LivingSocial, the company that helps users get better deals, announced that they have been hacked. The company notes that the hackers did not gain access to any credit card information. As a precaution, LivingSocial is sending out an e-mail to 50 million of its users informing them of the hack.
LivingSocial hasn't detailed how the hack occurred, but they have said that names, birthdays, e-mail addresses, and encrypted passwords were compromised. Given enough time and the correct tools, those encrypted passwords can be decrypted. Combine the password with the e-mail and the hackers could gain access to other sites.
If you use the same e-mail/password combination on any other sites, you're encouraged to change your passwords right away.
Cyberthreats are the new way of slowly removing citizens' privacy, and now the Department of Homeland Security (DHS) is preparing to deploy a very powerful new version of their EINSTEIN intrusion-detection system that is built to detect attacks and malware, especially when it comes to e-mail.
But because this new version of EINSTEIN is able to read electronic content, it is raising privacy concerns. DHS has recognized this, and have just issued a "privacy impact assessment" on what they're calling EINSTEIN 3 Accelerated, the intrusion detection and prevention system that is expected to be made available as a managed security service from ISPs to monitor the ".gov" traffic to and from civilian agencies and Executive Branch departments.
The DHS has said that EINSTEIN 3 might be able to collect "personally identifiable information" (PII) in some instances where this network security system will not just monitor but also prevent threats by clocking traffic in order to detect a cyberthreat or potential cyberthreat.
This afternoon some alarming news emanated from the Associated Press' Twitter account that stated the White House had been bombed and President Obama had been injured.
With recent events, this news spread across the web via social media within minutes. Fortunately, the report was 100% false - the President and the White House are safe and sound.
AP reporter Matt Moore took to his Twitter account to debunk the false report and confirm that the trusted news organization's Twitter account had indeed been hacked. The official source of the hack is unknown, but the hacker group Syrian Electronic Army appears to be claiming responsibility.
This morning TechSpot broke news that during 2011 and 2012 over 2700 servers hosted with HostGator were compromised when an employee installed backdoors on the machines. Prosecutors say that 29 year old Eric Gunnar Gisse of Texas was responsible for the inside hacking.
Gisse was employed by the company between September of 2011 and February 2012 as a medium level systems administrator. HostGator says that Gisse went to great lengths to hide the backdoor as a common Unix admin tool, which he renamed "pcre", which is a common system file.
No evidence was presented as to whether or not Gisse ever used the backdoor to access any of the servers remotely, but as the meme goes, "One simply does not install a backdoor onto 2700 servers without the intent to use them."
Gisse is scheduled to be arraigned next month. It's unclear if he has entered a plea as of this writing. He is being held on $20,000 bond at the Harris County Jail in Houston, TX.
Microsoft is pushing out a major upgrade to Microsoft account security by offering the option of two-step verification. As of late, many different online services have started to offer two-step or two-factor authentication to help keep online accounts more secure.
Two-step verification usually takes a bit longer to allow access to an account, but it makes it much more difficult for a hacker to brute-force your password. To login after two-step verification is enabled, you'll be required to enter your password and a code that was sent to either an e-mail or cell phone on file.
You'll be able to enable two-step verification at Microsoft's website, though the option might not be immediately available. For more information about Microsoft's two-step implementation, check out their blog post.
Gottfrid Svartholm, one of the co-founders of everyone's favorite torrent website The Pirate Bay, has been indicted on charges of hacking along with three others. Svartholm is said to be the mastermind behind a series of cyber intrusions into Nordea Bank and the Swedish federal tax agency.
In a statement, prosecutor Henrik Olin had the following to say:
"A large amount of data from companies and agencies was taken during the hack, including a large amount of personal data, such as personal identity numbers of people with protected identities."
These charges come completely independent of a recent sentence of one year in prison that was passed down to Svartholm after a series of shady happenings where Cambodian authorities managed to deport him back to Sweden. These new charges carry a much longer sentence than just one year.
Android looks like its the OS of choice for malware developers, with mobile security vendor NQ finding that Android devices infected with malware grew exponentially last year alone.
NQ found that Android devices with malware infections grew from 10.8 million in 2011 to 32.8 million, meaning a triple of infections year-over-year. They also found that nearly 95% of malware detected in 2012 was designed specifically for Google's mobile OS, which means that Android is the main target for cybercriminals.
Most Android malware infections happen in China, India and Russia - so while this might seem like some frightening numbers at first, InfoWorld's Brian Katz does make us feel all a little better. Katz also writes that most mobile malware can be avoided if Android users "download apps only from known sources", such as the Google Play Store. My advice? Don't click ads, don't open suspicious links, don't join random or weird Facebook groups that want all of your info.
North Korea are the subject of yet another attack by Anonymous, this time taking down a North Korean news and information site. Uriminzokkiri.com has been taken down, with a timeout error appearing when someone tries to access the site.
Anonymous didn't stop there, as they also attacked minjok.com, jajusasang.com and paekdu-hanna.com. These sites were hacked to display images mocking North Korean supreme leader, Kim Jong-un. This also isn't the first time Anonymous have hacked North Korea, as earlier this month the hacking collective gained access to the North Korean Twitter feed.
With access to NK's Twitter feed, they posted tweets to images poking fun at Kim Jong-un, condemning him for "threatening world peace with ICBMs and nuclear weapons" and "wasting money while his people starve".
In the past 48 hours, life has been pretty stressful for those invested in the virtual currency Bitcoin. On Wednesday the Bitcoin exchange Mt. Gox experienced a massive crash that led to the Bitcoin losing half of it's value. Then yesterday Mt. Gox announced a 12 hour suspension in trading to upgrade servers, and let investors calm down over the crash.
This morning we got word that before yesterday's shutdown, Mt. Gox was also attacked by hackers when it experienced a massive DDOS attack. This is the second large cyber-attack on the exchange in less than a week, which should fuel speculation about the security of investing in a yet-to-be vetted virtual currency.
Skeptics of Bitcoin will be quick to point out the fact that it will be hard to validate the new currency until the market is secure from such attacks, and measures are implemented to prevent such massive sell-offs.
Anonymous are in the news again, this time for their claims of a cyberattack against the Israeli government and their various Web sites, which has caused billions of dollars in damages. Israeli officials have said that there has been no serious disruptions.
Anonymous have claimed to have hacked over a dozen website, including the Israel Police, the Prime Minister's Office, the Israel Securities Authority, the Immigrant Absorption Ministry, and the Central Bureau of Statistics. Anonymous estimates that #OpIsrael has caused over $3 billion in damages, after hacking over 100,000 websites, 40,000 Facebook accounts, 5,000 Twitter accounts and 30,000 Israeli bank accounts.
A new malware has been discovered by Kaspersky labs. The new malware spreads through Skype and turns the victim's computer into a Bitcoin miner. The victim's machine is then fully loaded to mine Bitcoins which is how the malware author makes money from the software.
The malware currently has a low detection rate. Kaspersky now identifies the malware as Trojan.Win32.Jorik.IRCbot.xkt. The malware is downloaded from a server in India. Once on the victim's machine, it pulls down more files from Hotfile, one of which is a Bitcoin mining application.
Bitcoin mining, explained more in-depth by Bitcoin, is a processor intensive task. The victim's CPU will be fully loaded mining Bitcoins, which are then given to the author of the malware. These Bitcoins are then used to turn a profit.
To stay safe, be sure to update your anti-virus software often and don't click any random links received via Skype.
Microsoft will release two critical patches this coming Tuesday April the 9th. The pair of patches are both for Windows and one for Internet Explorer.
One of the patches is a critical update to Windows 8, Vista, 7, XP and RT. The other patch is deemed "important" and is for Vista, 7 and XP. There is also patches for Windows Server 2012, 2008, and Server Core. An update of Microsoft's Windows Malicious Software Removal tool is also expected.
Keep an eye out for the updates next Tuesday.
Crowd funding website Indiegogo was hit by a DDOS attack by an unknown source after YourAnonNews posted up a fundraising campaign. YourAnonNews (YAN) is attempting to raise funds to develop and host a new website that is similar to a newswire for Anonymous news. Apparently someone didn't like the idea.
Over the past two years Your Anon News (YAN) has been many things to many people and has continuously evolved under the guidance of numerous contributors. Since our humble beginnings as a new account we have always resisted being held to the constraints placed upon mainstream media outlets, but were limited to the tools available to us via Twitter and Tumblr. Those of us contributing to YAN have always desired to expand our capabilities and to report, not just aggregate, the news.
It's not clear where the DDOS attack originated from and Indiegogo hasn't been exactly forthcoming about the attack. Slava Rubin, founder of Indiegogo, apologized for the outage and offered an extension to any campaigns ending this week: "Any campaigns scheduled to conclude this week will have the option of extending until Sunday by contacting our 24-7 Customer Happiness team."
You can check out the YAN Indiegogo campaign on the Indiegogo site.
Scribd has announced that it suffered a minor hack earlier this week. The hack seems to have targeted just user login information, meaning only e-mails and passwords were at risk. Scribd adds that they believe less than 1 percent of users were affected by the attack and that they have contacted every account asking them to reset their password.
Because of the way Scribd securely stores passwords, we believe that the passwords of less than 1% of our users were potentially compromised by this attack...We have now emailed every user whose password was potentially compromised with details of the situation and instructions for resetting their password...Our investigation indicates that no content, payment and sales-related data, or other information were accessed or compromised. We believe the information accessed was limited to general user information, which includes usernames, emails, and encrypted passwords.
If you didn't receive an e-mail, you're probably not affected. If you're still concerned, Scribd has set up a website to allow you to check if your account was one of the affected accounts.
If you haven't been keeping up with the current affairs of the world, North Korea are testing the waters of war at the moment - all while South Korea and their very tight and even more capable ally, the United States, play their war games with B2 Stealth Bombers, among other expensive military toys.
All while this is happening, Anonymous are jumping into the ring where the hacking collective are said to have started an initiative called "Operation Free Korea" and they're demanding that North Korean leader Kim Jong-un resign and install free democracy in the country.
Anonymous have also demanded that North Korea abandon their nuclear ambitions, and for the NK government to give universal and uncensored Internet access to their citizens. The hacking collective have claimed they've hacked into the North Korean intranet, mail servers and Web servers, threatening to wage war if their demands aren't met. The group has written:
We got all over 15k membership records of Uriminzokkiri.com and many more. First we gonna wipe your data, then we gonna wipe your badass dictatorship 'government.'
The world's largest DDoS attack took place between two Dutch companies, saw 300Gbps peak speeds during attack
The New York Times is reporting that a fight between Dutch anti-spam group Spamhaus and Dutch hosting company Cyberbunker has escalated quite quickly, not just in attacks, but in the pure bandwidth used.
The fight saw the world's largest recorded distributed denial-of-service (DDoS) attack, which saw peak speeds of 300Gbps this week. How did this all start you ask? Well, it started when Spamhaus added Cyberbunker to their blacklist, which is designed to help email providers block spammers.
It wasn't long after this that the anti-spam group was hit by a mammoth DDoS attack that was described by Akamai Networks chief architect, Patrick Gilmore, as "the largest publicly announced DDoS attack in the history of the Internet."
Activist in Tibet might want to reconsider spreading the word about their next rally through their Android based smartphones. Researchers at Kaspersky Labs have just discovered a new Trojan virus that is designed to target Tibetan and Uyghur Activist.
The malware is specifically designed for Android Phones and is injected into the device when the unsuspecting user opens an email that references the recent World Uyghur Conference. Kaspersky says that this is the first documented attack that targets Android smartphones but it will most certainly not be the last.
In an interview with Mashable, Kurt Baumgartner, a senior security researcher at Kaspersky, said:
This is the first time a precisely targeted attack is implementing an Android-based Trojan... this is the first instance that it was used in a targeted attack that's publicly documented.
Apple appears to be taking security more seriously. Just a mere 24 hours after Yontoo adware was discovered to be affecting Mac OS X systems, Apple has pushed out an update to its malware definitions to protect from the malware. The Yontoo adware was found to be injecting ads into sites visited in Chrome, Safari, and Firefox.
Apple hasn't always been so quick to respond to new threats. For a long time, Apple actually advertised that Mac OS X was basically invulnerable to viruses. Variants of Yontoo are bound to show up and it will be interesting to see if Apple is able to keep them at bay. As always, we'll keep our eye on the latest security threats and alert users when major problems arise.
If you haven't enabled two-factor authentication quite yet, you might want to get on it. Yes, right now. A new vulnerability has been found that will allow a malicious user to reset a user's password by knowing just their e-mail address and date of birth. It's not clear if this bug resulted from Apple's new two-step authentication or if it has always been there.
A guide to doing the hack has been posted online, though we will not be linking to it for some very obvious security reasons. A malicious user has to simply paste in a modified URL and answer the date of birth security question to reset the password. The exploit makes use of Apple's iForgot tool.
Nearly 48 hours ago, South Korea saw a cyber attack that took down multiple banks and TV stations. It's now being reported that the cyber attack wiped the HDDs of the affected PCs, according to McAfee's analysis on the attack.
The PCs were infected by malware, wiping the master boot record (MBR) of the affected PCs. The MBR on a HDD contains crucial information on how the file systems on a HDD are organized, messing with this can take down a system easily. The malware used overwrote the data in the MBR with some weird characters: "PRINCPES, PR!NCPES, HASTATI." The attack also overwrote some random parts of the file system with the same weird characters.
The systems affected were then given a forced reboot command, but because the MBR and file system were attacked and thus corrupted, the restart was unable to complete.
Apple is implementing a security feature known as two-step verification. It's similar to the security measures used by Google and other web services. Users are able to enable the service through the Apple ID website, after which two-step verification will be required to make changes to a user's account.
Users will set up a trusted device, such as a Mac or iPhone, and will need to print a recovery key. In order to reset a user's password, they will need to have access to the recovery key that they printed out. The first time you attempt to buy an app on a new device, you'll be required to enter a pin that can be accessed from a trusted device.
You can head over to the Apple ID website to enable it for yourself. It's definitely recommended, though it's only currently available in the United States, United Kingdom, Australia, Ireland, and New Zealand.