Group says it hacked systems at 100 major universities
A hacking group that calls itself Team GhostShell this week claimed credit for breaking into servers at 100 major universities from around the world, including Harvard, Stanford, the University of Pennsylvania and the University of Michigan.
In a message posted on Pastebin, the group said it accessed and publicly posted about 120,000 records from the breached servers.
The group, which recently claimed creditfor several major hacking incidents, said it attacked the university systems to focus attention on what it called a failing educational standards around the world.
A Computerworld review of a small portion of the publicly posted data showed what appeared to be names, phone numbers, email addresses, login credentials and other data from some of the breached servers. Read more...
Adobe confirms Windows 8 users vulnerable to active Flash exploits
Microsoft's Windows 8 is vulnerable to attack by exploits that hackers have been aiming at PCs for several weeks, Adobe has confirmed.
Microsoft said it will not patch the bug in Flash Player until what it called "GA," for "general availability." That would be Oct. 26, when Windows 8 hits retail and PCs powered by the new operating system go on sale.
"We will update Flash in Windows 8 via Windows Update as needed," a spokeswoman said in a reply to questions. "The current version of Flash in the Windows 8 RTM build does not have the latest fix, but we will have a security update coming through Windows Update in the GA timeframe." Read more...
Drive-by-download attack exploits critical vulnerability in Windows Media Player
Security researchers from antivirus vendor Trend Micro have come across a Web-based attack that exploits a known vulnerability in Windows Media Player.
"Earlier today, we encountered a malware that exploits a recently (and publicly) disclosed vulnerability, the MIDI Remote Code Execution Vulnerability (CVE-2012-0003)," Trend Micro threat response engineer Roland Dela Paz said in a blog post on Thursday.
The security flaw can be exploited by tricking the victim into opening a specially crafted MIDI (Musical Instrument Digital Interface) file in Windows Media Player.
Microsoft released a security fix for it on Jan. 10, as part of its monthly patch cycle. "An attacker who successfully exploited this vulnerability could take complete control of an affected system," the company said at the time. Read more...
Wi-Fi Protected Setup easily unlocked by security flaw
Security researcher Stefan Viehböck has demonstrated a critical flaw in the Wi-Fi Protected standard that opens up routers to attack and has prompted a US-CERT Vulnerability notice.
Wi-Fi Protected Setup (WPS) is used to secure access to wireless networks and requires each router to have a unique eight-digit PIN. One mode of use allows a device to connect by just presenting that PIN, opening the way for a client to just try every available PIN. Worse still, the protocol splits the PIN into two halves which reduces the attack time to a couple of hours.
Eight digits should produce 100,000,000 possible combinations, and testing various routers Viehböck found it took an average of around two seconds to test each combination. So brute forcing should take several years unless the router was particularly responsive. Read more...
VPN Providers Mull ‘Fraudster’ Database In Wake of Lulzec Fiasco
Last month it became clear that an alleged Lulzsec member who had carried out attacks on various organizations including Sony and the UK’s Serious Organised Crime Agency, had used an ‘anonymous’ VPN service supplied by HideMyAss. According to documents obtained by TorrentFreak, VPN providers worried by the bad publicity are now considering data sharing to combat ‘fraudsters’.
September 2011 will be a month that VPN provider HideMyAss will want to forget. Dozens of news outlets retold the story that an alleged Lulzsec member, allegedly partly responsible for attacks on Sony, the UK’s Serious Organised Crime Agency, AT&T, Viacom, Disney, EMI, NBC Universal, AOL and NATO, not to mention the newspapers The Sun & The Times, had used their services to remain anonymous. Read more...
China denies role in hack of Japanese defense contractor
A Chinese government official today denied any involvement in the attack that compromised scores of servers belonging to Mitsubishi Heavy Industries, Japan's largest defense contractor.
According to press reports, Foreign Ministry spokesman Hong Lei dismissed suggestions that the attacks against Mitsubishi originated in China.
"The Chinese government has consistently opposed hacking attack activities. Relevant laws strictly prohibit this," Hong told reporters for Reuters, the Associated Press, and other outlets, during a regular press briefing Tuesday.
"Criticism that China initiated a cyberattack is not only groundless, it goes against development of international cooperation on cybersecurity," Hong said. Read more...
Mozilla addons site targeted in same attack that hit Google
The secure webpage hosting addons for Mozilla Firefox was targeted in the same attack that minted a fraudulent authentication credential for Google websites, the maker of the open-source browser said.
"DigiNotar informed us that they issued fraudulent certs for addons.mozilla.org in July, and revoked them within a few days of issue," Johnathan Nightingale, Mozilla's director of Firefox development, wrote in a statement. "In the absence of a full account of mis-issued certificates from DigiNotar, the Mozilla team moved quickly to remove DigiNotar from our root program and protect our users."
Nightingale didn't say how many Mozilla certificates were issued and if they were actively used to intercept the communications of people accessing the address. The site hosts hundreds of thousands of addons that give the Thunderbird and Firefox programs powerful functions not included by default. Read more...
Morto A worm success a sign of bad password policy
The Morto A worm is having continued success despite its reliance on a list of lame passwords to take over victim machines.
In order for the worm to be effective, the administrative password for a machine under attack has to be one of 37 of the worst passwords ever (see below) that it carries in a weak brute-force library.
Yet the worm, which takes over control of remote computers by guessing the password for Microsoft Remote Desktop, continues to spread, according to security watchdogs. Read more...
“Anonymous” Hackers Attack Monsanto, Tar Sands Oil Companies
The notorious activist hacking group "Anonymous" has launched two new campaigns championing a pair of green causes -- helping U.S. farmers earn the right to label their food as "GMO-free" and working to obstruct the expansion of the devastating tar sands oil project in Alberta, Canada. Monsanto, the giant biotech firm, has confirmed it was the victim of a large-scale hacking attack. And the oil companies are next, Anonymous says. Read more...
Hackers claim Apple online data was compromised
A list of 27 user names and encrypted passwords apparently for an Apple website was posted to the Internet over the weekend along with a warning from hacker group Anonymous that the Cupertino-based computer maker could be a target of its attacks.
The list was posted to the Pastebin website, a hosting site for text files, by an unidentified user under the title "Not Yet Serious." It wasn't immediately clear if the user was allied with the Anonymous hacking group, but the existence of the file became widely known after Anonymous linked to it in a Twitter message.
"Not being so serious, but well," the message read before linking to the PasteBin page. "Apple could be target, too. But don't worry, we are busy elsewhere," the message said. Read more...
LightSquared’s proposed network plan under attack
The coast is not yet clear for LightSquared's hybrid satellite-LTE network despite the company's announcement on Monday that it has found a solution to interference with GPS.
The startup's new proposal, in which it would step away from the frequencies that it said cause the most interference with GPS (Global Positioning System), still needs regulatory approval and hasn't even been presented to the U.S. Federal Communications Commission yet. Meanwhile, one of the company's harshest critics slammed the plan as "bizarre."
LightSquared wants to build a hybrid network with both satellite and LTE (Long-Term Evolution) services, but some of the spectrum for its LTE network is in the MSS (Mobile Satellite Services) band, which is also used for GPS. It has to solve any interference problems before it can launch the network. Read more...
Lockheed Martin acknowledges ‘significant’ cyberattack
Lockheed Martin Saturday night acknowledged that it its information systems network had been the target of a "significant and tenacious attack", but said that its security team detected the intrusion "almost immediately and took aggressive actions to protect all systems and data."
No data from customers, programs or employees was compromised, the top U.S. defense contractor said in a brief statement. Read more...
Google Promises Automatic Android Security Fix
In the wake of Google's self-proclaimed momentum at the Google I/O conference last week, the creator of Android is getting hit with some stark realities about the security of its open-source operating system. A newly discovered flaw has widespread potential.
There are 100 million activated Android devices, according to Google, and 400,000 new devices are activated every day. In all, researchers at Ulm University in Germany who discovered the flaw last week estimate about 98 percent of Android users are vulnerable. Read more...
Sony Breach Shows Amazon Cloud’s Hacker Appeal
For three pennies an hour, hackers can rent Amazon’s servers to wage cyber attacks such as the one that crippled Sony Corp. (6758)’s PlayStation Network and led to the second-largest online data breach in U.S. history.
A hacker used Amazon’s Elastic Computer Cloud, or EC2, service to attack Sony’s online entertainment systems last month, a person with knowledge of the matter said May 13. The intruder, who used a bogus name to set up an account that’s now disabled, didn’t hack into Amazon’s servers, the person said.
The incident helps illustrate the dilemma facing Chief Executive Officer Jeff Bezos: Amazon’s cloud-computing service is as cheap and convenient for hackers Read more...
AnonOps Denies Responsibility For Sony PSN Attack
Anonymous has denied any involvement in the recent PlayStation Network hack said that members could have been acting on their own.
In an audio message to PSN users, posted on the group’s blog, the group maintained that it had nothing to do with the attack on Sony and that it is not involved in credit card theft.
However, the group also said in the message that individual members of the group could have orchestrated the attack.
“While it could be the case that other Anons have acted by themselves, AnonOps was not related to this incident and does not take responsibility for whatever has happened,” the audio message said. Read more...