List of Damage under #OpWorldCup and Anonymous’ target List of Sponsors

Source: www.hackernewsbulletin.com

 

Anonymous Brazil

It is already in the news that Anonymous group of hackers mainly from Brazil and also from all over the world going to hit this season’s World Cup Sponsors with Cyber-Attacks.

Hackers dubbed this operation “#OpWorldCup,” you can also find many related tweets to the event through searching for the following Hash-tags: #tangodown, #Anonymous, #Brazil and #Worldcup.

You will find the answer HERE, if you are thinking why hackers are attacking the Brazil World Cup 2014.

We also have seen many Tangodown related to the event, in which Anonymous took down Brazil govt. websites through DDoS Attacks:

Image Credits: Symantec

The U.S Department of Justice announced that FBI and other international Law enforcements have disrupted two of the world’s most notorious botnets: GameOver Zeus and Cryptolocker ransomware.

Sponsored Links
Game Over Zeus is one of the most notorious botnets which first emerged in September 2011 responsible for millions of infections worldwide.  It is based on the original Zeus malware, attempts to steal financial information from the victim.

According to the United States Department of Justice report, the cybercriminals behind the GameOver Zeus have stolen more than $100 million.

Evgeniy Mikhailovich Bogachev, 30-year-old Russian, has been charged for his alleged role as an admin of the Gameover Zeus botnet.

Cryptolocker is a particularly nasty piece of malware that encrypts all files on the infected machine, then demands a ransom to unlock it.  If the files are important one and no backup is there, victims don’t have choice other than paying ransom to get a key to unlock.

DOJ report suggests that more than 200k computers have been infected by this ransomware as of April.  The malware appeared in September 2013, within two months cyber criminals collected more than $27 million.

Symantec has also released a tool to remove GameOver malware completely from your computer.  You can download it from here.

– See more at: http://www.ehackingnews.com/2014/06/gameover-zeus-cryptolocker-disruption.html#sthash.3126MKt7.dpuf

Image Credits: Symantec

The U.S Department of Justice announced that FBI and other international Law enforcements have disrupted two of the world’s most notorious botnets: GameOver Zeus and Cryptolocker ransomware.

Sponsored Links
Game Over Zeus is one of the most notorious botnets which first emerged in September 2011 responsible for millions of infections worldwide.  It is based on the original Zeus malware, attempts to steal financial information from the victim.

According to the United States Department of Justice report, the cybercriminals behind the GameOver Zeus have stolen more than $100 million.

Evgeniy Mikhailovich Bogachev, 30-year-old Russian, has been charged for his alleged role as an admin of the Gameover Zeus botnet.

Cryptolocker is a particularly nasty piece of malware that encrypts all files on the infected machine, then demands a ransom to unlock it.  If the files are important one and no backup is there, victims don’t have choice other than paying ransom to get a key to unlock.

DOJ report suggests that more than 200k computers have been infected by this ransomware as of April.  The malware appeared in September 2013, within two months cyber criminals collected more than $27 million.

Symantec has also released a tool to remove GameOver malware completely from your computer.  You can download it from here.

– See more at: http://www.ehackingnews.com/2014/06/gameover-zeus-cryptolocker-disruption.html#sthash.3126MKt7.dpuf

Anonymous preparing cyber-attacks for sponsors in Brazil FIFA world cup 2014

Source: http://hackersnewsbulletin.com

Anonymous1

Just like World Wide Web, here is World Wide Anonymous group (which contains Activists,) and now they are planning to disturb the Fifa World Cup 2014 in Brazil through Cyber-Attacks.

Anonymous are going to target sponsors of this Word Cup, and below is the reason WHY?

The group is really angry with the Lavish spending on the games in Brazil and the country is struggling to provide basic services, “We will not stay quiet,” one of the hacker says.

Earlier this week, Hackers already attacked the Brazil’s Foreign Ministry computer networks and leaked dozens of confidential emails. In the attack a hacker AnonManifest used phishing tactics to hack into the Foreign Ministry’s databases and access emails.

A hacker dubbed Che Commodore says, “We have already conducted late-night tests to see which of the sites are more vulnerable. “We have a plan of attack.”

“This time we are targeting the sponsors of the World Cup,” he said in a Skype conversation with Reuters from an undisclosed location in Brazil.

Who is the Target from Sponsors?

  • Adidas
  • Emirates Airline
  • Cola-Cola CO
  • Budweiser

Before this, Brazil already is cracked by the protesters, which are upset on the same thing (Government for pumping millions of dollars into the funding,) that Anonymous makes the Motive to attack this World Cup.

Brazilians are angry with their government for pumping millions of dollars into the funding of an eight-week extravagance and that money being spent on the World Cup is instead desperately needed for education, sanitisation, hospitals and the eradication of violence, drugs and weapons from their streets, Huffingtonpost writes.

Right now, FIFA World Cup has been scheduled from 12 June to 13 July 2014 and this is the second time, Brazil is hosting the World Cup.

The day is near, and attacks are bigger, so we will not confuse you by adding some more words, we will just wait and watch and if there is any attack goes on, we will update you asap.

Using TrueCrypt is not secure” , End of TrueCrypt Development

Source: www.ehackingnews.com

“Using TrueCrypt is not secure” , End of TrueCrypt Development – See more at: http://www.ehackingnews.com/2014/05/using-truecrypt-is-not-secure-end-of.html#sthash.WFGXmKcM.dpuf

 

Today, security enthusiasts woke up with a shocking news that TrueCrypt has ended its development and warns users that the tool used for encrypting drive is not safe to use.

Sponsored Links
Users who try to access the official TrueCrypt website are being redirected to the official sourceforge page of Truecrypt(truecrypt.sourceforge.net/).  The page displays the following message:

“WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”

The message continued “The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms .

The page suggests users to migrate any data encrypted by TrueCrypt to encrypted disks supported on their platform.  It also has provided steps for migrating to an encrypted BitLocker drive.

Many, including me, are not able to believe our own eyes.  It is uncertain whether it is official announcement from the development team or some one has hacked the Truecrypt website.

Matthew Green, who teaches cryptography at Johns Hopkins, researcher involved with the TrueCrypt audit, tweeted that he thinks the news is legitimate.

A new binary (Truecrypt v7.2) has been uploaded to sourceforge page in the last 24 hours.  Upon opening this binary, the following error message is being displayed:
The binary is not allowing users to “create new volume”.  It only allows you to mount the volumes.  Users are advised not to download this latest version, as it may contain malicious code.

Apple devices ‘hijacked for ransom’

Source: BBC UK

Several users of Apple devices in Australia have reported that their gadgets have been “hijacked” – with a message demanding money.

Experts believed the hack had targeted users by exploiting the Find my iPhone feature.

A message appeared on some targeted phones asking for “$100 USD/EUR” to be sent to a PayPal account.

Networks advised affected users to contact Apple, which denied its cloud storage service had been breached.

“Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services,” the firm said in a statement to The Register news site.

“Any users who need additional help can contact AppleCare or visit their local Apple Retail Store.”

PayPal has said any funds sent to the specified account would be refunded.

‘Woke me up’

According to the Sydney Morning Herald, the problem spread across much of Australia, with reports of attacks in Queensland, New South Wales, Western Australia, South Australia and Victoria.

 Apple’s iCloud co-ordinates data across devices but cut one journalist off from his digital life

However, reports have emerged from further afield, with at least one case said to have occurred in London. It involved an Australian visiting on holiday.

Concerned users took to Apple’s support forums, and Twitter, to share details of attacks, which affected iPhones, iPads and, in some cases, Mac laptops.

“This has happened to me too in Brisbane, woke me up half an hour ago,” wrote one user, amberoonie.

“Freaking out as when I opened my laptop it had the same message ‘Device hacked by Oleg Pliss. For unlock device’ with the Find My iPhone icon.”

It is unlikely the hacker would use his real name in the message.

‘Not an option’

Information security consultant Brian Honan told the BBC that so far little is known about the source of the attacks.

He said theories ranged from someone having access to Apple’s systems, to hackers having access to a database of usernames and passwords – perhaps obtained from a third party.

Regardless, he said Apple had to move quickly to reassure users.

“One of the key things, as in any security breach, is being able to communicate proactively with your affected customers,” he said.

“Even just to let them know what you’re doing to deal with the issue can be reassuring.”

New point of sale malware compromises 1500 devices.

Source: www.thehackernews.com

Point of Sale malware
In past few months, the malware developers are more focusing on proliferating and upgrading malicious malwares to target Point-of-Sale (POS) machines. Due to the lack of concern and security measures, point-of-sale (POS) systems have become an attractive target for cybercriminals and malware writers.
BlackPOS malware caused massive data breaches in various US retailers targeting POS machines and the largest one is TARGET data breach occurred during the last Christmas holidays. The third-largest U.S. Retailer in which over 40 million Credit & Debit cards were stolen, used to pay for purchases at its 1500 stores nationwide in the U.S.
Neiman Marcus, Michaels Store were also targeted involving the heist of possibly 110 million Credit-Debit cards, and personal information. BlackPOS malware was embedded in point-of-sale (POS) equipment at the checkout counters to collect secure data as the credit cards were swiped during transactions.

 

eBay Hacked, Urges All Members to Change Passwords Immediately

Source: www.yahoo.com

 

The online auction and sales giant eBay posted a message Wednesday morning saying that it had been hacked, urging all of its members to change their passwords.

The company said in a statement that a database containing encrypted passwords had been breached, but that financial data, including credit card information, was stored separately and was still safe. Hackers were able to gain access to eBay employee log-ins, eBay said, which in turn gave them access to the encoded passwords.

eBay says that no unauthorized transactions have yet been made with the information. But if you’re an eBay user, you still definitely need a new password.

“[C]hanging passwords is a best practice,” the statement said, “and will help enhance security for eBay users.”

In the statement, which was unsigned, eBay said that the attack took place between late February and early March. Though the passwords that the hackers gained access to were encrypted, or obscured by a code to prevent easy reading, eBay did say that the hackers were able to access members’ names, email addresses, physical addresses, phone numbers, and dates of birth. 

The real takeaway from this: Change your eBay password (go to My eBay and open the Personal Information link you’ll see on the left). If you use the same password on multiple sites, you’ll need to change those passwords, too, should the hackers successfully break the encryption.

eBay Hacked, Urges All Members to Change Passwords Immediately

And if you’re looking for a strong new password, now is a good time to revisit our guide to creating secure passwords on all your online accounts.

Symantec revamps small business security suite

Source: www.infoworld.com

 

Symantec’s latest product, Norton Small Business, is perhaps the most well-rounded and ambitious offering the company has inserted into its product array for small companies.

The security company has been working for more than a year to revamp its product line as the company faces an ever-competitive security market.

Symantec has at least four products it says are suited for small businesses such as Norton 360 version 6.0, Norton AntiVirus 2012, Norton Internet Security 2012 and Symantec Protection Suite Small Business Edition. All are priced differently and have some overlapping features.

None of those products are being retired but will instead be joined by Norton Small Business, which has been geared to keep up with trends: mobile device security and protection for Apple desktop computers. It is aimed at companies with fewer than 20 employees that are unlikely to have a full-time IT specialist.

Symantec is also offering an ambitious guarantee to Norton Small Business buyers called “Virus Removal Assurance.” It is offering free phone support as part of the guarantee, saying that if its support technicians can’t remove the malicious software, customers can get their money back for the product.

Virus and spyware removal support is a feature of other Symantec products, such as the NortonLive Service, but costs $100 per call. The company claims it is able to remove malware in 99.9 percent of the time.

Symantec’s guarantee assumes a customer actually knows they’re infected and that malware has been found on the computer, an increasingly difficult task for consumer-grade security software suites.

For general antivirus protection, Norton Small Business uses Symantec’s Insight and Sonar technologies, which are designed to spot unknown malicious files and programs and and classify them based on their reputation and behavior, a more effective method than relying on signatures.

Since mobile devices are increasingly being used by small businesses, the product has several security and device management features, mostly for Android.

The suite will scan Android applications to see if they’re malicious. It also can block calls and text messages from certain numbers and will also scan SD memory cards.

For iOS iPads and iPhones, the features of Norton Small Business are limited due to Apple’s tight control over its devices and what kind of applications users can install. Apple doesn’t allow security applications to be installed on its mobile devices, so the security features offered for Android devices don’t apply to Apple ones.

A product sheet claims that Norton Small Business can track a lost Apple device, but Apple has already incorporated that feature into iOS. It also has a “scream alarm” to locate a missing iOS device that may be within earshot.

The suite supports Apple desktop computers running Mac OS X version 10.7 and later.

Symantec has aimed manage of the software easy for small business owners across devices, said Anne O’Neill, Symantec’s senior marketing director for North America.

An online management console shows what devices have Norton Small Business installed. Whoever is managing a company’s IT security can email “invites” to new employees, which contains a link to download the suite. The product can also be deactivated on a device from the console.

The subscription service starts at $99 for an annual subscription covering five devices, and goes on to $199 for 10 devices and $399 for 20. New devices can be added for $20 annually, with the subscription pro-rated according to the remaining subscription period.

U.S. Charges Five Chinese Military Officers With Spying

Source: Bloomberg

The U.S. dramatically escalated its battle to curb China’s technology theft from American companies by accusing five Chinese military officials of stealing trade secrets, casting the hacker attacks as a direct economic threat.

The indictment effectively accuses China and its government of a vast effort to mine U.S. technology through cyber-espionage, stealing jobs as well as the innovation on which the success of major global companies like United States Steel Corp. (X) and Alcoa Corp. (AA) depends.

While hundreds of U.S. entities have been penetrated by Chinese military hackers since 2002, the Justice Department focused on five companies specializing in solar panels, metals and next-generation nuclear power plants. Four companies are headquartered or have main offices in Western Pennsylvania and officials calculated the toll in human terms.

“The lifeblood of any organization is the people who work, strive and sweat for it,” David Hickton, U.S. Attorney for the Western District of Pennsylvania, said at a news conference in Washington. “When these cyber-intrusions occur, production slows, plants close, workers get laid off and lose their homes.”

The charges, unsealed today in District Court in Pennsylvania, allege the Chinese officers conspired to steal trade secrets and other information from U.S. companies, including Westinghouse Electric Co. and Allegheny Technologies Inc. (ATI) and the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial Services Workers International Union.

Photographer: Feng Li – Pool/Getty Images

A Chinese flag is adjusted before at the Great Hall of the People in Beijing.

Pressure Point

The indictments may add a new pressure point in U.S.-China relations, which are strained by Chinese territorial disputes with U.S. allies such as Japan and the Philippines as well as economic competition around the world. While President Barack Obama has said that he welcomes China’s rise as an economic and military power, his administration has sought to increase U.S. presence and influence in the region.

“It’s going to be explosive,” said Paul M. Tiao, a former senior counselor on cybersecurity to FBI director Robert Mueller. “This will have significant diplomatic implications and will affect our relationship with the Chinese government.”

The Chinese government denied engaging in economic espionage and said it would suspend participation in a U.S.- China cyber working group, which was formed last year to discuss rules for cyberspace and as a mechanism to manage differences between the two countries.

Photographer: Andrew Harrer/Bloomberg

Attorney General Eric Holder will hold a press conference at 10 a.m. today with U.S…. Read More

“The U.S. accusation against Chinese personnel is purely ungrounded and absurd,” Geng Shuang, spokesman for the Chinese embassy in Washington, said in an e-mail.

‘Aggressive Response’

U.S. Attorney General Eric Holder called the stolen data significant and said the theft “demands an aggressive response.” Hickton said the cost to companies hacked potentially amounts to billions of dollars in lost research and development.

“This cyberhacking leads directly to the loss of jobs here in the United States,” Hickton said. “This 21st Century burglary has to stop.”

Those indicted were officers in Unit 61398 of the Third Department of the Chinese People’s Liberation Army. The Justice Department identified them as Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu and Gu Chunhui.

In one of the cases, the Justice Department said Sun stole proprietary technical and design specifications for piping from Westinghouse, the nuclear reactor arm of Toshiba Corp. (6502), as the company was building four power plants in China and negotiating other business ventures with state-owned enterprises.

In another instance, Wang and Sun hacked into U.S. Steel computers as the company was participating in trade cases, according to the department’s statement.

Companies Hacked

The indictment appears to be the first public disclosure of some of the intrusions, raising the question why the companies had not disclosed the events to investors.

“To our knowledge, no material information was compromised during this incident, which occurred several years ago,” Monica Orbe, an Alcoa spokeswoman, said in an e-mail today. “Safeguarding our data is a top priority for Alcoa and we continue to invest resources to protect our systems.”

While being spied upon would be a “big honor” and a sign that Solarworld has developed first-rate photovoltaic technology, “it’s a criminal act to steal what we are developing with a lot of money,” Solarworld Chief Executive Frank Asbeck said in a phone interview today.

Sheila Holt, a spokeswoman for the Pittsburgh-based Westinghouse unit of Toshiba, said the company just learned of the indictment. She declined to say whether the company is cooperating with investigators.

Army Links

China-based hackers with links to the People’s Liberation Army have been conducting commercial espionage on Western companies despite the Chinese government’s denial of the accusation last year, Mandiant Corp. (FEYE), the information security firm, said in a report posted April 10 on its website. Mandiant has since been acquired by FireEye Inc.

The hackers, operating since 2006, also stole sensitive communications that would help Chinese competitors in litigation by providing “insight into the strategy and vulnerabilities of the American entity,” the Justice Department said in a statement.

Holder and Robert Anderson, an executive director at the Federal Bureau of Information, said every effort will be made to bring the indicted officials to court in Western Pennsylvania.

“This is the new normal,” Anderson said. “This is what you’re going to see on a recurring basis, not just every six months, not just every year.”

Confronting China

The Obama administration decided last year to publicly confront China with claims that it is behind a campaign to hack into U.S. agencies and corporations to steal trade secrets and potentially disrupt computer networks operating banks, power grids and telecommunications networks.

“Success in the global marketplace should be based solely on a company’s ability to innovate and compete, not on a sponsor government’s ability to spy and steal business secrets,” Holder said, emphasizing that U.S. surveillance and spying is not used for commercial purposes.

The Pentagon for the first time in May 2013 accused the Chinese military of intruding into U.S. computers to steal sensitive data.

Wealth Transfer

Former Army General Keith Alexander, who headed the National Security Agency and U.S. Cyber Command, has called the hacking of U.S. trade secrets the greatest transfer of wealth in history.

Despite the push by the Obama administration, no charges had been brought against Chinese officials for hacking. The effort also was overshadowed by documents leaked by former government contractor Edward Snowden last year revealing the extent of NSA spying both domestically and abroad. China maintains that it’s a victim of hacking and opposes such activities.

Hacking activities originating in China temporarily dropped after Mandiant’s first report in February 2013, and by the end of summer the groups returned to “consistent intrusion activity” Mandiant’s latest report said. It said the lull could have been an attempt by the Chinese to assess any political damage following the publication of its report and to reorganize its cyber operations to better hide its activities.

Microsoft acknowledges more errors, 80070371 and 80071A91, when installing Windows 8.1 Update/KB 2919355

There’s confirmation of two more bugs and a Stop 0x7B ‘Blue Screen’ as Microsoft re-issues the patch, changing metadata but no programs

Source: www.infoworld.com

Microsoft acknowledges more errors, 80070371 and 80071A91, when installing Windows 8.1 Update/KB 2919355

The Windows 8.1 Update blowout continues. We now have official recognition of two more error codes, 80070371 and 80071A91, which can occur when you try to install Windows 8.1 Update, KB 2919355.

These revalations come on the heels of acknowledged errors 800F0922, 800F0923, 80070003, 80070005, 80070490, and 80073712, and the error message “We couldn’t complete the updates, Undoing changes. Don’t turn off your computer.” Microsoft gave workarounds for some (but not all) of the those earlier problems on the Microsoft Answers forum earlier this week.

In addition, after installing KB 2919355, Internet Explorer 11 may crash when you turn on or turn off Enterprise Mode, as described in KB 2956283. You may also hit a Stop 0x7B “Blue Screen” error, described in KB 2967012.

Microsoft has re-issued patch KB 2919355 yet again, changing the installation metadata but not the programs themselves. The associated Knowledge Base article is now up to version 21.

Yes, this is the same patch that Microsoft was going to use as a “baseline” for all future Windows 8.1 patches: Up until Monday of this week, Microsoft’s official, oft-repeated policy demanded that customers install KB 2919355 if they wanted any future Windows 8.1 security patches. Fortunately, on May 12 cooler heads prevailed and Microsoft informed Windows 8.1 customers that the threatened Windows 8.1 patch cutoff was a paper tiger — those who didn’t get Windows 8.1 Update/KB2919322 installed by May 13 would continue to receive updates for another month, until Black Tuesday June 9.

The June 9 cutoff date is now two and a half weeks away. If you can’t get KB 2919355 installed by June 9, Microsoft is threatening (once again) that you won’t be able to get any more patches.

I count 11 known, documented error messages, codes, and crashes for KB 2919355 — and nearly zero definitive solutions. Sure hope Microsoft can solve all those problems by June 9.

It bears repeating, folks: You can’t patch a desktop like a phone.

This story, “Microsoft acknowledges more errors, 80070371 and 80071A91, when installing Windows 8.1 Update/KB 2919355,” was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Critical vulnerabilities in TLS implementation for Java

Source: www.sciencedaily.com


In January and April 2014, Oracle has released critical Java software security updates. They resolve, amongst others, three vulnerabilities discovered by researchers from the Horst Görtz Institute for IT Security at the Ruhr-Universität Bochum. These vulnerabilities affect the “Java Secure Socket Extension” (JSSE), a software library implementing the “Transport Layer Security” protocol (TLS). TLS is used to encrypt sensitive information transferred between browsers and web servers, such as passwords and credit card data, for example.

Similar to Heartbleed

Recently, the Heartbleed vulnerability of OpenSSL, the most important TLS implementation, has hit the headlines. Like OpenSSL, JSSE is an open source TLS implementation, maintained by Oracle. The researchers discovered three weaknesses in the JSSE library, two of which could be used to completely break the security of TLS encryption. Following the “responsible disclosure” paradigm, the team of Prof Dr Jörg Schwenk privately informed Oracle about these vulnerabilities prior to public announcement. The researchers recommend to install Oracle’s software updates for applications using JSSE as soon as possible.

How to break TLS in JSSE

JSSE was found vulnerable to so-called “Bleichenbacher attacks.” First, the researchers intercepted an encrypted communication between a client (e.g. a web browser) and a server. Then, they sent a few thousands requests to the server; by examining the responses of the server they could compute the secret session key. This session key can be used to decrypt all data exchanged between client and server. The first vulnerability was based on critical information that the TLS server transmitted via error messages. The second one was based on different response times of the JSSE server. Bleichenbacher attacks are complex cryptographic attacks, also referred to as adaptive chosen-ciphertext attacks.

April patch from Oracle solves another problem

The April patch provided by Oracle also fixes another cryptographic algorithm (PKCS#1 v2.1, aka RSA-OAEP), which was vulnerable to a different adaptive chosen-ciphertext attack. This algorithm is not used in TLS, but in other security-critical applications, such as Web Services, for instance.