Wednesday, 29 March 2017

On 05:42 by Vismit Rakhecha   No comments
Carleton University is urging caution among staff and students after discovering potential hacking tools on a handful of classroom computers.

The university says it discovered USB key-logging devices on six classroom computers across three university buildings.

Carleton says staff discovered the devices last week during what it called a routine classroom inspection, but did not indicate how long they had been in place.

Keystroke-loggers capture information typed into a computer and can record usernames and passwords people use to log into various websites and programs.

The university says it will inspect classroom computers every morning and throughout the day, adding it’s taking additional steps to strengthen classroom security.

Carleton says it’s not aware of anyone having their personal information breached because of the devices, but urges people to change passwords all the same.

“These computers are used solely for instructional purposes in classrooms and do not store any university, personal or confidential information,” Carleton said in an internal note to staff. “We have no evidence that any information was retrieved from these devices or that any university data were compromised.”

Carleton also urged people who may have used classroom computers to log on to external sites such as Google or Dropbox to change the passwords they use for those services as well.

The university said the key-logging device could have posed a serious risk to users not only because of the information they captured, but because of the inherent difficulty in discovering them.

Antivirus or anti-malware programs cannot detect them, as they are pieces of hardware rather than malicious software. Carleton said someone would have had to physically retrieve the devices to make use of the contents they collected.

This is not the first time this school year that Carleton has dealt with a security breach.
The university was the victim of a ransomeware attack in November when an unknown hacker locked down the bulk of the network requesting a bitcoin payment to have it released.

The university said it was eventually able to unlock the network without making any payments.
On 05:10 by Vismit Rakhecha   No comments
Publishers believe that Russian hackers are behind an attack on the Amazon page for a self-styled manual for resisting US president Donald Trump and other populist leaders, with the author, historian Timothy Snyder, claiming the hack as just the latest in a series of efforts by Russians to undermine his work.

Images of Snyder’s On Tyranny were replaced on Amazon.co.uk with those for a non-existent colouring book by “Timothy Strauss”. The blurb for Strauss’s book said it contained “lessons to Make World Great Again” [sic] – a slogan used on pro-Donald Trump and Vladimir Putin posters that have appeared across the Russian Federation.

The Yale professor, who specialises in European history and the Holocaust, said: “The idea of making the world great again, the slogan left by the hacker, appears, to my knowledge, only in Russian on pro-Trump posters in the Russian Federation.” He added: “The hack basically confirms several of the lessons in On Tyranny, such as [No] 14, on the importance of digital privacy.”

Snyder’s book is a distillation of insights he has gleaned from 20th-century history about how tyrants can be resisted and presents practical actions to take against repressive regimes. This week, his UK publisher Vintage marked the launch of the book with a poster installation in a London street featuring the entire book. It is believed to be the first time a book has been promoted in such a way.
A No 1 bestseller on Amazon, the professor said he thought the hack was inspired by publicity for the book, which has proved popular on both sides of the Atlantic – coupled with a bad week for Trump, whose attempts to quash Obamacare were defeated in Congress.

“Russia has shown a tendency to jump in to help him at such times,” he said. Pointing to the fight for the White House last October, when Russian diplomacy criticised opposition to Trump’s pro-torture position, he added: “Perhaps someone who supports Mr Trump construed my book’s No 1 ranking on Amazon as a small part of his bad week.”

Snyder claimed there had been a pattern of Russian action to undermine his previous books – Bloodlands and Black Earth – both of which tackled Hitler and Stalin. “The Russian foreign ministry, in an annual list, claimed that the existence of Bloodlands somehow constituted a human rights violation – odd for a book … whose subject was the violation of human rights,” he said.

Film rights bought for Black Earth by a Russian firm never reached the screen, he added, although the nature of of such deals is that few adaptations ever make go into production.
Once alerted to the hack, Vintage informed Amazon, which has now restored the page for On Tyranny to normal.
On 03:55 by Vismit Rakhecha   No comments
The official website of the IRS officers belonging to the Income Tax department was today hacked.
Officials said the website ? irsofficersonline.gov.in ? was hacked late evening and a message posted on the wall of the portal read "Pak Cyber Thunders. Hacked by Pak MOnster!"

The website, they said, has been rendered inaccessible as of now.

A screen grab of the hacked site read: "shame on your security. Your site is hacked is because of your high security!" along with messages like "Pakistan Zindabad".

Incidentally, the same portal was hacked in February last year and messages such as "Pakistan Zindabad" and "we are team Pak cyber attacker" were posted on it.

The website acts as an official communicator for work between the Central Board of Direct Taxes (CBDT) and the I-T departments field offices in the country.

They said the technical team handling the website has sent a report in this regard to the Computer Emergency Response Team of India (CERT-In), which is the nodal agency to combat hacking, phishing and to fortify defences of the Indian internet domain.

Officials said a security audit will be undertaken of the website, adding no sensitive or secret information was uploaded on the universal resource locator (URL) of the IRS community working in the I-T department.

Monday, 27 March 2017

On 23:06 by Vismit Rakhecha   No comments
The B.C. government’s official Facebook page has been restored after it was apparently hacked on Monday.
For a short period of time, the page displayed images of fireballs, a man in camouflage pants holding a walkie-talkie as well as Arabic script.
A spokesperson with the B.C. government confirmed the page had been “compromised” and said it was “a matter isolated solely on our Facebook presence.”
On 23:04 by Vismit Rakhecha   No comments
Since hacked photos and videos of Paige were leaked to the internet last weekend, several other current and former WWE Superstars have been rumored to be the next victims of the attack. While many of the names have proved to be nothing more than rumor, WWE Hall Of Famer, Sunny, revealed that she received an anonymous text from someone and that included a topless photo of a popular WWE Superstar.
Sunny, real name Tammy Sytch, did not confirm the identity of this star, but did mention that she was not referring to Paige. She wrote the following on her Facebook page:
"Very upset right now. I just got a text message from a random number (area code is PA) and they sent me a picture of a very popular WWE diva topless in a very provocative pose. I know for a fact that she has never done any nude photo shoots. This was a private photo. I texted her and she said her iCloud was hacked. This is so fucked up that someone would do this to her. She is an amazing person and someone I’m proud to call my friend. Whoever did this…. You are such a fucktard. People deserve their privacy. Just because we are celebrities does not give any of you the right to invade our personal lives!!!!"
Sytch's response makes her one of several former WWE stars to come out in support of Paige. For those pointing out the apparent irony of Tammy Sytch ... who has appeared in adult films ... posting this message, let me stop you right there.
There is a vast difference between someone giving consent for their videos to be viewed by the general public and someone having them stolen. Paige and these other WWE stars gave no such consent for their images or videos to be shared or viewed by anyone other than the people they were intended for.
Just because Sytch was involved in a NFSW film doesn't make her unqualified to point out a crime.
As for Paige, we have heard nothing from the former WWE Divas Champion since confirming that the video and photos had been posted without her consent. Late last week, Alberto Del Rio made his first statements since the photos were released when he cancelled an upcoming WrestleCon appearance. Paige's father also gave a heartbreaking update on his concern for his daughter's health. 
The WWE has only made a nod to the incident and it is unlikely they will add any further comment. 
On 22:57 by Vismit Rakhecha   No comments
Kenyan authorities have charged an IT expert with hacking into the country's tax authority and stealing almost $40m, according to local media.
Alex Mutunga Mutuku, 28, is accused of belonging to a syndicate of electronic fraudsters who steal money from various institutions and companies in the East African nation, The Standard newspaper reported. 

"The information we have is just a tip of the iceberg. The racket is big and involves people outside the country," Edwin Okello, the state prosecutor, was quoted as saying on Wednesday. 

Mutuku, who pleaded not guilty, allegedly hacked into the Kenya Revenue Authority's computer systems over the past two years.
The suspect, who routinely posted his lavish lifestyle on social media, was known to authorities and was arrested in 2015 on suspicion of hacking into the country's biggest telephone network provider, Safaricom, and stealing airtime worth $150, according to The Daily Nation newspaper.
Mutuku was accused in 2014 of hacking into the system of a local bank, the paper said.

The trial is scheduled to continue on March 28.
On 03:01 by Vismit Rakhecha   No comments
NATO plans to spend €3bil (RM14.39bil) to upgrade its satellite and computer technology over the next three years as the Western military alliance adapts to new threats, a senior official said.
Seeking to deter hackers, and other threats including Iranian missiles, the investments underscore NATO's recognition that conflicts are increasingly fought on computer networks as well as in the air, on land and at sea.
A senior official at the NATO Communications and Information Agency said the plans include a €1.7bil (RM8.5bil) investment in satellite communications to better support troops and ships deployed across the alliance, as well as aiding the use of Unmanned Aerial Vehicles (UAVs) or drones.
It was not immediately clear if NATO allies would fund a new military communications satellite to be launched into space or if an increase in broadband capacity could be gained from existing US and other allied satellites.
Non-NATO member Japan launched its first military communications satellite in January.
The proposals, for which some funding must still be approved by NATO governments, also envisage spending about €800mil (RM3.8bil) on the computer systems that help command air and missile defences, said the official, who declined to be named.
Seventy-one million euros (RM340.5mil) will go to improving the protection of NATO's 32 main locations from cyberattacks.
NATO says it has seen a five-fold increase in suspicious events on its networks in the past three years, while Russian group APT28 is blamed by Western intelligence for the hacking of the US Democratic Party during last year's US election.
NATO officials have told Reuters they suspect Russia sponsors attacks against their networks before major summits.
Another  €180mil (RM863.3mil) are to be spent to provide more secure mobile communications for alliance soldiers in the field.
NATO will present its needs in detail at a conference in Ottawa in April and then begin launching the bidding process.
It is likely to attract major Western defence contracts including Airbus Group, Raytheon and Lockheed Martin Corp, the official said, in part because "there cannot be content that does not come from NATO nations."
NATO rules prohibit Russian or Chinese suppliers unless there is a specific need that allied companies cannot provide
.