Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Submission + - Proxy Service 911[.]re Closes After Disclosing Breach (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations, KrebsOnSecurity reports.

"On July 28th, a large number of users reported that they could not log in the system," the statement continues. "We found that the data on the server was maliciously damaged by the hacker, resulting in the loss of data and backups. Its [sic] confirmed that the recharge system was also hacked the same way. We were forced to make this difficult decision due to the loss of important data that made the service unrecoverable."

Operated largely out of China, 911 was an enormously popular service across many cybercrime forums, and it became something akin to critical infrastructure for this community after two of 911's longtime competitors — malware-based proxy services VIP72 and LuxSock — closed their doors in the past year.

911 wasn't the only major proxy provider disclosing a breach this week tied to unauthenticated APIs: On July 28, KrebsOnSecurity reported that internal APIs exposed to the web had leaked the customer database for Microleaves, a proxy service that rotates its customers' IP addresses every five to ten minutes. That investigation showed Microleaves — like 911 — had a long history of using pay-per-install schemes to spread its proxy software.

Submission + - IT Gulag: Russia to Rent Tech-Savvy Prisoners to Corporate IT (krebsonsecurity.com) 1

Submitted by tsu doh nimh
tsu doh nimh writes: Faced with a brain drain of smart people fleeing the country following its invasion of Ukraine, the Russian Federation is floating a new strategy to address a worsening shortage of qualified information technology experts: Forcing tech-savvy people within the nation’s prison population to perform low-cost IT work for domestic companies.

Submission + - Experian API Exposed Credit Scores of Most Americans (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Big-three consumer credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address. Experian says it has plugged the data leak, but the researcher who reported the finding says he fears the same weakness may be present at countless other lending websites that work with the credit bureau.

Submission + - Three Top Russian Cybercrime Forums Hacked (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. In two of the intrusions, the attackers made off with the forums’ user databases, including email and Internet addresses and hashed passwords. Members of all three forums are worried the incidents could serve as a virtual Rosetta Stone for connecting the real-life identities of the same users across multiple crime forums.

Submission + - SPAM: Coinhive Changes Site Hijacking Policy After Founder(s) Outed

Submitted by tsu doh nimh
tsu doh nimh writes: Coinhive says it will no longer profit from hacked Web sites found running its cryptocurrency mining code when victim sites report it. Previously, Coinhive would invalidate the key used by the person who planted the code on a hacked Web site, even while it continued to earn revenue from those sites as long as the Coinhive code was running on it. The changes came after a story at KrebsOnSecurity that used public WHOIS data and social networking information to expose the founder(s) of Coinhive. Meanwhile, users at the popular German image-sharing site pr0gramm[dot]com (NSFW) are upset over the story because it exposed the information of the admins running the site, one of whom later confirmed that he was the original author of Coinhive.
Link to Original Source

Submission + - Coinbase, Overstock Fix Cryptocurrency Alchemy Bug (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Coinbase and Overstock.com just fixed a serious glitch that allowed Overstock customers to buy any item at a tiny fraction of the listed price, KrebsOnSecurity reports. Potentially more punishing, the flaw let anyone paying with bitcoin reap many times the authorized bitcoin refund amount on any canceled Overstock orders.

Submission + - Why So Many Top Hackers Come from Russia (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Brian Krebs has an interesting piece this week on one reason that so many talented hackers (malicious and benign) seem to come from Russia and the former Soviet States: It's the education, stupid. Krebs's report doesn't look at the socioeconomic reasons, but instead compares how the US and Russia educate students from K-12 in subjects which lend themselves to a master in coding and computers — most notably computer science. The story shows that the Russians have for the past 30 years been teaching kids about computer science and then testing them on it starting in elementary school and through high school. The piece also looks at how kids in the US vs. Russia are tested on what they are supposed to have learned.

Submission + - OneLogin Says Breach Exposed Ability to Unecrypt Customer Data (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data, KrebsOnSecurity reports. "A breach that allowed intruders to decrypt customer data could be extremely damaging for affected customers. After OneLogin customers sign into their account, the service takes care of remembering and supplying the customer's usernames and passwords for all of their other applications."

Submission + - Inside a Phishing Gang that Targets Victims of iPhone Theft (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Brian Krebs has a readable and ironic story about a phishing-as-a-service product that iPhone thieves can use to phish the Apple iCloud credentials from people who have recently had an iPhone lost or stolen. The phishing service — which charged as much as $120 for successful phishing attempts targeting iPhone 6s users — was poorly secured, and a security professional that Krebs worked with managed to guess several passwords for users on the service. From there, the story looks at how this phishing service works, how it tracks victims, and ultimately how one of its core resellers phished his own iCloud account and inadvertently gave his exact location as a result.

Submission + - Software Vendor Who Hid Supply Chain Breach Outed (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Researchers at RSA released a startling report last week that detailed a so-called "supply chain" malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation's largest companies. This intrusion would probably not be that notable if the software vendor didn't have a long list of Fortune 500 customers, and if the attackers hadn't also compromised the company's update servers — essentially guaranteeing that customers who downloaded the software prior to the breach were infected as well. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure as a page inside of its site — not linking to it anywhere. Brian Krebs went and digged it up.

Submission + - Alleged Owners of DDoS-for-Hire Service vDOS Arrested in Israel (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Two young Israeli men alleged to be the co-owners of a popular online attack-for-hire service were arrested in Israel on Thursday. The pair were arrested around the same time that KrebsOnSecurity.com published a story naming them as the masterminds behind a service that can be hired to knock Web sites and Internet users offline with powerful blasts of junk data. That earlier story was the subject of a Slashdot discussion here.

Comment Not operating for decades (Score 3, Informative) 74

by tsu doh nimh (#52853839) Attached to: Israeli DDoS Provider 'vDOS' Earned $600,000 In Two Years
The summary is wrong. The author didn't say the service has been operating for decades. It said its likely to have been responsible for several decades' worth of attacks, which this service measured in seconds. Since the service allows many concurrent attacks, Krebs said that in four months time the site was responsible for 8 years ("DDoS years) worth of attacks.

Submission + - Pwnedlist.com to Close After Flaw Re-exposed 866M Breached Passwords

Submitted by tsu doh nimh
tsu doh nimh writes: The pwnedlist.com — a 5-year-old service that claims to have cataloged 866 million usernames and passwords from credentials posted to sites like Pastebin and other data dump sites — is closing its doors later this month. The May 16, 2016 planned closure comes just days after security journalist Brian Krebs showed how a simple authentication weakness in the site evaded Pwnedlist's account restrictions and exposed virtually all credentials housed by the service.

Submission + - Anti-DDoS Company Staminus Knocked Offline, Customer Data Leaked (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Staminus Communications Inc., a California-based Internet hosting provider that specializes in protecting customers from massive "distributed denial of service" (DDoS) attacks aimed at knocking sites offline, has itself apparently been massively hacked, Brian Krebs reports. "The entire network was down for more than 20 hours until Thursday evening, leaving customers to vent their rage on the company Facebook and Twitter pages. In the midst of the outage, someone posted online download links for what appear to be Staminus customer credentials, support tickets, credit card numbers and other sensitive data." Staminus' site is still displaying a message to customers to get updates via the company's social media accounts.

Submission + - Norse Corp. Implodes, Fires CEO, Sells Assets (krebsonsecurity.com)

Submitted by tsu doh nimh
tsu doh nimh writes: Brian Krebs has something of a scoop about Norse Corp., the cyber intelligence company that became famous for its interactive attack map. From the story: Norse Corp., a Foster City, Calif. based cybersecurity firm that has attracted much attention from the news media and investors alike this past year, fired its chief executive officer this week amid a major shakeup that could spell the end of the company. The move comes just weeks after the company laid off almost 30 percent of its staff. Sources close to the matter say Norse CEO Sam Glines was asked to step down by the company's board of directors, with board member Howard Bain stepping in as interim CEO. Those sources say the company's investors have told employees that they can show up for work on Monday but that there is no guarantee they will get paid if they do." Krebs's story looks into the history of the company's founders, includes interviews with former Norse employees, and concludes that this was probably inevitable.

Slashdot Top Deals

You have a message from the operator.

Close