blog trackingRealtime Web Statistics 2000 Archives - Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘2000’

Iowa DHS gets hacked , 2000+ User ifnormation stolen

The Iowa Department of Human Services announced that a security breach in 2008 may have leaked 2,042 user’s personal information
IOVA says that two employees used personal e-mails,online storage and  electronic devices for working in violation which violates DHS policy,which may have caused leak of confidential data outside of the DHS secure network.

Leaked data may contains Emails, passwords , name, state identification numbers, birthdates, health information and incident information for child and dependent adult abuse cases.

IOVA stated issue was discovered by supervisor on January 17, 2014

Pat Penning (DHS service area manager) says:

“The chance that this information was accessed through these password-protected accounts and devices was small, but we realize the Iowans involved in these cases may wish to take steps to be sure their information wasn’t misused,”  .

Note :- Iowa DHS is offering free credit monitoring to all those affected. Iowa residents with questions are advised to contact at  (800) 4471985.

View full post on Who Got Hacked (WGH) – Latest Hacking News and Security Updates

The Directors Guild of Canada Hacked, 2000+ Credentials leaked

A hacker using the handle “legionnare” aka ObeySec has yesterday leaked data from the directors guild of Canada. View full post on Cyber War News Read More….

View full post on The Cyber Wars

Waka Flocka & Gucci Mane Amp Interviewer Into Drinking A Whole Bottle Of Henney For $2,000!

http://www.dolobeats.com/ The Hottest Beats For Artists & Best Sounds For Producers. Read More….

View full post on Hip Hop Security

Autumn in New York 2000 part 10

Love story. All copyrighted/trademarked media is owned by their respective companies. Read More….

View full post on Select From Our Menu

Bodyguard,Once Upon a Time…., Somewhere 2000 …

Bodyguard Instructor Hanshi JOČIĆ ZORAN (Jocic Zoran), SOKE 10th DAN , Founder Ju Aikido martial art, Belgrade,Serbia ,Sometime around 2000. Bodyguard,Once U… Read More….

View full post on Hip Hop Security

PPM 2000 computer-aided dispatch and MIR3 notification to collaborate on emergency response

Top Priority Sector:  law_enforcement_first_responders Image Caption:  PPM 2000′sDispatchLog PPM 2000, a provider of end-to-end incident management software, announced on August 14 the integration of its computer-aided dispatch component, Perspective DispatchLog, with the Intelligent Notification (IN) platform from MIR3, an innovator of real-time intelligent notification and response technology. Homepage position:  10 read more View full post [...]

View full post on The Cyber Wars

Nortel Penetrated by Hackers Since at Least 2000

There is a long but fascinating story about hacking in today’s Wall Street Journal that should send a cold chill into every corporate board room. It concerns the infiltration of Nortel Networks’ computer systems by suspected Chinese-based hackers since at least the year 2000.

According to the WSJ, the hackers–using seven passwords stolen from top Nortel executives, including the CEO–”downloaded technical papers, research and development reports, business plans, employee emails and other documents” for the past decade or more. Nortel, which was once a leading telecommunications firm that went bankrupt in 2009, is in the process of selling itself off in pieces as part of the bankruptcy process. There is now a concern that those companies purchasing Nortel IT assets may also be “purchasing” the hackers and their spyware as well.

The Journal article states that Nortel “did nothing from a security standpoint” to keep the hackers out other than to change the seven stolen passwords when the intrusion was discovered. This lackadaisical security stance allowed the hackers “access to everything” the Journal says. The story also points out that even though Nortel digital switches and other telecom gear are widely used by Internet providers, the company never bothered to check to determine whether any of its products had been compromised by the hacking, even as the extent of the hacking was becoming alarmingly clear.

One reason was that Nortel senior executives did not believe the hackers or their potential for intellectual theft posed much of a threat. One former Nortel CEO was quoted as saying that the hacking wasn’t seen as a “real issue” and he couldn’t seem to imagine that the selling of IT equipment to other companies posed any conceivable threat either. In addition, as the company increasingly faced financial difficulties, IT security became even less of a management concern at Nortel, if that was even possible.

What was also interesting about the WSJ article was that public companies for sale do not have to disclose that they have suffered a security breach unless the purchasing company specifically asks about it. The US Security and Exchange Commission (SEC) has recently said that such incidents that are material now must be reported on quarterly company reports (that is why the hacking of VeriSign was disclosed), but in Nortel’s case, it is doubtful that any IT security event would have been perceived as such, given the attitude of management.

Maybe the SEC should require companies report whether their senior management is clueless about the importance of cyber security.

The Journal article states that the companies that have bought Nortel IT assets and have been contacted by the Journal about the extensive IT penetration of Nortel by hackers don’t seem outwardly concerned about it, although I bet that internally they are fuming as they  quickly implement additional security reviews. Not only are their own networks likely at increased risk, but the value of the intellectual property they purchased from Nortel may be a lot less than they thought it was.

The Journal story also describes a nice road map for hackers as well. First, target a financially distressed company that probably is not investing in IT security and that is likely to be sold off in pieces. Bury your spyware deep in its IT systems including company laptops and desktops. Wait a while, and they try to activate your spyware. Who knows where it will end up and what you can steal?

The Chinese government denied it had anything to do with the hacking at Nortel. According to the Journal, the Chinese embassy in Washington, DC “issued a statement saying in part that ‘cyber attacks are transnational and anonymous” and shouldn’t be assumed to originate in China ‘without thorough investigation and hard evidence.’ “

The fact that Nortel has been penetrated by hackers for so long isn’t all that rare. Just last month I wrote about the City College of San Francisco’s efforts in fighting the effects of hacking that started over a decade ago and was undetected until recently. I am sure there are other organizations that have been penetrated for as long and still don’t know about it.

One other bit of IT security news. According to the Financial Times of London, Dutch telecommunication company KPN has sent via a national ad campaign “two million apologies” to its 2 million subscribers who were unable to access their emails last Saturday and Sunday. The FT article states that “KPN suspended email access and reorganised its servers due to intrusions last month by unknown hackers who said they had downloaded about 16Gb of sensitive data from its servers.”

KPN admitted the obvious in an email to its customers that its system maintenance approach had “not been optimal.”

However, KPN customers apparently are not only upset about their email being suspended, but also with KPN’s admission that it had been hacked in January but only decided to let anyone know about it last week when details of some 500 customer accounts including their passwords were placed online by the hackers.

 

Photo: IStockphoto

Article source: http://spectrum.ieee.org/riskfactor/telecom/security/nortel-penetrated-by-hackers-since-at-least-2000

View full post on National Cyber Security » Spyware/ Cyber Snooping

Police take down 2,000 .co.uk domains selling counterfeit goods

Police have suspended 2,000 .co.uk domains that were being used to rip off consumers with counterfeit goods.

The Metropolitan Police Central e-Crime Unit (PCeU) said the sites had been used to pass of a number of popular brands such as Ugg, Nike, GHD, and Tiffany as the genuine article under the apparently legitimate cover of a .co.uk domain address.

“The sites suspended are registered in bulk by crime groups with the sole intention of duping consumers into parting with their money for, at best, poor quality counterfeit goods, at worst, nothing at all,” said detective inspector Paul Hoare of the PCeU.

“In the run up to Christmas the PCeU will continue to work with Nominet and other registries to disable as many such sites as possible but I would urge customers to take all precautions to ensure they buy from legitimate sites only.”

The speed at which police can request the suspension of rogue domains has been a controversial issue for some time with UK country registry Nominet currently ploughing through a laborious consultation exercise on how this process might be streamlined.

The latest takedowns give the impression of progress although the PCeU had not specified how quickly the 2,000 criminal domains took to de-register. Only weeks ago, it appeared that Nominet had agreed to a fast-track the take-down process that would allow rogue domains to be taken down without police needing a court order but representations from stakeholders could stymie that.

Nominet’s summary page on the matter lists a lengthening list of reports, draft recommendations and discussion papers. With fraud from easily-registered .co.uk domains piling up as fast as ever it appears that the rights of domain holders are once again being privileged over ordinary consumers, critics say.

The issue of dodgy .co.uk domains is far from new, with serious fraud incidents stretching back years. Until as recently as two years ago such criminality went unhindered by a UK police service with no resources or clear mandate for intervention.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1a431a53/l/0Lnews0Btechworld0N0Cpersonal0Etech0C33196540Cpolice0Etake0Edown0E20A0A0A0Ecouk0Edomains0Eselling0Ecounterfeit0Egoods0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Gergory Evans

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?
$15.95

Find Out More, Click Here!