Tag Archives: Hacking

Cybersecurity for Executives

Looking forward to another local speaking event here in Sacramento:

By invitation only, DSA Technologies is hosting FBI expert Kurt Pipal and licensed Computer Forensics Investigator Michael Reese to discuss the current state of Cybercrime in the Northern California & Sacramento Area. Executives who are responsible for the public perception for their organizations should attend.
This event will feature several security topics frequently seen in the news today, including:
• Financial Fraud
• Intellectual Property Threats
• Ransomware
• Identity Theft
• Phishing/Social Engineering scams
• Attacks on Critical Infrastructure
Where: Morton’s Steakhouse
621 Capitol Mall, Sacramento, CA 95814
When: April 19th @ 11:30AM
Event Partners: FBI, Palo Alto Networks



WikiLeaks publishes ‘biggest ever leak of secret CIA documents’

The 8,761 documents published by WikiLeaks focus mainly on techniques for hacking and surveillance

The US intelligence agencies are facing fresh embarrassment after WikiLeaks published what it described as the biggest ever leak of confidential documents from the CIA detailing the tools it uses to break into phones, communication apps and other electronic devices.

The thousands of leaked documents focus mainly on techniques for hacking and reveal how the CIA cooperated with British intelligence to engineer a way to compromise smart televisions and turn them into improvised surveillance devices.

The leak, named “Vault 7” by WikiLeaks, will once again raise questions about the inability of US spy agencies to protect secret documents in the digital age. It follows disclosures about Afghanistan and Iraq by army intelligence analyst Chelsea Manning in 2010 and about the National Security Agency and Britain’s GCHQ by Edward Snowden in 2013.

The new documents appear to be from the CIA’s 200-strong Center for Cyber Intelligence and show in detail how the agency’s digital specialists engage in hacking. Monday’s leak of about 9,000 secret files, which WikiLeaks said was only the first tranche of documents it had obtained, were all relatively recent, running from 2013 to 2016.

The revelations in the documents include:
1. CIA hackers targeted smartphones and computers.
2. The Center for Cyber Intelligence, based at the CIA headquarters in Langley, Virginia, has a second covert base in the US consulate in Frankfurt which covers Europe, the Middle East and Africa.
3. A program called Weeping Angel describes how to attack a Samsung F8000 TV set so that it appears to be off but can still be used for monitoring.

The CIA declined to comment on the leak beyond the agency’s now-stock refusal to verify the content. “We do not comment on the authenticity or content of purported intelligence documents,” wrote CIA spokesperson Heather Fritz Horniak. But it is understood the documents are genuine and a hunt is under way for the leakers or hackers responsible for the leak.

WikiLeaks, in a statement, was vague about its source. “The archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive,” the organization said.

The leak feeds into the present feverish controversy in Washington over alleged links between Donald Trump’s team and Russia. US officials have claimed WikiLeaks acts as a conduit for Russian intelligence and Trump sided with the website during the White House election campaign, praising the organization for publishing leaked Hillary Clinton emails.

Asked about the claims regarding vulnerabilities in consumer products, Sean Spicer, the White House press secretary, said: “I’m not going to comment on that. Obviously that’s something that’s not been fully evaluated.”

Asked about Trump’s praise for WikiLeaks during last year’s election, when it published emails hacked from Clinton’s campaign chairman, Spicer told the Guardian: “The president said there’s a difference between Gmail accounts and classified information. The president made that distinction a couple of weeks ago.”

Julian Assange, the WikiLeaks editor-in-chief, said the disclosures were “exceptional from a political, legal and forensic perspective”. WikiLeaks has been criticized in the past for dumping documents on the internet unredacted and this time the names of officials and other information have been blacked out.

WikiLeaks shared the information in advance with Der Spiegel in Germany and La Repubblica in Italy.

Edward Snowden, who is in exile in Russia, said in a series of tweets the documents seemed genuine and that only an insider could know this kind of detail. He tweeted:
The document dealing with Samsung televisions carries the CIA logo and is described as secret. It adds “USA/UK”. It says: “Accomplishments during joint workshop with MI5/BTSS (British Security Service) (week of June 16, 2014).”

It details how to fake it so that the television appears to be off but in reality can be used to monitor targets. It describes the television as being in “Fake Off” mode. Referring to UK involvement, it says: “Received sanitized source code from UK with comms and encryption removed.”

WikiLeaks, in a press release heralding the leak, said: “The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the internet to a covert CIA server.”

The role of MI5, the domestic intelligence service, is mainly to track terrorists and foreign intelligence agencies and monitoring along the lines revealed in the CIA documents would require a warrant.

The Snowden revelations created tension between the intelligence agencies and the major IT companies upset that the extent of their cooperation with the NSA had been exposed. But the companies were primarily angered over the revelation the agencies were privately working on ways to hack into their products. The CIA revelations risk renewing the friction with the private sector.

The initial reaction of members of the intelligence community was to question whether the latest revelations were in the public interest.

A source familiar with the CIA’s information security capabilities took issue with WikiLeaks’s comment that the leaker wanted “to initiate a public debate about cyberweapons”. But the source said this was akin to claiming to be worried about nuclear proliferation and then offering up the launch codes for just one country’s nuclear weapons at the moment when a war seemed most likely to begin.

Monday’s leaks also reveal that CIA hackers operating out of the Frankfurt consulate are given diplomatic (“black”) passports and US State Department cover. The documents include instructions for incoming CIA hackers that make Germany’s counter-intelligence efforts appear inconsequential.

The document reads:

“Breeze through German customs because you have your cover-for-action story down pat, and all they did was stamp your passport.

Your cover story (for this trip):

Q: Why are you here?

A: Supporting technical consultations at the consulate.”

The leaks also reveal a number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high-security networks that are disconnected from the internet, such as police record databases. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB stick containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and extracts data.

A CIA attack system called Fine Dining provides 24 decoy applications for CIA spies to use. To witnesses, the spy appears to be running a program showing videos, presenting slides, playing a computer game, or even running a fake virus scanner. But while the decoy application is on the screen, the system is automatically infected and ransacked.

The documents also provide travel advice for hackers heading to Frankfurt: “Flying Lufthansa: Booze is free so enjoy (within reason).”

The rights group Privacy International, in a statement, said it had long warned about government hacking powers. “Insufficient security protections in the growing amount of devices connected to the internet or so-called ‘smart’ devices, such as Samsung smart TVs, only compound the problem, giving governments easier access to our private lives,” the group said.


Yahoo’s hack warning comes from a third breach, Yahoo says

How many times does this have to happen??
Three strikes and your out

Yahoo’s newly issued warning to users about malicious hacks is related to a third data breach that the company disclosed in December 2016.

A warning sent to some Yahoo users Wednesday read: “Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account.”

This breach was quietly revealed in a December 2016 statement from Yahoo that provided information on a separate hack that occurred in August 2013 involving more than 1 billion accounts. Some of 2015 and 2016 incidents have been tied to a “state-sponsored actor” that was involved in another 2014 breach that affected up to 500 million accounts.

“Forged cookies” are digital keys that allow access to information without re-entering passwords. The leaked data included email addresses, birth dates and answers to security questions. Yahoo declined to say how many people were affected.

“As we have previously disclosed, our outside forensic experts have been investigating the creation of forged cookies that could have enabled an intruder to access our users’ accounts without a password,” a Yahoo spokesperson said in an emailed statement. “The investigation has identified user accounts for which we believe forged cookies were taken or used. Yahoo is in the process of notifying all potentially affected account holders.”

A source familiar with the matter said the investigations for these breaches are nearing an end.

The earlier, catastrophic breaches that impacted over 1.5 billion accounts raised questions about Yahoo’s security, and called into question the company’s deal to sell itself to Verizon Communications.

Both SunTrust and CFRA retained their hold opinion on Yahoo shares, mostly tied to the fact that Verizon will likely still purchase the internet company and has renegotiated the purchase price. Bloomberg reported that the telecommunications company was able to reduce the initial $4.8 billion price by $250 million due to the data breaches.

I really think it time to delete that Yahoo account and put the matter to bed.

Top tips on protecting your devices from hackers


Billions of fitness trackers, medical implants, surveillance cameras, home appliances, thermostats, baby monitors and computers in automobiles now are connected as part of a rapidly expanding (IoT) “internet of things.”

But many such devices were developed without security considerations. As a result, they are prime targets for hackers.

Tips to protect your devices:

How do I know if I have an internet of things device?

If you have a device that is capable of connecting to the internet or shares information over a wireless network in your home, it is potentially insecure and can be leveraged for a cyber attack.

Last month, hackers harnessed an army of 100 000 internet-connected devices around the world, such as DVRs and security cameras, to attack Dyn, which helps route internet traffic to its destination. It caused temporary internet outages to sites that included Twitter, PayPal, Pinterest, Reddit and Spotify.

Why should I care?

Hackers can penetrate devices to directly harm someone or to target critical infrastructure.

They can remotely disable a car, raise the thermostat on refrigerated foods, and toy with internet-enabled medical devices.

In the Dyn attack, hackers used the devices to flood the internet infrastructure company with data and knock it offline.

Such tactics also could be used against electrical and water systems, which are increasingly being put online to allow for remote operation.

What can I do?

Make sure you are aware of what you are connecting to the internet, and think about what is necessary.

That feature on your new bathroom scale that syncs with your phone is handy, but can you password protect it from getting hacked?

Any device that has the capabilities of remotely sending information elsewhere is vulnerable. Therefore, the software on that device and the network in connects to must be secured.

If a device comes with a default password, make sure you change it. You should also change the password on your wireless network at home. Use complex passphrases to ensure your device is not easily hacked.

The Dyn attack was made possible by devices with default passwords that were never changed.

Whom do I contact if I am worried about a device?

Contacting the manufacturer or vendor of the device may not always help.

This is especially true because innovation has frequently outpaced cyber security education.

In the US, the Homeland Security Department, for example, sends out public alerts about vulnerabilities through its US-CERT programme that you can sign up for on its website .


FBI Director — You Should Cover Your Webcam With Tape

Should you put a tape or a sticker over the lens of your laptop’s webcam?

Yes, even Facebook CEO Mark Zuckerberg and FBI Director James Comey do that.

Covering your laptop’s webcam might be a hell cheap and good idea to guard against hackers and intruders who might want to watch your private life and environment through your devices.

In fact, Comey recently came out defending his own use of tape to cover his personal laptop’s webcam.

People Are Responsible for Their Safety, Security & Privacy

During a conference at the Center for Strategic and International Studies, when Comey was asked that he still put tape over his cameras at home, he replied:

“Heck yeah, heck yeah. And also, I get mocked for a lot of things, and I am much mocked for that, but I hope people lock their cars… lock your doors at night. I have an alarm system. If you have an alarm system you should use it, I use mine.”

Comey went on to explain that it was common practice at the FBI and other government offices to cover computers and laptops’ webcams with tape or any physical cover.

“It’s not crazy that the FBI Director cares about personal security as well,” he continued. “If you go into any government office, we all have our little camera things that sit on top of the screen, they all have a little lid that closes down on them, you do that, so people who do not have authority don’t look at you, I think that’s a good thing.”

Comey believes that putting a cover over webcams is one of the “sensible things” that everyone should be doing to “take responsibility for their own safety and security.”

Edward Snowden Leaks revealed the NSA’s Optic Nerve operation that was carried out to capture webcam images every 5 minutes from random Yahoo users, and in just six months, images of 1.8 Million users’ were captured and stored on the government servers in 2008.

Internet of Things: Security Nightmare

However, putting a tape over the lens of your computer’s webcam would not solve the problem, especially in this era when we are surrounded by so many Internet-connected devices that are a security nightmare.

Due to the insecure implementation, these Internet-connected or Internet of Things (IoTs) devices, including Security Cameras, are so vulnerable that hackers are routinely hijacking them and using them as weapons in cyber attacks.

So, it is far more easy for hackers to hack your security cameras, instead of your laptop’s webcam, to keep track on you and your environment.

Do you feel the need to use a tape over your webcam? Let us know your comments.

Wendy’s Hack Bigger Than Originally Thought


Wendy’s, the famous fast food chain from Dublin, Ohio, originally announced in January that it was investigating a potential hack resulting in a breach of customers’ credit and debit card information. In May, Wendy’s company leaders stated that less than 300 restaurants were affected by the infiltration. However, this past week, Wendy’s officials announced over 1,000 restaurants nationwide were subject to this theft.

With over 5,700 restaurants in the United States, it is safe to say that
if you have visited a Wendy’s in the past year and used a credit or debit card it would be wise to check your accounts to make sure no fraudulent purchases were made. To see which Wendy’s locations were affected, check their website here. Wendy’s has stated it will offer free credit monitoring for one year for those who used a card at any of those restaurants.
“We are committed to protecting our customers and keeping them informed. We sincerely apologize to anyone who has been inconvenienced as a result of these highly sophisticated, criminal cyber attacks involving some Wendy’s restaurants,” said Todd Penegor, President, and Chief Executive Officer. “We have conducted a rigorous investigation to understand what has occurred and apply those learnings to further strengthen our data security measures.”

How Did This Occur?
The variant of malware that caused the breach occurred due to Wendy’s service providers’ access credentials being compromised. This allowed criminals access to the
point-of-sale system at many locations. When this access was gained by the criminals, they were allowed to place a string of malware capable of removing customers’ personal card numbers.
The scariest thing is that most companies could not have prevented this type of attack.
Without Deception Technology and advanced forensic collection there would be no way to know that these attackers were on the network with trusted credentials.

What Can Consumers Do to Prevent This?
Free credit monitoring is available from companies like Credit Sesame, Credit Karma, and WalletHub. These sites offer credit scores, credit reports, and most important to this discussion, 24/7 monitoring. When abnormalities in spending occur, you will be notified.
Sadly, there is not much more you can do to completely stop a hack like this, other than not using credit and debit cards altogether. I know, I know, this sounds like torture to
some; we are all enamored with the bonus points, free miles, cheaper hotel rooms and other perks of credit cards as well as the ease of not carrying cash around. But the potential of having your accounts hijacked really should cause some pause when using such cards.
The key to it all is this – if you are going to use your cards, make sure you are checking your accounts frequently to make sure no fraudulent purchase are being made. And change your passcodes regularly.

How to Ensure Your Social Profiles Will Never Get Hacked

Facebook notifications

Getting hacked can cause an unlimited number of problems for you and your reputation. The last thing you need is to see your profiles fall into the hands of someone else. The key is not to act when it happens but to act before it happens. This guide is going to show you everything you need to know about preventing your social profiles from getting hacked.

The Password Issue

To begin with, you need to make sure that you are crafting the right passwords. A weak password is the front door into your social media accounts. Many hackers will use the brute force method, which is where they simply attempt to guess your password. Automated software will continually try different combinations until it finds something that works.

The only way you can defend against this is through using upper and lower case letters, along with numbers and symbols. This password should be changed on a regular basis. Just make sure that you don’t come up with a password that you yourself can’t remember.

When storing your passwords, you should make sure you have adequate storage methods. Don’t keep them in a place online or offline where they can be immediately accessed.

The key here is to share your passwords with the smallest number of people possible. They should be kept on a strictly need to know basis.

Technology

You may not have heard of sign-in technology before. It’s a fairly recent invention and it allows people to access your social media accounts without knowing the password. The way it works is that employees click the sign-in software and it will automatically allow them to access the social media account in question.

This technology will only be able to be accessed on certain company computers. This will allow you to keep all information centralized with one person. That means you always have one or two people to take full responsibility for the company’s passwords.

It doesn’t cost a lot to utilize this technology. There are many software bundles that will provide free services like this. It only takes a few minutes to install this technology on your computer.

The Most Common Path – The Email Hack

Despite the fact that spam detectors have become more proficient than ever before, hackers will still use emails in order to capture people’s information. As soon as you click on the offending link, you will be redirected to a page that looks remarkably similar to a genuine page. Once you enter your information, the hacker will capture that information. They may even attempt to install Spyware on your computer.

The emails that reach your inbox will contain links that you have to click on; usually in relation to a compromised account.

So how do you know whether something is genuine?

There are two ways to do this. First of all, you can mouse over the link and in the bottom right of your browser it will show you the full link. There will always be a slight change in the URL that will reveal it as a link you should avoid. But the best way to check if an email is genuine is to access the relevant website manually, like you would normally.

One other option you have to get around this entirely is to use a platform like Sprout Social or HootSuite to access your social media accounts through a third-party platform. It acts as a shield so your accounts cannot be hacked directly, since you are never accessing them directly.

Your Computer’s Security Arrangements

You can have the strongest password in the world. None of that is going to matter if your computer or network is vulnerable to attack, though. There are hackers who can install software on your computer that can allow them to take control of it remotely.

Then they can use things like sign-in technology against you because they can click the buttons without your input. Install the best anti-virus system you can, update it regularly, and be willing to pay for the best. This is not an area where you should compromise.

How will you protect your social media accounts from hackers today?


This article was written by Abdullahi Muhammed from Business2Community and was legally licensed through the NewsCred publisher network.