A 15-year-old made over $400,000 by selling a bug in 2012 that brought down Sony and Microsoft by launching DDoS attacks. Now 20, Adam Mudd faces jail time for admitting to the hacking along with money laundering. I found it extremely interesting that a 15-year-old was capable of developing a bug to take down companies such as Microsoft and Sony.
“Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the National Security Agency. It’s designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.” This script is available for download on Github, but a user who downloads it will need some programming skills to allow it to run. “Jennings said he developed his script by analyzing how the Doublepulsar implant communicated over the internet to its control server. However, his original intention was to help businesses identify the implant over their networks, not to scan the entire internet for the implant.”
An Indian hacking group claimed to hack Snapchat last year and recently leaked 1.7 million user accounts and data on the Dark Web. This comes after the CEO said that they were going to remove Snapchat from poor countries such as Spain and India. “Although, Evan Spiegel recently announced that he made no claims and the claims that are spread on social media were made by a Snapchat ex-employee.”
“Indian Snapchat users have started to protest on social media networks, making the hashtag #UninstallSnapchat and #BoycottSnapchat trend on Twitter. While many Indian Snapchat has started to make funny meme’s against Snapchat and Snapchat’s CEO.”
“On Friday, a group called the Shadow Brokers published details of several hacking tools, indicating they had been used by the US National Security Agency (NSA) to spy on money transfers.” Many suggested that Microsoft may have been vulnerable. The company suggests that these vulnerabilities have been patched back in March. Microsoft has not revealed how it became aware of the flaws.
This article discusses the recent attempt of a launch of a medium-range ballistic rocket by North Korea. Many experts believe the launch failed after several seconds due to possible hacking by the United States. The United States has been known for launching cyber-attacks on foreign countries in the past. An example of this was Stuxnet. A worm that took down Iran’s nuclear program, which was installed and spread through a USB. For the North Korea launch, “US agents are believed to have infiltrated the supply chain and may have planted undetectable “malware” viruses inside Kim’s missiles.”
This article talks about how IoTs devices access a corporate network, and how CSOs must be aware of the risks that these devices present on a network because of their recent display for a “lack of security”. The video talks with a CMO Sanjay Raja of Lumeta.
Here is an interesting news article I found this week, titled “Is Trump Still Tweeting From His Unsecured Android Phone?” Apparently, President Trump was tweeting from a Samsung Galaxy S3 which he has been attached to and did not want to upgrade. This version of Samsung’s Galaxy line was no longer receiving Android updates and was extremely susceptible to hacking. The article stated, “The device, likely a Samsung Galaxy S3, has such serious security problems that it’s probably “compromised by at least one—probably multiple—hostile foreign intelligence services and is actively being exploited,” More recently, it appears Trump’s tweets have been coming from an iPhone. His security team may have finally realized the security risk of his old Samsung device and forced the President to upgrade.
Article Link – https://nyti.ms/2naGHUJ
This article does not have to do with Cyber Security, but shares an interesting point how Facebook has a good idea of who each and every one of us are, based on how we react to certain things. Last year, Facebook introduced reactions to posts, which differed from simply just liking a post. Many users in the past argued for a dislike button, but instead Facebook released reactions. Now you can love something, like it, be shocked, angry, etc. Facebook gathers information about how we react to posts containing certain words, and will show information we like or love in our feeds more often than posts containing key-words that we were angry about.