https://console.cloud.google.com
Antonio Linares wrote:Manuel,
Lo has probado ya ?
Que lenguajes y GUIs soporta ? Que genera ?
Gmail, Google Docs Users Hit By Massive Email Phishing Scam (independent.co.uk)59
Posted by BeauHD on Wednesday May 03, 2017 @04:40PM from the be-on-the-look-out dept.
New submitter reyahtbor warns of a "massive" phishing attack sweeping the web:Multiple media sources are now reporting on a massive Gmail/Google Docs phishing attack. The Independent is among the top publications reporting about it: "Huge numbers of people may have been compromised by the phishing scam that allows hackers to take over people's email accounts. It's not clear who is running the quickly spreading scam or why. But it gives people access to people's most personal details and information, and so the damage may be massive. The scam works by sending users an innocent looking Google Doc link, which appears to have come from someone you might know. But if it's clicked then it will give over access to your Gmail account -- and turn it into a tool for spreading the hack further. As such, experts have advised people to only click on Google Doc links they are absolutely sure about. If you have already clicked on such a link, or may have done, inform your workplace IT staff as the account may have been compromised. The hack doesn't only appear to be affecting Gmail accounts but a range of corporate and business ones that use Google's email service too. If you think you may have clicked on it, you should head to Google's My Account page. Head to the permissions option and remove the 'Google Doc' app, which appears the same as any other."UPDATE 5/3/17: Here's Google's official statement on today's phishing attack: "We have taken action to protect users against an email impersonating Google Docs & have disabled offending accounts. We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail."
hardware intel technology
Google Was Warned About This Week's Mass Phishing Email Attack Six Years Ago (vice.com)34
Posted by BeauHD on Thursday May 04, 2017 @08:20PM from the come-back-to-haunt dept.
An anonymous reader quotes a report from Motherboard:For almost six years, Google knew about the exact technique that someone used to trick around one million people into giving away access to their Google accounts to hackers on Wednesday. Even more worrisome: other hackers might have known about this technique as well. On October 4, 2011, a researcher speculated in a mailing list that hackers could trick users into giving them access to their accounts
FACC
January 25, 2016: FACC, an Austrian-based aerospace parts manufacturer (with clients like Airbus and Boeing), announced they fell victim to hackers in January 2016. The criminals, however, seemed to ignore the company’s data and intellectual property, opting to instead steal approximately €50 million — which is equivalent to about $54.5 million U.S. dollars. FACC says that while they are investigating the extent of the damage and how it happened, their normal operations have not been affected.
University of Central Florida
February 8, 2016: At the beginning of February 2016, the University of Central Florida announced a data breach that affected approximately 63,000 current and former students, faculty, and staff. The breach was discovered in January, but before making the incident public, the university reported it to law enforcement and conducted an internal investigation. Unknown cyber criminals compromised the university’s computer system and stole a variety of information including Social Security numbers, first and last names, and student/employee ID numbers.
U.S. Department of Justice
February 9, 2016: Hackers angry about U.S. relations with Israel tried to call attention to their cause in February 2016 by breaching the U.S. Department of Justice’s database. CNN reported the hackers released data on 10,000 Department of Homeland Security employees one day, and then released data on 20,000 FBI employees the next day. Information stolen included names, titles, phone numbers, and e-mail addresses; the Department of Justice does not believe that any sensitive information, like Social Security numbers, was obtained. Tweeting from the account @DotGovs, the hackers said it took one week for the Department of Justice to realize that their systems had been compromised.
Internal Revenue Service
February 29, 2016: The Internal Revenue Service (IRS) announced that the data breach they uncovered in May 2015 was much larger than initially believed. In May, the IRS said over 100,000 American taxpayers had their personal information compromised when the agency’s “Get Transcript” system was hacked. However, in February 2016, those numbers have been increased to over 700,000. The IRS thinks a sophisticated Russia-based criminal operation is responsible for the data breach and that identities were stolen to file fraudulent tax returns in the future.
UC Berkeley
February 29, 2016: The financial data of more than 80,000 University of California, Berkeley students, alumni, employees, and school officials was compromised around December 2015 and announced to the public in February 2016. The school says that although it was clear their system was hacked, it does not appear that any information was stolen. Those who may have been affected were notified and encouraged to keep an eye on their personal information.
Snapchat
March 3, 2016: 700 current and former Snapchat employees had their personal information stolen when hackers used a phishing scam to trick an employee into e-mailing them the private data. Posing as Snapchat chief executive Evan Spiegel, the attackers simply requested — and received — sensitive employee information including names, Social Security numbers, and wage/payroll data. It is presently unclear who is responsible for the attack or how they may use the information they stole.
21st Century Oncology
March 10, 2016: 21st Century Oncology, a Fort Myers-based company offering cancer care services, revealed in a statement on their website that 2.2 million patients may have had personal information stolen when the company’s system was breached in October 2015. The breach was discovered in November 2015, but the FBI discouraged the company from making a public announcement until March, as the investigation was ongoing. Though there is no evidence that the data has been used in any way, hackers did have access to patient names, Social Security numbers, doctor names, diagnosis and treatment information, and insurance information.
Premier Healthcare
March 10, 2016: A data breach was reported by Premier Healthcare, a multispecialty provider healthcare group, after a laptop computer was stolen from the billing department of their Bloomington, Indiana headquarters. The laptop was protected by a password, but it was not encrypted and contained sensitive data pertaining to more than 200,000 patients. Most victims affected had their names, dates of birth, and other basic information compromised, but Premier Healthcare says that 1,769 individuals may have had their Social Security numbers or financial information taken as well.
Verizon Enterprise Solutions
March 25, 2016: Verizon Enterprise Solutions, a division of Verizon known for providing IT services and data breach assistance to businesses and government agencies around the world, was hit by hackers who stole the information of about 1.5 million customers. The data was found for sale in an underground cybercrime forum by cybersecurity journalist Brian Krebs. Verizon acknowledged the breach, saying that they’ve found the security flaw, and are working to contact affected customers.
Systema Software
March 28, 2016: A data breach at California-based Systema Software was not the result of hackers, but an internal error during a system upgrade in which data storage was set up improperly and made publicly available on the Internet. Chris Vickery, a white-hat hacker, found the information online and reported it to the proper authorities — by that point, customer information had been exposed for 75 days. Affected customers include the Kansas State Self Insurance Fund, the CSAC Express Insurance Authority, American All-Risk Loss Administrators/Risico, Millers Mutual Group, Crosswalk Claims Management, and Salt Lake County. Currently, it is not believed that any of the personal information has been used illegally.
Tidewater Community College
March 28, 2016: Current and former employees of Tidewater Community College (TCC) in Norfolk, Virginia had their personal information stolen in a tax season phishing scam. An employee in the school’s finance department received a request from a fake TCC e-mail address asking for all employee W-2 information. The individual, not realizing the e-mail was fake, responded with sensitive information including names, earnings, and Social Security numbers. TCC’s spokesperson has said that at least 16 TCC employees have reported false tax returns filed under their Social Security numbers.
MedStar Health Inc.
March 30, 2016: The FBI is investigating a computer virus that paralyzed MedStar Health-operated hospitals in Maryland and Washington. Officials are trying to determine whether the virus was ransomware, which holds a company’s systems “hostage” until a specific dollar amount is paid. It is not immediately clear whether any patient information was stolen, but with the popularity of medical identity theft among hackers, it is certainly possible that personal data was compromised.
Philippine Commission on Elections
April 11, 2016: A breach of the database for the Philippe Commission on Elections (COMELEC) prompted Infosecurity Magazine to say it “could rank as the worst government data breach anywhere.” It is believed that the personal information of every single voter in the Philippines — approximately 55 million people — was compromised on March 27, 2016 by Anonymous; LulzSec Pilipinas published the database online a few days later and those private details are now available online for anyone to steal and engage in all different types of identity theft. Anonymous’ actions were allegedly an effort to push COMELEC to turn on security features in the vote counting machines before the national elections on May 9.
Multiple Major E-mail Providers
May 5, 2016: Milwaukee-based Hold Security discovered more than 270 million e-mail usernames and passwords being given away for free in the Russian criminal underground. It is unknown how all of the accounts were stolen, but Hold counted about 57 million Mail.ru accounts, 40 million Yahoo accounts, 33 million Hotmail accounts, and 24 million Gmail addresses. There were also hundreds of thousands of German and Chinese email providers, along with username/password combinations that seem to belong to employees of major banking, manufacturing, and retail companies.
Wendy’s
May 11, 2016: In January 2016, Wendy’s began investigating a potential data breach after receiving reports of unusual activity involving payment cards at some of their restaurant locations. The details of that investigation became public in May, as the fast food chain revealed that less than 5 percent of its restaurants were affected. The company believes that malware infiltrated one particular point of sale system at fewer than 300 of approximately 5,500 franchised North America Wendy’s restaurants, starting in the fall of 2015. Security expert Brian Krebs said many bank and credit unions “have been grumbling about the extent and duration of the breach” and that it seems some breached Wendy’s locations were still leaking customer card data as late as the end of March 2016 into early April.
June 16, 2016 Update: In June 2016, Wendy’s announced that their data breach was worse than they originally thought. The company did not provide much additional information — only that “additional malicious cyber activity has recently been discovered in some franchise-operated restaurants.” They said that they disabled the newly discovered malware, but that “the number of franchise restaurants impacted by these cybersecurity attacks is now expected to be considerably higher than the 300 restaurants already implicated.” Wendy’s is continuing to work with security experts and federal law enforcement who are investigating the breach. Customers with questions can call 888-846-9467 or email PaymentCardUpdate@wendys.com
May 17, 2016: A 2012 data breach came back to haunt LinkedIn when 117 million email and password combinations stolen by hackers four years ago popped up online. At the time the breach occurred, members who had been affected were told to reset their passwords. That information then became publicly available in May 2016. LinkedIn acted quickly to invalidate passwords of all LinkedIn accounts that were created prior to the 2012 breach and had not undergone a reset since the breach. It is not clear who stole the information or published it online, but LinkedIn is actively working with law enforcement officials.
Newkirk Products
August 12, 2016: In August 2016, Newkirk Products, a service provider that issues healthcare ID cards, announced a data breach that may have affected up to 3.3 million people. Unknown hackers were able to gain access to a server that contained sensitive member information, including names, mailing addresses, dates of birth, and details about health insurance plans. At this time, it does not appear that any of the stolen information has been used maliciously.
Oracle
August 12, 2016: The company that owns the MICROS point-of-sale system, used in more than 330,000 cash registers around the world, became the victim of a data breach, which was announced to the public in August of 2016. At the time the breach was uncovered by security expert Brian Krebs, it was unclear as to the size and scope; Krebs did say that a large Russian cybercrime group was likely to blame and that they had placed malware on company computers and on the MICROS customer support portal to steal usernames and passwords. Many experts also believe the hackers were probably able to plant malware in the MICROS point-of-sale systems and that they could be responsible for major data breaches at retailers around the country.
Dropbox
September 2, 2016: The popular file-hosting service was forced to confront a data breach from four years ago that affected more users than originally believed. In 2012, Dropbox helped a small amount of users secure their accounts after some usernames were stolen. At the end of August 2016, however, it was revealed that more than 68 million Dropbox users had their usernames and passwords compromised in that initial breach. It does not look like the accounts have been illegally accessed at this time, and all Dropbox users who have not reset their passwords since 2012 have been prompted by the company to do so.
Yahoo!
September 22, 2016: In what may be the most expansive data breach of all time, Yahoo announced that a hacker had stolen information from a minimum of 500 million accounts in late 2014. The thief, believed to be working on behalf of a foreign government, stole e-mail addresses, passwords, full user names, dates of birth, telephone numbers, and in some cases, security questions and answers. At the time of the breach announcement, Yahoo was still working with law enforcement and the FBI on an investigation.
Weebly
October 20, 2016: Over 43 million Weebly users were notified about a data breach that happened in February, but was just discovered in October. Stolen data included usernames, passwords, e-mail addresses, and IP information, but Weebly does not believe any type of financial information was stolen because it does not store full credit card numbers on its servers. Hackers were not able to log directly into customer websites because passwords were protected by bcrypt hashing.
National Payment Corporation of India
October 20, 2016: The National Payment Corporation of India (NPCI) was notified by international banks, primarily in the U.S. and China, that some of its customers’ debit cards were being used illegally. Experts believe the breach began with a malware attack that originated at an ATM. The NPCI said that 32 lakh debit cards across 19 Indian banks were compromised, but customers were contacted to change the debit card PINs and customers they couldn’t reach had their cards canceled and were issued new ones.
Cisco
November 3, 2016: An incorrect security setting on the mobile version of Cisco’s “Professional Careers” website created a privacy hole that exposed the personal information of job-seekers. Discovered by an independent researcher, the security vulnerability made sensitive data available between August and September 2015, and again from July to August 2016. That data included names, addresses, e-mails, phone numbers, usernames, passwords, answers to security questions, resumes, cover letters, and voluntary information such as gender, race, veteran status, and disability.
At this time, there is no evidence that any other parties accessed the job-seekers’ information, other than the independent researcher. Cisco did say, however, that “there was an instance of unexplained, anomalous connection to the server during that time, so we are taking precautionary steps.” Those steps include alerting all Cisco job-seekers to the breach, requiring all users to reset their passwords, and offering to put 90-day fraud alerts on accounts for interested users.
AdultFriendFinder.com
November 13, 2016: AdultFriendFinder, an X-rated website, was targeted by hackers for the second time in two years. This time, though, the amount of accounts compromised was immense — approximately 412 million users had personal information stolen and published in online criminal marketplaces. The breached data included e-mail addresses, passwords, VIP member status, browser info, last IP address to log in, and purchases. LeakedSource is responsible for finding and reporting the breach to the public; AdultFriendFinder has only admitted to finding a vulnerability and has not confirmed the attack yet.
San Francisco Municipal Transportation Agency
November 25, 2016: San Francisco’s public railway system, known as Muni, was infected with malware over the Thanksgiving weekend; this resulted in locked kiosks and computers and two days of free rides for passengers until the system went back online on Sunday, November 27. Fortune reached out to the hackers, who said the attack was not targeted — it was an automated attack, also known as a “spray and pray.” In this type of attack, an automated system sends links to malware out to many prospective victims; an IT admin at the transportation agency allegedly clicked on the link and unknowingly downloaded the malware files.
The hackers claim to have 30GB of stolen data, which includes the personal information of employees and riders. They want the agency to fix its vulnerable systems and pay a ransom of 100 Bitcoins, or about $73,000 — if their demands aren’t met, they say they will release all of the personal information. The agency’s systems are back online, but as of now, it does not appear that they have paid the hackers.
Yahoo
December 14, 2016: Less than three months after announcing a 2014 data breach that affected 500 million users, Yahoo did it again — and even bigger than before. In December, the company discovered another breach from 2013 that may have compromised the personal information of one billion Yahoo accounts, making it the largest data breach in history. At the time of the breach announcement, Yahoo did not have much additional information to share with the public, as it was still unclear who was responsible, how they got into the system, and what they stole
Major DDoS attack on Dyn disrupts AWS, Twitter, Spotify and more
21 October 2016 By Sebastian Moss
A global distributed denial of service (DDoS) attack on Dyn’s DNS infrastructure made numerous online services inaccessible for a large number of users, particularly those living on the east coast of the US.
The exact scale of the attack and the reasons for it are yet unknown, but comes at a time of increasing DDoS activity.
A growing threat
“Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure,” Dyn said in a status post.
“Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.”
Later, the company added that “this attack is mainly impacting US East and is impacting Managed DNS customers in this region. Our Engineers are continuing to work on mitigating this issue.”
According to Dyn, services were restored at 13:20 UTC.
Customers suffering from disruption included Twitter, SoundCloud, Spotify, Netflix, Reddit, Pagerduty, Shopify, Disqus, Freshbooks, Vox Media, PayPal, Etsy, Github, Heroku, Time, PlayStation, the Intercom app and more. While Dyn said that the issue has been resolved, users of the affected services were still reporting problems with connectivity at time of writing.
Amazon Web Services was also impacted by the Dyn’s temporary collapse, and said: “Between 4:31 AM and 6:10 AM PDT, we experienced errors resolving the DNS hostnames used to access some AWS services in the US-EAST-1 Region.
“During the issue, customers may have experienced failures indicating “hostname unknown” or “unknown host exception” when attempting to resolve the hostnames for AWS services and EC2 instances. This issue has been resolved and the service is operating normally.”
Update: At 10:03 AM PDT (17:03 UTC) AWS said: “On October 21, 2016 between 4:30 AM and 6:11 AM PDT, some AWS customers experienced errors establishing connectivity to a small number of AWS endpoints hosted in the Northern Virginia (“US-EAST-1”) Region. We observed similar impact between 9:26 AM and 9:46 AM PDT in the Ireland (“EU-WEST-1”) Region.
“These events were caused by errors resolving the DNS hostnames for some AWS endpoints. AWS uses multiple DNS service providers, including Amazon Route53 and third-party service providers. The root cause was an availability event that occurred with one of our third party DNS service providers. We have now applied mitigations to all regions that prevent impact from third party DNS availability events.
“During these events, core AWS functionality and all security controls continued to operate normally. Customers that independently utilize the third party DNS service provider may continue experiencing errors resolving DNS names hosted with that provider.”
Update 2: As of 20:37 UTC, the DDoS attack on Dyn is still occurring, intermittently.
Dyn’s status page says: “Our engineers are continuing to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure.”
Update 3: More details here.
We previously reported on a major DDoS attack on cyber security researcher Brian Krebs, measuring at 620 Gbps - at the time, the largest DDoS ever recorded. Since then, that record was broken by an attack on French hosting firm OVH that was roughly double that of Krebs.
Many of these more recent attacks make use of IoT devices such as routers and cameras to flood the target’s systems.
Last month, a hacker known as ’Anna_Senpai’ released the source code for Mirai, a tool that uses IoT devices for DDoS attacks. The malware continuously scans the Internet for IoT systems protected by factory default or hard-coded usernames and passwords, before taking control of such systems.
Indeed, security intelligence firm Flashpoint believes that it has observed a Mirai botnet attacking Dyn, and that it was responsible for today’s outages.
But DDoS attacks only last as long as the traffic can be sustained. Elsewhere, we have seen far greater long-term damage caused by hacks of big businesses, NSA zero days leaking into the wild, and the growing rate of state-sponsored cyberwarfare attacking political structures.
Return to Off Topic / Otros temas
Users browsing this forum: No registered users and 6 guests