Archive | Hacking Alert RSS for this section

FACEBOOK, INSTAGRAM AND WHATSAPP ALL GO DOWN IN MAJOR OUTAGE – Biggest hack in history? Cyberattack?

Cyber Attack Alert

FACEBOOK and its affiliated services are reporting severe outages across its network following a mysterious breakdown that has affected hundreds of millions of people.

Along with Facebook, its own messenger service and Whastapp and Instagram are all down. Users across social media are reporting seeing a 505 error message on Facebook. Mike Sington said: “Facebook, as well as WhatsApp and Instagram owned by Facebook, are all down.

Coincidence, after whistleblower levels major bombshells against Facebook or major hack taking them down?

Commenting on the outage, Ari on Twitter said: “How is WhatsApp, Instagram, Messenger, and Facebook all down at the same time like how does that make sense.”

It is unclear what caused the outage but issues were reported at 4.44pm BST.

When looking at trend aggregators, outages across all three major platforms began to be reported at similar times.

Courtesy of express.co.uk

https://tinyurl.com/u6by8hwd

Twitter down: Accounts can’t tweet just as celebrities hacked in bitcoin scam #Twitter #Hacking #Password

Cyber Attack Alert

Twitter users across the globe appear to be unable to tweet or reset passwords with the social media giant announcing an ‘incident’ – in the hours after multiple high profile figures saw their accounts hijacked

Twitter has told users they may not be able to tweet or reset passwords after an ‘incident’ – in the hours after numerous high profile figures’ accounts were hijacked.

Users across the world have been reporting issues with the social media site – in particular tweeting – in the hours after celebrities were hacked.

The likes of US presidential candidate Joe Biden, reality star Kim Kardashian and billionaire Elon Musk saw their Twitter pages used to solicit digital currency Bitcoin on Wednesday.

Those targeted appeared to be verified figures and influencers with large followings, and also included former US president Barack Obama, musician Kanye West and entrepreneur Bill Gates.

The cause of the breach was not immediately clear, but the unusual scope of the problem suggested that it was not limited to a single account or service.

More than an hour after the first wave of hacks – Twitter then took the extraordinary step of preventing at least some verified accounts from publishing messages altogether.

Verified users include celebrities and journalists, but also governments, politicians and heads of state.

And by Wednesday evening, regular unverified users have been reporting issues – though it remains unclear if these problems are linked.

Downdetector.com has been seeing a spike in reports of problems since around 10pm, from across the globe.

Forty-two percent are on the IOS app, 34 percent on the website and 22 on the Android app.

Twitter is yet to offer clarification but has said in a statement that users “may be unable to tweet or reset your password while we review and address this incident.”

“This appears to be the worst hack of a major social media platform yet,” said Dmitri Alperovitch, who co-founded cybersecurity company CrowdStrike.

Publicly available blockchain records show that the apparent scammers have already received more than $100,000 worth of cryptocurrency.

Some experts said the incident has raised questions about Twitter’s cybersecurity.

Courtesy of mirror.co.uk

https://tinyurl.com/y78lv3td

Twitter hack: Social media giant suffers ‘huge’ billing information data breach #Twitter #Hacked #CyberAttack

Cyber Attack Alert

In a message to business owners on the platform, Twitter reported a data breach while using its advertisement and analytics platform. This meant that prior to May 20, 2020 certain details would be stored within a web browser’s cache. Web cache is whereby documents or information of the pages a user has visited are stored on the web browser.

In a message to sent to business owners on the platform, Twitter said: “We are writing to let you know of a data security incident that may have involved your personal information on ads.twiiter and analytics.twitter.

“We became aware of an issue that meant that prior to May 20, 2020, if you viewed your billing information on ads.twitter or analytics.twitter the billing information may have been stored in the browser’s cache.

“Examples of that information include, email address, phone number, last four digits of cour credit card number.”

It is not clear how many businesses were affected by the security breach.

While there has been no confirmation as to whether this was a technical breach or sophisticated attack, cyber-attacks have increased during the coronavirus lockdown.

According to the data from cybersecurity company, Darktrace, attacks aimed at home workers increased from 12 percent of malicious email to more than 60 in May.

The attacks were aimed at exploiting the uncertainty of businesses amid and employees amid the virus pandemic.

Other attacks have also pinpointed those using platform such as Zoom.

JUST IN: China accused of ‘plotting mass terrorist cyber attacks ‘

He said: “Russia and other countries – and indeed non-state actors – see the challenges that Covid has created and are trying to exploit it.

“And we’re making sure we have got the resilience, the defence and the capabilities to prevent them from doing so.

“We certainly know Russia is engaged systematically in misinformation and propaganda, through cyber and other ways.

“Others engage in the same too, China and Iran, but I don’t think it had any outcome on the electoral process in the UK.”

Courtesy of financial-press.uk

https://tinyurl.com/y7vq97sk

This ‘most dangerous’ #hacking group is now probing #PowerGrids

Image result for power grid hacking attack images

Hackers that tried to interfere with the safety systems of an industrial plant are now looking at power utilities too.

A hacking group described at the ‘most dangerous threat’ to industrial systems has taken a close interest in power grids in the US and elsewhere, according to a security company.

The hacking group believed to be behind the attack on the industrial control systems (ICS) of a petrochemical plant in Saudi Arabia are now apparently probing more potential victims around the world including US power grids according to security company Dragos.

“The most dangerous threat to ICS has new targets in its sights,” Dragos said. “This expansion to a new vertical illustrates a trend that will likely continue for other ICS-targeting adversaries.”

This particular hacking group is notable because of one incident it was involved with. In late 2017 it was revealed that hackers had infected the industrial control systems of a petrochemical plant in Saudi Arabia with malware – known as Triton or Trisis – which was designed to interfere with industrial safety systems.

The malware targeted the systems which controlled the emergency shutdown capabilities, and security companies warned that the attackers were developing the capability to cause physical damage and potentially shutdown operations. At the time analysts warned the activity was consistent with a nation state preparing for an attack; later analysis by security company FireEye linked the malware to a Russian state owned research lab.

In April, FireEye also said the same malware had been discovered on systems at another, unnamed company. And now Dragos has warned that the group behind the malware – which is calls Xenotime – has been probing US and Asia-Pacific power networks after previously focusing only on oil and gas.

“Starting in late 2018, Xenotime began probing the networks of electric utility organizations in the US and elsewhere using similar tactics to the group’s operations against oil and gas companies,” Dragos said.

Dragos said the 2017 attack on the Saudi Arabian oil and gas facility represented an escalation of attacks on ICS because the malware targeted safety systems and was designed to cause loss of life or physical damage. The company said that since that attack the hacking group has expanded its operations to include oil and gas firms outside the Middle East and said the group compromised several ICS vendors and manufacturers in 2018.

Dragos said that since 2017 the hacking group’s activities have included significant external scanning and research on potential victims and attempts at external access focused on North American and European companies.

In February this year, Dragos said, it spotted attempts to gather information associated with US and Asia-Pacific electric utilities.

“This behavior could indicate the activity group was preparing for a further cyberattack,” the company said. Dragos said it had seen attempts to use lists of previously stolen usernames and passwords to try and force entry into target accounts. But it also said that none of the electric utility targeting events has resulted in a successful intrusion.

Dragos said that evidence of this group’s interest in electric utility operations is “a cause for deep concern given this adversary’s willingness to compromise process safety.”

The security company said most of the activity by the hacking group focuses on initial information gathering and access operations necessary for follow-on ICS intrusion operations and future attacks. But it also said there is no evidence indicating that this group is actually capable of executing a disruptive or destructive attack on electric utility operations

Dragos said that organisations running industrial control systems should prepare for potential breach and disruption scenarios. It said the most important thing a security team can do is improve their awareness of ICS network activity. Companies should also have worked on scenarios that deal with the potential loss of safety instrumented systems integrity, like having incident response teams on call and configuration and process data both for comparison to possible compromised devices, and aid recovery in the event of a breach.

“ICS operators must address such concerns in advance, rather than trying to figure out such sensitive, complex items mid- or post-intrusion,” Dragos warned.

Threats to industrial control systems – the infrastructure which runs everything from power grids to factories and rail networks – are on the rise, according to security experts. “More capable adversaries are investing heavily in the ability to disrupt critical infrastructure like oil and gas, electric power, water, and more,” said Dragos.

Written By By Steve Ranger At zdnet.com

https://tinyurl.com/yyvm2pcc

Hacker Briefly Flies Plane Sideways After Accessing Engine Systems, FBI Says

Hacking Alert

A security researcher told the FBI he used a plane’s in-flight entertainment system to hack into its engine system on multiple occasions, once even briefly flying the plane sideways, according to an FBI affidavit filed in April. Fifteen to 20 times from 2011 through 2014, Chris Roberts, a computer security expert with One World Labs, a security intelligence firm in Denver, “exploited vulnerabilities” in the in-flight entertainment systems of three Boeing planes and one Airbus, the affidavit said.
 
Using a modified ethernet cable, he would connect his laptop to the system, then rewrite code for the airplane’s thrust management system, which includes controls for a plane’s engine system. On one flight, “he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane.” In other words, he told one engine to enter climb mode, and the plane flew sideways.
Courtesy of ibtimes.com