Some US utilities say they’re under constant cyberattack

/0 Comments/in /by

An interesting article in NBC News in there Technology Section:  Several power utilities say they face a barrage of cyberattacks on their critical systems, a report by two Democratic lawmakers found, echoing warnings from the Obama administration that foreign hackers were trying to bring down the U.S. power grid.

Rep. Henry Waxman, D-Calif., released the report, co-authored with Rep. Ed Markey, D-Mass., at the House Energy and Commerce Committee’s cybersecurity hearing on Tuesday.

The pair asked some 160 utilities to describe their experiences fighting cyberattacks over the past five years. In response, more than a dozen said they experienced daily, constant or frequent attempted cyber attacks, according to a 35-page report summarizing their responses.

To read more click here:

Google Aurora Hack Was Chinese Counterespionage Operation

/0 Comments/in /by

A posting from Informationweek Security : A high-profile information security attack against Google in late 2009 — part of what was later dubbed Operation Aurora — was a counterespionage operation being run by the Chinese government.

Former government officials with knowledge of the breach said attackers successfully accessed a database that flagged Gmail accounts marked for court-ordered wiretaps. Such information would have given attackers insight into active investigations being conducted by the FBI and other law enforcement agencies that involved undercover Chinese operatives.

“Knowing that you were subjects of an investigationallows them to take steps to destroy information, get people out of the country,” a former U.S. government official with knowledge of the breach told the Washington Post, which first reported the news. But the official cautioned that the attack also could have been a subterfuge operation by Chinese intelligence agencies designed to trick U.S. intelligence agencies into believing false or misleading information.

To read more click here:

Anonymous Hackers TangoDown the Official Website of Rome’s Court

/0 Comments/in /by

A posting by our partners at hackersnewsbulletin.com:

Anonymous Hackers taken down the Official Websites of the Court of Rome, Anonymous said that we break down their computer systems.
 
This Hack seems like TIT for TAT because before some days Italian Police arrested 4 Anonymous Members for allegedly hacking into computer systems of the national government, parliament and the Vatican.
Read more here.

Hacker hacked Toyota UK Blog and leaked personal info

/0 Comments/in /by

An other interesting posting from our partners at hackersnewsbulletin.com:

Our Last report was also of hacker named 1923Turk, he is a hacker from turkey who leaked database of two major educational institutions yesterday and today he managed to leak personal info from the official blog of Toyota (UK).
 

Every time this hacker stated a reason behind his leak that is PATRIOTISM  this time the same reason hacker stated.

Read more here.

DDoS-for-hire service is legal and even lets FBI peek in, says a guy with an attorney

/0 Comments/in /by

A posting from Naked Security about DDoS-for-hire service is legal:  Paying a site to DDoS other sites is perfectly legal, the proprietor behind one such outfit told security journalist Brian Krebs.

Besides which, he says, his service, called RageBooter, even features a nifty backdoor that lets the FBI monitor customer activity.

The conversation took place recently between Krebs and Justin Poland, the US man from Memphis, Tennessee whom Krebs sniffed out via WHOIS lookup and Facebook.

According to Poland, DDoSing the beejezus out of sites is perfectly legal/justifiable/morally kosher because:

  1. It’s “a public service on a public connection to other public servers”;
  2. His service merely takes advantage of default settings of some DNS servers; and
  3. Spoofing a sender address is legal and OK because if a root user of the server doesn’t like it they just have to disable recursive DNS.

Regarding item No. 3, recursion is the act of querying additional DNS servers to resolve queries a DNS server can’t resolve from its own database.

 

To read more  click here: 

 

Black Hat 2013 Showcases Home Security, Bootkits, Cellular OPSEC Failures

/0 Comments/in /by

A posting from Dark Reading on Black Hat:  Major information security event Black Hat has announced three more featured talks — just the start of an avalanche of new briefings being announced on the Black Hat USA website. We’re highlighting three of them here — focusing on diverse subjects spanning home security system hacking, bootkit threats across multiple OSes, and OPSEC failures involving the American intelligence community and cellphones.

Home and office security systems are big business, with more than 36 million installed in the United States. In Let’s Get Physical: Breaking Home Security Systems and Bypassing Buildings Controls, Bishop Fox’s Drew Porter and Stephen Smith will show you just how easily these systems can be bypassed, with no physical evidence. Whether it’s slipping past a simple door sensor or intercepting the signal from a keypad before it alerts authorities, expect live demos of the shockingly effective techniques security system manufacturers don’t want you to know.

To read more click here: