Welcome!

Web 2.0 Authors: Pat Romanski, Kevin Benedict, Liz McMillan, Sematext Blog, Tim Hinds

Blog Feed Post

August 6 – Politico: More than 1 billion passwords stolen by Russian hacker gang – Haul highlights password problems

August 6, 2014

By: Joseph Marks

With help from David Perera, Tal Kopan and Shaun Waterman

MORE THAN 1 BILLION PASSWORDS STOLEN BY RUSSIAN HACKER GANG — Last night’s New York Times scoop that a gang of criminal hackers deep in the Russian hinterlands had amassed more than 1 billion usernames and passwords linked to half-a-billion email addresses demonstrates both that the Web is increasingly dangerous for consumers and that Russia remains a safe zone for hacking networks, analysts told MC. “The untouchables of the internet have developed a robust hacker economy of scale in Russia,” Trend Micro Chief Cybersecurity Officer Tom Kellermann said.

When hackers gather information at that massive scale — this is likely the biggest haul in history — the danger isn’t just the data they have but the data they can deduce from it, CrowdStrike General Counsel Steve Chabinsky told MC. Many people ignore security experts’ advice and don’t vary their passwords, which means attackers that know the password to one account can try the same password — or variations on it — to breach other accounts. “The volume of these records allows hackers to do their own form of big data analytics, scouring passwords and using them in attacks not only against these corporate victims but against others as well,” said Chabinsky, who was previously deputy assistant director of the FBI’s cyber division.

The massive trove of data — stolen from hundreds of thousands of websites — was discovered by the Milwaukee firm Hold Security, which dubbed the gang CyberVor (cyber thief in Russian). The findings were verified by an independent security expert working on behalf of the Times. The list of compromised sites “includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites,” Hold Security said. The hacking ring does not appear to be connected with the Russian government and does not appear to have sold many of the records, the Times reported. The story: http://politi.co/1y3H3L0 The Hold Security report: http://bit.ly/1oAdnUy

SECURITY FIRM FACES “CASHING IN” QUESTIONS — Demonstrating that no good deed goes unpunished, Hold Security has faced suggestions that they are “cashing in” on their discovery by offering a low-cost ($120 per year) service to webmasters to determine if their site was among the 420,000 breached by the gang. After questions from reporters, the firm appears to have taken down the page offering the service, reports Forbes blogger Kashmir Hill. The story: http://onforb.es/1opzTuG

HACKER HAUL HIGHLIGHTS PASSWORD PROBLEMS — The massive trove of stolen account credentials highlights the way the ubiquitous password has become one of the weakest links in the online security chain. Every new online account — from the vital like banking to the trivial like pizza delivery — means another different password to remember; or another chance for cybercrooks to steal your favorite one. Easily remembered passwords can generally be easily guessed, even when encrypted — by computers that try thousands of different possibilities a minute. But an Obama administration program exploring ways to make alternatives to the password commercially viable without infringing on privacy is caught in political crossfire on Capitol Hill.

For the third year running, House appropriators voted earlier this year to gut funding for the program, targeting cash for pilot implementation projects. As Dave Perera reports this morning, “the program’s backers say it’s pure politics. The National Strategy for Trusted Identities in Cyberspace, NSTIC, is a relatively tiny line item in the budget of the government’s technology lab. It comes in at just $16.5 million — a rounding error in the $51.2 billion appropriations bill that funds Commerce, Justice and U.S. scientific agencies.” The full story on NSTIC:http://politico.pro/1lzoXuN

HAPPY WEDNESDAY and welcome to Morning Cybersecurity, where today’s anniversary of the atomic bomb dropping on Hiroshima — whatever else you think about it — is a good opportunity to read the Times’ fascinating obituary of Theodore Van Kirk, the last surviving crew member of the Enola Gay, the plane that dropped that bomb 59 years ago. Van Kirk died last Monday at 93. http://nyti.ms/1pBCeqv Whatever you’re reading today, drop us a line. Send your thoughts, tips and feedback this week to [email protected] and follow @talkopan, @joseph_marks_, @POLITICOPro and @MorningCybersec. Full team info is below.

INTEL OFFICIALS PREPARE TO GO AFTER SECOND SNOWDEN — Intelligence officials are considering asking the Justice Department to open a criminal investigation into the leak of documents related to the government’s terrorist watchlist to Glenn Greenwald’s The Intercept, Reuters reported late yesterday. The documents were dated August 2013, two months after Edward Snowden bolted the NSA and passed a trove of documents to Greenwald and other journalists. The investigation threat would seem to confirm the intelligence community has a second leaker on its hands, but the community would not confirm that fact to Reuters. The story:http://reut.rs/1stSKuR

And some background: There have been rumors rumbling since early July that a second intelligence community source was feeding leaks to reports. That’s when German broadcaster ARD published an unsourced story about XKeyscore targeting users who visit anonymizing sites such as Tor. “I do not believe that this came from the Snowden documents … I think there’s a second leaker out there,” security researcher Bruce Schneier wrote at the time (http://bit.ly/1jO8F08) Greenwald responded by tweeting, “seems clear at this point.” (http://bit.ly/1v7YAWa).

But, even if The Intercept’s August 2013 documents are genuinely from a different source, that doesn’t mean a second leaker on the unprecedented scale of Snowden, a senior law enforcement official cautioned MC. “The unfortunate reality is some people leak information or provide information to those not entitled to receive it, but that’s not anything new,” the source said. “It’s certainly something we take seriously, but I don’t think anybody’s at the point where they think there’s another Edward Snowden.” Background from CNN, which broke the second leaker story: http://cnn.it/1y2AjwU and The Intercept report: http://bit.ly/1qVpsXQ

IN OTHER SURVEILLANCE NEWS, TOR — The Defense Department did not receive personal data about Tor users through a government-funded project to detect vulnerabilities, a DOD spokeswoman told Reuters yesterday. The project was conducted by researchers at Carnegie-Mellon University’s Software Engineering Institute with funding from DOD. The researchers had planned to describe their work at the Black Hat security conference in Las Vegas this week but the university canceled the talk amid the controversy, Reuters reported. In a note on Tor’s website last week, project leader Roger Dingledine said the service had identified computers on its network that had been quietly altering Tor traffic for five months in an attempt to unmask users connecting to “hidden services,” which include drug bazaars and whistleblower sites. Details from Reuters: http://reut.rs/V0viYM

FEDS FAIL EMAIL HYGIENE TEST — Most organizations are not doing enough to prevent their email domains from being forged by hackers and federal agency websites are especially failing — so much so that the government ought to mandate they put their house in order, a new report recommends. Just 4 percent of top federal sites qualified for the nonprofit Online Trust Alliance’s email honor roll, well below the 8.3 percent average for websites generally. Social media sites topped the list with 28 percent qualifying. Major financial institutions were next at 17 percent. To make the honor roll, organizations had to implement best practices for authenticating email that help prevent spearphishing and other malware attacks. Tal has the story http://politico.pro/1kmk6Ss

POSSIBLE IRANIAN CONNECTION IN ISRAELI DDOS ATTACKS — Security firm Arbor Networks spotted sharp upticks in DDoS attacks against Israel starting days after the Hamas-attributed deaths of three Israeli teenagers sparked the latest round of fighting. Attacks went from an average of 30 per day in June to an average of 150 per day in July, peaking at 429 attacks on July 21st, the firm said in a blog post. The attack pattern “bears a striking resemblance” to the “Itsoknoproblembro” botnet attacks launched against U.S. financial firms in 2013, Arbor adds. The Qassam Cyber Fighters, an Islamist hacking group with possible official Iranian ties, took responsibility for the financial industry attacks. Arbor says they don’t know who controls the “Brobot” botnet today, but it’s “being used to attack Israeli civilian governmental agencies, military agencies, financial services and Israel’s cc TLD DNS infrastructure.” The blog post: http://bit.ly/1kDe14s

OPERATION ARACHNAPHOBIA STILL GOING STRONG IN PAKISTAN: A Pakistani APT group has remained active even after it was outed by ThreatConnect’s Intelligence Research Team in August, 2013, launching malware attacks aimed at Indian military and government targets, according to a joint report from ThreatConnect and FireEye released yesterday. Since the first report, the group dubbed Operation Arachnophobia has embedded Bitterbug malware in phony news articles about the arrest of an Indian diplomat and about the disappearance of Malaysia Airlines flight 370 which the “lure” article casts as a Pakistani attack. Details:http://bit.ly/1ssTrDL

REPORT WATCH:

– Sixty percent of companies plan to spend their IT funds on improving cybersecurity over the next two years, and 88 percent said IT investments overall will be important or critical, according to a PwC survey of more than 200 private company leaders in the second quarter of this year: http://pwc.to/1ooEc9R

QUICK BYTES

– Former NSA Chief Keith Alexander is defending the profits of his new cybersecurity firm again — this time to the Associated Press. AP: http://bit.ly/1ATkuwQ

– Smart building technology could open up a new breed of cyberattacks. TechCrunch:http://bit.ly/XBcUYy

– Boston University researchers have been awarded a $10 million grant from the National Science Foundation to test a new cloud-based modular cybersecurity system. GCN:http://bit.ly/1y3Wdjp

– The Veterans Affairs Department launched a new campaign yesterday to educate veterans about identity theft prevention. VA: http://1.usa.gov/1kFwMUV

– Blackphone and Signal have different business philosophies but hit the same post-Snowden privacy concerns. Reuters: http://reut.rs/1sdaLLV

That’s all for today. Have a great Wednesday!

Read the full article at: http://www.politico.com/morningcybersecurity/0814/morningcybersecurity14903.html

The post August 6 – Politico: More than 1 billion passwords stolen by Russian hacker gang – Haul highlights password problems appeared first on ThreatConnect - Threat Intelligence.

Read the original blog entry...

More Stories By Adam Vincent

Adam is an internationally renowned information security expert and is currently the CEO and a founder at Cyber Squared Inc. He possesses over a decade of experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security. The culmination of this knowledge has led to the company’s creation of ThreatConnect™, the first-of-its-kind threat intelligence platform. He currently serves as an advisor to multiple security-focused organizations and has provided consultation to numerous businesses ranging from start-ups to governments, Fortune 500 organizations, and top financial institutions. Adam holds an MS in computer science with graduate certifications in computer security and information assurance from George Washington University. Vincent lives in Arlington, VA with his wife, two children, and dog.

@ThingsExpo Stories
SYS-CON Events announced today that Gridstore™, the leader in hyper-converged infrastructure purpose-built to optimize Microsoft workloads, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Gridstore™ is the leader in hyper-converged infrastructure purpose-built for Microsoft workloads and designed to accelerate applications in virtualized environments. Gridstore’s hyper-converged infrastructure is the industry’s first all flash version of HyperConverged Appliances that include both compute and storag...
SYS-CON Events announced today that AIC, a leading provider of OEM/ODM server and storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. AIC is a leading provider of both standard OTS, off-the-shelf, and OEM/ODM server and storage solutions. With expert in-house design capabilities, validation, manufacturing and production, AIC's broad selection of products are highly flexible and are configurable to any form factor or custom configuration. AIC leads the industry with nearly 20 years of ...
We heard for many years how developing nations would be able to develop mobile-phone networks quickly, perhaps even leapfrog developed nations, because their lack of traditional, wired networks would not inhibit them from deploying the new technology. Now there is talk of history repeating itself with the Industrial Internet--a key aspect of the emerging Internet of Things. For example, Guo Ping, Deputy Chairman of the Board of Chinese electronics giant Huawei, said in a recent report from the World Economic Forum, "The Industrial Internet will afford emerging markets a unique opportunity ...
Avnet, Inc. has announced that it ranked No. 4 on the InformationWeek Elite 100 – a list of the top business technology innovators in the U.S. Avnet was recognized for the development of an innovative cloud-based training system that serves as the foundation for Avnet Academy – the company’s education and training organization focused on technical training around top IT vendor technologies. The development of this system allowed Avnet to quickly expand its IT-related training capabilities around the world, while creating a new service that Avnet and its IT solution providers can offer to their...
Ayla Networks, whose agile Internet of Things (IoT) platform makes it easy for manufacturers to deliver secure, connected products, today announced it has been included in the list of "Cool Vendors" in the Internet of Things report by Gartner, Inc. “Gartner knows how important it is that manufacturers of all kinds of products have the right IoT solution to help turn their products into connected ‘things,’” said David Friedman, CEO and co-founder of Ayla Networks. “The market for Ayla’s IoT platform has accelerated dramatically this year compared to last year. Today’s largest manufacturers ar...
SYS-CON Events announced today that B2Cloud, a provider of enterprise resource planning software, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. B2cloud develops the software you need. They have the ideal tools to help you work with your clients. B2Cloud’s main solutions include AGIS – ERP, CLOHC, AGIS – Invoice, and IZUM
The Internet of Things Maturity Model (IoTMM) is a qualitative method to gauge the growth and increasing impact of IoT capabilities in an IT environment from both a business and technology perspective. In his session at @ThingsExpo, Tony Shan will first scan the IoT landscape and investigate the major challenges and barriers. The key areas of consideration are identified to get started with IoT journey. He will then pinpoint the need of a tool for effective IoT adoption and implementation, which leads to IoTMM in which five maturity levels are defined: Advanced, Dynamic, Optimized, Primitive,...
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch of Docker's initial release in March of 2013, interest was revved up several notches. Then late last...
There is no doubt that Big Data is here and getting bigger every day. Building a Big Data infrastructure today is no easy task. There are an enormous number of choices for database engines and technologies. To make things even more challenging, requirements are getting more sophisticated, and the standard paradigm of supporting historical analytics queries is often just one facet of what is needed. As Big Data growth continues, organizations are demanding real-time access to data, allowing immediate and actionable interpretation of events as they happen. Another aspect concerns how to deliver ...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY., and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides private all-in-one social intranets allowing workers to securely collaborate from anywhere in the world and from any device. Social, mobile, and easy to use. MangoApps has been named a "Market Leader" by Ovum Research and a "Cool Vendor" by Gartner...
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on Twitter at @MicroservicesE
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
So I guess we’ve officially entered a new era of lean and mean. I say this with the announcement of Ubuntu Snappy Core, “designed for lightweight cloud container hosts running Docker and for smart devices,” according to Canonical. “Snappy Ubuntu Core is the smallest Ubuntu available, designed for security and efficiency in devices or on the cloud.” This first version of Snappy Ubuntu Core features secure app containment and Docker 1.6 (1.5 in main release), is available on public clouds, and for ARM and x86 devices on several IoT boards. It’s a Trend! This announcement comes just as...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, and physical persons. In the IoT vision, every new "thing" - sensor, actuator, data source, data con...
The WebRTC Summit 2015 New York, to be held June 9-11, 2015, at the Javits Center in New York, NY, announces that its Call for Papers is open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 16th International Cloud Expo, @ThingsExpo, Big Data Expo, and DevOps Summit.
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergence of Big Data a...
SYS-CON Events announced today the IoT Bootcamp – Jumpstart Your IoT Strategy, being held June 9–10, 2015, in conjunction with 16th Cloud Expo and Internet of @ThingsExpo at the Javits Center in New York City. This is your chance to jumpstart your IoT strategy. Combined with real-world scenarios and use cases, the IoT Bootcamp is not just based on presentations but includes hands-on demos and walkthroughs. We will introduce you to a variety of Do-It-Yourself IoT platforms including Arduino, Raspberry Pi, BeagleBone, Spark and Intel Edison. You will also get an overview of cloud technologies s...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
In his session at WebRTC Summit, Peter Dunkley, Technical Director at Acision, will look at creating interactive communications via the web by adding messaging, file transfer, and group communication (group chat and audio/video conferencing) into the web experience. He will also discuss potential applications of this technology in areas including B2B, B2C, P2P, and gaming. Peter Dunkley is Technical Director at Acision. He graduated from The University of Edinburgh in 2000 with a BSc (Hons) in Computer Science. After graduation Peter worked on a PSTN switch developing signalling stacks for SS...