Tag Archives: data breach

Just One command & hacker stole 100 million users from the Capital One’s network

Abstract

One command executed in the firewall hack allowed the intruder to gain credentials for an administrator account known as “*****WAF-Role.” This in turn enabled access to bank data stored under contract by a cloud computing company that went unnamed in court documents, but was identified as Amazon Web Services by the NYT and Bloomberg. Other commands allowed the attacker to enumerate Capital One folders stored on AWS and to copy their contents. IP addresses and other evidence ultimately indicated that Thompson was the person who exploited the vulnerability and posted the data to Github, Martini said.

Thompson allegedly used Tor and a VPN from IPredator in an attempt to cover her tracks. At the same time, Martini said that much of the evidence tying her to the intrusion came directly from things she posted to social media or put in direct messages. A June 26 Slack posting and another post the next day to an unnamed service, for instance, both referred to the WAF-Role account.

Reads more in

https://arstechnica.com/information-technology/2019/07/feds-former-cloud-worker-hacks-into-capital-one-and-takes-data-for-106-million-people/

Advertisement

Top cyber news

Equifax Credit Agency will Pay As Much as $700 Million to Settle Investigations

Equifax will pay as much as US $700 million to settle state and federal investigations as well as consumer claims related to the 2017 data breach that exposed personal information of 147 million individuals. The terms of an agreement the company signed on Monday, July 22, requires it to pay at least $575 million to states, the Consumer Financial Protection Bureau, and a credit monitoring fund. The company has agreed to pay an additional $125 million to that fund if necessary. (Please note that the WSJ story is behind a paywall.)

Read more in:
– www.ftc.org
: Stipulated Order for Permanent Injunction and Monetary Judgment (PDF)
– www.krebsonsecurity.com: What You Should Know About the Equifax Data Breach Settlement

Kazakh Government Intercepting All HTTPS Traffic

Ministry officials in Kazakhstan say that the government’s new practice of intercepting all HTTPS traffic that moves within the country’s borders is “aimed at enhancing the protection of citizens, government bodies and private companies from … cyber threats.” ISPs in the country have begun forcing all users to install a government root certificate that allows government agencies to decrypt their traffic, examine it, re-encrypt it with their certificate, and send it on its way. Citizens who have not installed the government’s certificate report being unable to access the Internet.

Read more in:
– www.zdnet.com
: Kazakhstan government is now intercepting all HTTPS traffic

Cyber Weapons Are Changing Modern Warfare and Statecraft

The U.S. National Security Advisor, John Bolton, has made cyberwarfare an integral part of statecraft. This past September, the Department of Defense issued a strategic plan that not only confirmed the existence of cyber weapons but declared its commitment to using them “to advance U.S. interests” and “defend forward.”
Read more in:
– www.newyorker.com
: How Cyber Weapons Are Changing The Landscape of Modern Warfare

NSA Contractor Who Took Home Classified Documents is Sentenced

Harold T. Martin, a former NSA contractor, has been sentenced to nine years in prison for stealing as much as 50 terabytes of classified documents over a period of nearly 20 years. The government’s investigation of Martin did not find that he had committed treason.

Read more in:
– www.nytimes.com
: N.S.A. Contractor Who Hoarded Secrets at Home Is Sentenced to Nine Years in Prison

CyberSecurity: Fake firms who say they recover data from ransomware but not really

As per ProPublica report, There are two firms identified in U.K. who market themselves as Data recovery firm. These firms provide solution to the their clients If any organization or individual are attacked by the ransomeware. But in reality, They just negotiate with hackers and make payment on behalf of victims and later on put bills to the victim by saying they have resolved the problem.

In a very simple terms, Ransomeware is a type of sophisticated attack by which Hackers encrypt & crippled someone data also lock the systems. Then hackers threatened to destroy it and other option they provide is to pay money to decrypt/Restore their data and allow users/organizations to use their own systems or data.

FROM 2015 TO 2018, a strain of ransomware known as SamSam paralyzed computer networks across North America and the U.K. It caused more than $30 million in damage to at least 200 entities, including the cities of Atlanta and Newark, New Jersey, the Port of San Diego and Hollywood Presbyterian Medical Center in Los Angeles. It knocked out Atlanta’s online water service requests and billing systems, prompted the Colorado Department of Transportation to call in the National Guard, and delayed medical appointments and treatments for patients nationwide whose electronic records couldn’t be retrieved. In return for restoring access to the files, the cyberattackers collected at least $6 million in ransom.

Reads more in wonderful articles:

Sting Catches Another Ransomware Firm — Red Mosquito — Negotiating With “Hackers”

The Trade Secret

CyberNews: British Airways faces £183 million for data breach

Last year on 6th Sept, British Airways was hacked and 380,000 users data was stolen. And the stolen information included personal and payment information but not passport information.

As you know, United Kingdom has enabled the data security & privacy regulations now and under the regulation, British Airways is facing fine of £183 million. This is huge. For abstract information, you can explore below link on GDPR.

Read mores about GDPR:

British Airways: How 22 Lines of Code Claimed 380,000 Victims

Abstract

On its website, British Airways placed an article explaining details of the incident that answered as many questions as possible for customers. The technical details were sparse but included the following pieces of information:

  • Payments through its main website were affected
  • Payments through its mobile app were affected
  • Payments were affected from 22:58 BST August 21, 2018, until 21:45 BST September 5, 2018

Reads more in

https://www.riskiq.com/blog/labs/magecart-british-airways-breach/

Data-driven technologies in Political campaigning. Inside the Influence Industry. How it works.

The scandal surrounding Cambridge Analytica that broke on 17 March 2018 was a watershed moment. For many voters, it created a unique insight into how their data was being traded and utilised to target them for political influence: voters realised the effects the technologies were having on them. Despite widespread global attention, there is still very little known about the techniques that are applied to sway citizens’ political views by leveraging the data they give away.

All the data-driven methods from analysing behavioural data to A/B testing and from geotargeting to psychometric profiling, political parties are using the same techniques to sell political candidates to voters that companies use to sell shoes to consumers.

What are voter files?

Voter files are profiles of individual voters that are collected into databases for political campaigning purposes. In its most basic form, a voter file is a list of people who could potentially vote in a given election. This data can also be combined with more detailed information, like party affiliation or registration history. While voter files can vary depending on who produces them—whether electoral administrators, commercial entities or political parties—they often consist of publicly accessible information combined with more detailed data acquired from outside sources and polling. 

What is A/B testing?

When Barack Obama’s 2008 presidential campaign team was having trouble converting web visitors into subscribers, they took a page from commercial marketing’s playbook and decided to change the text on their website. They tested three different messages against the site’s usual ‘Sign Up’ prompt: ‘Learn More,’ ‘Join Us Now’ and ‘Sign Up Now.’ They found that ‘Learn More’ outperformed the default message by a whopping 18.6%.1 When they tested the prompt alongside six different photo and video options, the winning combination boosted their sign-up rate by more than 3 percentage points.

While this number may seem small, the campaign estimated that this single change contributed to nearly three million new email address sign-ups and netted $60 million in new donations.2, 3, 4 Four years later, the Obama re-election campaign ran over 500 similar A/B tests across web and email in 20 months, increasing their donation conversion by 29% and their sign-up conversions by 161%.5, 6

The Complete document is referenced here

https://tacticaltech.org/media/Personal-Data-Political-Persuasion-How-it-works.pdf