Tag Archive for: breached

Anonymous vs. Russia: Hackers Say Space Agency Breached, More Than 1,500 Websites Hit

/in


A hacking group affiliated with Anonymous claimed that it breached the control center of Russian State Space Corporation “Roscosmos” and cut off the agency’s control over its spy satellites as part of the ongoing cyber-offensive against Russian government targets in protest of the invasion of Ukraine.

“The Russian Space Agency sure does love their satellite imaging,” the group NB65 said in a post early today, posting accompanying screenshots. “Better yet they sure do love their Vehicle Monitoring System. The WSO2 was deleted, credentials were rotated and the server is shut down. Network Battalion isn’t going to give you the IP, that would be too easy, now wouldn’t it? Have a nice Monday fixing your spying tech. Glory to Ukraine.”

“We wont stop until you stop dropping bombs, killing civilians and trying to invade,” NB65 added. “Go the fuck back to Russia.”

The same group did a data dump Sunday of more than 40,000 files that they said were swiped from the country’s Nuclear Safety Institute (IBRAE). “We don’t have the capacity to translate this many Russian documents, so enjoy and let us know what you find,” the group said.

On Monday, one Anonymous account reported on Twitter that hackers associated with the collective had taken down more than 1,500 websites connected to the Russian and Belarusian governments, state media outlets, major banks and companies over the previous 72 hours.

Accounts reporting their hacks under the #OpRussia or #OpKremlin hashtags on Twitter also said the website of the Russian Ministry of Labour and Social Protection had been knocked offline (and was still down this evening). Anonymous also leaked a database that hackers said came from breaching Russia’s Ministry of Economic Development.

And hackers breached a maritime traffic tracking site to give Russian President Vladimir Putin’s yacht “Graceful” a new call sign, ANONYMO, and a new destination, FCKPTN.

Anonymous accounts were encouraging those without hacking skills to join Russian social media sites and spread information to counter Russia’s disinformation or lack of news about what is really happening in Ukraine.

They also countered disinformation that they…

Source…

FBI says BlackByte ransomware group has breached critical US infrastructure

/in


The BlackByte ransomware group has compromised entities in at least three US critical infrastructure sectors, according to a joint warning issued (PDF) by the FBI and the US Secret Service on February 11th. Days after that, right before the Super Bowl, the group has also infiltrated servers owned by the San Francisco 49ers. The team’s representatives have confirmed the hack after BlackByte posted a file that it supposedly stole from the 49ers on its website, according to Ars Technica. That 379MB file reportedly contained billing statements sent by the team to its partners that include AT&T and Pepsi.

The 49ers’ reps said they believe “the incident is limited to [their] corporate IT network” and has no indication that it involved outside systems, such as those “connected to Levi’s Stadium operations or ticket holders.” They’ve notified law enforcement and are working with third-party cybersecurity firms to investigate the incident. “We are working diligently to restore involved systems as quickly and as safely as possible,” the reps said. As for the critical infrastructures that were affected, the FBI and the Secret Service didn’t name them, but they did say they’re government facilities and in the financial and food & agriculture sectors. 

BlackByte is a ransomware-as-a-service (RaaS) operation that allows affiliates to use its ransomware for a percentage of the proceeds. It first surfaced in July last year, but a flaw in its system allowed security firm Trustwave to release a decryption tool that victims were able to use for free instead of paying the group to have their files unlocked. An updated version of the ransomware patched that flaw. 

In their warning, the authorities said some victims reported that the bad actors used a known Microsoft Exchange Server vulnerability to gain access to their networks. The authorities have also released filenames, indicators of compromise and hashes that IT personnel can use to check their networks for presence of the ransomware. 

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may…

Source…

Hackers breached library system earlier than initially known

/in


Source…

What’s your risk if your Broward school data was breached?

/in


“In my personal opinion, within 72 hours, you’re obligated to tell them, ethically speaking,” said Chester Wisniewski, principal research scientist for Sophos, a global cyber-security company that monitors ransomware threats. “It’s not a law or a rule,” he said, “[but] waiting months is very bad. It’s just more time you’re not being able to fight against your data being abused.”

Source…