Showing posts with label News. Show all posts
Showing posts with label News. Show all posts
This week on the hacker news.

Black markets on the Dark web are not just known for buying illegal drugs, it is an enormous hidden network where you can buy lots of stuff you can imagine—from weapons, counterfeit currencies, pornography to hacking tools, malware, exploits, and zero-days.


the hacker news

If you’re unable to find it on Google, you will certainly find it on the Dark Web.

The RDP(remote desktop protocol) shop, is one of the underground market-place on Dark Web, a platform that enables anyone to purchase RDP access to hundreds and thousands of hacked machines for a small fee.

Security researchers from the McAfee's Advanced Threat Research team learned that an individual is selling remote access linked to security systems at an International airport for $10 while examining plenty underground RDP shops,

Yes, that's $10!\

the hacker news

Researchers decided to use the Shodan search engine to get the exact IP address of the hacked Windows Server, Instead of purchasing RDP credential. It happened that the administrator account was up for sale.

When they found their way on its login screen through Windows RDP, they discovered there were two more accounts which were "linked with two companies specializing in airport security; one in camera surveillance and video analytics, the other in security and building automation."

"We failed to investigate the full level of access of these accounts, but a compromise might offer a great foothold and lateral movement through the network with the use of tools such as Mimikatz," the researchers wrote. 

"We executed the exact same search on the other login account and found that the domain is most likely linked with the airport's automated transit system, the passenger transport system that connects terminals."

Black market traders usually gain access to RDP credentials by simply scanning the Internet for systems that accept RDP connections, according to the researchers. Then after such traders must have found what they are looking for, they go ahead and launch brute-force attack with popular tools like Hydra, NLBrute or RDP Forcer to gain access.

the hacker news

Once the individual successfully logs into the remote system and gains access to the system, they place the connection details up for sale on the Dark Web.

Anyone who purchases access to such machines will be able to move laterally within the network, alter settings, create backdoors, install trojans and steal data.

As a way out of this mess, organizations should consider taking necessary RDP security measures, such as:

  •          Halting access to RDP connections over the open Internet

  •         Using complicated pass and 2-factor authentication to make brute-force RDP attacks much              harder to succeed

  •          blocking users and IPs that have many failed login attempts

     More on the hacker news.

China supposedly exfiltrated classified data pertaining to the US Navy projects after a successful cyber-attack on an unnamed Navy contractor caused the loss of 614 gigabytes of cryptographic information, sensor data, the exposure of a classified project known as Sea Dragon, and submarine electronic warfare.

The said contractor assumed to work for the Naval Undersea Warfare Center, allegedly collected and stored the information on an unclassified network.

The Sea Dragon scheme seems to be a Pentagon project aimed at causing disruptive offensive capability by combining an already existing weapon system with an existing Navy platform.

All the trove of data supposedly also contains information about a supersonic anti-ship missile that’s expected to be fixed onto US submarines by 2020, escalating the tactical military value of the theft.

Officials have predicted that the Chinese government was responsible for the attack, as this kind of military intelligence is exactly what China requires to bridge the technology gap between the United States’ navy and it’s Navy.

“So anything that demeans our comparative benefit in undersea warfare is of severe significance if we ever had to carry out our war plans for dealing with China,” said James Stavridis, the dean, Fletcher School of Law and Diplomacy at Tufts University.

While this is one of many times the US has blamed China for breaches on government contractors resulting in the loss of sensitive military research and information, this event has been credited to the Chinese Ministry of State Security, a civilian agency tasked with counterintelligence.

“We treat the larger subject of cyber-intrusion against our contractors very seriously,” said Cmdr. Bill Speaks, a Navy spokesman. “If such an interference were to occur, the suitable parties would be looking at the exact incident, taking actions to protect current information, and mitigating the impacts that might result from any data that might have been compromised.”

Subscribe to my mailing list

* indicates required

google chrome feature password absolute

Good news for internet users as Google now gives websites the alternative to remove the need for password logins in the latest version of its web browser, Chrome 67.

Websites that choose to enable the new feature will let you register and log-in using any biometric information that your phone supports. iPhone owners, for instance, would be able to use their fingerprint to verify that it's actually them that are signing in to a site from their desktop. Additional options include facial recognition, a photo, or even retina scanner. 

However, Chrome users won't be able to access this new development immediately after it is released in the coming days. Instead, the update means that Google has opened up the required code to website developers and owners, so they can integrate the new feature into their own websites.

The passwordless alternative will now be the default setting on sites that enable it. Though, you'll still have the option to turn it off if you prefer typing your qualifications in, and on again if not.

By choosing to enable it, websites will not only be relieving you of the boring task of recalling and typing in passwords each time you log in but will also make it more convenient for you to create a new and unique password. Using the same password more than once in many websites(while much easier than remembering multiple) is a known security hazard that many people become a victim of, and is even becoming more and more difficult with all of the different password requirements.

Google, Mozilla and Microsoft had been pushing for the Web Authentication standards for years with the hopes of increasing security, which made this update possible. They devoted to using them on their own web browsers even before the standards were released in April. Chrome is the last of the three companies' products to do so.

Apple, however, has made no such commitment for Safari, but it might be on its way very soon. The browser is labelled as "In development" in Chrome's status update and a great number of Apple staff members are in the connected working group.


So, fellas, keep surfing the internet with ease.

Subscribe to my mailing list

* indicates required