Tag: hackers

Red Alert! Virtually All Of Our Personal Information, Including Social Security Numbers, Has Been Stolen And Posted Online By Hackers

Most Americans don’t even realize that virtually all of their personal information has been stolen and posted online for free.  The personal records of 2.9 billion people were stolen from a major data broker known as National Public Data earlier this year, and this month almost of the information that was stolen was posted online for anyone to freely take.  We are talking about names, addresses, phone numbers, employment histories, birth dates and Social Security numbers.  This is one of the most egregious privacy violations in the history of the world, but hardly anyone knows what has happened.  So please share this article as widely as you possibly can.

USA Today is reporting that the original theft of this data occurred “in or around April 2024″…

An enormous amount of Social Security numbers and other sensitive information for millions of people could be in the hands of a hacking group after a data breach and may have been released on an online marketplace, The Los Angeles Times reported this week.

The hacking group USDoD claimed it had allegedly stolen personal records of 2.9 billion people from National Public Data, according to a class-action lawsuit filed in U.S. District Court in Fort Lauderdale, Florida, reported by Bloomberg Law. The breach was believed to have happened in or around April 2024, according to the lawsuit.

The company that this data was stolen from is a Florida-based background check company known as National Public Data.  The following is what Wikipedia has to say about this particular firm…

Jerico Pictures, Inc., doing business as National Public Data[1][2] is a data broker company that performs employee background checks. Their primary service is collecting information from public data sources, including criminal records, addresses, and employment history, and offering that information for sale.

Of course there are hordes of other data brokers out there these days.

They collect vast troves of information on as many people as they possibly can, and then they monetize that information in various ways.

Equifax, Epsilon and Acxiom are the three largest data brokers in existence today.  Each one of them brings in more than 2 billion dollars of revenue annually.

As you can see, collecting and selling our personal information is very big business.

Keep reading

Kamala Campaign Cheered On DDoS Attack On Musk-Trump ‘X’ Interview.

Vice President Kamala Harris‘ campaign cheered on a distributed denial-of-service (DDoS) targeting X—a leading American company—on Monday, as it disrupted a conversation between former President Donald J. Trump and tech mogul Elon Musk.

DDoS attacks involve flooding websites with bogus bot or botnet traffic to sabotage their functionality or knock them offline altogether. The one on the Trump-Musk X space comes as the Federal Bureau of Investigation (FBI) is investigating a recent hack of the Trump campaign, attributed to Iran, in which internal emails were accessed.

Nevertheless, the Vice President’s team appeared thrilled that her leading election arrival—and a top U.S. business—were targeted again on Monday, trolling him on his Truth Social platform. Once their conversation concluded, Harris‘ team put out a statement sneering at Trump and Musk as “self-obsessed rich guys… who cannot run a livestream in the year 2024.”

Keep reading

Musk Says Massive Cyberattack Delayed Trump Interview

Elon Musk’s planned Aug. 12 interview with Former President Donald Trump hit a roadblock after the owner said the site was facing a distributed denial-of-service (DDOS) attack, preventing the X Space from going live.

“There appears to be a massive DDOS attack on X. Working on shutting it down,” Musk, the owner of X, said in a post.

“Worst case, we will proceed with a smaller number of live listeners and post the conversation later.”

Nearly 40 minutes past the planned start time, Musk’s voice finally broadcast in the Spaces room dedicated to the interview with more than a million users listening live.

Musk said the attack demonstrated that there are those who want to prevent the public hearing from Trump.

Twitter tested its Spaces platform with 8 million concurrent users earlier in the day, according to Musk.

Keep reading

Massive leak of US personal information shows up on hacking forum, including almost 2.7 billion records

Nearly 2.7 billion personal information records for people in the United States have been posted to a popular hacking forum, exposing names, addresses, and even Social Security numbers. The data allegedly comes from a company that collects and sells the data for legitimate use, but was stolen and put up for sale in April 2024.

Originally, a threat actor known as USDoD claimed to have stolen the information from National Public Data. National Public Data scrapes the information from public sources, uses it to compile individual profiles, and then sells those portfolios. The company serves private investigators as well as entities needing to conduct background checks and obtain criminal records.

When USDoD first obtained the data, it offered to sell it for $3.5 million. The hacker claimed it contained 2.9 billion records and consisted of personal information for every person in Canada, the United Kingdom, and the United States. In the past, USDoD has been linked to another database breach, trying to sell InfraGard’s user database for $50,000 in December 2023.

On Aug. 6, a user going by the alias Fenice posted what’s believed to be the most complete version of the stolen National Public Data information for free on the Breached hacking forum. Fenice says, however, that the data breach was actually done by a different hacker than USDoD, one known as SXUL.

This isn’t the first time the data from this leak has been released, but previous posts have only included partial copies of the data. These included different numbers of records and sometimes different data. Fenice has offered the most complete version of the National Public Data information and has provided it for free.

Keep reading

“GAY FURRY HACKERS” CLAIM CREDIT FOR HACKING HERITAGE FOUNDATION FILES OVER PROJECT 2025

SIEGEDSEC, A COLLECTIVE of self-proclaimed “gay furry hackers,” has claimed credit for breaching online databases of the Heritage Foundation, the conservative think tank that spearheaded the right-wing Project 2025 playbook. SiegedSec released a cache of Heritage Foundation material as part of a string of hacks aimed at organizations that oppose transgender rights, although Heritage disputed that its own systems were breached.

In a post to Telegram announcing the hack, SiegedSec called Project 2025 “an authoritarian Christian nationalist plan to reform the United States government.” The attack was part of the group’s #OpTransRights campaign, which recently targeted right-wing media outlet Real America’s Voice, the Hillsong megachurch, and a Minnesota pastor.

In his foreword to the Project 2025 manifesto, the Heritage Foundation’s president, Kevin Roberts, rails against “the toxic normalization of transgenderism” and “the omnipresent propagation of transgender ideology.” The playbook’s other contributors call on “the next conservative administration” to roll back certain policies, including allowing trans people to serve in the military.

“We’re strongly against Project 2025 and everything the Heritage Foundation stands for,” one of SiegedSec’s leaders, who goes by the handle “vio,” told The Intercept.

In its Telegram post, SiegedSec said it obtained passwords and other user information for “every user” of a Heritage Foundation database, including Roberts and some U.S. government employees. Heritage Foundation said in statement Wednesday that SiegedSec only obtained incomplete password information.

The remainder of more than 200GB of files the hackers obtained were “mostly useless,” SiegedSec said.

Keep reading

New Spectre-Style ‘Pathfinder’ Attack Targets Intel CPU, Leak Encryption Keys and Data

Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm.

The techniques have been collectively dubbed Pathfinder by a group of academics from the University of California San Diego, Purdue University, UNC Chapel Hill, Georgia Institute of Technology, and Google.

“Pathfinder allows attackers to read and manipulate key components of the branch predictor, enabling two main types of attacks: reconstructing program control flow history and launching high-resolution Spectre attacks,” Hosein Yavarzadeh, the lead author of the paper, said in a statement shared with The Hacker News.

“This includes extracting secret images from libraries like libjpeg and recovering encryption keys from AES through intermediate value extraction.”

Spectre is the name given to a class of side-channel attacks that exploit branch prediction and speculative execution on modern CPUs to read privileged data in the memory in a manner that sidesteps isolation protections between applications.

The latest attack approach targets a feature in the branch predictor called the Path History Register (PHR) – which keeps a record of the last taken branches — to induce branch mispredictions and cause a victim program to execute unintended code paths, thereby inadvertently exposing its confidential data.

Specifically, it introduces new primitives that make it possible to manipulate PHR as well as the prediction history tables (PHTs) within the conditional branch predictor (CBR) to leak historical execution data and ultimately trigger a Spectre-style exploit.

Keep reading

Russian hackers steal US government emails with Microsoft, officials confirm

Russian state-backed hackers have stolen email correspondence between US government agencies and Microsoft via a breach of the software giant’s systems, US officials confirmed on Thursday.

Microsoft has notified “several” US federal agencies that the hackers may have stolen emails that Microsoft sent to those agencies that included login information such as usernames, or passwords, Eric Goldstein, a senior official at the US Cybersecurity and Infrastructure Security Agency (CISA), told reporters.

“At this time, we are not aware of any agency production environments that have experienced a compromise as a result of a credential exposure,” Goldstein said. In other words, a CISA official told CNN, there is no evidence yet that the hackers had used the stolen credentials to successfully break into federal computer systems that are actively in use.

But the breach of Microsoft emails is still forcing the tech giant and US cyber officials to scramble to ensure there is no further damage at the hands of the alleged Russian operatives.

CISA on Thursday publicly released an “emergency directive” that orders civilian agencies potentially affected by the hacking campaign to shore up their defenses. CISA described the potential exposure of agency login credentials as an “unacceptable risk to agencies.”

CNN has requested comment from the Russian Embassy in Washington, DC.

The hackers in question are an infamous cyber-espionage group that US officials have previously tied to Russia’s foreign intelligence service.

It’s the latest twist in a hacking incident that Microsoft first revealed in January but has only grown more serious as new details emerge. In March, Microsoft revealed that the hackers accessed some of Microsoft’s core software systems and were using that information for follow-on attacks on Microsoft customers.

Days after Microsoft disclosed the breach in January, another Big Tech company, Hewlett Packard Enterprise, said the same hackers had breached its cloud-based email systems. The full extent and exact purpose of the hacking activity isn’t clear, but experts say the group responsible has a history of wide-ranging intelligence gathering campaigns in support of the Kremlin.

The same Russian group was behind the infamous breach of several US agency email systems using software made by US contractor SolarWinds, which was revealed in 2020. The hackers had access for months to the unclassified email accounts at the departments of Homeland Security and Justice, among other agencies, before the spying operation was discovered.

Russia denied involvement in the activity.

Keep reading

Hackers can unlock over 3 million hotel doors in seconds

When thousands of security researchers descend on Las Vegas every August for what’s come to be known as “hacker summer camp,” the back-to-back Black Hat and Defcon hacker conferences, it’s a given that some of them will experiment with hacking the infrastructure of Vegas itself, the city’s elaborate array of casino and hospitality technology. But at one private event in 2022, a select group of researchers were actually invited to hack a Vegas hotel room, competing in a suite crowded with their laptops and cans of Red Bull to find digital vulnerabilities in every one of the room’s gadgets, from its TV to its bedside VoIP phone.

One team of hackers spent those days focused on the lock on the room’s door, perhaps its most sensitive piece of technology of all. Now, more than a year and a half later, they’re finally bringing to light the results of that work: a technique they discovered that would allow an intruder to open any of millions of hotel rooms worldwide in seconds, with just two taps.

Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries.

By exploiting weaknesses in both Dormakaba’s encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel—say, by booking a room there or grabbing a keycard out of a box of used ones—then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock’s data, and the second opens it.

“Two quick taps and we open the door,” says Wouters, a researcher in the Computer Security and Industrial Cryptography group at the KU Leuven University in Belgium. “And that works on every door in the hotel.”

Keep reading

Unpatchable vulnerability in Apple chip leaks secret encryption keys

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday.

The flaw—a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols—can’t be patched directly because it stems from the microarchitectural design of the silicon itself. Instead, it can only be mitigated by building defenses into third-party cryptographic software that could drastically degrade M-series performance when executing cryptographic operations, particularly on the earlier M1 and M2 generations. The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster.

Beware of hardware optimizations

The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing. DMPs are a relatively new phenomenon found only in M-series chips and Intel’s 13th-generation Raptor Lake microarchitecture, although older forms of prefetchers have been common for years.

Security experts have long known that classical prefetchers open a side channel that malicious processes can probe to obtain secret key material from cryptographic operations. This vulnerability is the result of the prefetchers making predictions based on previous access patterns, which can create changes in state that attackers can exploit to leak information. In response, cryptographic engineers have devised constant-time programming, an approach that ensures that all operations take the same amount of time to complete, regardless of their operands. It does this by keeping code free of secret-dependent memory accesses or structures.

The breakthrough of the new research is that it exposes a previously overlooked behavior of DMPs in Apple silicon: Sometimes they confuse memory content, such as key material, with the pointer value that is used to load other data. As a result, the DMP often reads the data and attempts to treat it as an address to perform memory access. This “dereferencing” of “pointers”—meaning the reading of data and leaking it through a side channel—is a flagrant violation of the constant-time paradigm.

Keep reading

Beijing’s military hacked U.S. nuclear firm before Hunter Biden aided Chinese bid to acquire it

U.S. officials were acutely aware that Beijing was trying to obtain America’s premiere nuclear reactor technology, including through illicit hacking, months before Hunter Biden and his business partners sought to arrange a quiet sale of an iconic U.S. reactor company to a Chinese firm, according to court records and national security experts.

Hunter Biden’s unsuccessful efforts to help CEFC China Energy acquire Westinghouse, one of America’s most famous electricity and appliance brands, and its state-the-art AP1000 nuclear reactor began in early 2016 while Joe Biden was still a sitting vice president, memos published Wednesday by Just the News show.

Just 20 months earlier, his father’s Justice Department charged five members of a Chinese military hacking unit for breaching the company’s computer systems in search of intellectual property and internal strategy communications, according to a copy of the indictment.

In May 2014, the five operatives of the People’s Liberation Army’s Unit 61398 were charged with hacking into the systems of six U.S.-based companies across different industrial sectors, including Westinghouse Electric Co., SolarWorld, United States Steel Corp., and a union. The attorney general at the time, Eric Holder, called the breach a classic case of “economic espionage.”

One operative gained access to Westinghouse’s computers in 2010 and “stole proprietary and confidential technical and design specifications related to pipes, pipe supports, and pipe routing” pertaining to the company’s advanced AP1000 nuclear reactor design, according to an indictment filed by the Department of Justice.

“Among other things, such specifications would enable a competitor to build a plant similar to the AP1000 without incurring significant research and development costs associated with designing similar pipes, pipe supports, and pipe routing systems,” the indictment reads.

File

Criminal No. 14-118 USA vs. Wang Dong et al.pdf

National security experts said Thursday they were floored that the son of a sitting vice president would be involved in trying to help a Chinese firm get a leg up on the United States in the race for nuclear energy and that Hunter Biden’s involvement with CEFC almost certainly would have been detected by U.S. intelligence and prompted concern. 

Documents previously released by Congress in the Biden impeachment inquiry show the Biden family appeared to be acutely aware that CEFC was tied directly to the communist government in China.

While there is no evidence at the moment that Hunter Biden was aware of or involved in the hacking efforts by the Chinese, Hunter Biden wrote in one text message in 2017 that he believed one of the CEFC officials he worked with, Patrick Ho, was the “f—ing spy chief” of China (Ho was lated indicted in the U.S. and charged with corruption) while Joe Biden’s brother James told the FBI he believed CEFC Chairman Ye Jianming had a relationship with China’s communist president.

“It’s beyond outrageous that Hunter Biden would be involved in any such deal with Communist China while his father is the sitting vice president,” former Trump-era Deputy National Security Advisor Victoria Coates told the “Just the News, No Noise” television show. “I mean just the glaring conflicts of interest are hard to wrap your brain around. But particularly with Westinghouse.”

Keep reading