h4ck3r _ N3w5

Bad News for Internet Explorer fans, if any! Microsoft’s almost 20 years old Web browser with a big blue E sign might soon be a thing of the past.
With the arrival of Windows 10, probably by next fall, Microsoft could come up with its brand new browser that’s more similar to Mozilla’s Firefox and Google’s Chrome, but less like Internet Explorer (IE), according to a recent report published by ZDNet.

“Ok so Microsoft is about to launch a new browser that’s not Internet Explorer and will be the default browser in Windows 10,” tweeted Thomas Nigro, a Microsoft Student Partner lead and developer of the modern version of VLC.

The browser, codenamed “Spartan,” is a “light-weight” browser with extension support, and multiple sources confirm that this new browser isn’t IE12. Instead, Spartan is an entirely new browser that will use Microsoft’s Chakra JavaScript engine and Trident rendering engine (as opposed to WebKit). But Internet Explorer isn’t going away completely.

According to ZDNet’s Mary Jo Foley, Windows 10 will ship with both Internet Explorer 11 and Spartan, though the former is expected to stick around for backwards compatibility only. The new browser will be available for both desktop and mobile devices running Windows 10.

So far it’s unclear whether Spartan will be portable on non-Windows systems, such as Android, iOS, or OS X, but if it is actually imitating Chrome and Firefox, two of the most popular browsers out there, the idea isn’t too crazy. The new browser is currently under development.

However, if this new browser doesn’t use Webkit, it will not likely be accepted into Apple’s App store, because Apple requires all “apps that browse the web must use the iOS WebKit framework and WebKit Javascript” according to its app store review guidelines.

What Microsoft will call the new browser is also a mystery at this point, as ‘Spartan’ is just a codename for the project, and there’s no revelations on what it might be called by the company.

Microsoft hasn’t provided any details about it but the company is hosting a press event on Jan. 21 in the company’s hometown of Redmond, Washington, where it is expected to provide more details about the consumer version of Windows 10, so perhaps we will know some more about Spartan then.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://feedproxy.google.com/~r/TheHackersNews/~3/43xb4p-bJbM/microsoft-windows-spartan-browser.html

Hackers have already bypassed Apple’s fingerprint scanner using fake fingerprints, and now they have found a way to reproduce your fingerprints by using just a couple of photos of your fingers.

Special Fingerprint sensors have already been used by Apple and Samsung in their smartphones for authentication purposes and in near future fingerprints sensors are believed to be the part of plenty of other locked devices that can be unlocked using fingerprints, just to add an extra layer of authentication. But, How secure are your fingerprints?

A member of Europe’s oldest hacker collective, the Chaos Computer Club (CCC), claimed to have cloned a fingerprint of a Germany’s federal minister of defense, Ursula von der Leyen, using pictures taken with a “standard photo camera“ at a news conference.

At the 31st annual Chaos Computer Conference in Hamburg Germany this weekend, biometrics researcher Starbug, whose real name is Jan Krissler, explained that he used a close-up photo of Ms von der Leyen’s thumb that was taken with a “standard photo camera” at a presentation in October — standing nine feet (3 meters) away from the official. He also used several other pictures of her thumb taken at different angles.

Starbug then used a publicly available software program called VeriFinger with photos of the finger taken from different angles to recreate an accurate thumbprint. According to CCC, this software is good enough to fool fingerprint security systems.

“After this talk, politicians will presumably wear gloves when talking in public,” Starbug told the audience at the Chaos Computer Conference (CCC) conference.

However, this is not the very first time when Chao Computer Club has targeted fingerprints. In past, the group has demonstrated how easily the Apple iPhone 5s can be unlocked using a fake fingerprint obtained from an individual who has touched a shiny surface, such as glass or a smartphone screen.

“This demonstrates—again—that fingerprint biometrics is unsuitable as [an] access control method and should be avoided,” the group said at the time.

Moreover, just three days after the launch of the Galaxy S5, hackers successfully managed to hack Galaxy S5 Fingerprint sensor using a similar method that was used to spoof the Touch ID sensor on the iPhone 5S.

But this recent hack did not require any object ‘carrying the fingerprints anymore,’ which means that any person could potentially steal someone’s fingerprint identity from photos posed on Facebook, Twitter or any social networking site.

This new finding by Starbug potentially calls into question the effectiveness of fingerprint scanners as a security measure. Fingerprints have been supported in the past as biometric identifiers, but because it can be easily reproduced, using fingerprints for security purposes raises questions.

The practical danger is low, because even after obtaining your fingerprint, the data thieves would still need to have your devices or otherwise find a way to sign in using your biometric information. But, the concern is more as the method require no technical skill to perform the fingerprint cloning.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://feedproxy.google.com/~r/TheHackersNews/~3/ghYiZ7OVz58/hacker-clone-fingerprint-scanner.html

A serious security vulnerability has been discovered in the default web browser of the Android OS lower than 4.4 running on a large number of Android devices that allows an attacker to bypass the Same Origin Policy (SOP).
The Android Same Origin Policy (SOP) vulnerability (CVE-2014-6041) was first disclosed right at the beginning of September 2014 by an independent security researcher Rafay Baloch. He found that the AOSP (Android Open Source Platform) browser installed on Android 4.2.1 is vulnerable to Same Origin Policy (SOP) bypass bug that allows one website to steal data from another.
Security researchers at Trend micro in collaboration with Facebook have discovered many cases of Facebook users being targeted by cyber attacks that actively attempt to exploit this particular flaw in the web browser because the Metasploit exploit code is publicly available, which made the exploitation of the vulnerability much easier.

The Same Origin Policy is one of the guiding principles that seek to protect users’ browsing experience. The SOP is actually designed to prevent pages from loading code that is not part of their own resource, ensuring that no third-party can inject code without the authorization of the owner of the website.

Unfortunately, the SOP has been the victim of Cross-Site scripting vulnerability in older versions of Android smartphones that helps attackers to serve the victims a malicious JavaScript file stored in a cloud storage account.

In this particular attack, a link will be served using a particular Facebook page that could lead Facebook users to a malicious website.

However, the “page contains obfuscated JavaScript code, which includes an attempt to load a Facebook URL in an inner frame. The user will only see a blank page as the page’s HTML has been set not to display anything via its div tag, while the inner frame has a size of one pixel,” Simon Huang, a mobile security engineer at Trend Micro, wrote in a blog post.

JavaScript code could allow an attacker to perform various tasks on the victim’s Facebook account, on behalf of the legitimate account holder. According to the researcher, hackers can do almost anything with the hacked Facebook account using JavaScript code. Some of the activities are listed as follows:

• Adding Friends
• Like and Follow any Facebook page
• Modify Subscriptions
• Authorize Facebook apps to access the user’s public profile, friends list, birthday information, likes.
• To steal the victim’s access tokens and upload them to their server.
• Collect analytics data (such as victims’ location, HTTP referrer, etc.) using the legitimate service.

Security researchers have observed that the cyber crooks behind this campaign rely on an official BlackBerry app maintained by BlackBerry in order to steal the access tokens and thus hacking Facebook accounts. Using the name of a trusted developer like BlackBerry, the attacker want the campaign to remain undetected. Trend Micro reported BlackBerry about their findings.

“The mobile malware using the Android SOP Exploit (Android Same Origin Policy Bypass Exploit) is designed to target Facebook users regardless of their mobile device platform,” Blackberry told Trend Micro in a statement. “However, it attempts to take advantage of the trusted BlackBerry brand name by using our Facebook web app. BlackBerry is continuously working with Trend Micro and Facebook to detect and mitigate this attack. Note that the issue is not a result of an exploit to Blackberry’s hardware, software, or network.”

Trend Micro is working together with Facebook and BlackBerry in an attempt to detect the attack and prevent the attack from being carried out against new Android users.

All Android devices upto Android 4.4 KitKat are vulnerable to this SOP vulnerability. However, a patch was offered by Google back in September, but millions of Android smartphones users are still vulnerable to the attack because the manufacturer of the smartphone no longer pushes the update to its customers or the device itself does not support a newer edition of the operating system.

The SOP vulnerability resides in the browser of the Android devices, which can’t be uninstalled because it’s usually part of the operating system in-build feature. So, in order to protect yourself, just Disable the BROWSER from your Android devices by going to Settings > Apps > All and looking for its icon. By opening it, you’ll find a DISABLE button, Select it and disable the Browser.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Wang Wei on Google+, Twitter or Contact via Email.

Latest Stories

Comments

via The Hacker News http://feedproxy.google.com/~r/TheHackersNews/~3/EfW7PYLiXrc/Hacking-Facebook-account.html

After the Mysterious Malaysian Airlines flight MH370 incident in March 2014 and the shooting of Malaysia Airline Flight MH17 by a ground-to-air missile in July 2014, yesterday AirAsia flight QZ8501 with 162 people on board found missing by the time it flew from the Indonesian city of Surabaya to Singapore after losing contact with air traffic control due to weather, the airline company said Sunday.

Since, cybercriminals are known to take advantage of every major incident and any occasion that captures public attention – regardless of how sensitive – comes out to be an opportunity for spammers and hackers to snatch users’ personal information and spread malware, and the tragedy of the Missing AirAsia flight QZ8501 is no exception.

Cyber criminals are exploiting the disappearance of Indonesia AirAsia flight QZ8501 by luring users to websites purporting to offer the latest news in order to steal their personal information.

Our team has spotted some posts on social media claiming that the “Missing AirAsia flight QZ850 has been found and that all its passengers are safe and alive”. But once the user click on the news, the link redirects users to the malicious websites. It made me remind of the missing Malaysian Airlines flight MH370, a Boeing 777-200 aircraft incident which opened doors for many cybercriminals to infect online users.

Indonesia Flight QZ8501 lost its contact with air traffic control at 7:24 a.m. local time over the Java Sea after taking off from Surabaya, Indonesia, according to a statement from AirAsia. AirAsia flight QZ8501 was scheduled to land in Singapore about an hour later.

“AirAsia Indonesia regrets to confirm that QZ8501 from Surabaya to Singapore has lost contact at 07:24hrs this morning,” AirAsia tweeted.

Missing AirAsia flight QZ8501 was last tracked around the island of Belitung, at the coordinates 03°22’15″ South and 109°41’28″ East, before disappearing from radars. Due to night, search and rescue operations have been suspended, which the team will resume tomorrow.

According to AirAsia, Indonesia flight QZ8501 had seven crew members and 155 passengers, including 137 adults, 17 children and one infant. The aircraft was flying at 32,000 feet and had asked to go to 38,000 feet due cloudy weather in the area.

May be scammers and cyber crooks could exploit this tragic incident to target as many online users as they want. Because they know that users sitting over their online devices and operating social media accounts such as Facebook and Twitter, have had an eye on every news update related to the Missing AirAsia flight QZ8501.

Cyber criminals may also come up with fake news websites in order to distribute malware and infect a large number of online users. So you need to have an eye on that too.

WHAT AN ONLINE USER NEED TO KEEP IN MIND

• Beware! Before clicking a link for any news related to the Missing AirAsia flight QZ8501 over social networking sites such as Facebook and Twitter.
• Always go for the genuine and reputed news site for any updates regarding the Missing AirAsia flight.
• If any link claims you to show a video footage of the missing Indonesia flight QZ8501, please keep in your mind that their is no such video footage available yet. Beware of such fake videos and links that could spread in the wild across the various social media and other sites to abuse your network and system.
• If you’ve already shared or “liked” any such link, it’s probably best to delete malware post from your Facebook wall.

First the tragic incident of Malaysia Plane MH370 from Kuala Lumpur to Beijing on March 2014, then the shooting down of Malaysia Airlines flight MH17 from Amsterdam to Kuala Lumpur on 17 July 2014, and now the Missing AirAsia flight QZ850 incident is really a matter of sorrow for all of us.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://feedproxy.google.com/~r/TheHackersNews/~3/D_43FY2HuRI/malaysian-airasia-flight-QZ8501.html

“The Interview“, the controversial North Korean-baiting film which appeared to be the root cause of the cyber mishap occurred at Sony Pictures Entertainment that threatened terror attack at theaters showing the movie, now threatens to expose users of Android phones to a malware attack.

Since its release, everyone is talking about “The Interview” — the Seth Rogen and James Franco-starring comedy centered around a TV host and his producer assassinating North Korean dictator Kim Jong Un. Because cybercriminals are known to take advantage of major events where there is a high level of public interest, The Interview became their target.

In a joint investigation, Security researchers of McAfee and Technische Universität Darmstadt and the Center for Advanced Security Research Darmstadt (CASED) has discovered an Android app claiming to download ‘The Interview’ comedy on their smartphone devices actually infects users’ devices with banking trojan in order to steal their financial information.
The Banking Trojan is appeared to be hosted on Amazon Web Services and is delivered via a torrent file. Researchers have identified that the malware campaign is targeting Android users in South Korea and is active from the last few days. The campaign is attempting to exploit the popularity of The Interview movie that triggered tension over its release on Christmas.
The malware trojan, detected by the researchers at McAfee as Android/Badaccents, targets customers of some Korean banks as well as an international bank, Citi Bank. According to researchers, the Trojan is selective about its victims and avoids infection of devices sold in North Korea.

“One aspect which will probably raise eyebrows, is that the malware code includes a routine to check the device’s manufacturing information,” Graham Cluley wrote on his blog. “If it is set to either 삼지연 (Samjiyon) or 아리랑 (Arirang), smartphone manufacturers whose Android devices are sold in North Korea, the malware will not infect, and instead display a message that an attempt to connect to the server failed.“

The researchers’ findings cited by Cluley revealed that at least 20,000 devices have been infected and that the information exfiltrated from the devices is uploaded to a Chinese mail server.

Security researchers at McAfee has notified Amazon Web Security about the malware hosting issue so that the Amazon-hosted files can be removed and prevent further infections. However, other online storage services could be used by cybercriminals for carrying out the campaign.

Usually cybercriminals use third party Android app to distribute trojan malware in order to infect smartphone users, but this is the first time when cyber crooks have chosen torrent websites to deliver the Trojan, probably because “The Interview” is already at the top of search results in Korea and most of the countries.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://feedproxy.google.com/~r/TheHackersNews/~3/h4GF27toaZE/movie-the-interview-android.html

Hackers claiming affiliation with the hacktivist group “Anonymous” have allegedly leaked more than 13,000 username and password combinations for some of the worlds most popular websites, including Amazon, Xbox Live and Playstation Network.
The stolen personal information was released in a massive text document posted to the Internet file-sharing website Ghostbin (now deleted), on Friday. The document contains a huge number of usernames and passwords, along with credit card numbers and expiration dates.
The news came just a day after the hacker group Lizard Squad compromised Sony’s Playstation and Microsoft’s Xbox Live gaming networks on Christmas day, which is estimated to have affected Xbox’s 48 million subscribers and PlayStation’s 110 million users, making it a total of more than 150 million users worldwide.

However, data breach of 13,000 users is not the biggest data breach we’ve ever seen. When millions of passwords are used for sites around the globe, chances are very minor that our’s among those compromised. But still it’s important to note as these accounts come from a variety of online sources and among those, some are really very popular.

The Daily Dot‘s Aaron Sankin has compiled a comprehensive list of sites associated with the username and password leaks, and discovered that the leaks came from the sites run the gamut from pornography to gaming to online shopping. The list of the compromised websites is as follows:

• Amazon
• Walmart
• PlayStation Network
• Xbox Live
• Twitch.tv
• Origin.com
• Hulu Plus
• Dell
• Brazzers
• lKnowThatGirl
• Mofos
• DigitalPlayground
• Wicked
• Twistys
• Fantyasyhd
• Puremature
• Tiny4k
• MotherFuckerXxx
• Playboy
• CastingCouchX
• BangBros
• POVD
• BabesNetwork
• ArtisticAddiction
• X-art
• Shutterstock
• Platinumclub.com
• AprilJordan.com
• DareDorm
• PrettyPetites
• NaughtyAmerica
• PornAccess
• RookieBabe
• GFMembersPass
• HungarianHoneys
• PleaseBangMyWife

Just to be on a safer side, users are recommended to change their passwords if they have accounts on these compromised websites, and also pay attention to your credit card transactions and if any suspicious activity found, immediately communicate with related banks and financial institutions.

Also, don’t use the same passwords for banking and online shopping sites, and always keep an eye out for unusual activities or unauthorized purchases with your accounts.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Mohit Kumar’ on Google+, Twitter or Facebook or Contact via Email.

Latest Stories

Comments

via The Hacker News http://feedproxy.google.com/~r/TheHackersNews/~3/FeI0RlqJoiE/password-hacking-data-breach.html

It was the sad Christmas day for gamers all around the world!! A lot of people get new PlayStations and Xboxes on Christmas, but this Christmas they bought the game, popped it into the console for online gaming, and what they found? Oh Crap! I can’t log on.
It was the notorious hacker group “Lizard Squad” who claimed the responsibility for taking down PlayStation Network, saying it has made unavailable both networks with apparent Distributed Denial of Service (DDoS) attacks — intentionally overloading servers by sending a flood of bogus web traffic, which made logging into the PlayStation Network and Xbox Live difficult for most users.
Now Anonymous has declared war against Lizard Group, warning that “now you are all going down.” Recently, in response to Lizard Squad launching DDoS attacks on the Tor network, the international activist group Anonymous has leaked the personal details of one of the group’s alleged members, warning the hacker collective “Lizard Squad” to “stand down” and stop attacking Tor.

Earlier after the big outage for both Xbox Live and Playstation Network services, both Sony and Microsoft acknowledged the problem, saying that their security teams were working to resolve the issue and get the networks back online.

“We are aware some users are unable to sign into Xbox Live. Our teams are working to resolve the issue. Visit xbox.com/support for status updates,” said Sean McCarthy, general manager of Microsoft’s Xbox Product Services in a statement to CNN. “We don’t share info on the root cause of specific issues.“

“We are aware that there have been issues reported with PSN,” tweeted Sony’s Ask PlayStation account on Christmas Eve. “Thanks for your patience as we investigate.“

Giving pause to the attacks on PSN and Xbox live, Lizard Squad said in a tweet that “All your onions are belong to us,” referring to Tor’s onion logo, and later tweeted that the Tor network is only used by “hackers, miscreants and pedophiles.”
The Tor Project released a statement about the attacks, saying “we don’t expect any anonymity or performance effects based on what we’ve seen so far.” It said the attackers attempted a “Sybil attack” where “the attackers have signed up many new relays in hopes of becoming a large fraction of the network.”

“But even though they are running thousands of new relays, their relays currently make up less than 1% of the Tor network by capacity,” it added. “We are working now to remove these relays from the network before they become a threat, and we don’t expect any anonymity or performance effects based on what we’ve seen so far.” So hopefully this gets nipped in the trollish bud before anonymity is affected.“

Anonymous‏ group warned Lizard Squad in a tweet, saying “People need that service because of corrupt governments.” Later, the group confirmed that it was tracking down members of Lizard Squad.

However, the details revealed by the group are yet not confirmed to be legitimate, Anonymous tweeted a link which appears to contain the personal details, including full name, address, phone numbers and passwords, of one of the supposed members behind Lizard Squad.

The group posted a screenshot that appears to be a text conversation between one of its members and one of the members behind Lizard Squad, in which the Lizard Squad member ask the Anonymous‏’ member to stop the attacks against them and for their family to be left alone, but Anonymous‏ said in a tweet that they’ll not stop.

Whereas, a member of Lizard Squad has claimed that the conversation between Anonymous‏ member and Lizard Squad member is fake.

The group also posted a couple of videos to YouTube in which it — in its typical dramatic style — attacked Lizard Squad. The first video message to Lizard Squad posted by Anonymous on YouTube as follows:

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Wang Wei on Google+, Twitter or Contact via Email.

Latest Stories

Comments

via The Hacker News http://feedproxy.google.com/~r/TheHackersNews/~3/-Ar57SKE1cs/Lizard-Squad-Xbox-playstation.html

Surprisingly, from yesterday a cartoon picture of the supreme leader of the Democratic People’s Republic of Korea (North Korea) named Kim Jong-un appearing on The Pirate Bay website’s homepage, but WHY?
At the beginning of this month, The Pirate Bay — an infamous Torrent website predominantly used to share copyrighted material such as films, TV shows and music files, free of charge — went dark from the internet during a raid operation carried out by Swedish Police.

However, a number of clones and rumors of rebirths of the infamous The Pirate Bay (TPB) appeared online, but the official domain of The Pirate Bay (ThePirateBay.se) remained inaccessible, until last week.

ThePirateBay.se, the official domain of TPB returned to life, but without an archive of torrent files and now showing a ticking clock, with the Jolly Roger (skull and crossbones Pirate flag) waving in the background, and an image with apparently random characters with the filename AES.png, hinting it might be an encryption key and the website is also showing a cartoon sketch of the dictator of reclusive North Korean regime – Kim Jong Un.

Last week when the official domain came back online, it showed a pirate boat with multiple reptile heads, likely refer to a Hydra — a Greek mythological figure that grew two heads for every head that was cut off.

This image was included in the source code, with the hint “sneakyhint“, which could be a hint that the website is going to make or allow people to create their own Pirate Bay clone under “The Open Bay” project.

The Open Bay is an initiative launched by Isohunt.to, which allows people to run a “copy” of The Pirate Bay. As earlier the TPB crew said that it would create as many clones as possible, so that The Pirate Bay will never ever went dark.

“We’ve always lived by Kopimi. We love being cloned. It would be amazing if, like in the classic movie Spartacus, everyone could stand up and say ‘I am The Pirate Bay’,” The Pirate Bay’s Mr 10100100000 told TF earlier.

Since it appeared that the image of Kim Jong un was included in the TPB homepage due to all the controversies about The Interview — the Seth Rogen and James Franco-starring comedy centered around a TV host and his producer assassinating North Korean dictator Kim Jong Un, and surrounding claims that North Korea was behind the hacking of Sony Pictures’ corporate network.

At the time, it is unclear that why the “sneakyhint” image of hydra was replaced with Kim Jong Un by Pirate Bay crew. However, a group of Albanian hackers claimed that they managed to hacked the website and added Kim Jong Un image on the TPB’s homepage. But I doubt, because if TPB would have been hacked by hackers then they would have definitely defaced whole website by having access to the site, not just the replacement of a single image.

Kim Jong Un image on The Pirate Bay homepage started a discussion on the online portal Reddit, where users guessing their best.

“Anyone notice kim jong un? it could be hinting that they are moving servers to north Korea possibly?,” one reddit user said.

But, I felt that if The Pirate Bay team is actually hinting all of us that they are moving their servers to North Korea, then it could create a huge dramatic situation between the US and North Korea after the massive Sony Pictures hack.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://feedproxy.google.com/~r/TheHackersNews/~3/DqAuXX5Uf-Y/the-pirate-bay-showing-nkorea-kim-jong_26.html

Koreans have once again gain media attention but this time not as an accused of any kind of hack attack, but as a victim of a severe attack on computers systems at a nuclear power plant in South Korea by an unknown hacker or a group.

South Korea was hit by a cyber attack on its nuclear power plant, causing the operator to conduct drills in order to test the ability of the nuclear plant to cope with a full-scale cyber-attack. Although the plant’s operator says no critical data has been leaked.

The cyber attack came into light after a hacker posted blueprints of nuclear reactors online and threatened further “leaks” unless authorities close down the reactors. According to the South Korean Yonhap News Agency, the hacker was able to access blueprints of reactors, floor maps and other internal information on the plant.

Last week with the help of a Twitter account named “president of anti-nuclear reactor group,” the hacker posted leaked data revealing internal designs and manuals of the Gori-2 and Wolsong-1 nuclear reactors run by Korea Hydro and Nuclear Power Co. (KHNP). The hacker also threatened to leak more information unless the reactors are shut down.

The leaked information includes important data on the facilities’ air condition and cooling systems, a radiation exposure report, and personal data of employees.

While KHNP and the South Korean government said that only “non-critical” information was stolen by the hacker and that the compromised data did not harm the nuclear plant’s safety. The company will also conduct extensive drills at four of its complexes next week.

The KHNP, the sole nuclear operator in Korea, manages South Korea’s 23 nuclear reactors, which supply about 30 percent of the country’s electricity needs.

The hack came after the massive cyber attack on Sony Pictures Entertainment earlier this month, in which a list of personal and confidential data of the company made online by the hackers group called itself Guardian of Peace (GoP). The hack has yet exposed about 200 gigabytes of confidential data from upcoming movie scripts to sensitive employees data, celebrities phone numbers and their travel aliases, and unreleased films, marking it as the most severe hack in the History.
The Federal Bureau of Investigation (FBI) accused North Korea for Sony hack due to the Sony’s upcoming controversial movie “The Interview” — a comedy about an assassination attempt against North Korean leader Kim Jong-un. Although North Korea denied any involvement.
In the past, South Korea has also many times blamed North Korea for hacks on banks, government websites and broadcasters. But this time no one has blamed North Korea for the hacking against the KHNP power plants. An official at KHNP told Reuters that the hacking appeared to be the work of “elements who want to cause social unrest,” but added that he had no one specific in mind.

Meanwhile, a Twitter account claiming to represent an anti-nuclear organisation based in Hawaii claimed responsibility for the Nuclear power plant hack in South Korea, although the identities of the intruders have yet to be confirmed.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Swati Khandelwal’ on Google+, Twitter or LinkedIn or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1EcRkNr

First time ever in the History, Apple Inc. has pushed out an automatic security update for Macintosh OS X computers to address a critical security issue that, according to the company, was too risky to wait for users to patch after seeking their prior approval.

Despite having the ability for years to silently and automatically update its users computers, Apple typically asks its users’ permission to approve them manually or automatically before installing any security update of this kind. But, the company has exercised its ability for the very first time to patch a critical security flaw in a component of its OS X operating system called the Network Time Protocol (NTP).

This newly discovered security vulnerability, assigned CVE-2014-9295, became public late last week and affects all operating systems, including OS X and other Linux and Unix distributions, running versions of NTP4 prior to 4.2.8. NTP is used for synchronizing clocks between computer systems and across the global internet.

TURNING YOUR MAC INTO DDOS ZOMBIES

Once exploited, the NTP vulnerability can allow an attacker to remotely execute an arbitrary code on a system using the privileges of the ntpd process. The security hole in NTP would give hackers ability to turn users’ Macs into DDoS zombies. However, no security firms have reported any cases of hackers exploiting this vulnerability.

NTP is a global way of synchronising time over a network, and because of its link to networks it has previously been exploited by hackers a number of times. At the beginning of the year, NTP was used to launch 300Gbps DDoS attack against Internet blacklist maintainer Spamhaus. Also in February 2014, the record breaking 400Gbps DDoS attack was launched against content-delivery and anti-DDoS protection firm CloudFlare by leveraging weaknesses in NTP.

The Carnegie Mellon University Software Engineering Institute identified the critical flaw which was made public on Friday by the Department of Homeland Security. The vulnerability affects dozens of technology companies’ products including Apple’s.

“As NTP is widely used within operational Industrial Control Systems deployments, NCCIC/ICS-CERT is providing this information for US Critical Infrastructure asset owners and operators for awareness and to identify mitigations for affected devices,” ICS-CERT wrote in an advisory published Tuesday. “Products using NTP service prior to NTP–4.2.8 are affected. No specific vendor is specified because this is an open source protocol.“

UPDATE YOUR SYSTEMS NOW

The company recommends that all users apply this patch “as soon as possible.” The update is available for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1 and is available for download via the “updates” section of the Mac App Store. The update doesn’t require a restart.

Subscribe to our Free Channel

Share On

Google+ Facebook
Follow ‘Mohit Kumar’ on Google+, Twitter or Facebook or Contact via Email.

Latest Stories

Comments

via The Hacker News http://ift.tt/1wjQPH2