Entries with tag cybertheft.

Hackers Leak More Sony Confidential Documents Online

Hackers have posted online more private documents that they stole from Sony Pictures Entertainment in late November. In addition to stealing files, the attackers, known as Guardians of Peace or #GOP, crippled the movie studio’s computer systems. The hackers uploaded five unreleased Sony films online, but the latest documents to surface were spreadsheets containing employee home addresses and compensation, including pre-bonus salaries of executives, a carefully guarded industry secret. The hackers uploaded the files to Pastebin, an anonymous Internet posting site. Security experts say North Korea may have launched the attack in response to a forthcoming Sony comedy about an assassination attempt on the country’s leader, Kim Jong-un, which the nation’s leaders have criticized. (International Business Times)(Gizmodo)(The New York Times)

Security Experts Uncover Corporate Espionage Hacking Ring

US security firm FireEye has uncovered a cyberespionage ring targeting corporate intelligence that would give the hackers inside knowledge they could use illegally to invest well in various stock markets. Starting in mid-2013, said the company, the FIN4 hacker group attacked 100 firms, primarily pharmaceutical and healthcare businesses but also investment bankers, attorneys, and investor-relations firms serving companies in these fields.  However, data was stolen from just a few publicly held companies trading on the New York Stock Exchange and NASDAQ, according to FireEye, which didn’t identify the victims. It is unclear whether the hackers made trades based on the information stolen, which included draft US Securities and Exchange Commission filings, and documents on mergers and board meetings. FIN4 stole passwords to email accounts, accessed emails, and then launched phishing attacks tailored to individual victims. The hackers reportedly used Tor to anonymize their location, but FireEye said the content of their phishing emails and the way they operate indicated they’re based in the US or Western Europe. FireEye also suspects they were trained at Western investment banks, based on how they identified targets and worded their emails. In some cases, they used information they stole as a phishing lure to make their e-mail more convincing by using privileged information. FireEye says it notified the victims it identified and the US Federal Bureau of Investigation about the attacks. (Reuters)(The New York Times)

US Retailers Form Cyberintelligence Sharing Group

An industry trade group and leading US retailers are forming a center designed to allow them to exchange information about data breaches and cyber threats. The group -- formed by The Retail Industry Leaders Association and companies such as Gap, Nike, Target, and Walgreen -- says its efforts are designed to protect consumers’ personal and financial information. The trade group says it began forming the center long before a series of high-profile retail data breaches occurred in the US in late 2013. (The Associated Press)(The New York Times)

Canadian Man First Arrested for Using Heartbleed Exploit

A Canadian man arrested 15 April 2014 is the first person known to have been arrested for using Heartbleed – a vulnerability in Open SSL encryption – in a data breach. Stephen Arthuro Solis-Reyes, 19, of London, Ontario, is being charged with one count of Unauthorized Use of a Computer and one count of Mischief in Relation to Data after he allegedly stole 900 social insurance numbers and other data from the Canada Revenue Agency, according to the Royal Canadian Mounted Police. Computer equipment in the suspect’s home was seized. No other information was released. Those affected by the theft will be contacted by registered mail, according to the agency, which will also offer free credit protection services and additional security on their accounts. Solis-Reyes, a computer science student attending Western University, is scheduled to appear in an Ottawa court 17 July 2014. (Reuters)(The Associated Press)(PC Mag)

Plethora of Purloined Passwords Posted

Researchers with Trustwave's SpiderLabs discovered two million stolen passwords posted online. The finding was made while they were investigating the server or controller associated with a botnet known as Pony. The passwords were taken from users of popular sites and services including Facebook, Google, Yahoo, and Twitter. Victims were from the US, Germany, Singapore, Thailand, and other nations. Researchers said the stolen data included roughly 1,580,000 website login credentials;  320,000 e-mail account credentials; 41,000 FTP account credentials; 3,000 Remote Desktop credentials; and about 3,000 Secure Shell account credentials. They surmise the information was taken using keylogging software. An associated problem is most of the passwords are useless and many users use the same passwords across different websites. Both Facebook and Twitter have reportedly reset affected users’ passwords. (Reuters)(BBC)(Trustwave Spider Labs Blog) 

Showing 5 results.