Tag: hackers

Cybersecurity tycoon Kaspersky claims CIA hackers could actually be behind US Colonial Pipeline attack blamed on Russian group

A cyberattack that crippled fuel supplies on the East Coast of the US and sent gas prices soaring could have been an inside job conducted by American spooks, rather than foreign hackers, a prominent Russian IT expert has claimed.

After a massive systems failure caused the Colonial Pipeline to shut down, Natalya Kaspersky, the founder and former CEO of security software firm Kaspersky Lab, as well as one of Russia’s wealthiest women, made the explosive suggestions in an interview with RIA Novosti on Friday. She alleges that the US’ top foreign intelligence agency, the CIA, has a crack team of digital warriors who are able to masquerade as overseas hacking groups.

According to her, the group, known as UMBRAGE, is adept at hiding its online footprints. The existence of the team first came to light in a series of documents published by WikiLeaks in 2017 and subsequently picked up by American media. At the time, USA Today said that the shadowy operatives “may have been cataloguing hacking methods from outside hackers, including in Russia, that would have allowed the agency to mask their identity by employing the method during espionage.”

Keep reading

Facebook leaks full names, phone numbers, email addresses, and other info on half a BILLION users

The personal data, including phone numbers and emails, of more than 500 million Facebook users has been leaked online. The social media company claims that the data was obtained through a vulnerability that has since been fixed.

A user in a low-level hacking forum published the personal data of over 533 million Facebook users. The leaked data includes Facebook IDs, full names, phone numbers, email address, and other personal identifiable information. It affects Facebook users from 106 countries, including data on over 33 million users in the US and 11 million users in the UK.

Business Insider verified the authenticity of the leaked data by matching several of known user’s phone numbers to the Facebook IDs listed.

A Facebook spokesperson said that the data was illegally obtained via a vulnerability that was fixed back in 2019. Whether or not the data is a few years old, it could still be used by cybercriminals for identity theft and other scams.

Keep reading

America’s Drinking Water Is Surprisingly Easy to Poison

On Feb. 16, less than two weeks after a mysterious attacker made headlines around the world by hacking a water treatment plant in Oldsmar, Florida, and nearly generating a mass poisoning, the city’s mayor declared victory.

“This is a success story,” Mayor Eric Seidel told the City Council in Oldsmar, a Tampa suburb of 15,000, after acknowledging “some deficiencies.” As he put it, “our protocols, monitoring protocols, worked. Our staff executed them to perfection. And as the city manager said, there were other backups. … We were breached, there’s no question. And we’ll make sure that doesn’t happen again. But it’s a success story.” Two council members congratulated the mayor, noting his turn at the press conference where the hack was disclosed. “Even on TV, you were fantastic,” said one.

Get Our Top Investigations

Subscribe to the Big Story newsletter.Email address:

“Success” is not the word that cybersecurity experts use to describe the Oldsmar episode. They view the breach as a case study in digital ineptitude, a frightening near-miss and an example of how the managers of water systems continue to downplay or ignore years of increasingly dire warnings.

The experts say the sorts of rudimentary vulnerabilities revealed in the breach — including the lack of an internet firewall and the use of shared passwords and outdated software — are common among America’s 151,000 public water systems.

“Frankly, they got very lucky,” said retired Adm. Mark Montgomery, executive director of the federal Cyberspace Solarium Commission, which Congress established in 2018 to upgrade the nation’s defenses against major cyberattacks. Montgomery likened the Oldsmar outcome to a pilot landing a plane after an engine caught fire during a flight. “They shouldn’t celebrate like Tom Brady winning the Super Bowl,” he said. “They didn’t win a game. They averted a disaster through a lot of good fortune.”

Keep reading

Hacker Tried To Poison Entire Florida Town By Raising Chemical Levels In Water Supply

A town in Florida has been target of a hack which briefly altered chemicals in its water supply to “potentially damaging levels” according to local media reports. Federal and local authorities are currently investigating the computer network intrusion which happened last Friday morning, the alarming details of which are emerging Monday.

Plant operators overseeing the small city of Oldsmar’s water supply began observing strange activity on their monitors. That’s when technicians noticed that sodium hydroxide levels (or lye), which is used to treat the city’s water in small amounts in order to control acidity while removing heavy metals, was being remotely pushed higher.

Technicians noticed the chemical levels being subject of unauthorized external manipulation in real-time and immediately moved to restore the sodium hydroxide input to its safe, correct levels. The AP detailed based on local reporting: “A plant worker first noticed the unusual activity at around 8 a.m. Friday when someone briefly accessed the system.”

“At about 1:30 p.m., someone accessed it again, took control of the mouse, directed it to the software that controls water treatment and increased the amount of sodium hydroxide, the report continued.

The hacker or hackers have yet to be uncovered and apprehended.

Keep reading

Telegram feature exposes your precise address to hackers

If you’re using an Android device—or in some cases an iPhone—the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it.

The problem stems from a feature called People Nearby. By default, it’s turned off. When users enable it, their geographic distance is shown to other people who have it turned on and are in (or are spoofing) the same geographic region. When People Nearby is used as designed, it’s a useful feature with few if any privacy concerns. After all, a notification that someone is 1 kilometer or 600 meters away still leaves stalkers guessing where, precisely, you are.

Stalking made simple

Independent researcher Ahmed Hassan, however, has shown how the feature can be abused to divulge exactly where you are. Using readily available software and a rooted Android device, he’s able to spoof the location his device reports to Telegram servers. By using just three different locations and measuring the corresponding distance reported by People Nearby, he is able to pinpoint a user’s precise location.

Keep reading

NBC Reported In 2019 How EASY It Was To Hack Dominion Machines, Trump Rubs Their Noses All In It!

Most major media are continuing to push back on claims by President Donald Trump’s campaign that voting machines in some key battleground states were manipulated in favor of Democratic rival Joe Biden.

But on Saturday, the president tweeted a clip of an August 2019 NBC News report featuring technology correspondent Jacob Ward who explained how easy it is for hackers to penetrate and manipulate voting machines made by top companies such as Election Systems & Software, Dominion Voting Systems, and Hart Intercivic.

Ward’s complete report, which is posted at NBC News’ website, is titled, “How hackers can target voting machines,” and was filed shortly after the world’s biggest underground hacking conference, DEFCON, ended in Las Vegas.

Keep reading

Smart TV hackers are filming people having sex on their sofas – and putting it on porn sites

Next time, you’re snuggling up to your other half on the sofa, imagine that some sweaty, sex-pest nerd might be watching you through your TV’s webcam. Horrifyingly, it’s actually true: hackers HAVE ‘watched’ couples making love on their sofas via webcams built into smart TVs – and put the video on porn sites. Many ‘smart TVs’ have poor security, and hackers can take over various functions – including webcams built for Skype. Laura Higgins of the Revenge Porn Helpline told the Daily Mail, ‘We have dealt with one couple who were filmed making love in their living room through their smart TV by someone who had taken control of it. ‘The footage just appeared on a website.

Keep reading

C-SPAN suspends Scully after he admits to lie about hack

C-SPAN suspended its political editor Steve Scully indefinitely Thursday after he admitted to lying about his Twitter feed being hacked when he was confronted about a questionable exchange with former Trump aide Anthony Scaramucci.

The news came on the day of what was supposed to be a career highlight for the 30-year C-SPAN veteran. Scully was to moderate the second debate between President Donald Trump and Democrat Joe Biden, which was canceled after Trump would not agree to a virtual format because of his COVID-19 diagnosis.

A week ago, after Trump had criticized him as a “never Trumper,” Scully tweeted “@Scaramucci should I respond to Trump.” Scaramucci, a former Trump communications director and now a critic of the president, advised Scully to ignore him.

Scully said that when he saw his tweet had created a controversy, “I falsely claimed that my Twitter account had been hacked.”

Keep reading