Category Archives: DataBreach

  • -

How Did Stuxnet Sneak Into Natanz?

It has never been completely clear how Stuxnet managed to gain purchase
in the computer network at Iran’s Natanz nuclear facility. One possible
explanation posits that the sophisticated and customized malware was
able to slip through a vulnerability in the plant’s supply chain.
Documents obtained from federal court cases suggest that US intelligence
was monitoring the procurement activity of NEDA Industrial Group, an
Iranian company that oversaw the computerized industrial control systems
at the Natanz facility. NEDA also had expertise with the Siemens
SCADA/ICS software used at Natanz. Armed with that information, the US
then targeted the components of the equipment that NEDA sought. State
Department cables from that time period that were more recently leaked
through WikiLeaks indicated that the US had been seeking to intercept
shipments of equipment headed for Iran. While the scenario is not
conclusive, it offers a compelling alternative to the idea that Stuxnet
arrived in the Natanz plant on a memory stick.

Article: CS Monitor

  • -

Neiman Marcus Hackers Set Off 60,000 Alarms Missed By Defenders

Hackers who raided the credit-card payment system of Neiman Marcus Group
set off alerts on the company’s security systems about 60,000 times, but
went unnoticed for more than eight months. The reason: automation
deleted the card-stealing software automatically each day. The attackers
reloaded it every day. Card data were taken from July through October.

Article: businessweek

  • -

Keep your DNS-Secure: Facebook Redirect Attempt Unsuccessful Due to Registrar Locks

The Syrian Electronic Army launched an unsuccessful attempt to hijack
Facebook’s domain. The attack was not on Facebook itself but on the
company responsible for maintaining Facebook’s domain registration.
While the attackers managed to change Facebook’s domain registration
information, the attack was ultimately unsuccessful because Facebook had
established registrar locks that require manual checking with live human
beings before making any changes.

Innovice-IT advices to reconsider your security. We are able to help you with implementing your security with for example DNSSEC. Beside that: if you have not enabled registrar locks on your domains, you should do so. Markmonitor did a great job on this.

Article: v3

Article: computerworld

Article: recode

  • -

Cross-Platform Java Malware

Category : CyberSecurity , DataBreach

Researchers have found Java-based malware that is capable of infecting
Windows, Mac OS X, and Linux systems. The malware exploits a known flaw
in Java 7 u21 and earlier for which Oracle released a patch in June
2013. The malware communicates with an Internet relay chat channel that
serves as a command-and-control server. The network of computers
compromised by this malware is used to launch distributed
denial-of-service (DDoS) attacks.

Article: ArsTechnica

  • -

Yahoo Resetting Passwords After Compromise Attempts

Category : CyberSecurity , DataBreach

Yahoo has reset passwords for Yahoo Mail accounts that appear to have
been compromised. Yahoo said that the attackers had likely stolen
usernames and passwords from a third-party database and attempted to use
the information to log into Yahoo Mail accounts. Users whose accounts
were affected received messages from Yahoo notifying them of “unusual
activity on the network.”

Article: SanS

  • -

Data Protection and Breach Notification Legislation Reintroduced in US Senate

US Senator Patrick Leahy (D-Vermont) has reintroduced legislation aimed
at protecting people’s privacy. This time, the bill includes provisions
calling for the establishment of a federal standard for data breach
disclosure, and data protection standards for businesses retaining
sensitive information. The bill would also impose criminal penalties for
people convicted of attempted computer hacking and conspiracy to commit
computer hacking.

Article: lohud

Article: rt

  • -

Audit Finds Inconsistent Response to Data Breaches at US Government Agencies

Category : CyberSecurity , DataBreach

US government agencies are inconsistent in their responses to data
breaches, according to an audit report from the Government
Accountability Office (GAO). Between 2011 and 2012, the number of
reported data breaches of government systems rose more than 40 percent,
from 15,584 to 22,156. At the same time, agencies have not improved
their responses to the attacks and are inconsistent in their corrective
actions. The audit “analyzed data breach response plans and procedures
at eight various-sized agencies and compared them to requirements in
relevant laws and federal guidance,” and conducted interviews.

Article: nextgov

Article: gaogov

  • -

openSUSE Forum 79,500 users’ data compromised.

The openSUSE Forum 79,500 users’ data compromised. Hacker shared the database sample. After Snapchat hack, this can be another worst data breach of the new year. A Pakistani hacker ‘H4x0r HuSsY’ has successfully compromised the official Forum of ‘openSUSE’, a Linux distro developed, sponsored & supported by SUSE.

Another interesting fact is that openSUSE is still using vBulletin 4.2.1, which is vulnerable to inject rogue administrator accounts flaw. Whereas, the latest patched vBulletin 5.0.5 is available. Possibly, Hacker exploits same or another known vBulletin version 4.2.1 vulnerability to access the website’s administrative panel.

Read more:

Innovice-IT is worried about the levels of Data Protection as implemented within companies. Every day businesses, public authorities and individuals transfer vast amounts of personal data across borders. Conflicting data protection rules in different countries would disrupt international exchanges. Individuals might also be unwilling to transfer personal data abroad if they were uncertain about the level of protection in other countries.

We are able to help you with experienced Data Protection officers, or help your officers with advanced training.


  • -

Wasting money on Consultants: DataBreaches

These days, chief information security officers continue to “admire the problem” of Data Breaches and their CyberSecurity Problems by paying 300 euro/hour consultants to
write reports about vulnerabilities rather than paying them to fix the problem.

Most of the CIO’s and most of the consultants lack sufficient technical skills to do the forensics and security engineering to find and fix the problems.  Paying the wrong people to do the wrong job cost companies and taxpayers a lot of money each year in wasted spendings plus all the costs of cleaning up after the breaches.

Innovice-IT is capable with Incident-Response, however we are very better with business intelligence and  Predictive Analyzes, and for less money then mentioned above, to prevent all those costs.

  • -

Intruders Tried to Sell Access to Compromised BBC Server

Category : CyberSecurity , DataBreach

The BBC has acknowledged that an attacker gained access to one of its
FTP servers. The intruder tried to sell access to the compromised server
to other people. The BBC’s security team has taken measures to secure
the server.

Article: BBC


Innovice-IT on Twitter

  1. Bas Eikelenboom
    Bas Eikelenboom: RT @Miltenburg_14: Sinterklaas helpen gestolen pakjes naar de kinderen terug te brengen #Sinterklaas #dankbaar #blijekinderen @PolitieUtrec

  2. Bas Eikelenboom
    Bas Eikelenboom: RT @Byte_Fighter: De politiechatbot Wout is actief! @Politie

  3. Bas Eikelenboom
    Bas Eikelenboom: RT @UID_: Now all DNS goes via CloudFlare too. This thread is only getting longer, what the F are we doing?! When can I stop quoting this t…

  4. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: Unfilled cybersecurity jobs are expected to reach 1.8 million by 2022, up 20 percent from 1.5 million in 2015, accordin…

  5. Bas Eikelenboom