Friday, April 07, 2017
Interesting in that it is so comprehensive.
How Hackers Hijacked a Bank’s Entire Online Operation
… Researchers at the security firm Kaspersky on Tuesday described an unprecedented case of wholesale bank fraud, one that essentially hijacked a bank’s entire internet footprint. At 1 pm on October 22 of last year, the researchers say, hackers changed the Domain Name System registrations of all 36 of the bank’s online properties, commandeering the bank’s desktop and mobile website domains to take users to phishing sites. In practice, that meant the hackers could steal login credentials at sites hosted at the bank’s legitimate web addresses. Kaspersky researchers believe the hackers may have even simultaneously redirected all transactions at ATMs or point-of-sale systems to their own servers, collecting the credit card details of anyone who used their card that Saturday afternoon.
… Kaspersky believes the attackers compromised the bank’s account at Registro.br. That’s the domain registration service of NIC.br, the registrar for sites ending in the Brazilian .br top-level domain, which they say also managed the DNS for the bank. With that access, the researchers believe, the attackers were able to change the registration simultaneously for all of the bank’s domains, redirecting them to servers the attackers had set up on Google’s Cloud Platform.2
With that domain hijacking in place, anyone visiting the bank’s website URLs were redirected to lookalike sites. And those sites even had valid HTTPS certificates issued in the name of the bank, so that visitors’ browsers would show a green lock and the bank’s name, just as they would with the real sites. Kaspersky found that the certificates had been issued six months earlier by Let’s Encrypt, the non-profit certificate authority that’s made obtaining an HTTPS certificate easier in the hopes of increasing HTTPS adoption.
… Ultimately, the hijack was so complete that the bank wasn’t even able to send email. “They couldn’t even communicate with customers to send them an alert,” Bestuzhev says. “If your DNS is under the control of cybercriminals, you’re basically screwed.”
They record the IP address of anyone who clicks on their video. If someone had spammed that link as “cute puppies,” could they tell?
Joseph Cox reports:
Last year, Motherboard found Australian authorities had unmasked Tor users in the US as part of a child pornography investigation. Judging by court documents, Australian authorities sent targets a hyperlink to a video that, when clicked, would give their real IP address to investigators.
Now, it has emerged the hacking operation was broader in scope, with authorities placing a booby-trapped video not only in messages to individual targets, but on a more widely accessible forum, allowing investigators to identify hundreds of suspects around the world. The case highlights the growing trend of law enforcement agencies using hacking tools and malware to identify criminals located outside of their immediate jurisdiction.
Read more on Motherboard.
[From the Motherboard article:
… investigators would have had no way of knowing where the people clicking the video would have been located; that is the very problem authorities face when dealing with suspects on the dark web. However, that also means law enforcement agencies may be searching computers across international borders and beyond their legal remit. Task Force Argos has repeatedly declined to answer questions from Motherboard on whether the unit obtained a warrant to unmask suspects in this operation.
This won’t succeed, will it?
The government is demanding to know who this Trump critic is. Twitter is suing to keep it a secret.
Twitter filed a lawsuit Thursday to block an order from the Department of Homeland Security that seeks to reveal the user of an account who has been critical of the Trump administration's immigration policies.
Tweets from the account -- @ALT_uscis -- indicate that it is run by someone who is an employee of the U.S. Citizenship and Immigration Services division of Homeland Security.
Free speech advocates said the DHS order appeared to be the first time the government has attempted to use its powers to expose an anonymous critic -- a development that, if successful, would have a "grave chilling effect on the speech of that account" as well as other accounts critical of the U.S. government, Twitter said.
… the Homeland Security case struck free speech advocates as more remarkable because the information request was about the identity of a government critic, rather than public safety.
"Twitter has a pretty strong argument," said Andrew Crocker, a staff attorney for the Electronic Frontier Foundation. "It does look and smell like the government is going after a critic. There's nothing in the summons that CBP [Customs and Border Protection] sent to Twitter that authorizes this request under the power that they have."
… As of the time of the court filing, the account had been active for two months and amassed more than 32,000 followers. By 8:15 p.m., that figure had grown to more than 86,000. [A bit of a Streisand Effect there… Bob]
Since I have no social media accounts, I must be invisible.
Companies want to sell, and they want to sell to you. The best way for them to turn you into a loyal customer is to gather as much information as possible about who you are, where you go, and what you like.
Enter your social media profiles.
Even just your basic information — such as your gender, name, and age — is ideal for targeted advertising. Add a few public images, some geo-linked Instagram posts, and an opinionated Twitter feed, and companies hit a goldmine of opportunity.
Do I copyright my data? How can I protect my data if I share it?
Data Clash Heats Up Between Banks and New York Stock Exchange -- Update
Several of the biggest firms on Wall Street are balking at a contract that the New York Stock Exchange is requiring them to sign to keep trading on its markets, people familiar with the dispute said.
… The behind-the-scenes spat over the contract, called the NYSE Master User Agreement, is the latest flashpoint in a long-running battle over the market data that exchanges sell to their customers.
Such data are crucial for banks and other financial heavyweights that use computerized trading strategies. It has been a growing source of revenue for stock exchanges in recent years, prompting complaints from Wall Street firms that they are being overcharged.
At the heart of the dispute is legal language about who owns the data that brokers submit to the exchange when they buy and sell stocks. The contract implies that NYSE owns the data. Brokers and big trading firms say the data are rightfully theirs.
The agreement, a seven-page document available on NYSE's website, differs from similar contracts from the Big Board's competitors, lawyers say.
Of course it could happen here.
So, Bad News: Now Militants Are Using Drones as Projectiles
The Four Flavors of Automated License Plate Reader Technology
by Sabrina I. Pacifici on Apr 6, 2017
EFF – “Automated License Plate Readers (ALPRs) may be the most common mass surveillance technology in use by local law enforcement around the country—but they’re not always used in the same way. Typically, ALPR systems are comprised of high-speed cameras connected to computers that photograph every license plate that passes. The photo is converted to letters and numbers, which are attached to a time and location stamp, then uploaded to a central server. This allows police to identify and record the locations of vehicles in real time and also identify where those vehicles have been in the past. Using this information, police could establish driving patterns for individual cars. The type of data ALPRs collect, analyze, and access often depends on what kind of systems they use and how they combine the data. Whether you’re a policymaker, journalist, or a citizen watchdog, it is important to note the specifics about how these technologies are used…”
Spinning the story for her next run?
Hillary Clinton Says Russia Used Hacking ‘to Great Effect’ in Her Defeat
Hillary Clinton left no doubt on Thursday that she believes Russia contributed to her defeat by interfering in the election, condemning what she called Moscow’s “weaponization of information.”
“I didn’t fully understand how impactful that was,” Mrs. Clinton said at a women’s conference in New York.
I wonder if this would help you learn a language if you found someone (in Japan for example) that wanted to learn English?
Skype’s real-time voice translation tool now works in Japanese
Microsoft is expanding its real-time Skype translation tool for spoken word into Japanese, its tenth language.
The software giant first introduced Skype Translator in English and Spanish back in 2014, and it has since expanded into a number of additional languages, including Mandarin, Italian, Russian, and Arabic.