Tag: hacker

By Roger Bambino for Tech JaJa

Dr. Bright Gameli Mawudor heads the Cyber Security Service Team at Internet Solutions. He recently bumped into some MultiChoice credentials on the open Internet as he was giving a live demo at a conference.

Dr Gameli is also the co-founder of AfricaHackOn and was giving a speech at a recent MyBroadband CyberSec Conference, where he revealed that the DStv hack was more less accidental and uncovered a text file full of MultiChoice credentials on a misconfigured web server in the middle of a live demo.

He told MyBroadband that he was demonstrating a technique known as Google Dorking. This involves using Google’s highly technical search operators to find information people didn’t imagine would be found on the open Internet. To put this in context, many people put a lot of information on the internet including ripped media series for download on Internet-connected servers, which Google eventually crawls and indexes.

As he was trying to demonstrate how easy it was to find credentials for streaming services like Netflix and Hulu with a Google search, Mawudor thought he could do the same for DStv.

“Nobody knew what happened, I took it off quickly. I didn’t want anybody to see. Later I went to analyse the details,” Mawudor said.

Being an ethical hacker, Mawudor chose not to misuse the information he found as it would have done tremendous amount of damage to DStv’s business.

“I would have been able to use those credentials to log into the monitoring of live [sports] matches that were going on, [or] into the VPN and into the internal network,” he said.

He would have used this data to shut down systems, or changed live broadcasts if he so wished. While advising companies in regards to security Mawudor said:

“Organisations need to go beyond occasional penetration testing and do vulnerability management — frequently doing an assessment of all your systems, networks, and appliances to make sure they always screened for the latest vulnerabilities.”

By Emma Beswick for EuroNews

Anonymous hackers have brought the US city of Baltimore to its knees by seizing control of government computers, demanding bitcoin in return for releasing their hold over the systems.

A ransomware attack was discovered on May 7, with the city taking down online systems and services in an effort to contain it.

While the attack took place two weeks ago, the city’s mayor, Bernard Young, is refusing to pay the requested sum, leaving officials unable to process parking tickets among other administrative functions.

He warned that it could take months for normal service to be resumed.

“Like any large enterprise, we have thousands of systems and applications. Our focus is getting critical services back online, and doing so in a manner that ensures we keep security as one of our top priorities throughout the process,” Young said in a statement.

The city’s emergency services have not been affected.

The hackers demanded 13 bitcoins — worth around R1,4-million — to remove the file-locking virus, according to a ransom note obtained by the Baltimore Sun.

“We’ve (been) watching you for days and we’ve worked on your systems to gain full access to your company and bypass all of your protections,” it read. “We won’t talk more, all we know is MONEY! … Hurry up! Tik Tak, Tik Tak, Tik Tak!”

The city remained unable to send or receive emails at the time of writing.

A similar cyber attack hit Atlanta last year, according to NBC, costing millions to recover damage, while Greenville in North Carolina was targetted in April.

As many as 25 local governments have been attacked by hackers this year, the media added, citing analysts.

 

 

WhatsApp is hacked

Source: BBC

WhatsApp has confirmed that a security flaw in the app let attackers install spy software on their targets’ smartphones.

That has left many of its 1.5-billion users wondering how safe the “simple and secure” messaging app really is.

On Wednesday, chip-maker Intel confirmed that new problems discovered with some of its processors could reveal secret information to attacks.

How trustworthy are apps and devices?

Was WhatsApp’s encryption broken? No. Messages on WhatsApp are end-to-end encrypted, meaning they are scrambled when they leave the sender’s device. The messages can be decrypted by the recipient’s device only.

That means law enforcement, service providers and cyber-criminals cannot read any messages they intercept as they travel across the internet.

However, there are some caveats.

Messages can be read before they are encrypted or after they are decrypted. That means any spyware dropped on the phone by an attacker could read the messages.

What is encryption?
On Tuesday, news site Bloomberg published an opinion article calling WhatsApp’s encryption “pointless”, given the security breach.

However, that viewpoint has been widely ridiculed by cyber-security experts.

“I don’t think it’s helpful to say end-to-end encryption is pointless just because a vulnerability is occasionally found,” said Dr Jessica Barker from the cyber-security company Cygenta.

“Encryption is a good thing that does offer us protection in most cases.”

Cyber-security is often a game of cat and mouse.

End-to-end encryption makes it much harder for attackers to read messages, even if they do eventually find a way to access some of them.

What about back-ups?
WhatsApp gives the option to back up chats to Google Drive or iCloud but those back-up copies are not protected by the end-to-end encryption.

An attacker could access old chats if they broke into a cloud storage account.

How to stay safe on WhatsApp
WhatsApp discovers ‘targeted’ surveillance attack
Of course, even if users decide not to back up chats, the people they message may still upload a copy to their cloud storage.

Should people stop using WhatsApp?
Ultimately, any app could contain a security vulnerability that leaves a phone open to attackers.

WhatsApp is owned by Facebook, which typically issues software fixes quickly.

Of course, even large companies can make mistakes and Facebook has had its share of data and privacy breaches over the years.

There is no guarantee a rival chat app would not experience a similar security lapse.

At least, following the disclosure of this flaw, WhatsApp is slightly more secure than it was a week ago.

Signal is an open-source project
Some rival chat apps are open-source projects, which means anybody can look at the code powering the app and suggest improvements.

“Open-source software has its value in that it be can tested more widely but it doesn’t necessarily mean it’s more secure,” said Dr Barker.

“Vulnerabilities can still be found with any tech, so it’s not the answer to our prayers.”

And if someone did decide to switch to a rival chat app, they would still have to convince their contacts to do the same. A chat app without friends is not much use.

Is any device ever safe?
In theory, any device or service could be hacked. In fact, security researchers often joyfully pile in on companies that claim their products are “unhackable”.

They quickly discover vulnerabilities and the embarrassed companies retract their claims.

If people are worried data may be stolen from their computer, one option is to “air gap” the device: disconnect it from the internet entirely.

That stops remote hackers accessing the machine – but even an air gap would not stop an attacker with physical access to the device.

Dr Barker stressed the importance of installing software updates for apps and operating systems.

“WhatsApp pushed out an update and consumers might not have realised that security fixes are often included in updates,” she told BBC News.

WhatsApp did not help the cause, however, by describing the latest update as adding “full-size stickers”, and not mentioning the security breach.

“People need to be made aware that updates are really important. The quicker we can update our apps, the more secure we are,” said Dr Barker.

As always, there are simple security steps to remember:

  • Install app and operating system security updates
  • Use a different password for every app or service
  • Where possible, enable two-step authentication to stop attackers logging in to accounts
  • Be careful about what apps you download
  • Do not click links in emails or messages you are not expecting

Make your router hacker-proof

By Sandeep Nair Narayanan, Anupam Joshi and Sudip Mittal for The Conversation 

In late April, the top federal cybersecurity agency, US-CERT, announced that Russian hackers had attacked internet-connected devices throughout the U.S., including network routers in private homes. Most people set them up – or had their internet service provider set them up – and haven’t thought much about them since. But it’s the gateway to the internet for every device on your home network, including Wi-Fi connected ones. That makes it a potential target for anyone who wants to attack you, or, more likely, use your internet connection to attack someone else.

As graduate students and faculty doing research in cybersecurity, we know that hackers can take control of many routers, because manufacturers haven’t set them up securely. Router administrative passwords often are preset at the factory to default values that are widely known, like “admin” or “password.” By scanning the internet for older routers and guessing their passwords with specialized software, hackers can take control of routers and other devices. Then they can install malicious programs or modify the existing software running the device.

Once an attacker takes control
There’s a wide range of damage that a hacker can do once your router has been hijacked. Even though most people browse the web using securely encrypted communications, the directions themselves that let one computer connect to another are often not secure. When you want to connect to, say, theconversation.com, your computer sends a request to a domain name server – a sort of internet traffic director – for instructions on how to connect to that website. That request goes to the router, which either responds directly or passes it to another domain name server outside your home. That request, and the response, are not usually encrypted.

A hacker could take advantage of that and intercept your computer’s request, to track the sites you visit. An attacker could also attempt to alter the reply, redirecting your computer to a fake website designed to steal your login information or even gain access to your financial data, online photos, videos, chats and browsing history.

In addition, a hacker can use your router and other internet devices in your home to send out large amounts of nuisance internet traffic as part of what are called distributed denial of service attacks, like the October 2016 attack that affected major internet sites like Quora, Twitter, Netflix and Visa.

Has your router been hacked?
An expert with complex technical tools may be able to discover whether your router has been hacked, but it’s not something a regular person is likely to be able to figure out. Fortunately, you don’t need to know that to kick out unauthorized users and make your network safe.

The first step is to try to connect to your home router. If you bought the router, check the manual for the web address to enter into your browser and the default login and password information. If your internet provider supplied the router, contact their support department to find out what to do.

If you’re not able to login, then consider resetting your router – though be sure to check with your internet provider to find out any settings you’ll need to configure to reconnect after you reset it. When your reset router restarts, connect to it and set a strong administrative password. The next step US-CERT suggests is to disable older types of internet communications, protocols like telnet, SNMP, TFTP and SMI that are often unencrypted or have other security flaws. Your router’s manual or online instructions should detail how to do that.

After securing your router, it’s important to keep it protected. Hackers are very persistent and are always looking to find more flaws in routers and other systems. Hardware manufacturers know this and regularly issue updates to plug security holes. So you should check regularly and install any updates that come out. Some manufacturers have smartphone apps that can manage their routers, which can make updating easier, or even automate the process.

Yahoo hacker pleads guilty

Canadian citizen Karim Baratov has pleaded guilty to charges relating to the hacking of Yahoo in 2014.

The hack involved spear-phishing Yahoo employees and compromising 500 million accounts.

Baratov admitted he was tasked with hacking the email accounts of people of interest by the Federal Security Service of Russia.

Baratov said he sent gatherer email passwords to his alleged handler, Dmitry Aleksandrovich Dokuchaev.

Dokuchaev was arrested by Russian authorities in December and charged with treason.

Two other men were indicted in February and remain in Russia, along with Dokuchaev.

Baratov is being held in Northern California without bail. His sentencing hearing is scheduled for February 2018.

Source: MyBroadband

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top