Tag: vulnerabilities

Home Invasion: Home Routers May Be The Next Big Hack

Most of us have broadband at home. It’s always there. It works and, for the most part, we don’t think about it until it goes down. Our amnesia extends to the humble home gateway or broadband router that is our connection to the global Internet. That piece of CPE (or customer-premises equipment) probably sits on our desk, or down in our basement gathering dust. Strong password? Meh. Firmware update? Hey, ‘if it ain’t broke…don’t fix it!” But all those small, insecure devices could add up to a major security crisis for users and their Internet Service Provider (ISP), according to researchers at the firm IOActive. Writing on the IOActive blog, researchers Ehab Hussein (@_obzy_) and Sofiane Taimat (@_sud0) say that millions of  vulnerable home routers and gateways are vulnerable to trivial attacks. Those devices could be harnessed by cyber criminal groups, state-backed actors or hacktivists for malware distribution, spam or […]

Continue Reading

Botnet Of Embedded Devices Used To Map Internet

Botnets are mostly linked with spam e-mail campaigns, denial of service attacks and data theft. But global networks of compromised hosts can be used for a variety of ends – not all of them malicious. That was the idea behind “Internet Census 2012,” a stealth project by an unnamed and unknown researcher/hacker to map the entire IPV4 Internet address space using a massive network of compromised devices. The results, published in the form of a research paper, underscore the problem of  unsecured embedded devices, including set top boxes, home routers and critical infrastructure, with the hacker able to locate and compromise these systems, creating a botnet of more than 420,000 nodes. According to a copy of the report, the project grew out of an experiment to locate unprotected devices online using nmap, the open source scanning tool. By compromising each vulnerable host and then enlisting it to scan for other […]

Continue Reading

ISP Telenor: Execs Laptops Emptied in Cyber Spy Operation

The Norwegian telecommunications firm Telenor told authorities in that country that a sophisticated cyber spying operation compromised the computers of leading executives and “emptied” them of sensitive information, including e-mail messages, computer files and passwords, according to a report Sunday by Aftenposten. Several executives of Telenor were the subjects of “extensive, organized industrial espionage,” the report said, quoting Telenor Norway’s director, Rune Dyrlie. The company has reported the incident to  Nasjonal sikkerhetsmyndighet – or NSM – Norway’s national security authority as well as Nor-CERT, Norway’s Computer Emergency Readiness Team and the cyber defense unit Cyberforsvaret. “We take it very seriously by several bosses in Telenor stolen sensitive information. It is quite clear that those behind, got downloaded stolen information. There is no doubt that we have lost data,” Dyrlie told Aftenposten. Dyrlie said that the company missed the initial infection, which used “new, customized software.” The first indication of a compromise came after automated monitoring software operated […]

Continue Reading

D.C. Insider Site NationalJournal.com Serving Malware

Watering hole -style attacks are all the rage these days, as our recent coverage on the attacks against Facebook and Twitter suggest. That makes us look askance at any report of a web site compromise – especially at a site that’s known to serve an audience that’s of interest to sophisticated, nation-state backed hacking crews.   That’s why it caught our attention this week that the web site for the DC-insider magazine The National Journal (nationaljournal.com) was found serving malware. According to a blog post by Anup Ghosh at the security firm Invincea, The National Journal’s Web site was serving up attacks to visitors of the site on Tuesday. The discovery was surprising, as the magazine acknowledged an earlier compromise on February 28th and said that it had since secured its site. That National Journal, part of The Atlantic Media Company, is widely read within Washington D.C.’s political circles. It […]

Continue Reading

Many Watering Holes, Targets In Hacks That Netted Facebook, Twitter and Apple

The attacks that compromised computer systems at Facebook, Twitter, Apple Corp. and Microsoft were part of a wide-ranging operation that relied on many “watering hole” web sites that attracted employees from prominent firms across the U.S., The Security Ledger has learned. The assailants responsible for the cyber attacks used at least two mobile application development sites as watering holes in addition to the one web site that has been disclosed: iPhoneDevSDK.com. Still other watering hole web sites used in the attack weren’t specific to mobile application developers – or even to software development. Still, they served almost identical attacks to employees of a wide range of target firms, across industries, including prominent auto manufacturers, U.S. government agencies and even a leading candy maker, according to sources with knowledge of the operation. More than a month after the attacks came to light, many details remain under tight wraps. Contacted by The Security […]

Continue Reading
1 139 140 141 142 143 148