Categories
security

Singapore telco StarHub says hit by cyber attacks | Reuters

A massive DDoS attack on key DNS infrastructure happened last Friday. It appears that one of Singapore’s telco – Starhub – was also under attacked on Saturday and Monday. There was no further information whether it is from the same attackers or whether it was a copycat attack.

The company said it analysed network logs of the disruptions and found that it had experienced intentional and likely malicious distributed denial-of-service (DDoS) attacks on its domain name servers (DNS).

Source: UPDATE 1-Singapore telco StarHub says hit by cyber attacks | Reuters

Categories
security

Why Friday’s Massive DDoS Attack Should be Terrifying

Well, it didn’t take long to up the ante.
Major websites were down for a period of time due to DDoS attack. This time featuring tens of millions of IoT devices.

Categories
Uncategorized

Full(er) House: Exposing high-end poker cheating devices

This is a fascinating expose of a card game cheating device straight out of a spy movie.


This post exposes how real-world highly advanced poker cheating devices work.

Source: Full(er) House: Exposing high-end poker cheating devices

Categories
security sysadmin

Strange Loop – IP Spoofing

A very clear explanation to the DDoS problem that has been plaguing the Internet and recent advances in DDoS techniques.

The internet was originally created as a collection of equal connected peers. Everyone connected had equal rights, could consume content, produce content.

It was normal to host DNS or HTTP services on your home land-line.

But this is not possible anymore. It’s just too easy to knock unprotected websites off line.

Strange Loop – IP Spoofing

Categories
privacy

EXCLUSIVE-Yahoo secretly scanned customer emails for US intelligence-sources

Just when you thought things couldn’t get worse for Yahoo, which is dealing with the fallout from news of its massive hack. It is also trying to sell itself to Verizon, which is taking the opportunity to ask for a massive price cut.

YAHOO-NSA/ (EXCLUSIVE, PIX):EXCLUSIVE-Yahoo secretly scanned customer emails for US intelligence-sources

Source: EXCLUSIVE-Yahoo secretly scanned customer emails for US intelligence-sources

Categories
security

150,000 IoT Devices behind the 1Tbps DDoS attack on OVH

This is not the first incident where large number of IoT devices are being used to launch a DDoS attack. It’s a worrying sign that the number of compromised devices are getting larger and the technique is getting more popular.

The hosting provider OVH continues to face massive DDoS attacks launched by a botnet composed at least of 150000 IoT devices.

Source: 150,000 IoT Devices behind the 1Tbps DDoS attack on OVH

Categories
privacy security

Hack Brief: Yahoo Breach Hits Half a Billion Users

Largest password breach so far – 500M users.

After earlier reports of a cybercriminal hack that affected 200 million users, the real breach turns out to be far more serious.

Source: Hack Brief: Yahoo Breach Hits Half a Billion Users

[2016-09-29]: Defending Against Hackers Took a Back Seat at Yahoo, Insiders Say. ‘Cos it doesn’t affect the bottom line, no?

“Yahoo is already suffering. I don’t think they’ll suffer more because of this,” said Avivah Litan, a security analyst with the research firm Gartner.
Ouch.

Categories
Uncategorized

Beware: Windows 10 Signature Edition Blocks Installing Linux – FossBoss

Anti-competitive practice from Microsoft. Microsoft is apparently pressuring some hardware vendors to lock their BIOS to prevent installation of 3rd party OSes including Linux. Someone bought a Yoga 900 ISK2 and found that they can’t install Linux on it.

Just when you thought Microsoft is turning good – from all the open-source and Windows Subsystem for Linux efforts.

For you: If you see the “Windows 10 Signature Edition” badge on a laptop, DON’T BUY IT! You may not be able to install Linux (or any OS) on it, and there’s nothing you can do to the machine to change this currently.

Source: Beware: Windows 10 Signature Edition Blocks Installing Linux – FossBoss

Update (2016-09-22): Someone claims that the issue is overblown and that Ms isn’t forcing manufacturers to lock their BIOS. It’s Lenovo that is mishandling the whole thing.

Update (2016-09-22): Lenovo denies blocking installation of alternate OSes. Well they didn’t exactly block it. They just didn’t make it possible. If Lenovo wants to keep its customers happy it should release a BIOS patch that do exactly that.

Categories
privacy security

The Dropbox hack is real

It’s not a suspect breach. Change your Dropbox password now.

Earlier today, Motherboard reported on what had been rumoured for some time, namely that Dropbox had been hacked. Not just a little bit hacked and not in that “someone has cobbled together a list of credentials that work on Dropbox” hacked either, but proper hacked to the tune of 68

Source: The Dropbox hack is real

Categories
security

The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender – The Citizen Lab

The dark side of the cybersecurity industry has surfaced once again – companies that provide cyberweapons to organizations with deep pockets. In this case, the cyberweapon is a chain of zero-day exploits that requires no more than clicking on a link from an SMS. Good thing the target is discerning enough not to click on it – which means a million dollars (or two, or three) is wasted.

This report describes how a government targeted an internationally recognized human rights defender, Ahmed Mansoor, with the Trident, a chain of zero-day exploits designed to infect his iPhone with sophisticated commercial spyware.

Source: The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender – The Citizen Lab