- Friday, 10 July 2015
- Hits: 2470
The Massive OPM Hack Actually Hit 21 Million People!
The massive hack that struck the US Office of Personnel Management affected some 21.5 million people, all of them people who had information stolen about them from a backgrounds investigation database used for evaluating people who sought classified clearances from the government. The stolen information includes about 1.1 million fingerprints as well as findings that investigators obtained from interviews conducted with neighbors, friends and family members for background checks. Read more...
Pwned Hacking Team tells cops, govts to shut down software
Flayed surveillance outfit Hacking Team is telling customers to suspend running instances of its software after 400GB of its source code and internal data was stolen and posted online.
The company has now asked customers to temporarily suspend use of its software while it investigates if their spying operations have been exposed among the huge cache of released emails and source code. Read more...
|Major Hacks of the Week|
Hacking Team hacked, attackers claim 400GB in dumped data
One of the world's most notorious security firms was being hacked. It isn't known who hacked Hacking Team; however, the attackers have published a Torrent file with 400GB of internal documents, source code, and email communications to the public at large. In addition, the attackers have taken to Twitter, defacing the Hacking Team account with a new logo, biography, and published messages with images of the compromised data. Read more...
Foreign hackers briefly commandeer German missile systems
A German missile system was reportedly hacked and taken over by unknown foreign attackers who executed “unexplained commands.” German trade publication Behörden Spiegel wrote that the Patriot missiles system, stationed on the Turkey/Syria border, was either accessed through a computer chip that guides missiles or through a real-time information exchange that allows missiles and their control system to communicate. Read more...
|Major Vulnerabilities Disclosed|
VXers charge Nintendofans then p0wn their data
Palo Alto Networks researchers Cong Zheng and Zhi Xu are warning of a new form of malware that is masquerading as a paid Nintendo emulator for Androiddevices. The Gunpoder malware takes the form of an app packaged with the Airpush adlibrary making it difficult for anti-virus engines to detect. Read more...
Malicious PDFs Poison Google Search Results
Getting a top ranking in Google's search engine is supposed to be an organic task, with the best content ranking highest, but according to a new research report from security vendor Sophos, attackers are using cloaked PDF files to influence Google's search results. The cloaked files may include malware and links to malicious sites. Read more...
|Legal, Regulatory and Corporate|
FBI and DOJ threaten tech companies with legislation forcing them to break encryptions
FBI Director James Comey and Deputy Attorney General Sally Quillian Yates testified before a Senate Judiciary committee that they are stumped by end-to-end encryption and that while they want to work with the private sector to come up with a solution Yates noted that a legislative mandate “may ultimately be necessary” to force companies to comply. To back up their stand they also tried playing the terrorism card saying that ISIS is using social media to bolster their recruitment efforts. When a prospective terrorist is first contacted they are told to switch to an end-to-end encrypted messaging system where they can work out their nefarious plans in private. Read more...
Bitglass granted patent on searchable cloud encryption.
Bitglass has been granted a patent for its searchable full-strength 256-bit AES encryption for cloudapplications. With this technology, sensitive corporate data and an encrypted search index are pulled out of cloud applications like Salesforce, Office 365 and Box and stored encrypted in the organization’s private cloud. This innovation combines the trusted security of a private cloud with the flexibility of public cloud applications. Read more...
|Security and Beyond|
Hackers’ capability to crash trains raises security concerns, malware could lead to train crashes in the UK
Cyber attacks can crash trains. Intense security concerns have emerged, after the upgrade of the British railway network that can be affected by malware. Read more...
17-Year-Old Lizard Squad Member Found Guilty Of 50,700 Hacking Charges!Julius "zeekill" Kivimaki, a 17-year-old was given a two-year suspended prison sentence and was "ordered to fight against cyber crime," according to Finnish newspaper Kaleva. He claimed that the DDoS cyber attacks on Xbox Live and PlayStation Network were conducted to raise awareness of the inadequate security at Microsoft and Sony. Kivimaki's computerhacking charges include data breaches, telecommunication harassments, payment fraud, and other counts related to fraudulence and violations of company secrets. Read more...
|Security Awareness Tip|
Improve your privacy with these excellent Firefox addons.
Stop tracking with "Disconnect". Disconnect was founded in 2011 by former Google engineers and a consumer-and privacy-rights attorney. The addon is open source and loads the pages you go to 27% faster and stops tracking by 2,000+ third-party sites. It also keeps your searches private. Read more...
|Silensec Editorial Team|
Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor
Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.
Associate Editor: Joseph Alulu (B.A)
Joseph Alulu leads the Silensec Marketing Department. He holds a Bachelors of Arts Degree from the University of Nairobi in Kenya. He publishes the weekly Silensec Newsletter, keeping you up to date on the latest information security news as well as creating information security awareness.
Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Feed. For any questions please click on the following contact us link