New ACLU lawsuit takes on the internet’s most hated hacking law. From The Verge. For decades, the Computer Fraud and Abuse Act has been one of America’s dangerous laws for anyone doing “unauthorized” things with a computer. Used to prosecute Aaron Swartz, Sergey Alenikov, and jailbreaker George Hotz, the law has long been criticized as a blank check for prosecutors. Under the law’s current interpretation, anyone breaking a website’s terms of service to collect information is guilty of a federal crime.
- A Massive Botnet of CCTV Cameras Involved in Ferocious DDoS Attacks. From Softpedia.
A botnet of over 25,000 bots lies at the heart of recent DDoS attacks that are ferociously targeting business around the world. More exactly, we’re talking about massive Layer 7 DDoS attacks that are overwhelming Web servers, occupying their resources and eventually crashing websites. US-based security vendor Sucuri discovered this botnet, very active in the last few weeks, and they say it’s mainly composed of compromised CCTV systems from around the world. Their first meeting with the botnet came when a jewelry shop that was facing a prolonged DDoS attack opted to move their website behind Sucuri’s main product, its WAF (Web Application Firewall).
New and improved CryptXXX ransomware rakes in $45,000 in 3 weeks. From ArsTechnica. Whoever said crime doesn’t pay didn’t know about the booming ransomware market. A case in point, the latest version of the scourge known as CryptXXX, which raked in more than $45,000 (£34,344) in less than three weeks. Over the past few months, CryptXXX developers have gone back and forth with security researchers. The whitehats from Kaspersky Lab provided a free tool that allowed victims to decrypt their precious data without paying the ransom, which typically reaches $500 or more. Then, CryptXXX developers would tweak their code to defeat the get-out-of-jail decryptor. The researchers would regain the upper hand by exploiting another weakness and so on.
- Inside the World of the Dark DDoS. From The Register. Today’s distributed denial of service attacks are different than the kinds that we saw at the dawn of the millennium when the threat emerged. They’re becoming more nuanced, and subtle – and they could result in a lot more than a downed web server. In the early days of DDoS, volumetric attacks were all the rage. Politically or financially motivated attackers would launch thousands of clients against a particular target, overwhelming their servers. Such attacks are still common, but increasingly they’re giving way to another kind of more sophisticated DDoS attack: “dark” DDoS, or as Andy Shoemaker likes to call them, smokescreen attacks.
Scientology Seeks Captive Converts Via Google Maps, Drug Rehab Centers. From Krebs On Security. Fake online reviews generated by unscrupulous marketers blanket the Internet these days. Although online review pollution isn’t exactly a hot-button consumer issue, there are plenty of cases in which phony reviews may endanger one’s life or well-being. This is the story about how searching for drug abuse treatment services online could cause concerned loved ones to send their addicted, vulnerable friends or family members straight into the arms of the Church of Scientology.
IRS kills e-filing PINs prematurely due to cyberattacks. From Endgadget. The IRS was gearing up to kill e-file PINs later this year, but it has decidedto speed up its plans after discovering suspicious activity. These electronic filing personal identification numbers, which people could use to authenticate tax returns filed online, are no longer available on IRS.gov or via the agency’s toll-free phone number. If you’ll recall, identity thieves used malware to steal taxpayers’ info from other websites, which was then used to generate 100,000 PINs, back in February. The thieves were actually gunning for 464,000 PINs, but the agency was able to stop them before they got near that number.
- Port Scanning. From Audit My PC. Port Scanning is one of the most popular reconnaissance techniques attackers use to discover services they can break into. All machines connected to a Local Area Network (LAN) or Internet run many services that listen at well-known and not so well known ports. A port scan helps the attacker find which ports are available (i.e., what service might be listing to a port). Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can therefore be probed further for weakness.
U.S. charges Filipino man with hacking accounts of celebrities. From Reuters. A Filipino man has been criminally charged in New Jersey with running a large and sophisticated scheme to hack into the bank and credit card accounts of well-known or celebrity customers, U.S. prosecutors said. According to an indictment made public on Friday, Peter Locsin, 35, conspired with others from February 2012 to January 2015 to compromise accounts belonging to at least five victims at three financial institutions.
SEC Sues UK Man For Hacking US Investors’ Accounts. From Dark Reading. The US Securities and Exchange Commission (SEC) has filed a case in a US District Court against a UK national accusing him of hacking into the accounts of US investors and carrying out fraudulent trades, reports Reuters. SEC alleges that Idris Dayo Mustapha made a profit of at least $68,000 while costing his victims around $289,000 through these illegal transactions in April and May.
- Severe flaws in widely used archive library put many projects at risk. From CSOOnline. In a world where any new software project is built in large part on existing third-party code, finding and patching vulnerabilities in popular open-source libraries is vital to creating reliable and secure applications. For example, three severe flaws in libarchive, recently found by researchers from Cisco Systems’ Talos group, could affect a large number of software products.
- 154 million voter records exposed, revealing gun ownership, Facebook profiles, and more. From Daily Dot. When we eventually get to look back on 2016, we might be tempted to label it “The Year of Leaking Voter Lists.” The year began with many people distraught to learn that a database with voter registration records of 191 million voters had been exposed online. Voter registration lists include name, address, political party, telephone number, and whether the voter voted in the last elections and primaries. It appeared that many Americans never knew that these lists were generally considered public records.
- ‘Godless’ Malware Is Attacking Android Devices. From PC Magazine. Researchers at Trend Micro recently discovered new Android-based malware called Godless, which targets devices running Android Lollipop or earlier. As Trend Micro points out, that covers almost 90 percent of Android devices. “Based on the data gathered from our Trend Micro Mobile App Reputation Service, malicious apps related to this threat can be found in prominent app stores, including Google Play, and has affected over 850,000 devices worldwide,” the company said in a statement.
- Data breach possible for users of Annapolis parking garages. From Capital Gazette. Malware was discovered on parking garage servers that officials believe could have stolen credit and debit card information from transient parkers using the city’s three garages. The breach is still under investigation, but officials believe it could have impacted anyone using those parking facilities between Dec. 23 and June 11. These servers handle payments for Noah Hillman, Gott’s Court and Knighton Garages.
Slicing Into a Point-of-Sale Botnet. From KrebsOnSecurity. Last week, KrebsOnSecurity broke the news of an ongoing credit card breach involving CiCi’s Pizza, a restaurant chain in the United States with more than 500 locations. What follows is an exclusive look at a point-of-sale botnet that appears to have enslaved dozens of hacked payment terminals inside of CiCi’s locations that are being relieved of customer credit card data in real time.
- Iran Arrests Suspect in Hacking of State-Run Websites. From ABCNews. Iran’s semi-official Tasnim news agency says authorities have arrested a suspect in the hacking of several websites of state-run organizations. It quotes the Revolutionary Guard on Saturday as saying its cybercrimes unit arrested the hacker, who referred to himself online as the “Mafia Hacking Team.” It says he hacked into the websites of the Iranian postal service, universities and other government-run organizations. It did not give a motive or say if any information was stolen.