Tag Archive for: Logins

RTK request for computer logins partially approved and denied by OOR

/in


SOMERSET ― The Pennsylvania Office of Open Records filed its determination Sept. 27 concerning a right-to-know request filed by Lester Younkin and denied by Somerset County Commissioners, giving each party a victory.

Younkin said this week he will appeal the determination.

His request, seeking certain computer log information for specified county employees, was determined as granted in part and denied in part. Granted was the county’s point that disclosure of the active directory logs is likely to pose a risk to the county’s computer security, but that access to employees’ names and login and logout times can be released under the state’s Right-to-Know Law.

However, the OOR determined the county doesn’t have those records that Younkin is asking for because the server log showing the login and logout information doesn’t exist within the county’s possession, custody or control.

“The county NEVER disputed the existence of the log. In fact, the IT director submitted an unredacted Active Directory log in their appeal in an attempt to justify why they can’t release the information,” Younkin said in an email. “The county has the information. They simply do not want to release it. The county claim that they would need to purchase software to extract the data is blatantly false.”

More: Somerset commissioners say they have no evidence employees abusing time-off policies

County solicitor Christopher Furman, on behalf of the county commissioners, issued this statement:

“On Sept. 27, 2023, the Office of Open Records issued its Final Determination in OOR Appeal No. 2023-1983, granting the appeal in part, denying it part. The request was for daily computer and Exchange server login and logout times for certain personnel. Because the county does not use an Exchange server, that part of the appeal was denied. Regarding the computer login information, the county’s software is not currently capable of producing the requested information without producing certain other information embedded with it that, if disclosed, would pose a risk to the county’s computer security. Put simply, to provide the requested data, the county will need different software. Because Section 1307(g) of the RTKL provides…

Source…

Hackers Scored Corporate Giants’ Logins for Data Centers (2)

/in


In an episode that underscores the vulnerability of global computer networks, hackers got ahold of login credentials for data centers in Asia used by some of the world’s biggest businesses, a potential bonanza for spying or sabotage, according to a cybersecurity research firm.

The previously unreported data caches involve emails and passwords for customer-support websites for two of the largest data center operators in Asia: Shanghai-based GDS Holdings Ltd. and Singapore-based ST Telemedia Global Data Centres, according to Resecurity Inc., which provides cybersecurity services and investigates hackers. About 2,000 customers of GDS and STT GDC were affected. Hackers have logged into the accounts of …

Source…

Hackers Start Selling Data Center Logins for Some of World’s Largest Corporations

/in


Reuters

Putin set for major Ukraine war speech after Biden walks streets of Kyiv

Russian President Vladimir Putin was due to make a speech on Tuesday setting out aims for the second year of his invasion of Ukraine, a day after U.S. President Joe Biden walked central Kyiv promising to stand with Ukraine as long as it takes. Following his surprise visit to Kyiv, Biden flew to Poland and on Tuesday will give a speech on how the United States has helped rally the world to support Ukraine and stress American support for NATO’s eastern flank. Biden, in his trademark aviator sunglasses, and President Volodymyr Zelenskiy, in green battle fatigues, walked side-by-side to a gold-domed cathedral in Kyiv on a bright winter Monday morning pierced by the sound of air raid sirens.

Source…

Oktatapus Hack Stole 10,000 Logins From 130 Different Orgs

/in


Image for article titled A Massive Hacking Campaign Stole 10,000 Login Credentials From 130 Different Organizations

Researchers say that a mysterious “threat actor” (a fancy term for a hacker or hacker group) has managed to steal nearly 10,000 login credentials from the employees of 130 organizations, in the latest far-reaching supply chain attack on corporate America. Many of the victims are prominent software companies, including firms like Twilio, MailChimp, and Cloudflare, among many others.

The news comes from research conducted by cybersecurity firm Group-IB, which began looking into the hacking campaign after a client was phished and reached out for help. The research shows that the threat actor behind the campaign, which researchers have dubbed “0ktapus,” used basic tactics to target staff from droves of well-known companies. The hacker(s) would use stolen login information to gain access to corporate networks before going on to steal data and then break into another company’s network.

“This case is of interest because despite using low-skill methods it was able to compromise a large number of well-known organizations,” researchers wrote in their blog Thursday. “Furthermore, once the attackers compromised an organization they were quickly able to pivot and launch subsequent supply chain attacks, indicating that the attack was planned carefully in advance.”

How the Hacking Campaign Worked

Unfortunately, this isn’t a wholly unfamiliar story. It’s been a pretty tough couple years for corporate cybersecurity, tough enough to inspire the question: do bluechip tech companies just totally suck at protecting themselves, or do hackers keep getting lucky, or both? While we can’t say for certain either way, what is clear is that the “0ktapus” campaign, like a lot of other recent hacking episodes, was remarkably successful at compromising a broad array of corporate networks using elementary intrusion techniques.

G/O Media may get a commission

Researchers say that the hackers used a pretty standard tool, a phishing toolkit, to target employees of the companies that they wanted to breach. Such kits are prepackaged hacking tools that can be purchased—usually for pretty low prices—on the dark web. In this case, the hackers first went after companies that were users of

Source…