HOW THE SYRIAN GOVERNMENT HACKED THE ONION

The Syrian government first sent some phishing emails mimicking to be news from the washington post to a set of random employees. The malicious link just redirected those uneducated users to a gmail account. This drive-by-download attack allowed the perpetrators to gain access to a victim’s email thus sending more messages from that trusted source. The best way to bypass this kind of attack is through user education. The Onion IT team made a wrap about

Time to make your Incident response team ready

Anonymous has promised to attack a set of target in America on May, 07 2013. According to the post on pastebin, among the target there are NSA, pentagone, White house… It might be a DDOS attack.

https://blog.avast.com/2013/05/02/massive-u-s-cyberattack-planned-by-anonymous/

 

Forensics Analysis of the USA labor site hacked

The site of the USA department of labor has been hacked, redirecting users and distributing malicious code. The intruders were able to disable certain antivirus vendor such as Avira and Avast if installed in the target computers. To Bypass this, just keep your antivirus up to date.

http://labs.alienvault.com/labs/index.php/2013/u-s-department-of-labor-website-hacked-and-redirecting-to-malicious-code/

 

Advice for hacked sites

A Site is accessed by typing the URL inside a browser. The source code of most of those internet addresses  is not properly written and is subjected to many holes exploit by cybercriminals. Cybercrooks often compromise a web page to install malwares that will control the attackee’s computer. Once the malware is properly installed , the hacker can either still information such as credit card numbers,Intellectual property, trade secret ,company’s secret or launch a Denial of service to prevent the authorized use of resources. I passed across  the Google security Blog  that gives detailed information on the meaning of hacking site and malware infection. Furthermore, the video illustrates how to use Google Master tool for running infection diagnosis on a web site.

Cloud company Evernote hacked,50 millions passwords resets

Evernote is an online service that provides the ability to store pictures, musics, videos and text on the internet and access those from any devices. Its users can edit their notes from anywhere. The company has acknowledged that it has suffered from a data breach. According to the statements released after the intrusion,there was no evidence that the contents stored in Evernote were accessed, payment information related to Evernote premium or Evernote Business customers were not accessed either.

Evernote Security Notice
Evernote Security Notice

Congratulations , passwords stored by Evernote are hashed and salted.

As an Incident response measure, Evernote is sending email notifications to all its customers, urging them to reset their passwords. Indeed , hackers could use those emails addresses to send unsolicited messages like spam. By enforcing the use of strong passwords, Evernote aims at reducing the attack surface of its online service. To be sure that your data is safe in a cloud based service:Do not use passwords based on dictionary words,Do not use the same passwords on multiple sites and services , never click on ”passwords reset emails” but instead go to the web page.

Information gathering tool

Social networks sites have become a potential source of information about criminals and their activities. Many private firms are tracking their employees lies using those shared environment. Security researchers have created the rapid information overlay technology (riot). The tool can gather a lot of information from websites such as Facebook, twitter and Foursquare.

Riot can give you a clue about someone’s life raising concern about privacy. Indeed pictures and location tracking posted on social network sites reveal the identity and can even help decrypting the thoughts, predict what one can do next. A video about riot can be watched here.