Tag Archive for: dots

GoDaddy joins the dots and realizes it’s been under attack for three years • The Register

/in


In brief Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020.

The business took the unusual step of detailing the attacks in its Form 10-K – the formal annual report listed entities are required to file in the US.

The filing details a March 2020 attack that “compromised the hosting login credentials of approximately 28,000 hosting customers to their hosting accounts as well as the login credentials of a small number of our personnel” and a November 2021 breach of its hosted WordPress service.

The latest attack came in December 2022, when boffins detected “an unauthorized third party gained access to and installed malware on our cPanel hosting servers,” the filing states. “The malware intermittently redirected random customer websites to malicious sites.”

GoDaddy is unsure of the root cause of the incident, but believes it could be the result of “a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy.”

“To date, these incidents as well as other cyber threats and attacks have not resulted in any material adverse impact to our business or operations,” the filing states – showing enormous empathy for customers whose sites were redirected in the most recent attack, or impacted by the earlier incidents.

In a brief statement on the incident, GoDaddy hypothesized that the goal of the December 2022 attacks “is to infect websites and servers with malware for phishing campaigns, malware distribution and other malicious activities.”

– Simon Sharwood

Moscow considers legalizing hacking – but only for the glory of Mother Russia

The Russian government is working on changes to its criminal code that would legalize hacking in the Federation – provided it’s being done in the service of Russian interests, of course. 

According to Russian news service TASS, Alexander Khinshtein, head of the state Duma committee on information policy, wants exemptions from liability given to hackers, but aside from tossing the idea…

Source…

Text bombs and ‘Black Dots of Death’ plague WhatsApp and iMessage users

/in
Text bombs and 'Black Dots of Death' plague WhatsApp and iMessage users

Please don’t be tempted to try any of these text bomb attack out on anyone else, even as a prank. It’s simply not funny.

Read more in my article on the Hot for Security blog.

Graham Cluley

How a few yellow dots burned the Intercept’s NSA leaker

/in

Enlarge (credit: Ars Technica)

When reporters at The Intercept approached the National Security Agency on June 1 to confirm a document that had been anonymously leaked to the publication in May, they handed over a copy of the document to the NSA to verify its authenticity. When they did so, the Intercept team inadvertently exposed its source because the copy showed fold marks that indicated it had been printed—and it included encoded watermarking that revealed exactly when it had been printed and on what printer.

The watermarks, shown in the image above—an enhancement of the scanned document The Intercept published yesterday—were from a Xerox Docucolor printer. Many printers use this or similar schemes, printing faint yellow dots in a grid pattern on printed documents as a form of steganography, encoding metadata about the document into its hard-copy output. Researchers working with the Electronic Frontier Foundation have reverse-engineered the grid pattern employed by this class of printer; using the tool, Ars (and others, including security researcher Robert Graham) determined that the document passed to The Intercept was printed on May 9, 2017 at 6:20am from a printer with the serial number 535218 or 29535218.

Read 1 remaining paragraphs | Comments

Technology Lab – Ars Technica