The credit and debit card information of more than 110 million Target customers was stolen by hackers
The malware at the center of Target’s recent data breach affecting millions of customers was partly written in Russian, according to a report issued Thursday by US government authorities and cyber security researchers. The data was quietly moved around on Target’s network before it was sent to a US server, then to Russia.
The report, which was only distributed to organisations that are involved or may have been attacked, describes a sophisticated cyber attack operation authorities are calling Kaptoxa, a Russian word that comes from a piece of code in the malware.
Target said the breach occurred between November 27 and December 15 and resulted in the theft of names, mailing addresses, phone numbers, e-mail addresses, and debit and credit card data of people who shopped at the retailer during those dates.
Tens of thousands of people received an e-mail from Target. In an effort to temper the repercussions of its massive data breach, Target offered to give affected customers one year of free credit monitoring from Experian – valued at $191.
Malicious advertisements served via Yahoo!
Malicious advertisements served via Yahoo, reports the Fox-IT.
Clients visiting yahoo.com received advertisements served by ads.yahoo.com. Some of the advertisements are malicious. Upon visiting the malicious advertisements users get redirected to a “Magnitude” exploit kit via a HTTP redirect to seemingly random sub-domains. This exploit kit exploits vulnerabilities in Java and installs a host of different malware. The countries most affected by the exploit kit are Romania, Great Brittain and France.
It is unclear which specific group is behind this attack, but the attackers are clearly financially motivated and seem to offer services to other actors. The exploit kit bears similarities to the one used in the brief infection of php.net in October 2013.
Update January 3, 1815 (GMT+1): It appears the traffic to the exploit kit has significantly decreased. It looks like Yahoo is taking steps to fix the problem.
The US National Security Agency is building a quantum computer to break the encryption that keeps messages secure, reports the Washington Post.
The NSA project came to light in documents passed to the newspaper by whistle-blower Edward Snowden.
The spying agency hopes to harness the special qualities of quantum computers to speed up its code-cracking efforts.
In room-size metal boxes secure against electromagnetic leaks, the National Security Agency is racing to build a computer that could break nearly every kind of encryption used to protect banking, medical, business and government records around the world.
According to documents provided by former NSA contractor Edward Snowden, the effort to build “a cryptologically useful quantum computer” — a machine exponentially faster than classical computers — is part of a $79.7 million research program titled “Penetrating Hard Targets.” Much of the work is hosted under classified contracts at a laboratory in College Park, Md.
Network Security Auditing Software
Nsauditor Network Security Auditor is the best tool to audit and monitor remote network computers for possible vulnerabilities, checks network for all potential methods that a hacker might use to attack it. Nsauditor is a complete networking utilities package. The software includes a wide range of tools for network security auditing, scanning and monitoring. You can discover network services and check them for vulnerabilities, list all TCP and UDP endpoints with their associated process, discover NetBios names, audit MS SQL servers, scan for common Adware traces and more. The program also includes real-time network packet filtering and analyzing, remote network performance monitoring, network status monitoring, web proxy scanning, password auditing, intrusion detection system based on security events log analyzer and firewall system that allows to stop internet threats and block unwanted network connections, IP address lookup and more than 45 network tools for scanning, sniffing, enumerating and gaining access to machines, DNS and WHOIS lookups, e-mail validation and HTTP traffic generator. Overall, this is a very complete package for a surprisingly low price. The product contains a built-in database of known network security vulnerabilities, which allows you to select the items for scanning and add custom entries. Nsauditor can reveal and catalog a variety of information, including installed software, shares, users, drives, hotfixes, NetBios, RPC, SQL and SNMP information, open ports. It can also audit password and security policies as well as make a variety of network attack probes, such as stealth port scans, HTTP / CGI server auditing, registry auditing. The program can sniff and use brute-force and dictionary attacks on LM and NTLM password hashes and expose the insecure ones. Nsauditor does OS detection and automatically creates OS fingerprints which are not included in database. Reports can be generated in HTML and XML format.