online accounts.”

 


Statista Says Around 50,000 Users Are Impacted by Data Breach

Eduard Kovacs

http://news.softpedia.com/news/Statista-Says-Around-50-000-Users-Are-Impacted-by-Data-Breach-431397.shtml

Excerpt:

“On Saturday, we learned that statistics company Statista suffered a data breach. The company has responded to my inquiry about the incident and provided additional details. It turns out that roughly 50,000 users are impacted by the data breach. The incident was discovered after spam emails started landing in email addresses that were used by the company only internally.”

 


Hospital hit by screen-grab Trojan that attempted to steal 5,400 patient records

John E Dunn

http://www.csoonline.com/article/750047/hospital-hit-by-screen-grab-trojan-that-attempted-to-steal-5-400-patient-records

Excerpt:

“A US hospital has admitted suffering a mysterious malware attack that grabbed screenshots containing the personal data of 5,400 patients from hospital PCs before hiding them in an encrypted folder for probable transmission to criminals. In a statement, the small Valley View Hospital in Glenwood Springs Colorado said that it had discovered the attack in January 2014, after which a third-party forensics firm identified the malware as a screen grabber that stored the data in an encrypted cache.”

 


Abortion service to appeal against £200,000 fine over hacked website

Sarah Boseley

http://www.theguardian.com/world/2014/mar/07/abortion-service-website-hacker-information-commissioner-fine

Excerpt:

The UK's main abortion provider is to appeal against a £200,000 fine imposed after an anti-abortion campaigner hacked its website and accessed the names and telephone numbers of thousands of women requesting advice. The hacker threatened to publish the names and addresses of women using the British Pregnancy Advisory Service, but was prevented by a court injunction. He was sentenced to 32 months in jail.”

 


Skype-based malware shows how 'peculiar' malicious code can be

Ellen Messmer

https://www.networkworld.com/news/2014/030614-skype-malware-279474.html

Excerpt:

“Malware often does strange things, but this one -- which looked like Skype installed on a corporate domain controller -- was most "peculiar," says Jim Butterworth, a security expert at ManTech International, whose security subsidiary HBGary recently found the custom-designed remote-access Trojan on a customer's network.”

 


Two People Arrested for Hacking into KT Corp, Stealing Details of 12M Users

Eduard Kovacs

http://news.softpedia.com/news/Two-People-Arrested-for-Hacking-into-KT-Corp-Stealing-Details-of-12M-Users-430929.shtml

Excerpt:

“South Korean police have arrested a couple of individuals suspected of hacking into the systems of KT Corp, one of the country’s largest telecom companies. According to CNN, a man named Kim is said to have hacked into KT Corp’s systems, stealing the personal details of 12 million customers. The stolen data included bank details, addresses and employment information.”

 


Computers of armed forces and DRDO hacked

http://articles.economictimes.indiatimes.com/2014-03-06/news/47970914_1_security-breach-classified-work-computers

Excerpt:

“In a major security breach, around 50 computers belonging to the armed forces and the DRDO were hacked sometime back and classified files could have been compromised.”

 


Man guilty of "fixing" women's computers to spy on them via webcam

Lisa Vaas

http://nakedsecurity.sophos.com/2014/03/05/man-guilty-of-fixing-womens-computers-to-spy-on-them-via-webcam/

Excerpt:

“A 30-year-old London man has been found guilty of fiddling with three women's computers so he could spy on them through their webcams. After a week-long trial, which police said had followed a "complex and protracted investigation that involved detailed examination and evaluation of computer files", Andrew Meldrum was convicted of three counts of unauthorised access to computer material and two counts of voyeurism.”

 


Scareware pusher loses appeal against epic $163 million fine

 

John Hawes

http://nakedsecurity.sophos.com/2014/03/03/scareware-pusher-loses-appeal-against-epic-163-million-fine-poll/

Excerpt:

“The US Federal Trade Commission (FTC) is celebrating what it calls a "huge victory for consumers", after an appeal court threw out an attempt to overturn a massive fine imposed on Kristy Ross, a former representative of scareware marketing firm Innovative Marketing Inc. (IMI) which pushed fake security products such as WinFixer and XP Antivirus.”

 


Is Uroburos the First Known Russian Cyberweapon?

 

http://www.infosecurity-magazine.com/view/37206/is-uroburos-the-first-known-russian-cyberweapon/

Excerpt:

“At a time of heightened tension between Russia and the West over Ukraine, a German security firm describes a sophisticated rootkit that it suggests may have been developed by Russian intelligence services. Named after a string found in the code, Ur0bUr()sGotyOu#, the Uroburos malware is thought to target governments, research institutes and major corporations.”

 


Government spying tools will worsen Internet security: experts

 

Joseph Menn

http://www.reuters.com/article/2014/03/03/us-cybersecurity-governments-idUSBREA2228K20140303

Excerpt:

“Electronic spying tools used by the U.S. government could end up in the hands of organized criminals and hackers, further eroding Internet security, warned industry leaders who called for new restrictions and oversight of government activity.”

 


Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping

 

 

Dan Goodin

http://arstechnica.com/security/2014/03/critical-crypto-bug-leaves-linux-hundreds-of-apps-open-to-eavesdropping/

Excerpt:

“Hundreds of open source packages, including the Red Hat, Ubuntu, and Debian distributions of Linux, are susceptible to attacks that circumvent the most widely used technology to prevent eavesdropping on the Internet, thanks to an extremely critical vulnerability in a widely used cryptographic code library.”

 


Ukraine hit by cyber attacks

 

http://www.itnews.com.au/News/374052,ukraine-hit-by-cyber-attacks.aspx

Excerpt:

“Ukraine's telecommunications system has come under attack, with equipment installed in Russian-controlled Crimea used to interfere with the mobile phones of members of parliament, the head of Ukraine's SBU security service said"