Posts

Hacker who stole data of nearly 750 mn users, puts 93 mn more users’ data on sale

Image
  The hacker this time is selling an additional 93 million user records from eight companies on a Dark Web marketplace. The hacker who earlier stole and posted data of close to 750 million users of various popular websites on a Dark Web marketplace has now put up the third set of nearly 93 million hacked databases for sale. According to a report on popular news website late Sunday, the hacker this time is selling an additional 93 million user records from eight companies, including GfyCat which is a popular GIF hosting and sharing platform. "The hacker is selling each database individually on Dream Market. Together, all eight are worth 2.6249 bitcoin, which amounts to roughly $9,400," said the report. The stolen information mainly includes account holders' names, email addresses and passwords. The hacker, who goes by the name Gnosticplayers, earlier posted a batch of 16 websites containing the data of 620 million users and a second batch of eight portals with the data of ...

Russia to disconnect from the internet as part of a planned test

Image
  Russia's internet contingency plan gets closer to reality. Russian authorities and major internet providers are planning to disconnect the country from the internet as part of a planned experiment, Russian news agency RosBiznesKonsalting (RBK) reported last week. The reason for the experiment is to gather insight and provide feedback and modifications to a proposed law introduced in the Russian Parliament in December 2018. A first draft of the law mandated that Russian internet providers should ensure the independence of the Russian internet space (Runet) in the case of foreign aggression to disconnect the country from the rest of the internet. In addition, Russian telecom firms would also have to install "technical means" to re-route all Russian internet traffic to exchange points approved or managed by Roskomnazor, Russia's telecom watchdog. Roskomnazor will inspect the traffic to block prohibited content and make sure traffic between Russian users stays inside th...

Windows 7 Leak Reveals Microsoft's Exponential New Support Charges

Image
  Right now   Microsoft   is flourishing. The rejuvenated giant is in the race to be technology’s most valuable company and (quite rightly) there is widespread praise for Satya Nadella’s leadership. But Windows 7 owners are about to learn this new lean and mean Microsoft still knows how to make unpopular decisions…   Despite its massive popularity, Microsoft has no plans to extend support of Windows 7 past January 2020. That is unless you pay a new annual fee which will double in price every year. Citing partners and having obtained screen grabs of pricing, reveals Microsoft will charge Windows 7 Pro users $50 for the first year of additional support, $100 for the second year and $200 for the third year. Windows Enterprise volume licensing customers will pay half these rates, but the cost of maintaining a lot of PCs will get very expensive very quickly. Furthermore, there’s no point opting in late. If you only join in the second year, you still have to pay for t...

Japan Passes Law Amendment To Allow Government To Hack Iot Devices

Image
  Japan is cracking down on vulnerable   IoT   devices.   Japanese government recently approved a law amendment that will enable government workers to hack into people's Internet of Things devices as part of a survey. The outlet says that employees of the National Institute of Information and Communications Technology (NICT) will be carrying out this survey starting next month under the supervision of the Ministry of Internal Affairs and Communications.  Over 200 million IoT devices for both in-home and enterprise use will be tested, starting with routers and web cameras. Default passwords and password dictionaries are all fair game to hack into Japanese consumers' IoT devices, as NICT employees compile a list of insecure devices that authorities and Internet service providers can access to send alert notifications to consumer and take steps to secure the devices. “Russian nation-state hackers deployed the Olympic Destroyer malware before the opening ceremony of...

Trojan malware is back and it's the biggest hacking threat to your business

Image
  Old school but effective, hackers are shifting aware from in-your-face ransomware to attacks that are much more subtle. Trojan malware attacks against business targets have rocketed in the last year, as cyber criminals alter their tactics away from short-term gain and in-your-face ransomware attacks towards more subtle, long-term campaigns with the aim of stealing information including banking information, personal data and even intellectual property. Figures from security company Malwarebytes Labs  in a new report  suggest that trojan and backdoor attacks have risen to become the most detected against businesses – and the number of trojan attacks has more than doubled in the last year, increasing by 132 percent between 2017 and 2018, with backdoors up by 173 percent. Malwarebytes classifies trojans and backdoors separately, describing  a trojan  as a program "that claim to perform one function but actually do another", Meanwhile, a  backdoor  is def...

Over 87GB of email addresses and passwords exposed in Collection 1 dump

Image
  An 87GB dump of email addresses and passwords containing almost 773 million unique addresses and just under 22 million unique passwords has been found. Almost 773 million unique email addresses and just under 22 million unique passwords were found to be hosted on cloud service MEGA. Image: Troy Hunt In a blog post, security researcher Troy Hunt said the collection totalled over 12,000 separate files and more than 87GB of data. The data, dubbed Collection #1, is a set of email addresses and passwords totalling 2,692,818,238 rows that has allegedly come from many different sources. "What I can say is that my own personal data is in there and it's accurate; right email address and a password I used many years ago," Hunt wrote. "In short, if you're in this breach, one or more passwords you've previously used are floating around for others to see." Some passwords, including his own, have been "dehashed", that is converted back to plain text. H...

All the flash-y new storage technologies showcased at CES 2019

  Higher densities and new storage technologies for specialized use cases were unveiled at CES 2019. Manufacturers of traditional hard drives and flash storage solutions outlined their product roadmaps at  CES 2019 . While some new products expected ship as early as this quarter, others are simply proof-of-concept devices requiring refinement before hitting store shelves. Here is pick of the most important storage announcements made at CES this year. SanDisk SanDisk introduced the new  SanDisk Extreme PRO Portable SSD , which connects to devices using either USB-A or USB-C 3.1 Gen 2. Internally, the drive uses an NVMe to USB bridge, allowing for speeds up to 1 GB/s. The Extreme PRO uses a ruggedized shell similar to the standard Extreme Portable SSD, which uses a slower SATA to USB bridge. The newly announced variant opts for an aluminium shell to better dissipate heat from the SSD. The Extreme PRO Portable SSD will be available in 512 GB, 1 TB, and 2 TB capacities. ...

Windows 10 finally overtakes Windows 7 as favorite desktop OS

Image
  The turning point was flagged by web traffic analytics firm Net Applications, whose NetMarketShare figures showed Windows 10's market share on desktop and laptop PCs passing Windows 7 in December 2018. More than three years after its launch, Windows 10 has finally overtaken its predecessor Windows 7 in terms of popularity. The turning point was flagged by web traffic analytics firm Net Applications, whose NetMarketShare  figures showed Windows 10's market share on desktop and laptop PCs overtaking Windows 7  for the first time in December 2018. In that month, 39.22% of all Windows PCs were running Windows 10 and 36.90% were running Windows 7, according to the NetMarketShare figures. Overall, Windows was by far the most popular desktop OS, with 86.2% market share. In the middle of last year, Microsoft said that Windows 10 was running on nearly 700 million devices each month. That figure didn't just include PCs, but also tablets, phones, and Xbox consoles. While Micr...

D3c3mb3r hackers exploit ThinkPHP flaw to hack thousands of Chinese websites

Image
  ThinkPHP flaw to hack thousands of Chinese websites A hacker group named D3c3mb3r has been found exploiting the vulnerability in the wild. Another hacker group was also found exploiting the vulnerability to infect servers with the Miori malware. A bug in the ThinkPHP framework has left over 45,000 websites open to a barrage of attacks. Hackers have been exploiting the bug to gain access to web servers. A hacker group named D3c3mb3r has been found exploiting the vulnerability in the wild. Another hacker group was also found exploiting the vulnerability to infect servers with the Miori malware. According to the attacks began after a Chinese cybersecurity firm, VulnSpy, posted a proof-of-concept (PoC) of the exploit for ThinkPHP on ExploitDB - a popular website that hosts free exploit code. The PoC points out that by exploiting the vulnerability, attackers could execute malicious code on the underlying server. "The PoC was published on December 11, and we saw internet-wide scans le...

Thousands of Jenkins servers will let anonymous users become admins

Image
  Two vulnerabilities discovered and patched over the summer expose Jenkins servers to mass exploitation. Thousands, if not more, Jenkins servers are vulnerable to data theft, takeover, and cryptocurrency mining attacks. This is because hackers can exploit two vulnerabilities to gain admin rights or log in using invalid credentials on these servers. Both vulnerabilities were discovered by security researchers from CyberArk , were privately reported to the Jenkins team, and received fixes over the summer. But despite patches for both issues, there are still thousands of Jenkins servers available online Jenkins  is a web application for  continuous integration  built in Java that allows development teams to run automated tests and commands on code repositories based on test results, and even automate the process of deploying new code to production servers. Jenkins is a popular component in many companies' IT infrastructure and these servers are very popular with both f...