A 15-year-old made over $400,000 by selling a bug in 2012 that brought down Sony and Microsoft by launching DDoS attacks. Now 20, Adam Mudd faces jail time for admitting to the hacking along with money laundering. I found it extremely interesting that a 15-year-old was capable of developing a bug to take down companies such as Microsoft and Sony.
There’s now a tool to test for NSA spyware
“Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the National Security Agency. It’s designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.” This script is available for download on Github, but a user who downloads it will need some programming skills to allow it to run. “Jennings said he developed his script by analyzing how the Doublepulsar implant communicated over the internet to its control server. However, his original intention was to help businesses identify the implant over their networks, not to scan the entire internet for the implant.”
Snapchat Hacked: Indian Hackers Claim To Have Leaked 1.7 Million Snapchat Users Data
An Indian hacking group claimed to hack Snapchat last year and recently leaked 1.7 million user accounts and data on the Dark Web. This comes after the CEO said that they were going to remove Snapchat from poor countries such as Spain and India. “Although, Evan Spiegel recently announced that he made no claims and the claims that are spread on social media were made by a Snapchat ex-employee.”
“Indian Snapchat users have started to protest on social media networks, making the hashtag #UninstallSnapchat and #BoycottSnapchat trend on Twitter. While many Indian Snapchat has started to make funny meme’s against Snapchat and Snapchat’s CEO.”
Microsoft patched ‘NSA hack’ Windows flaws before leak
“On Friday, a group called the Shadow Brokers published details of several hacking tools, indicating they had been used by the US National Security Agency (NSA) to spy on money transfers.” Many suggested that Microsoft may have been vulnerable. The company suggests that these vulnerabilities have been patched back in March. Microsoft has not revealed how it became aware of the flaws.
North Korea’s embarrassing missile launch failure may have been caused by US cyber attack as Donald Trump warns his military may ‘have no choice’ to strike the rogue nation
This article discusses the recent attempt of a launch of a medium-range ballistic rocket by North Korea. Many experts believe the launch failed after several seconds due to possible hacking by the United States. The United States has been known for launching cyber-attacks on foreign countries in the past. An example of this was Stuxnet. A worm that took down Iran’s nuclear program, which was installed and spread through a USB. For the North Korea launch, “US agents are believed to have infiltrated the supply chain and may have planted undetectable “malware” viruses inside Kim’s missiles.”
Realistic ways to lock down IoT
This article talks about how IoTs devices access a corporate network, and how CSOs must be aware of the risks that these devices present on a network because of their recent display for a “lack of security”. The video talks with a CMO Sanjay Raja of Lumeta.
Is Trump Still Tweeting From His Unsecured Android Phone?
Here is an interesting news article I found this week, titled “Is Trump Still Tweeting From His Unsecured Android Phone?” Apparently, President Trump was tweeting from a Samsung Galaxy S3 which he has been attached to and did not want to upgrade. This version of Samsung’s Galaxy line was no longer receiving Android updates and was extremely susceptible to hacking. The article stated, “The device, likely a Samsung Galaxy S3, has such serious security problems that it’s probably “compromised by at least one—probably multiple—hostile foreign intelligence services and is actively being exploited,” More recently, it appears Trump’s tweets have been coming from an iPhone. His security team may have finally realized the security risk of his old Samsung device and forced the President to upgrade.
WikiLeaks Releases Trove of Alleged C.I.A. Hacking Documents
Article Link – https://nyti.ms/2naGHUJ
Vault7, One of the largest intelligence leaks in recent history, talks about how the CIA is able to spy on anyone through Apple or Android Smartphones, Microsoft Windows Updates, Skype, Smart TVs, and pretty much any IOTs device. Regardless of encryption, the CIA had back-doors to all of these devices. They often times sent their employees to work at large tech companies to have them intentionally install back-doors that they would later have access to. Wikileaks states the source is from an internal CIA agent who wants to spark debate about the government’s cyber techniques of spying, and believes the agency is abusing its power. In 2015, Samsung had to add in their privacy policy that the voice recognition may be used to record conversations and anything private should not be said near the TV.
The Facebook Algorithm Is Watching You
This article does not have to do with Cyber Security, but shares an interesting point how Facebook has a good idea of who each and every one of us are, based on how we react to certain things. Last year, Facebook introduced reactions to posts, which differed from simply just liking a post. Many users in the past argued for a dislike button, but instead Facebook released reactions. Now you can love something, like it, be shocked, angry, etc. Facebook gathers information about how we react to posts containing certain words, and will show information we like or love in our feeds more often than posts containing key-words that we were angry about.