Category Archives: cyber hackers

New Form of terrorism: a hacker tried to poison the drinking water

A hacker gained entry to the system controlling the water treatment plant of a Florida city of 15,000 and tried to taint the water supply with a caustic chemical, exposing a danger cybersecurity experts say has grown as systems become both more computerized and accessible via the internet.

The hacker who breached the system at the city of Oldsmar’s water treatment plant on Friday using a remote access program shared by plant workers briefly increased the amount of sodium hydroxide by a factor of one hundred (from 100 parts per million to 11,100 parts per million), Pinellas County Sheriff Bob Gualtieri said during a news conference Monday…..

….

Fortunately, a supervisor saw the chemical being tampered with — as a mouse controlled by the intruder moved across the screen changing settings — and was able to intervene and immediately reverse it, Gualtieri said. Oldsmar is about 15 miles (25 kilometers) northwest of Tampa.

Read more in

https://apnews.com/article/hacker-tried-poison-water-florida-ab175add0454bcb914c0eb3fb9588466

All about Faraday Bags: Faraday bags is a way to protect phone from any hack

A Faraday bag is a type of Faraday cage. It protects electronics from being damaged by radio frequency interference (RFI) or from an electromagnetic pulse (EMP) by not allowing radio frequency or electromagnetic pulse waves to pass through the material.

It goes by a lot of names such as RFID bag, RFID blocking bag, or EMP bag.

How a Faraday bag works?

It creates a completely enclosed space that is surrounded by a mesh of conducting materials. When an electrical field on the outside of the Faraday cage interacts with the material, it causes the charges within the protected space to be distributed in a way that cancels the effects. It also works to protect against radio frequency interference.

This way the hackers, thieves, or government agencies who are trying to track your phone or any other device will not be able to get to it because of the outer layer of the Faraday bag.

Read more in

https://privacypros.io/faraday-bags/

SolarWinds Hack: Hackers last year conducted a ‘dry run’ of SolarWinds breach

Abstract

Hackers who breached federal agency networks through software made by a company called SolarWinds appear to have conducted a test run of their broad espionage campaign last year, according to sources with knowledge of the operation.

—-

Five months later, the hackers added new malicious files to the SolarWinds software update servers that got distributed and installed on the networks of federal government agencies and other customers. These new files installed a backdoor on victim networks that allowed the hackers to directly access them. Once inside an infected network, the attackers could have used the SolarWinds software to learn about the structure of the network or alter the configuration of network systems.

Read more in Yahoo News

https://news.yahoo.com/hackers-last-year-conducted-a-dry-run-of-solar-winds-breach-215232815.html

How does Qualys vulnerability scanning work?

Abstract

QualysGuard scanning methodology mainly focuses on the different steps that an attacker might follow in order to perform an attack. It tries to use exactly the same discovery and information gathering techniques that will be used by an attacker.

whole the scanning exercise is done in following steps:

1. Checking if the remote host is alive – This detection is done by probing some well-known TCP and UDP ports.  By default, we probe TCP Ports 21-23, 25, 53, 80, 88, 110-111, 135, 139, 443, 445 and UDP Ports 53, 111, 135, 137, 161, 500.  This can be changed by editing the option profile.  If the scanner receives at least one reply from the remote host, it continues the scan.

2. Firewall detection – The second test is to check if the host is behind any firewalling/filtering device. This test enables the scanner to gather more information about the network infrastructure and will help during the scan of TCP and UDP ports.

3. TCP / UDP Port scanning – The third step is to detect all open TCP and UDP ports to determine which services are running on this host. The number of ports is configurable, but the default scan is approximately 1900 TCP ports and 180 UDP ports.

4. OS Detection – Once the TCP port scanning has been performed, the scanner tries to identify the operating system running on the host. This detection is based on sending specific TCP packets to open and closed ports.

5. TCP / UDP Service Discovery – Once TCP/UDP ports have been found open, the scanner tries to identify which service runs on each open port by using active discovery tests.

6. Vulnerability assessment based on the services detected – Once the scanner has identified the specific services running on each open TCP and UDP port, it performs the actual vulnerability assessment. The scanner first tries to check the version of the service in order to detect only vulnerabilities applicable to this specific service version. Every vulnerability detection is non-intrusive, meaning that the scanner never exploits a vulnerability if it could negatively affect the host in any way.

Reference

https://qualys-secure.force.com/discussions/s/article/000006137

CyberSecurity: Story of Tesla employee who refuses to accept $1 million offered by Hackers

Abstract

Sometimes, the events that transpire inside a company could be just as exciting and nail-biting as the most popular thrillers in fiction. In Tesla’s case, such a scenario recently played out, as a worker in Gigafactory Nevada ended up turning down a $1 million incentive, working closely with the FBI, and thwarting a planned cybersecurity attack against the electric car maker. 

This Tuesday, the Department of Justice announced the arrest of Egor Igorevich Kriuchkov, a Russian citizen accused of conspiring to breach the network of a US company and introduce malware to compromise the said company’s networks. Media reports about the incident have identified the US company to be electric car maker Tesla. Interestingly enough, a criminal complaint filed by the FBI Las Vegas Field Office suggests that the attempted cybersecurity attack is no ordinary hacking attempt — it may very well be part of a well-financed, organized, scheme. 

Read more in

https://www.teslarati.com/tesla-employee-fbi-thwarts-russian-cybersecurity-attack/