Hackers Bust Open HBO

16 April 2018 in Digital Download

Hackers Bust Open HBO

Hackers have stolen as much as 1.5 terabytes of data from HBO. They started posting unreleased episodes of 2 shows that I don’t watch, as well as a script for the next Game of Thrones episode WHICH I DON’T WANT TO KNOW ABOUT BECAUSE OF SPOILERS SO DON’T SAY ANYTHING, I’M NOT LISTENING! Also published was personal information about one senior HBO executive, including “access information to dozens of online accounts, including paid newspaper subscriptions, online banking, and personal health services.” The hackers have promised that more content is “coming soon”. While there’s no word on the method of breach, it is likely either phishing or Valyrian steel. Nothing cuts like Valyrian steel. Read more >

Who left out their %$#^! plate??

The Amazon Echo, Amazon’s smart personal assistant, can be hacked to allow eavesdropping on unsuspecting consumers. Researchers at MWR InfoSecurity have created a proof of concept for an attack that allows threat actors, or really bored people, to record and stream conversations that take place within Alexa’s microphone range. The hack requires physical access to the device and doesn’t apply to recent models, so there is no immediate threat. However, if anyone does have recordings from my house, please send me a copy. No one believes me when I tell them how much my sweet wife swears in the kitchen and I would love the proof! Read more >

Senate Proposal Shockingly Reasonable IoT Regulation Proposal

This week four U.S. senators introduced a bipartisan bill designed to improve baseline security for all IoT devices bought and used by the government. The Internet of Things Cybersecurity Improvement Act aims to ensure that products can be patched, don’t include hard-coded passwords that can’t be changed, and are free of known security vulnerabilities, amongst other requirements. The proposed legislation also provides legal protections to researchers looking to hack IoT products to find vulnerabilities. The bill applies only to devices sold to the government but relies on that buying power to drive change throughout the industry. I honestly don’t want to make any snide comments here lest I discourage positive behavior coming from what is otherwise a political dumpster fire in Washington DC. Great job guys! Read more >

Here’s a Sharp Stick in Your FireEye

Late Sunday evening, someone posted details, allegedly from a compromised system maintained by a Senior Threat Intelligence Analyst at Mandiant. The leaked records expose an analyst from both a personal and professional level and includes a treasure trove of hugely sensitive internal information. Included are network topologies, threat intelligence profiles for the Israeli Defence Forces, and company worksheets. A FireEye spokesperson said “we have found no evidence FireEye or Mandiant systems were compromised.” Sources (in my head) say that the breach could cost FireEye millions of dollars. Of course – most of that will be in the form of a bill from the Mandiant forensics team. (Have you seen their prices?!) They may want to consider going out to bid…     Read more >

Spear-Phisherman Lands from White House Whales

A prankster from the U.K., who’s apparently still mad about the whole tea party thing, fooled several senior White House officials into replying to fraudulent emails. Perhaps the most concerning was homeland security adviser Tom Bossert, who replied to a fake Jared Kushner Outlook email address and provided his own personal address. The miscreant also successfully impersonated former White House Chief of Staff Reince Priebus in an exchange with the also departed Communications Director Anthony Scaramucci, using only a mail.com account. Sadly, the White House is now wise to this form of deception because my fake email from [email protected] has had no effect: “Dad - You are the best President EVER!! You made parenting GREAT AGAIN!! BTW – please get off Twitter. LOLZ!” Read more >