Tag Archives: hack

Agari Turns the Table on ‘London Blue’ Hacking Campaign

A hacker group known as “London Blue” has compiled a list of 35,000 chief financial officers, including some at the world’s biggest banks and mortgage companies, with the intent to target them with bogus requests to transfer money.

CFO-Targeting Phishing Campaign

The “London Blue” hackers are the latest group to specialize in “business email compromise” (BEC) campaigns, according to the cyber threat detection company Agari, which found a list of 50,000 targets, mostly accounting department employees.

This past July the FBI warned that this type of scam, where a chief financial officer is rushed into transferring money to an unknown account, is on the rise and had cost companies more than $12 billion since 2013; with the total number of victims reaching over 78,000. Continue reading Agari Turns the Table on ‘London Blue’ Hacking Campaign

Cathay Pacific Airline Breach Affects 9.4 Million Customers

Hong Kong-based Cathay Pacific airline recently announced that its computer systems were compromised. The data breach was detected in March and compromised the personal data of roughly 9.4 million passengers. The exact attack vector is unknown.

Airline’s Response

Cathay, who is currently investigating the incident, confirmed information such as phone numbers, dates of birth, passport numbers, and frequent flier numbers were exposed. Additionally, the airline added that 27 credit card numbers had also been acquired in the breach.

“We are very sorry for any concern this data security event may cause our passengers. We acted immediately to contain the event, commence a thorough investigation with the assistance of a leading cybersecurity firm, and to further strengthen our IT security measures,” said the airline’s chief executive, Rupert Hogg. Continue reading Cathay Pacific Airline Breach Affects 9.4 Million Customers

Uber Settles Data Breach Investigation for $148 Million

On September 26th, Uber agreed to pay a record $148 million to settle allegations that the company intentionally concealed a major data breach in 2016.

The settlement ends a multistate investigation that found the ride-hailing company paid hackers $100,000 to conceal the breach, which exposed the names, email addresses, and cellphone numbers of 57 million users.

Uber failed to notify the 57 million individuals of the data breach and only provided public notice of the breach a year after it happened in late 2016.

Uber’s Response

Uber said in a November 2017 statement from CEO Dara Khosrowshahi that the breach was carried out by two hackers outside the company. The hackers accessed user data on a third-party, cloud-based service the company uses to store information. The hackers, however, were not able to download users’ Social Security numbers, bank account information, credit card numbers, dates of birth, and trip history, according to the company. Continue reading Uber Settles Data Breach Investigation for $148 Million

British Parliament Targeted by Brute-Force Hack

The British Parliament recently detected and responded to an attempt to hack into users’ email accounts.

Initial reports suggest attackers used brute-force attack methods to access Parliament members’ emails. Parliament’s first response was to temporarily suspend access to remote email servers.

According to their statement, “Parliament’s first priority has been to protect the parliamentary network and systems from the sustained and determined cyberattack to ensure that the business of the Houses can continue. This has been achieved and both Houses will meet as planned today.”

Approximately 90 accounts appear to be affected by the attack, whose root cause has been blamed on weak passwords. “As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are under way.”

Email addresses hosted on the “parliament.uk” domain were also affected, possibly compromising private communications between members of Parliament and their constituents.

Currently, there is no evidence to the identity of the attacker.

Attacks like this continue to highlight the necessity of implementing multi-factor authentication – the key defense against brute-force attacks.

Hack of Hacking Team Leads to New Flash Player Malware Alert

Ironically Hacking Team, an Italian-based company that provides intrusion and surveillance tools to governments and law enforcement agencies, is among recent hacking victims. The attackers were able to extract 400 GB of data and are now leaking details about the company’s clients. The attack may have been facilitated by poor password standards within Hacking Team as the leaked information revealed passwords like “Password!’ or “ Pas$word”.

Hacking Team’s reputation was already in question for selling their “spy tools” to oppressive governments, but now researchers are also finding vulnerabilities and exploits among the leaked data. The most concerning is a zero-day Flash vulnerability that the Hacking Team called “the most beautiful Flash bug for the last four years.” Anti-virus firm Symantec has tested and confirmed the malware.

According to a recent Symantec blog, “Since details of the vulnerability are now publicly available, it is likely attackers will move quickly to exploit it before a patch is issued.” The vulnerability is active on the latest version of Adobe Flash Player (18.0.0.204) and exploiting it could cause a crash and allow an attacker to gain control of the affected device.

What To Do

A patch is now available in Adobe Flash Player (18.0.0.209). Visit the Adobe Security Bulletin for information and download links to the updated versions.

Even better, users concerned with this issue are strongly encouraged to remove Flash Player altogether, or temporarily disable Flash Player in their browser by following these steps:

Internet Explorer versions 10 & 11

  1. Open Internet Explorer browser
  2. Click on the “Tools” menu, and click “Manage add-ons”
  3. Under “Show” select “All add-ons”
  4. Select “Shockwave Flash Object” and the click on the “Disable” button
  5. You can enable Adobe Flash Player using the same process

Firefox

  1. Open Firefox browser
  2. Open the browser menu and click “Add-ons”
  3. Select the “Plugins” tab
  4. Select “Shockwave Flash” and click “Disable”
  5. You can enable Adobe Flash Player using the same process

Chrome

  1. Type “chrome:plugins” in the address bar to open the page
  2. On the plug-ins page, find the “Flash” listing
  3. To disable Adobe Flash Player completely, click on the “Disable” link under its name
  4. You can enable Adobe Flash Player using the same process