Tag: hackers

Hackers Hit Illinois Police Database Of Gun Owners

I suppose there’s one bit of good news for the tens of thousands of Illinois residents who’ve been waiting for a year or more for their Firearm Owner ID cards; thanks to the lengthy delays by the Illinois State Police their information wasn’t yet entered into a database that was the recent target of hackers attempting to gain access to the personal details of FOID card holders.

The official story from the Illinois State Police, at least at first, was that there was an “attempted” breach of personal information, but that hackers weren’t able to actually gain access. Over at The Truth About Guns, however, John Boch reported that he’s been hearing something different from a few local gun shops.

The Illinois State Police have reportedly told some gun dealers that hackers breached their security protocols. The gun dealers sharing this information with me wished to remain anonymous out of fear of retribution from the Governor’s office.

What’s more, according to those inside the ISP, an unspecified amount of gun owners’ personal data was reportedly downloaded by the hackers.

This past weekend, the website was shut down completely for an upgrade to remedy the security vulnerabilities that the hackers exploited.

And after keeping mum about the cyberattack for most of the week, on Friday afternoon, the Illinois State Police finally admitted that the personal details of more than 2,000 FOID holders have been “possibly” compromised.

Keep reading

Hackers Scrape 90,000 GETTR User Emails, Surprising No One

Hackers were able to scrape the email addresses and other data of more than 90,000 GETTR users.

On Tuesday, a user of a notorious hacking forum posted a database that they claimed was a scrape of all users of GETTR, the new social media platform launched last week by Trump’s former spokesman Jason Miller, who pitched it as an alternative to “cancel culture.” The data seen by Motherboard includes email addresses, usernames, status, and location. 

One of the people whose email is in the database confirmed to Motherboard that they are indeed registered to GETTR. Motherboard also verified the database by attempting to create an account with three email addresses that appear in the database. When doing that, the site displayed the message: “The email is taken,” suggesting it’s already registered. 

It’s unclear if the database contains the usernames and email addresses of all users on the site. 

Keep reading

Your IoT Device is Likely Spying on You through Backdoor Security Flaws

Many people are used to trading privacy for convenience these days. After all, this is how those with nefarious agendas get people to adopt technology that continually spies on them. IoT technology is no different. A recently discovered security vulnerability from a major manufacturer of IoT devices has exposed just how dangerous this technology can be. The following article from TweakLibrary details how this sort of surveillance technology can wreak havoc upon our lives. – Truth Unmuted Editor Jesse Smith

This Security Vulnerability Could Change An IoT Device Into A Nasty Spy

IoT has had a remarkable impact on our lives. We now have devices connected over a network that are capable of making our lives much easier and comfortable. From smartphones to smartwatches to internet-powered doorbells, door alarms, security cameras, speakers, door locks, lights, bulbs, and baby monitors, the list is just endless. However, with this boon, a bane looms around and that is, miscreants can hack into these devices and if not acted upon promptly, they can wreak havoc on our lives. But, when can hackers feed on IoT devices? The answer is when they sniff a security vulnerability or when we as users don’t practice healthy security habits.

We’ll get into the security habits on a user’s part later in the blog but, let’s first discuss how a security vulnerability can lead a hacker into your IoT device and then into your personal or professional life. Quite recently, a security vulnerability has hit IoT devices. This security flaw can give access to your IoT audio and video feeds and turn into a spying tool.

What is This Security Vulnerability All About? How Severe Is The Security Flaw

As per the researchers at Nozomi Networks Lab and DHS, the security flaw can let malicious attackers tamper with an IoT device. They can easily convert a given IoT device such as a home security camera, a baby monitor, or a smart doorbell into a spying tool. Owing to this vulnerability, they can steal crucial data or spy on video feeds as well. Apart from intruding into one’s personal lives through the aforementioned channels, an attacker can even steal crucial business data such as data related to customers, employees, or even production techniques. The security flaw is indeed very severe. So much so that the Common Vulnerability Scoring System (CVSS) rates it at 9.1/10 on a severity scale.

How Did This Security Flaw Surface?

The flaw is a supply chain bug that was discovered in a software component (P2P SDK) manufactured by a company called ThroughTek who is one of the prominent suppliers of IoT devices. The P2P’s SDK gives remote access to audio/ video streams over the internet. The SDK is found in smart sensors, security cameras such as baby and pet monitoring cameras,  doorbells, etc. and it help a viewer gain access to audio/ video streams. The flaw affects P2P’s version 3.1.5 or before. As Nozomi has demonstrated, the older versions of the SDK allow data packets to be intercepted while in transit. A hacker can refurbish these packets into complete audio or video streams.

ThroughTek’s Defence

ThroughTek has countered this bug in version 3.3 that was released in mid-2020. Though the issue is that quite many devices still run the older build. Secondly, as per ThroughTek, to conduct an attack, a prospective attacker will need to have extensive knowledge of network sniffer tools, network security, and encryption algorithm.

Keep reading

See the light: Philips Hue smart bulbs can be hacked and used to install malware

We’ve all heard the horror stories of hackers remotely steering smart cars off the road, but even the smallest of smart devices can lead to big problems if they’re not monitored carefully.

This was on full display when a flaw was discovered that exposed the home networks of people using the very popular Philips Hue smart bulbs. Researchers from cyber security firm Check Point revealed how a bug enabled them to infiltrate the bulbs with a drone that hovers outside a building. They were able to gain access to the bulbs as well as the control bridge that leads to the users’ network, which means it is possible to compromise a person’s home network or even that of a business or smart city using the bulbs.

To infiltrate the users’ network, the researchers exploited a previously discovered bug that Philips hadn’t fixed that allowed them to control aspects of the bulb like brightness and color. After lowering and raising the brightness or changing the color to trick the user into believing the bulb had a glitch, the user would then reset the product by deleting it from their app and then attempting to rediscover it. However, once they rediscovered the compromised bulb, it was able to offload malware onto the control bridge. The users’ home network is linked to this central hub, which means the malware or spyware could infect the entire network.

Check Point Research Head of Cyber Research Yaniv Balmas said: “Many of us are aware that IoT devices can pose a security risk, but this research shows how even the most mundane, seemingly ‘dumb’ devices such as light bulbs can be exploited by hackers and used to take over networks or plant malware.”

Keep reading

Can We Talk About Joe Biden’s Horrible Choice to Give Putin a List of Things Not to Cyberattack?

“I gave (Putin) a list, if I’m not mistaken I don’t have it in front of me, 16 specific entities, 16 defined as critical infrastructure” that Putin should not cyberattack, Biden said.

We have questions.

Did Biden make Putin pinky swear, cross his heart and hope to die if he attacks items on the list anyway?

Does that list allow Putin a free hand to go and cyberattack anything in the United States that isn’t on it? “You didn’t put it on list, comrade, so we hack it,” Putin chuckles as he text Xi with a string of laughing emojis.

On what planet is it a good idea to give a potential adversary a list of things you do not want him to attack?

When you play Risk, the classic game of world conquest, do you give your competitors a list of countries you don’t want them to attack? Would you expect them to abide by that?

When you play Stratego, the classic strategy war game of intrigue, do you tell your opponent where your spies and bombs are? Do you honestly expect to win if you do that?

When you run for office, do you go meet with your competitor and hand them a list of the skeletons in your closet with a plea not to go after them? Would you expect any of those items to not end up in the media within a nanosecond?

Keep reading

CYBERCRIME: THE NEW FEAR-PORN

Remember that Solarwinds hack last December? Remember how the Government blamed the Russians – again? Well, it turns out the hackers were working from within the United States.

So, why haven’t these ‘Russian’ hackers been arrested?

Why haven’t the FBI, NSA, or the Cybersecurity and Infrastructure Agency, (CISA) identified anyone responsible? In fact, none of these alphabet agencies even detected the cyberattack.

If it wasn’t for FireEye, a private cybersecurity company, the hack would have gone unnoticed and the perpetrators would still be accessing data…

The Solarwinds hack was huge, affecting nine Federal Agencies and over 100 private companies. Microsoft’s President called it “the largest and most sophisticated attack the world has ever seen” and the work of “at least 1,000 very skilled, very capable engineers”.

All the people it took to carry this out, and we’re supposed to believe there’s no trail of evidence that could lead to the perpetrators. The truth is, investigators know exactly where to look.

The hackers used Amazon cloud servers.

Keep reading

How Technocracy Is Using Unseen Enemies To Panic The World

We live in an age of global deception and delusion of Biblical proportions. Lying is a way of life. Deceiving is taken to the level of an art form. Debauchery and corruption are everywhere.

The slick propaganda that promises to eliminate poverty, create wonderful jobs with dignity and bring lasting peace to the world has more in common with a pile of horse manure than lasting solutions.

I stated in early 2020 that the Great Panic of 2020 (read, “pandemic”) was the start of Technocracy’s coup d’état. It was global in scope, horribly damaging to the global economy and ripped the fabric of societal status quo to shreds. All of this was supposedly caused by an unseen enemy. And now, the “scientists” behind it, like Dr. Anthony Fauci, are proven to be frauds and hucksters whose science has been discredited as “pseudo-science” at best.

May I remind you that global warming is also an unseen enemy of the same magnitude? The corrupt and bastardized data supporting global warming is as fraudulent and deceptive as that of COVID-19. Lies abound. Fabricated computer models spit out megatons of buffalo chips to tell us we are all going to die when the polar ice caps melt and the seas rise.

I have also warned that there will be other attacks of deception to solidify the global Technocrat takeover.

The Technocrats are delivering.

Two major back-to-back hacking episodes have suddenly appeared to underscore the need for a universal ID system and total control over the Internet. First, the Colonial Pipeline was shut down causing massive fuel shortages on the East Coast. Second, the largest meat producer in the world is hacked bringing production to a halt. Gas prices go up. Meat shortages threaten availability. All thanks to an invisible enemy (the hackers) who we are told are some dark, deep-state entity trying to destroy America.

Let’s pause and remember that the Great Panic of 2020 was preceded by a global pandemic simulation called Event 201, sponsored by the World Economic Forum. This is a fact, not speculation. Event 201 scripted the pandemic response almost to the letter. They were prepared and in control.

Keep reading

Cybersecurity tycoon Kaspersky claims CIA hackers could actually be behind US Colonial Pipeline attack blamed on Russian group

A cyberattack that crippled fuel supplies on the East Coast of the US and sent gas prices soaring could have been an inside job conducted by American spooks, rather than foreign hackers, a prominent Russian IT expert has claimed.

After a massive systems failure caused the Colonial Pipeline to shut down, Natalya Kaspersky, the founder and former CEO of security software firm Kaspersky Lab, as well as one of Russia’s wealthiest women, made the explosive suggestions in an interview with RIA Novosti on Friday. She alleges that the US’ top foreign intelligence agency, the CIA, has a crack team of digital warriors who are able to masquerade as overseas hacking groups.

According to her, the group, known as UMBRAGE, is adept at hiding its online footprints. The existence of the team first came to light in a series of documents published by WikiLeaks in 2017 and subsequently picked up by American media. At the time, USA Today said that the shadowy operatives “may have been cataloguing hacking methods from outside hackers, including in Russia, that would have allowed the agency to mask their identity by employing the method during espionage.”

Keep reading

Facebook leaks full names, phone numbers, email addresses, and other info on half a BILLION users

The personal data, including phone numbers and emails, of more than 500 million Facebook users has been leaked online. The social media company claims that the data was obtained through a vulnerability that has since been fixed.

A user in a low-level hacking forum published the personal data of over 533 million Facebook users. The leaked data includes Facebook IDs, full names, phone numbers, email address, and other personal identifiable information. It affects Facebook users from 106 countries, including data on over 33 million users in the US and 11 million users in the UK.

Business Insider verified the authenticity of the leaked data by matching several of known user’s phone numbers to the Facebook IDs listed.

A Facebook spokesperson said that the data was illegally obtained via a vulnerability that was fixed back in 2019. Whether or not the data is a few years old, it could still be used by cybercriminals for identity theft and other scams.

Keep reading