the staff of the Ridgewood blog
Ridgewood NJ, SEC Chair Gary Gensler made the following statement as to the hacking incident of the @SECGov account:
Continue reading SEC Chair Addresses Hack of SEC “X” Account
the staff of the Ridgewood blog
Ridgewood NJ, SEC Chair Gary Gensler made the following statement as to the hacking incident of the @SECGov account:
Continue reading SEC Chair Addresses Hack of SEC “X” Account
the staff of the Ridgewood blog
Westwood NJ, Two hospitals in New Jersey are currently unable to admit new patients following a ransomware cyberattack that potentially exposed patient information. The affected hospitals, Hackensack Meridian Mountainside Medical Center in Montclair and Hackensack Meridian Pascack Valley Medical Center in Westwood, both under the Ardent Health Services umbrella, have implemented patient diversion measures, redirecting incoming patients to nearby emergency rooms.
Continue reading Two New Jersey Hospitals Impacted Ransomware Cyberattack
the staff of the Ridgewood blog
Ridgewood NJ, CBS is reporting that Over 267 million Facebook users have had their personal information exposed by another massive data breach.
Security researcher Bob Diachenko reportedly made the disturbing find on Dec. 14. Diachenko and U.K. technology research firm Comparitech believe the unprotected database was left open on the dark web for nearly two weeks.
During that time, the names, phone numbers, and Facebook user IDs were exposed in the latest embarrassing mishap for the social media giant.According to CNET, Diachenko believes criminals in Vietnam are responsible for stealing the information. At the moment there are no details on who was impacted.
A Facebook spokesman said in a statement that they are looking into the breach, but claimed the data was probably harvested before Facebook made recent changes to better protect user information.
NEW YORK (AP) — Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users’ files for ransom at a multitude of hospitals, companies and government agencies.
It was believed to the biggest attack of its kind ever recorded.
The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.
Chris Smith @chris_writes
March 22nd, 2017 at 11:35 AM
Apple’s iPhones and Apple IDs are a tough nut to crack for hackers, but it’s not be impossible. At least that’s what a group of hackers seem to suggest, as they’re currently attempting to blackmail Apple for up to $100,000 before they start remotely wiping millions of iPhones. Can they actually do it? Should you be worried? It’s unclear at this point.
The hackers apparently engaged in conversations with the media to force Apple’s hand. The Turkish Crime Family hacker group, which spoke to Motherboard, want either $75,000 in Bitcoin or Ethereum, or $100,000 worth of iTunes gift cards.
“I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” one of the hackers said.
Apparently, the hackers have been in contact with Apple’s security team for quite a while now. They even posted a video on YouTube to prove they have actual access to iCloud accounts, access which can be used to remotely wipe iPhones.
https://bgr.com/2017/03/22/apple-iphone-and-icloud-accounts-hacked/
By Adam Clark and Mark Mueller | NJ Advance Media for NJ.com
on January 20, 2017 at 4:47 PM, updated January 20, 2017 at 9:12 PM
NEW BRUNSWICK — The FBI has interviewed a Rutgers University computer science student who has been identified by a well-known cyber security blogger as the likely author of the malicious code that caused a massive Internet disruption in October. The expert said the student also may be linked to repeated attacks on Rutgers’ computer system starting in late 2014.
While he says he does not know who may have actually launched the massive “denial of service” or DDoS attacks last fall, the security researcher said the coding language used and other anecdotal evidence seemed to point to the 20-year-old-student, Paras Jha, as an author of the malware used to shut down hundreds of computer servers.
The student’s father, Anand Jha, confirmed that federal investigators have questioned his son, but he adamantly denied he had any knowledge of the attacks or was involved in any way.
By JOHN SICILIANO • 1/6/17 6:53 PM
Russia engaged in an anti-fracking campaign to hurt the U.S. energy industry, which has become a huge competitor for Russian natural gas giant Gazprom, according to a declassified U.S. intelligence report released Friday.
The U.S. intelligence community showed that the Russian government made extensive use of its government-controlled media, primarily the cable news channel RT, to broadcast “support for other Russian interests in areas such as foreign and energy policy.”
The report showed that RT ran “anti-fracking programming, highlighting environmental issues and the impacts on public health,” which is “likely reflective of the Russian government’s concern about the impact of fracking and U.S. natural gas production on the global energy market and the potential challenges to Gazprom’s profitability.”
Trump: We must aggressively combat and stop cyberattacks to ensure America’s safety and security
January 6,2016
the staff of the Ridgewood blog
Ridgewood NJ, President–elect Donald J. Trump released the following statement at the conclusion of the meeting with Intelligence Community leaders:
“I had a constructive meeting and conversation with the leaders of the Intelligence Community this afternoon. I have tremendous respect for the work and service done by the men and women of this community to our great nation.
“While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election including the fact that there was no tampering whatsoever with voting machines. There were attempts to hack the Republican National Committee, but the RNC had strong hacking defenses and the hackers were unsuccessful.
“Whether it is our government, organizations, associations or businesses we need to aggressively combat and stop cyberattacks. I will appoint a team to give me a plan within 90 days of taking office. The methods, tools and tactics we use to keep America safe should not be a public discussion that will benefit those who seek to do us harm. Two weeks from today I will take the oath of office and America’s safety and security will be my number one priority.”
Micah Lee
January 4 2017, 2:38 p.m.
AFTER THE U.S. GOVERNMENT published a report on Russia’s cyber attacks against the U.S. election system, and included a list of computers that were allegedly used by Russian hackers, I became curious if any of these hackers had visited my personal blog. The U.S. report, which boasted of including “technical details regarding the tools and infrastructure used by Russian civilian and military intelligence services,” came with a list of 876 suspicious IP addresses used by the hackers, and these addresses were the clues I needed to, in the end, understand a gaping weakness in the report.
An IP address is a set of numbers that identifies a computer, or a network of computers, on the internet. Each time someone loads my website, it logs their IP address. So I searched my web server logs for the suspicious IP addresses, and I was shocked to discover over 80,000 web requests from IPs used by the Russian hackers in the last 14 months! Digging further, I found that some of these Russian hackers had even posted comments (mostly innocuous technical questions)! Even today, several days after publication of the report (which used a codename for the Russian attack, Grizzly Steppe), I’m still finding these suspicious IP addresses in my logs — although I would expect the Russians to stop using them after the U.S. government exposed them.
January 6,2016
the staff of the Ridgewood blog
Ridgewood NJ, Misleading the American people to advance a political narrative has been a hallmark of President Obama’s foreign and domestic policy. The most recent example is the administration’s attempt to conflate the hacking of the Democratic Party with potential cyberattacks on the US Election.
Last week, federal officials went as far as to tell the Washington Post that malware linked to Russian hackers was found on a laptop at Burlington Electric, a Vermont power company. By Monday the Post had recanted, writing that investigators “are finding evidence that the incident is not linked to any Russian government effort.”
The Obama administration and many Democrats as well as Republicans led by Sen. John McCain and Lindsey Graham have ordered hearings and are pushing the Russian hacking story instead of focusing on the hacking of Hillary Clintons unsecured servers and Clinton operative John Podesta being caught in a basic phishing hack giving access to all his emails.
In October the Clinton campaign declined to confirm the authenticity of the WikiLeak documents but called them “stolen, and ” the latest move by Russian operatives they claimed were trying to help Donald Trump.
The problem for Democrats is the WikiLeak released emails, proved unequivocally that the DNC had rigged the primary race against Bernie Sanders, worked in collusion with the mainstream media, the Hillary received debate questions ahead of time, that DNC staffers used inflammatory and derogatory language toward minorities, women and gays, but the most damming was the implication that the entire media appeared to be on the Clinton’s payroll.
Recount efforts failed as Trump picked up more votes and voting irregularities in Detroit pointed to DNC tampering.
Today DNI Chief Clapper took swipe at Trump, Assange as he defended the Russia Hack Intel. This is of course is the same James Clapper who in 2014 the Washington Post featured a story in which a group of congressmen led by Rep. Darrell Issa (R-Calif.) were pushing for President Obama to fire, the director of national intelligence, claiming he misled Congress about the extent of the NSA’s domestic surveillance activity on American citizens.
NBC reported, Clapper without offering any evidence said Russia had “clearly assumed an even more aggressive cyber posture by increasing cyber espionage operations, leaking data stolen from these operations, and targeting political infrastructures systems.”
In mid-December Jeh Johnson head of the Department of Homeland Security explained DHS’s cyber team was ready on election night and they didn’t see “anything that affected the ballot count,” he said.
When pressed, asking whether he could assure Americans that Russian hacking did not affect the outcome of the election.
Johnson said, “We see no evidence that hacking by any actor altered the ballot count for any cyber actions that deprived people of voting,”.
Richard WintonContact Reporter
Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoins to a hacker who seized control of the hospital’s computer systems and would give back access only when the money was paid, the hospital’s chief executive said Wednesday.
The assault on Hollywood Presbyterian occurred Feb. 5, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to communicate from those devices, said CEO Allen Stefanek.
The hacker demanded 40 bitcoins, the equivalent of about $17,000, he said.
“The malware locks systems by encrypting files and demanding ransom to obtain the decryption key. The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key,” Stefanek said. “In the best interest of restoring normal operations, we did this.”
The hospital said it alerted authorities and was able to restore all its computer systems by Monday with the assistance of technology experts.
https://www.latimes.com/local/lanow/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html
Firewalls and medical devices are extremely vulnerable, and everyone’s pointing fingers
By Monte Reel and Jordan Robertson | November 2015
from Bloomberg Businessweek
In the fall of 2013, Billy Rios flew from his home in California to Rochester, Minn., for an assignment at the Mayo Clinic, the largest integrated nonprofit medical group practice in the world. Rios is a “white hat” hacker, which means customers hire him to break into their own computers. His roster of clients has included the Pentagon, major defense contractors, Microsoft, Google, and some others he can’t talk about.
He’s tinkered with weapons systems, with aircraft components, and even with the electrical grid, hacking into the largest public utility district in Washington state to show officials how they might improve public safety. The Mayo Clinic job, in comparison, seemed pretty tame. He assumed he was going on a routine bug hunt, a week of solo work in clean and quiet rooms.
But when he showed up, he was surprised to find himself in a conference room full of familiar faces. The Mayo Clinic had assembled an all-star team of about a dozen computer jocks, investigators from some of the biggest cybersecurity firms in the country, as well as the kind of hackers who draw crowds at conferences such as Black Hat and Def Con. The researchers split into teams, and hospital officials presented them with about 40 different medical devices. Do your worst, the researchers were instructed. Hack whatever you can.
Like the printers, copiers, and office telephones used across all industries, many medical devices today are networked, running standard operating systems and living on the Internet just as laptops and smartphones do. Like the rest of the Internet of Things—devices that range from cars to garden sprinklers—they communicate with servers, and many can be controlled remotely. As quickly became apparent to Rios and the others, hospital administrators have a lot of reasons to fear hackers. For a full week, the group spent their days looking for backdoors into magnetic resonance imaging scanners, ultrasound equipment, ventilators, electroconvulsive therapy machines, and dozens of other contraptions. The teams gathered each evening inside the hospital to trade casualty reports.
“Every day, it was like every device on the menu got crushed,” Rios says. “It was all bad. Really, really bad.” The teams didn’t have time to dive deeply into the vulnerabilities they found, partly because they found so many—defenseless operating systems, generic passwords that couldn’t be changed, and so on.
The Mayo Clinic emerged from those sessions with a fresh set of security requirements for its medical device suppliers, requiring that each device be tested to meet standards before purchasing contracts were signed. Rios applauded the clinic, but he knew that only a few hospitals in the world had the resources and influence to pull that off, and he walked away from the job with an unshakable conviction: Sooner or later, hospitals would be hacked, and patients would be hurt. He’d gotten privileged glimpses into all sorts of sensitive industries, but hospitals seemed at least a decade behind the standard security curve.
Greg Farrell
Patricia Hurtado
The U.S. described a vast, multi-year criminal enterprise centering on hacks of at least nine big financial and publishing firms and the theft of information on 100 million of their customers that fueled a web of stock manipulation, credit-card fraud and illegal online casinos.
Two indictments, unsealed Tuesday, tied three of four suspects to previously reported hacks of JPMorgan Chase & Co., E*Trade Financial Corp., Scottrade Financial Services Inc. and Dow Jones & Co., a unit of News Corp.
Hackers and conspirators in more than a dozen countries generated hundreds of millions of dollars in illicit proceeds om pump-and-dump stock schemes and particularly lucrative online gambling, prosecutors said.
From 2012 to mid-2015, the suspects and their co-conspirators successfully manipulated dozens of publicly traded stocks, sent misleading pitches to clients of banks and brokerages whose e-mail addresses they’d stolen, and profited by using trading accounts set up under fake names, prosecutors said.
Along the way, members of the ring tried to extract nonpublic information from financial corporations, processed payment information for fake pharmaceuticals and fake anti-virus software, falsified passports and took control of a New Jersey credit union, said prosecutors. They used 75 companies and bank and brokerage accounts around the world to launder money, prosecutors wrote. Other alleged offenses include hacking, securities fraud, wire fraud and identity theft.
Patreon: Some user names, e-mail and mailing addresses stolen
At least passwords were encrypted with 2048-bit RSA, hashed via bcrypt, and salted.
by Cyrus Farivar – Oct 1, 2015 3:30pm EDT
Patreon, the website that allows people to maintain regular donations to a website, an artist, or project, announced late Wednesday that it had sustained a security breach.
The site said some registered names, e-mail addresses, and mailing addresses were accessed after someone managed to access a “debug version of our website” that at the time was accessible to the public.
Jack Conte, the co-founder and CEO, wrote in a statement:
We do not store full credit card numbers on our servers and no credit card numbers were compromised. Although accessed, all passwords, social security numbers and tax form information remain safely encrypted with a 2048-bit RSA key.
Conte specified that user passwords are hashed with bcrypt and salted as well, but he encouraged patrons to change their password anyway as a precaution.