Hacking, Security & Privacy News - Page 1
Hackers steal and leak documents from Pentagon, Homeland Security, NASA, other US gov agencies
Hackers have leaked internal documents stolen from one of the largest IT services providers to the US government, Leidos Holdings.
Leidos Holdings recently learned of the hack, believing that the documents stolen were in a previously disclosed breach of a Diligent Corp. system it used, according to Bloomberg's sources, who asked not to be identified because the information isn't public. Leidos is reportedly investigating the issue now, the person added.
Enterprise software provider exposed nearly a billion records in data breach
A non-password-protected database containing 769 million records was discovered to be exposed to the public, revealing critical information such as secret keys, bank account numbers, tax identification numbers, and email addresses.
Cybersecurity researcher Jeremiah Fowler discovered and reported on the database through a post on Website Planet, where he explained the database was owned by ClickBalance, one of Mexico's largest enterprise resource planning (ERP) technology providers. The database contained access tokens, API keys, secret keys, bank account numbers, tax identification numbers, and 381,224 email addresses. After informing ClickBalance about the database exposure, it promptly implemented restrictions.
Notably, ClickBalance is a software company that offers ERPs as a suite of cloud-based applications to enterprise organizations that enable those organizations to access those applications whenever they like across any device. These ERPs are typically used to manage different processes of an enterprise, such as finance, human resources, supply chains, manufacturing, sales, and other business operations.
Airline avoids CrowdStrike chaos because its systems run on Windows 3.1 and Windows 95
One industry that experienced the brunt of the recent CrowdStrike global IT outage, which put millions of Windows systems into a Blue Screen of Death loop, was air travel. In the U.S., nearly every flight was grounded once systems began to fail; however, one major airline was unaffected.
According to reports, Southwest Airlines systems were untouched by the CrowdStrike error because its various systems run on outdated versions of Windows.
Outdated is putting it mildly. Most of Southwest Airlines' systems run on Windows 3.1 - a version of Microsoft's operating system from 1992. Not only that, but the airline's most advanced system, its staff scheduling system, runs on Windows 95 - so it, too, was unaffected.
What caused the CrowdStrike Windows BSOD issue, and why it led to total system crashes
The world is still recovering from one of history's most disruptive IT outages. Millions of critical Windows-based systems across the globe are experiencing the dreaded Blue Screen of Death (BSOD). The system crashes affect banks, airlines, emergency services, supermarkets, and businesses, putting computers into an endless boot loop with no immediate recovery means.
The issue was quickly traced to CrowdStrike, which creates security software. An update to its popular security platform, Falcon, broke, leading to one of history's most extensive IT failures. The 'Falcon Sensor' component critically failed, resulting in no access to Windows. Critical systems used for point of sale, emergency services like 911, and airlines managing flights were rendered useless.
With the affected systems being Windows PCs, many have pointed fingers at Microsoft. However, the issue looks specific to CrowdStrike software and its update to 'Falcon Sensor.' So then, how did this crash Windows when other apps that fail Crash to Desktop (CTD)? And how can you fix the CrowdStrike BSOD issue? Let's dig in.
Breaking - Global IT outage grounds planes, closes banks, and disrupts services everywhere
A global outage is currently causing havoc, grounding planes, grinding public transportation systems to a halt, disrupting banking services, and affecting everything from streaming services to supermarkets. The cause is the dreaded Windows 'Blue Screen of Death' or BSOD, bringing down systems that countless people, businesses, and critical services rely on.
Based on reports, the culprit appears to be a CrowdStrike update for its CrowdStrike Falcon threat checker, which is currently causing systems to crash and fail.
This is one of the most significant outages we've seen in a while, it's gotten to the point where airlines like American Airlines, United, and Delta have stopped flights taking off. Emergency services are also apparently down in some areas.
Kaspersky hits back at US government over the banning of its products
In June the US government deemed the popular anti-virus software Kaspersky, which is used by millions of users around the world, a prohibited software as it was found to be a risk to national security.
In March 2022, the Federal Communications Commission (FCC) ruled that Kaspersky posed an "unacceptable risk to national security" due to its ties to the Russian government, which Kaspersky irrefutably denied. The anti-virus company denied having ties to any government and acts as an independent multinational company. Additionally, Kaspersky said the decision to ban its products across the United States was a purely political move.
The banning of Kaspersky by the Department of Homeland Security alleged the company has ties to the Russian government, presumably some kind of backdoor within its software that allows the Russian government access to devices running the Kaspersky software. Kaspersky responded by offering to reveal its source code to third parties for verification.
Continue reading: Kaspersky hits back at US government over the banning of its products (full post)
Microsoft officially approved this extremely dangerous door-opening malware
A product that was originally marketed as a security product has been discovered to be malicious malware that injects a kernel-level infection that makes the device susceptible to further attacks.
A new investigative report into the malware called HotPages revealed researchers notified Microsoft of the malicious software on March 18, and it has since been removed from the Windows Server Catalog of where it was once approved on May 1. However, up until that point, HotPage was presumably delivered to its victims as a security product, masquerading as an ad blocker called DWAdsafe for internet cafes in China.
HotPage contained malicious code that dropped a vulnerable system-level driver that could enable any attacker with the highest level privilege to execute new malicious code within a device. Additionally, the malware didn't even remove ads; it instead intercepted web traffic and redirected and manipulated content within a victim's browser. The malware hooked Windows API functions to intercept and modify browser activity to collect information on the victim, which was then sent back to the HotPage creator's server.
FBI confirms its gained access to the phone of Trump's shooter
The phone owned by Thomas Crooks, the man who shot and wounded former US president Donald Trump on July 13, has had his phone seized by the FBI, and now the US authorities have said they have gained access to the device.
July 13 marked the failed assassination attempt of former US president Donald Trump, who dropped to the floor after a bullet wounded his ear. Authorities identified the shooter as Thomas Crooks, a 20-year-old registered Republican, and the FBI later announced it acquired his phone.
The now-deceased Crooks didn't leave behind any obvious motive for his actions against the former president, which is why the FBI is hoping its newfound access to his phone may reveal his reasoning behind his actions, if Crooks was working alone or as part of a bigger group, and if there are any other attempts such as the one at the Pennsylvania rally planned for the future.
Continue reading: FBI confirms its gained access to the phone of Trump's shooter (full post)
Alarms raised in security circles after largest password leak in hacking forum history
Passwords may be one of the most annoying aspects of our daily lives, but they have become extremely important with the ever-growing adoption of the digital landscape. That is why it isn't good when nearly 10 billion unique plaintext passwords leak onto a hacking forum.
A user with the handle "ObamaCare," who has a history of leaking data such as employee databases sourced from law firms, and data acquired from colleges and casinos, posted on a hacking forum, "Xmas came early this year". The leaker added, "I present to you a new rockyou2024 password list with over 9.9 billion passwords!" ObamaCare is referencing a leak called "RockYou2021" where 8.4 billion passwords were leaked online.
Security experts over at Cybernews believe the leak could have extremely bad ramifications for users around the world, as the exposed users could see an increase in the number of online accounts being illegally accessed through brute force hacking. If you are interested in protecting yourself against such breaches, you can check if your password has been compromised using the Leaked Password Checker tool here.
Microsoft's new technology will use your eyes to decrypt secure documents
Microsoft has filed an interesting patent for display technology that effectively decrypts documents in real-time based on a user's gaze. Yeah, so at a glance, the encrypted document would be unreadable to anyone apart from the document's owner. The technology would decrypt the document in real-time based on where the user is looking - and only the components or sections they're currently looking at.
It takes the idea of the 'privacy screen' to a new level, as it isn't limited to hiding what's on screen for those sitting at an angle or behind someone in a public area but works in conjunction with document encryption and decryption.
As Windows Report spotted, the patent and documentation don't explain exactly how it will work. However, it will use a webcam and eye-tracking technologies to determine where you're looking and ensure that reading an entire document with this system isn't slow and laborious.