Anonymous claims to have leaked set of 2000 email addresses and password belonging to folks over at US congress including the likes of US Attorney General’s office, the Senate and New York’s comptroller.
The hack is seemingly in retaliation to recent reports of NSA being involved in surveillance activities of internet users linked to companies like Apple, Microsoft, Yahoo and Google. An Anonymous affiliate account @AnonLastResort tweeted on Monday with a link to a document containing 2,000 email addresses and passwords.
The hackers have however omitted some passwords and shuffled the rest so that they don’t show up next to the email address; however, it seems that the email address and password combination isn’t hard to figure out.
This is not the first time when Anonymous has leaked username and password combinations. But, stealing user data is probably as low as it can get for Anonymous, which is known for some of its high-profile hacks.
A contact file dubbed ‘Priyanka’ making rounds on the web is exploiting some unknown vulnerability in WhatsApp, which if saved will rename all the contacts within WhatApp to Priyanka.
The contact file is not being spread by a virus or malware and users would need to accept the file before the WhatsApp contacts are messed up. The contact file is in itself not a virus or malware and is probably a bug in the messaging app that is being exploited once the file is saved through WhatsApp. The exploit file doesn’t leave a permanent damage and users would be able reinstate their WhatsApp contacts provided they are using automatic backup feature.
According to a blog post on AndroidSoul to completely remove Priyanka one would be required to first remove the contact file itself. Then the user would be required to delete all of the WhatsApp data – this may be achieved by uninstalling WhatsApp. After reinstalling the messaging app contacts and conversations can be restored using backup files.
No further information about the bug is available at the moment. We will update the post once we hear something.
BlackBerry, on Tuesday, launched a service through which companies can secure and manage Android and iOS based mobile devices within their infrastructure.
The service can be managed through the existing BlackBerry Enterprise Service (BES) 10, which was launched in January, and the feature is called Secure Work Space. The new service will enable BlackBerry to penetrate even those organizations where there is no trace of a single BlackBerry device and all personnel of the organization use Android or iOS devices.
The Secure Work Space feature will allow IT managers of companies to manage Android and iOS devices such that they could create a barrier between corporate email, calendars, contacts, tasks, memos, Web browsing and document editing and personal apps and content of the personnel.
BlackBerry, formerly RIM, has been the pioneer of the smartphone once but, following the entry of Apple into this segment followed by Samsung through Google’s Android, it hasn’t been able to gain a foothold over the ground already lost. In a bid to re-discover and re-establish itself into the business BlackBerry launched its OS 10 followed by a trio of BB OS 10 powered smartphones – Z10, Q10 and Q5.
In an interview with Reuters, David Smith, head of enterprise mobile computing at BlackBerry said, “With an integrated management console, our clients can now see all of the devices they have on their network, manage those devices and connect to them securely.”
“We now also have a secure work space on Android and iOS that allows our clients to secure and manage the data on those devices as well”, he added.
Developers of the open source blogging software WordPress have rolled out the security and maintenance release of the WordPress 3.5 and have fixed a total of 12 bugs which includes fixes for 7 security issues.
According to the developers, on top of the security fixes, the update also contains hardening measures that provides additional security to WordPress installations and they have strongly urged all users to update their installations to version 3.5.2 immediately.
The security fixes in 3.5.2 include blocking of server-side request forgery (SSRF) attacks; updates to the TinyMCE editor, the external SWFUpload library and other components to protect against cross-site scripting (XSS) holes; update to WordPress’s password protection for posts that could lead to denial-of-service (DoS) attacks among others; and update that disallows contributors from improperly publishing posts or reassigning the post to a different author among others.
Citadel was disarmed of its command and control server but, don’t you start relaxing as the owners are still out there and no computer is seemingly safe.
Microsoft in collaboration with FBI and other agencies tracked the ‘Citadel’ botnet for over a year and managed to shut it down this week by seizing its command and control servers. There were reports that the malware, through its key-logging features, managed to garner enough login information from around the world to steal somewhere around $500 million from bank accounts the world over.
The hunt for the owner of the botnet is on and the alleged mastermind, going by the internet alias Aquabox, is probably hiding in Russia or Ukraine. There are reports that authorities are still trying to find the identities of the hackers behind Citadel and as they are still at large chances are that they may come up with more malware to infect systems and spawn a new botnet out of the newly infected systems.
According to Reuters, “the criminals remain at large and the authorities do not know the identities of any of the ringleaders.” This leaves us at cross roads again, confused! There is every chance that the seized servers were not the only C&C and more are still out there, dormant and waiting for the right time.
There are different ways in which you will end up being infected and become a part of a botnet. Visit a website and download fake software and that’s it. Click on a link in an email, seemingly from a legitimate source, which says it will give you a free gift and you end up downloading a form which has a malicious macro or an embedded executable file that would actually install a small program on your machine to capture passwords. These and many more ways will force your systems into being a part of a botnet.
Emails, such as the ones mentioned above, are normally circulated using already infected systems and tracing the source only reveals the zombies rather than the command and control servers. The problem is not how sophisticated the malware is or the infection methodology used, it’s a numbers game. Antivirus systems, if kept up to date, do detect such malware most of the time. But, not all users are tech savvy to keep a track of the update status of their anti-virus or lookout for malicious attachments or fake software.
Citadel takedown is definitely a positive towards making the web a little more secure, but up until the mastermind and the bot herders are captured, there will be more ‘Citadel’-like malware and botnet that will spawn. And, here is more to come, if these bad actors behind botnets belong to an organized crime ring in Eastern Europe, well, good luck with that as law enforcement agencies in the US or Europe are going to have a hard time getting to them.
Thousands of requests pound your computer all day long as long as it is connected to the Internet; your open ports fiddled with. Automated scanners try to overwhelm your systems with all kinds of requests and if they find something that is vulnerable, well then all the best again!
The only way that seems to prevent your system from getting infected is disconnecting it from the internet when you don’t need to be online and shutting it down completely at night. All the more defensive stance would be to never install anything; turn it off; and leave it off. Obviously that is not a good solution. Right?