Tag Archive for: remains

Years later, the Ashley Madison hack remains an unsolved internet mystery

/in


a dimly lit woman making the same

a dimly lit woman making the same

It’s downright strange how little we know about the hacker or hackers who exposed the identities of over 30 million Ashley Madison users in 2015. They leaked incredibly sensitive data about millions of people, did not profit in any obvious way, turned “Ashley Madison” into a punchline throughout the English speaking world, and rode off into the sunset.

You probably remember the hack, but it’s doubtful you remember the culprit: some entity called “The Impact Team.” A reward of $500,000 was offered for information leading to their arrest and prosecution, but no such arrest has ever been made.

Noel Biderman, the CEO at the time of Ashley Madison’s parent company, claimed that he knew exactly who did it, and that they were an insider. But that turned out to have been a former employee who had died by suicide before the hack.

One possible culprit discovered by researchers at the time was an enigmatic figure calling himself Thadeus Zu. A Berkley researcher named Nicholas Weaver found the circumstantial evidence against Zu compelling enough to call upon law enforcement to get a warrant, crack open Zu’s social media accounts and find out more. That evidently never happened.

SEE ALSO: Google’s Bard AI chatbot is vulnerable to use by hackers. So is ChatGPT.

But Brian Krebs, the security researcher who initially reported the hack, and initially made the case against Thadeus Zu, uncovered an equally compelling person of interest earlier this year: Evan Bloom, a former Ashley Madison employee who was convicted in 2019 of selling hacked internet account information. In an interview with Krebs, Bloom denied involvement.

Without a guilty party able to give us the inside story on what happened, has the Ashley Madison hack been mis-shelved in the library of internet history? Have we all, in a sense, been swindled into accepting “LOL” as our collective response to something ugly and insidious?

Ashley Madison had long been an attractive target for hackers

To refresh your memory, Ashley Madison is (yep, is, not was) a paywalled dating website, founded in 2001, and marketed to people who are already in relationships — which is to say it’s ostensibly for linking…

Source…

Why Shellshock Remains a Cybersecurity Threat After 9 Years

/in


The Shellshock vulnerability got a lot of attention when it was first disclosed in 2014 — both from the media and security teams. While that attention has waned in subsequent years, the Shellshock vulnerability has not disappeared — nor has attacker attention weakened.

Rather, this vulnerability remains a popular target, particularly in financial services applications. In fact, earlier this year, ThreatX identified attackers attempting to exploit a Shellshock vulnerability in approximately one-third of our customers. These numbers are concerning when considering the severity and age of this vulnerability. How could a vulnerability disclosed nine years ago still be so prevalent in attacks? And why do so many credit unions fall victim?

What Is Shellshock and Why Does It Still Exist?

Shellshock, also known as the Bash bug or CVE-2014-6271, is a vulnerability that researchers discovered in September 2014 in the Unix Bash shell. Deemed a critical vulnerability due to the escalated privileges it provides attackers if exploited, Shellshock existed on billions of devices around the world and caused widespread panic and countless patches in 2014. The panic has subsided, but the vulnerability hasn’t exactly gone away. It still exists in the wild and remains popular because it is relatively simple to launch and deploy and requires little skill or cost from an attacker.

So why does it still exist nearly 10 years later? Three words: bad patch management. Failure to apply patches in a timely manner can leave organizations vulnerable to attacks that exploit known vulnerabilities. The Shellshock vulnerability is a prime example of the consequences of not applying patches promptly. Many organizations are slow to apply the necessary updates, leaving their systems open to attack.

One reason organizations are struggling with patch management is because the process can be complex and time-consuming, especially in large or distributed environments. There may also be concerns about the potential impact of applying patches, such as downtime or compatibility issues with other software. Additionally, some organizations may not have the necessary resources or expertise to effectively manage patching across…

Source…

Years later, the Ashley Madison hack remains an unsolved mystery

/in


It’s downright strange how little we know about the hacker or hackers who exposed the identities of over 30 million Ashley Madison users in 2015. They leaked incredibly sensitive data about millions of people, did not profit in any obvious way, turned “Ashley Madison” into a punchline throughout the English speaking world, and rode off into the sunset.

You probably remember the hack, but it’s doubtful you remember the culprit: some entity called “The Impact Team.” A reward of $500,000 was offered for information leading to their arrest and prosecution, but no such arrest has ever been made.

Noel Biderman, the CEO at the time of Ashley Madison’s parent company, claimed that he knew exactly who did it, and that they were an insider. But that turned out to have been a former employee who had died by suicide before the hack.

One possible culprit discovered by researchers at the time was an enigmatic figure calling himself Thadeus Zu. A Berkley researcher named Nicholas Weaver found the circumstantial evidence against Zu compelling enough to call upon law enforcement to get a warrant, crack open Zu’s social media accounts and find out more. That evidently never happened.

SEE ALSO:

Google’s Bard AI chatbot is vulnerable to use by hackers. So is ChatGPT.

But Brian Krebs, the security researcher who initially reported the hack, and initially made the case against Thadeus Zu, uncovered an equally compelling person of interest earlier this year: Evan Bloom, a former Ashley Madison employee who was convicted in 2019 of selling hacked internet account information. In an interview with Krebs, Bloom denied involvement.

Without a guilty party able to give us the inside story on what happened, has the Ashley Madison hack been mis-shelved in the library of internet history? Have we all, in a sense, been swindled into accepting “LOL” as our collective response to something ugly and insidious?

Ashley Madison had long been an attractive target for hackers

To refresh your memory, Ashley Madison is (yep, is, not was) a paywalled dating website, founded in 2001, and marketed to people who are already in relationships — which is to say it’s ostensibly for linking…

Source…

SSH Remains Most Targeted Service in Cado’s Cloud Threat Report

/in


IN SUMMARY

  1. Botnet agents dominate the malware landscape, comprising 40.3% of all traffic.
  2. SSH remains the most targeted service, representing 68.2% of observed samples.
  3. A staggering 97.5% of threat actors target vulnerabilities in a single specific service.

Cado Security, a pioneer in cloud forensics and incident response solutions, has released the much-anticipated Cado Security Labs 2023 Cloud Threat Findings Report. The report uncovers groundbreaking insights into the evolving cloud threat landscape, highlighting the escalating risk of cyberattacks in the wake of widespread cloud service adoption.

Headed by Chris Doman, CTO, and Co-Founder, of Cado Security Labs; their discoveries have exposed novel cloud-based malware and threat techniques, including the infamous Denonia, the first-known malware designed explicitly for AWS Lambda environments.

The report, which the company shared with Hackread.com, is crucial since Cado Security Labs employs honeypot infrastructure to capture real-time cloud attacker telemetry, providing timely insights into emerging attack patterns, and swiftly disseminating crucial findings throughout the security community.

As cloud technologies continue to shape the modern business landscape, organizations must grasp the depth of emerging cloud threats. Cado’s report arms the security community with the knowledge required to counter these latest threats effectively.

According to Cado’s press release, key findings from the report are as follows:

  1. Botnet agents dominate the malware landscape, comprising 40.3% of all traffic, playing a significant role in the Russia-Ukraine war’s hacktivist-driven DDoS attacks.
  2. SSH (Secure Shell Protocol) remains the most targeted service, representing 68.2% of observed samples. Redis follows at 27.6%, while the exploitation of Log4Shell vulnerability declines to a mere 4.3%.
  3. A staggering 97.5% of opportunistic threat actors target vulnerabilities in a single specific service, suggesting attackers focus on exploiting known weaknesses.

It is worth noting that last month, Nokia also released its Threat Intelligence Report for 2023. In this report, the company issued a warning about the…

Source…