Facebook becomes directly accessible through Tor’s anonymity network

October 31, 2014 – 10:17 PM

Facebook has made it easier to access the social network through multiple layers of encryption and without disclosing your true location, by allowing direct access as a hidden service through Tor’s anonymity-focused browser.

Tor sometimes comes up against the security mechanisms of sites — such as Facebook and banking sites — that its users are trying to visit. Because it bounces browsing traffic between a number of nodes, so as to obscure the user’s actual location, it can sometimes display the same characteristics as techniques hackers use to hide their identity.

Working with Tor Project advocate Runa Sandvik and Steven Murdoch – the developer who originated the Tor Browser – Facebook solved the problem by creating a .onion address for the social network. These addresses can only be accessed through Tor’s network, and are often used for anonymous, hidden “deep web” services.


White House officials confirm breach on unclassified network

October 29, 2014 – 5:30 AM

A White House official, speaking on the condition of anonymity, said that suspicious activity has been identified on the Executive Office of the President (EOP) network.

The official, speaking to Reuters, said that mitigation efforts were ongoing, but declined to identify the exact nature of the problem.

“In the course of assessing recent threats we identified activity of concern on the unclassified EOP network. Any such activity is something that we take very seriously. In this case we took immediate measures to evaluate and mitigate the activity,” the official told Reuters.

The EOP network was offline for some time last week, according to Powerline, a conservative blog.

Powerline’s John Hinderaker cited unidentified sources who said that IT staffers were having problems identifying the source of the problems, but that systems were taken offline during the initial investigation. They were later restored. There also reports of delays in the press pool last Friday, as reporters received briefings and other notices later than normal last week. The delays were blamed on technical errors.

Powerline’s report somewhat aligns with the White House official’s statement to Reuters, which confirmed that the initial investigation resulted in temporary outages and loss of connectivity.

The investigation is focused on the unclassified network, and officials said there is no indication that classified networks were affected by the incident.


CryptoWall ransom infections spike to 830,000 in matter of weeks

October 23, 2014 – 5:01 PM

Dell SecureWorks has updated its figures on the number of PCs infected by the awful CryptoWall ransom malware and the news isn’t good – the number of systems has spiked suddenly to 830,000.

The firm’s last statistic in late August was 625,000, itself a large number of infected systems, which means that CryptoWall has boosted its haul of victims by 25 percent in a matter of weeks.

Looking at the UK statistics, Dell SecureWorks estimates that CryptoWall has affacted 40,000 PCs, with 75 victims handing over ransoms to the tune of $47,250 (£29,000), a stark figure that arrives in time for the UK’s Get Safe Online week.

A few days back, the National Fraud and Intelligence Bureau (NFIB) estimated that online fraud is costing UK citizens £670 million a year. Given that very few of the ransoms paid in the hope of getting rid of CryptoWall were probably reported to the national fraud reporting service Action Fraud, this figure is surely an underestimate.


Microsoft Windows Hit By New Zero-Day Attack

October 22, 2014 – 5:40 AM

Microsoft has disclosed that a new zero-day vulnerability is present in Windows, and is exploited via Microsoft Office files. According to Microsoft Security Advistory 3010060, the vulnerability is present in all supported versions of Windows except Windows Server 2003.

The vulnerability (designated as CVE-2014-6352) is triggered by an attacker sending a specially crafted Microsoft Office file to the user. Currently, attacks using PowerPoint files are known to exist, but all Office file types can be used to carry out this attack.

The specially crafted files contain a malicious Object Linking and Embedding (OLE) object. This technology is used to share data between various applications; it is in this component of Windows where this vulnerability may be found. Exploiting it allows for malicious code to run with the privileges of the user. To get administrator access, a separate exploit must be used. In addition, under default settings a User Access Control popup is displayed, which may alert the user that something unusual is going on.

Currently, Microsoft has not indicated whether a patch to solve this issue will be sent outside of the regular Patch Tuesday cycle. Until more definitive information becomes available, we advise users to be careful about opening Office documents that they have been sent, particularly if they come from parties that have not sent you documents beforehand. The Microsoft bulletin also includes several workarounds and temporary fixes, including settings for users of the Enhanced Mitigation Experience Toolkit (EMET) utility.


Officials warn 500 million financial records hacked

October 21, 2014 – 5:58 PM

Federal officials warned companies Monday that hackers have stolen more than 500 million financial records over the past 12 months, essentially breaking into banks without ever entering a building.

“We’re in a day when a person can commit about 15,000 bank robberies sitting in their basement,” said Robert Anderson, executive assistant director of the FBI’s Criminal Cyber Response and Services Branch.

The U.S. financial sector is one of the most targeted in the world, FBI and Secret Service officials told business leaders at a cybersecurity event organized by the Financial Services Roundtable. The event came in the wake of mass hacking attacks against Target, Home Depot, JPMorgan Chase and other financial institutions.

“You’re going to be hacked,” Joseph Demarest, assistant director of the FBI’s cyberdivision, told the business leaders. “Have a plan.”