FBI hunting ‘Mr Grey’ hacker and his 1.2 billion stolen logins
In a massive botnet operation which stole data from over 420,000 websites, the FBI are now zoning in on one member of a Russian crime ring known as ‘CyberVor’, with their target being known online as ‘Mr Grey’. Incriminating evidence such as suggestions on social media that he’s able to access such data have lead the search to focus on him.
Using the same method responsible for the recent TalkTalk hack, botnets were used to sweep websites searching for SQL injection vulnerabilities. This particular operation has been known about since August, with data so far being used to send spam and being sold online.
Hack of toy company VTech accesses images of children
The Internet of Things issue is rearing its ugly head again this week, with perhaps the most disturbing discovery so far. As Troy Hunt and even the BBC have reported, toy company VTech’s products have found to be vulnerable to hackers. The data the hacker who discovered the issue claims to have got hold of include home addresses, photos taken using the toys, chat logs and even audio of conversations. We’ve written a full report on the VTech hack and meanwhile would advise parents to be cautious about any children’s toys which have internet connectivity.
China denies involvement in US government office hack
The Chinese government has publicly denied any involvement in the hack on the US Office of Personnel Management earlier this year. Blaming the attack on criminal gangs, they have also claimed that those responsible are in fact the same individuals who were arrested shortly before a Chinese visit to the US not long after the attack.
The breach was perhaps the biggest blow to US national security since Edward Snowden, with over 21 million personnel records being stolen. During the Chinese visit in September, both leaders pledged not to use commercial espionage tactics. One thing’s for sure, any future breaches originating from China will definitely be monitored extremely closely.
Flash going at last, or is this just a sneaky rebrand?
As critics have been demanding for months following a slew of vulnerabilities and subsequent patching, we may have finally seen the end of Flash. Or at least in name. Adobe appear to have decided that they can’t afford to ditch Flash altogether, so it’s now being renamed ‘Animate’. Focusing on the need to address the lack of HTML5 technology that Flash previously had, this is being used as the leading selling point for the new software. However, critics have been quick to observe that besides the inclusion of HTML5 and a shiny new logo, Animate appears to just be Flash with an update bolted on.
Australian Government working on a data breach notification scheme
The Australian Attorney General’s Department have finally released a draft of the new Privacy Act, including amendments to provide for a data breach notification scheme. In February, the Joint Parliamentary Committee on Intelligence and Security recommended that such a scheme should be in place by the end of 2015. However, given until March for consultation, a lengthy legislative process and then a one year grace period, it looks like the scheme won’t be up and running until 2017 at the earliest. Details of the draft show that not all breaches would be subject to new notification rules, only those with a ‘real risk of serious harm’ such as personal information and tax or financial details.
Advantech equipment still vulnerable to both Heartbleed AND Shellshock
An independent security researcher, Neil Smith has reported his surprise in finding that some Advantech products are still vulnerable to the most well known exploits of 2014: Shellshock and Heartbleed. What surprised experts even further is that a full security audit which took place a year ago uncovered other vulnerabilities while somehow missing these two big-name risks. The devices affected are the EKI series, which were already known to have buffer overflow and code injection flaws. Experts did however point out that it was unlikely that either of the newfound vulnerabilities were being exploited in the wild as hackers would need to have inside knowledge in order to take advantage of the weaknesses.