The threat of a data breach is one that every company faces and it is also an eventuality that they all know can happen at any time. The number of daily attempt to penetrate corporate security is staggering as is the number of successful attack where at least some data is taken. It is for this reason that we still a confused when companies want to move to a cloud based or subscription style software agreement. Once all of that billing information is stored in a single spot (even multiple data centers) it becomes a very big target. Adobe has found that out the hard way as they are now reporting a breach that lost the information for approximately 2.9 Million users and source code for Cold Fusion and Acrobat.
There is one thing about the hacking world that is a constant, everything changes. We have seen anti-anonymous and Anti-Wikileaks groups come and go from individuals like The Jester to others that claim they were once with Anonymous, but now have seen the error of their ways and are working for the good of the world. These groups all have one thing in common; they are rarely effective for long. This is not to say they do not have skill or talent. In some cases they are very talented. However their effects are rarely long term.
The National Security Agency has just released a report to the powers that be in the US that expresses concern that the online activist group Anonymous could go after the US power grid in the next 3-5 years (we told you things like this would happen). This report was put together by their counter terrorism group and while it lacked any details in the body of the report (like the axis for attack) and forgot to mention there are other people out there that would like to do this (like foreign countries and real Terrorists) it does raise some real concerns.
Gasp! There has been another published attack on the TOR Project. This time the attack and compromise technique comes from the gang at Princeton. The Princeton team claims that their new methods are around 95% successful and only require traffic in one direction. The information that they have presented is interesting and certainly could be used to grab information from users of the anonymous service, but it is not really new and not surprising to hear about.
When you are a sysadmin there is nothing like waking up to not one, but two troubling bits of news. The first one centers on a new and fun Zero-Day vulnerability that affects just about every version of windows that Microsoft still supports. Dubbed Sandworm by iSight, the security firm that discovered it this bug exploits yet another flawed internal mechanism in Microsoft’s OS.
Hey remember the group that launched the DDoS attack on Steam? Well they are back and have decided to make a little bit bigger of a statement than just throwing packets at a group of servers. This time they appear to have managed to grab a large number of user information from companies like Blizzard, Ubisoft and many others. They have taken this information and (unsurprisingly) dumped it to paste bin. If you do not know who we are talking about it is the DerpTrolling “hacker” group and they have been on a mission to shame just about every game publishing/distribution company on the planet.
As someone that has followed the online “hacking” community since its infancy (war dialing anyone) I can say with a fair amount of confidence that the guys what kicked it all off (Like Steve Wozniak) would be proud of where some of the movement has gone. In the early 80’s War Dialing was something of a fun sport, you dialed a range of numbers until a computer answered and then you tried to talk to it. A lot of the activity was aimed at “corrupt businesses and government agencies” right alongside the people looking to just do it because it was something new and exciting.
Symantec, perhaps in an effort to reclaim some of their reputation, has released a report claiming that some people involved in the DDoS attacks after the MegaUpload take down may have been tricked into downloading a data stealing virus. In a post on Symantec’s own blog they have built a nice (and plausible) timeline of events complete with images (although no links) showing how this happened right around the 20th of January. Many news sites have picked this up and are busy wirting articles about how Anonymous has been hacked... Now the question is, is any of this true?
A warning has been sent out to financial institutions and government agencies as the collective known as Anonymous has announced their OpUSA. The Operation as put forth by the hackvist group is supposed to target banks and government websites and is supposed to kick off on May 7th. Some security experts are advising the targeted organizations to prepare for Distributed Denial of Service Attacks and harden their sites against them.
The world lives in fear of zero-day exploits although the average person does not even know it. A zero-day exploit is a bug or a flaw that has not been discovered by the developers yet, but is known to someone outside. This can be good guys, bad guys or other, but it is still a flaw that can be used to do harm to a computer system and no one has a patch for it yet. When the good guys (security researchers) know about them they work with companies to patch them. When the bad guys know about these things get very ugly indeed. But what happens if someone knows about one (or a bunch of them) and does not tell anyone at all?