Always Providing You With Ongoing Information

Posts tagged ‘Hacking’

Open Source Vs Commercial Source For Upcoming Election In The U.S.

awhiteoutfit2_001

San Francisco in January 2018 could become the first U.S. city to adopt open source software to run its voting machines.

City officials last month authorized consulting group Slalom to prepare a report on the benefits and challenges involved in using an open source voting machine platform. The city voted to pay Slalom US$150,000 for its research

The city will also this year pay Dominion Voting Systems $2.3 million to renew its contract for the company’s proprietary voting machine software. That system is nearing the end of its life cycle.

Officials hope a move to open source will make San Francisco’s voting software more transparent and secure, as well as less costly. The expectation is that an open source voting machine program would offer more security against hack attacks. If the city should develop its own system, it then could provide the code to other cities.

Unlike proprietary software, open source code is available to anyone to vet potential security breaches. Users would not incur purchasing or subscription and licensing fees.

 

The Pros & Cons

California has begun to adopt open source in other areas. For example, state agencies already have used open source software to redesign California’s child welfare management system.

Regarding voting machines, there have been indications that California legislators are not opposed in principle to using open source.

Open source technologies offer the organizations involved in managing elections and vote tallying complete transparency into whatever is happening in voting machines and systems.

Those who oppose are mainly owners of proprietary voting systems and software who suggest that open source is inherently less secure and prone to hacking.

Open source software brings cost reductions, local control, increased security and transparency, all of which could boost voter trust in the election process, according to its advocates.

Nonproprietary voting software also could allow local governments to understand and adjust how votes are counted more quickly. Commercial vendors often consider those details trade secrets. The largest benefit in open source is that it can be vetted by anyone

Whoever finds a problem in open source does not have to contribute to the solution or even report it. Instead, it would be possible to keep the vulnerability secret and exploit it at will.

Going open source for transparency on voting systems could be a double-edged sword, warned Lamar Bailey, director of security research and development at Tripwire.

If San Francisco — or any locale — should pick an open source system, disclosing its choice before the election would allow attackers to review the code and craft attacks before the election, he said.

“If San Francisco decides to announce the name of the software after the election, that could cause issues too if someone finds a vulnerability in the code used at the time of the election.

Voting is an area in which there is distrust in results and the systems used to gather them. This is especially true for those on the losing side, he pointed out.

“We have seen everything from hanging chads to Russian hackers being blamed for results, as well as documented vulnerabilities in voting machines,” Bailey said.

Alternative View

Going open source would be a bold move. Instead, the government should employ multiple security companies to review and pen test existing systems to ensure that they are secure, Bailey recommended.

Open source would provide little benefit, given that the systems are air-gapped, said Philip Lieberman, president of Lieberman Software.

Open source carries few real benefits — but it comes with quite a few risks, according to Byron Rashed, vice president of global marketing, advanced threat intelligence at InfoArmor.

Moving to open source for voting machines would not help prevent hacking or other forms of election tampering, he maintained.

“It would definitely weaken it, since some vulnerabilities can be present for years. In addition, threat actors or highly organized cybercriminal gangs have members that are highly skilled in finding and exploiting vulnerabilities,” Rashed told LinuxInsider.

Impact on the Bottom Line

 

Open source would allow localities to own their elections more fully and be less beholden to outsiders, whether they happen to be hackers or vendors of proprietary voting systems, he noted.

On the other hand, proprietary voting solution vendors have argued that they are better positioned to understand the inherent dangers of vote tampering and to protect systems from hackers.

 

 

Advertisements

Hackers Want 2.6 Million Or Else

Snapshotpurple_001

Equifax was hacked and they have information on 143 million Americans. The supposed hackers have made their demands of Equifax. The hackers are asking for over 600 Bitcoin – that much Bitcoin amounts to $2.66USD million. The hackers claim that if Equifax pay up , they will delete all of the data. Equifax has until September 15th to pay up.

The hackers have told Equifax to request any part of the stolen data and they will show it to them to prove that they’re legitimate.The hackers have given Equifax until September 15 to pay the ransom or the data will be publicized.

A proposed class-action lawsuit was filed against Equifax Inc. late Thursday evening, shortly after the company reported that an unprecedented hack had compromised the private information of about 143 million people.

A complaint was filed in Portland, Ore., federal court, users alleged Equifax was negligent in failing to protect consumer data, choosing to save money instead of spending on technical safeguards that could have stopped the attack. Data revealed included Social Security numbers, addresses, driver’s license data, and birth dates. Some credit card information was also put at risk.

Hackers Stole Sensitive Data From Equifax

Snapshotmensuit10_001

The cyber attack today, which occurred sometime between the middle of May 2017 and July 29. What makes the Equifax attack particularly troublesome is the company’s status as a central clearinghouse for sensitive credit-related information including social security numbers, driver’s license numbers, and other data that can be used in a variety of ways to harm those affected.

While the Equifax breach isn’t the largest in terms of the number of victims — however,because of the kind of personal information that was stolen is troubling. Examples of sensitive information include 209,000 credit card numbers, personal information relating to credit disputes for 182,000 victims, and data that could be further used to access medical histories, bank accounts, and more.

Equifax has established a web site that individuals can visit to learn more about the attack, find out if they’re affected, and enroll in free identity theft protection and file monitoring services. If you’ve ever applied for credit — and that’s most people — it’s a good idea to head over to the site sooner rather than later.

Hacked Instagram Numbers On $ale

 

 

Snapshotblackwhitedress7_001

Hackers established a searchable database named Doxagram allowing users to search for victims’ contact information for $10 per search. The hacker provided a list of 1,000 accounts they said were available for searching on Doxagram to the Daily Beast, and the list included most of the 50 most-followed accounts on the service.

 Doxagram was offline Friday @ 5:50 pm. It was unclear how or when it might come back. It’s also not known if Instagram would had sought to have the site shut down.

But even with the site shut down, contact information for dozens of celebrities now appears to be floating around on the dark web. A cybersecurity firm named RepKnight s found contact information for celebrities including:

  • Actors: Emma Watson, Emilia Clarke, Zac Efron, Leonardo DiCaprio, Channing Tatum.
  • Musicians: Harry Styles, Ellie Goulding, Victoria Beckham, Beyoncé, Lady Gaga and Rihanna, Taylor Swift, Katy Perry, Adele, Snoop Dogg, Britney Spears.
  • Athletes: Floyd Mayweather, Zinedine Zidane, Neymar, David Beckham, Ronaldinho.

For celebrities and other high-profile users, the hack could mean having to change a phone number, email address, or both. But it can also be used along with social engineering techniques to gain access to the account itself. That seems to be what happened to Gomez, Instagram’s most-followed user. Her account was briefly taken down Monday after it was used to post nude photographs of Justin Bieber, her ex-boyfriend.

 

 

Instagram Gets Hacked

 

 

 On Wednesday, the Facebook-owned photo sharing app revealed that “at least one hacker” managed to steal personal information from a number of high-profile user accounts. Apparently, the breach was caused by a bug in the system, which Instagram says has now been addressed. They discovered that one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number.  

HBO Hackers Leaked Executive’s Emails

Hackers who posted several of HBO’s new episodes and a “Game of Thrones” script online in late July have published a month’s worth of emails from the inbox of one of the entertainment company’s executives. The Hackers also addressed a video letter to HBO CEO Richard Plepler that demands the company demand payment of money, although the figure was redacted, according to the report. The hackers said HBO marked their 17th victim, and only three have failed to pay. HBO said its forensic review of the incident is ongoing and noted that it believed further leaks were forthcoming.

HBO private emails in the hands of hackers, came Monday in an email message to The Hollywood Reporter that also contained nine files with such labels as “Confidential” and “Script GOT7.” The hackers also delivered a video letter to HBO CEO Richard Plepler that says, “We successfully breached into your huge network. … HBO was one of our difficult targets to deal with but we succeeded (it took about 6 months).”

They say that the frequency of the attacks has overwhelmed the FBI’s Los Angeles field office, which has been unable to properly investigate all of them. The FBI’s surprising advice, according to industry sources: Pay the ransom.

FBI spokesperson in the L.A. office denied that the agency is telling companies to cough up the bitcoins in cases of ransomware. “The FBI does not encourage payment of ransom as it keeps the criminals in business,” says Laura Eimiller. “Of course, the individual victim must weigh their options.”

“The FBI will say it’s easier to pay it than it is to try to fight to get it back,” says Hemanshu Nigam, a former federal prosecutor of online crime in L.A. and onetime chief security officer for News Corp. “And if one company pays the ransom, the entire hacking community knows about it.”

 

 

Hacking Group Anonymous Say Nasa Is About To Announce Alien Life?

Tag Cloud

%d bloggers like this: