Federal Agency that maintains secure communication for Trump got hacked

Por Deeba Ahmed em 22/02/2020 no site HackHead

The Daily Wire

The United States’ federal defense agency responsible for ensuring safe communications with many high profile personalities including President Donald Trump, national leaders, and military operations, admitted experiencing a security breach.

The data breach occurred at Defense Information Systems Agency (DISA) in 2019, however, it is yet unclear whether or not the entire data belonged to DISA.

The unknown attackers managed to hack Personally Identifiable Information (PII) including Social Security Numbers of approx. 200,000 individuals, as per the revelation from the Department of Defense’ spokesperson Chuck Prichard. 

In a letter sent by DISA to the affected individuals and mainstream news agencies on February 11, 2020, it was explained that the cyberattack took place between May and July 2019, and that the system hosted by DISA was affected by the security breach.

It is clearly written in the letter that there is no indication of the misuse of PII. 

Source: Reuters

It is worth noting that DISA has a policy under which the agency is liable to inform individuals if their personal data has been compromised. Furthermore, the agency has offered credit card monitoring of the affected individuals free of charge.

Prichard stated that the department has chosen not to reveal the actions taken to mitigate the vulnerabilities or risks because of operational security reasons.

DISA is responsible for providing IT support and direct telecom facility to President Trump, Vice President Mike Pence, the US Secret Service, staff of the president, the chairman of the Joint Chiefs of Staff and senior officers from the military. 

Interestingly, in a report published in June by the Senate Homeland Security and Governmental Affairs’ Subcommittee, it was noted that as many as seven out of eight federal agencies offered insufficient protection to PII. Though DISA’s name wasn’t included in the agencies reviewed by the subcommittee, the hack does reveal shortcomings in its data protection methods.

Slack data breach: Company resets thousands of passwords

por Waqas em18 de julho de 2019 no site HackHead traduzido por Google Translate.

Slack sofreu uma violação de dados em que milhares de usuários foram afetados. Como resultado, a empresa está a redefinição de senhas de milhares de usuários afetados.

A violação de dados teve lugar de volta em 2015, mas a empresa recentemente tomou conhecimento do incidente em que hackers desconhecidos conseguiram roubar banco de dados contendo informações de perfil relacionados de usuários Slack incluindo nomes de usuários, endereços de email e senhas criptografadas.

No entanto, hackers inserido códigos maliciosos para extrair senhas em texto puro que foram inseridos pelos usuários no momento da violação.

Slack revelou ainda que tomou conhecimento da violação de dados através do seu programa de recompensas bug depois que alguém contactou a empresa com uma lista de e-mails e senhas de seus usuários. Slack afirma que a lista pertence a 2015 violação de dados.

Em um aviso de segurança , Slack reconheceu a violação e afirmou que apenas um punhado de usuários foram afetados. Isto inclui aqueles que criaram a sua conta antes de Março de 2015, aqueles que não mudar suas senhas uma vez e aqueles que não usam single-sign-on.

Slack sustenta ainda que a violação de dados não se aplica à “cerca de 99 por cento que se juntou Slack depois de março de 2015” ou aqueles que mudaram a senha desde o incidente.

“Estamos a redefinição de senhas para cerca de 1% das contas Slack [...] Em outras palavras, se você é um dos cerca de 99% que se juntou Slack depois de março de 2015 ou alterado sua senha, desde então, este anúncio não se aplica a você, ”escreveu a equipe Slack.

Por outro lado, um outro relatório afirma que um total de 65.000 usuários Slack foram afetados pela violação de dados.

Slack tem milhões de usuários em todo o mundo que o tornam um alvo lucrativo para os cibercriminosos. Qualquer ataque a cyberinfrastructure da empresa é uma grande preocupação. Portanto, para sua segurança conta, se você tiver uma conta Slack mudar a sua senha, mesmo se você não são afetados pela violação.

“Nós não temos nenhuma razão para acreditar que qualquer uma dessas contas foram comprometidos, mas acreditamos que essa precaução vale qualquer inconveniente o reset pode causar”, a equipe Slack acrescentou. “No entanto, temos que reconhecer que este é inconveniente para os usuários afetados, e pedimos desculpas.

Isso, no entanto, não é a primeira vez quando Slack fez manchetes por todas as razões erradas. No início de março deste ano, um novo malwares backdoor chamado “Slab” foi encontrado alvo Slack e plataformas Github.

Hackers steal $30 million worth of cryptocurrency in Tether hack

By Waqas on November 21, 2017 no site HackRead

Tether, a start-up firm known for offering dollar-backed cryptocurrency has announced that hackers have breached their security and stole a whopping $30 million worth of tokens. The breach took place on 19th November 2017 while the news of it was announced earlier today.

What Happened

“Yesterday, we discovered that funds were improperly removed from the Tether treasury wallet through malicious action by an external attacker,” Tether team said today. “$30,950,010 USDT was removed from the Tether Treasury wallet on November 19, 2017, and sent to an unauthorized bitcoin address.”

Tether claims that unknown attackers stole funds from its wallet and currently holding it on the 16tg2RJuEPtZooy18Wxn2me2RhUdC94N7r address. The company is now taking extra security measures to prevent any further attack and temporarily suspended tether.to back-end wallet service.

“As Tether is the issuer of the USDT managed asset, we will not redeem any of the stolen tokens, and we are in the process of attempting token recovery to prevent them from entering the broader ecosystem,”Tether said.

Although an investigation is in the process, Tether said that the stolen token would be blacklisted so hackers can’t convert them to the US Dollar. However, the company is also being criticized for lack of transparency and the way it is dealing with the situation.

Tether also released new versions of OmniCore software that “should prevent any movement of the stolen coins from the attacker’s address,” hopes the company. Moreover, Tether is also working with OmniFoundation to “reclaim stranded tokens and rectify the hard fork created by the above software.”

It also warned not to accept any USDT tokens from the above address (16tg2RJuEPtZooy18Wxn2me2RhUdC94N7r) since they have been flagged and will not be redeemable by Tether for USD.

At the time of publishing this article, Tether’s website was offline displaying CloudFlare “Error 502” message. As for the breach, the company did not explain how their servers were breached and how it went undetected

6th Breach Against Cryptocurrency Platforms In Last 6 Months

According to reports, the breach also affected the Bitcoin price over the weekend temporarily. However, this is the sixth major security breach against a cryptocurrency platform. Here is a timeline for all six breaches:

Bithumb breach: In July, Bithumb, one of the largest Bitcoin and Ether exchange platforms suffered a breach resulting in the theft of billions of South Korean Won.

CoinDash breach: In July again CoinDash (ISO), an Israeli cryptocurrency social trading start-up announced that its crowdfunding page was compromised during Token Sale event earlier today — As a result, hackers stole Ethereum worth $7 million.

Veritaseum breach: In July 2017 again, Veritaseum, another cryptocurrency platform announced that their Initial Coin Offering (ICO) suffered a data breach in which around US$8.4 million worth of Ethereum were stolen.

Parity Technologies breach: On July 20, 2017, unknown hacker stole $32 Million in Ethereum from 3 multisig wallets by exploiting a critical security flaw in its multi-signature wallet software.

Enigma Marketplace breach: In August this year, Enigma, a decentralized marketplace and cryptocurrency investment platform suffered a data breach in which hackers stole $500,000 in Ethereum. The hack took place when the firm was about to start the crypto token sale.