Hackers are being blamed for an attack which grounded 1,400 passengers set to fly on Polish airline LOT.
The post Polish airline LOT grounded by ‘first attack of its kind’ appeared first on We Live Security.
Tag Archives: Hacking
Attack at LOT leaves 1,400 passengers stranded
The hack happened in the afternoon and targeted the Polish flag carrier LOT. According to a report from Reuters “hackers attacked the airline ground computer systems used to issue flight plans”. The whole situation was resolved a few hours later. Nonetheless 10 national and international flights had to be canceled and even more were delayed. Luckily none of the planes or the airport itself were affected and no one got hurt. LOT took extra care to mention “that it has no influence on plane systems. Aircrafts, that are already airborne will continue their flights. Planes with flight plans already filed will return to Warsaw normally.”
The airline also made it clear that the airport itself was not affected. Once the ‘problem’ was fixed LOT issued the following press release. “The situation after the IT attack on our ground operation system is already under control. We are working on restoring the regularity as soon as possible. Our operating center is already preparing flight plans. We will try to ensure that the largest number of passengers are informed and continue commenced journeys.”
Spokesman Kubicki said that LOT is using state-of-the-art computer systems, so this could potentially be a threat to others in the industry as well.
The post Attack at LOT leaves 1,400 passengers stranded appeared first on Avira Blog.
Top US baseball team accused of hacking rival
The St. Louis Cardinals, one the United States’s top major league baseball teams, is being investigated for allegedly hacking into the computer systems of sporting rivals.
The post Top US baseball team accused of hacking rival appeared first on We Live Security.
LastPass Has Been Breached: Change Your Master Password Now
Luckily no passwords were actually stolen in the attack on LastPass last Friday, according to the Company’s Blog: “In our investigation, we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed.” Nonetheless account email addresses, password reminders, server per user salts, and authentication hashes were compromised.
Because of that everyone using the LastPass service will receive a mail, prompting them to reset their master password, according to the blog entry. On top of that the company will also require users who log in from a new device or IP address to verify their ID via mail if multifactor authentication is not enabled for the specific account.
Considering your stored passwords the blog says: “Because encrypted user data was not taken, you do not need to change your passwords on sites stored in your LastPass vault. As always, we also recommend enabling multifactor authentication for added protection for your LastPass account.”
So apparently there is no need to change every password you have stored with them. You can if you are really really concered for your accounts, but according to LastPass there is no need for it. Just make sure none of the other passwords you use is the same as the master password of your LastPass account.
The post LastPass Has Been Breached: Change Your Master Password Now appeared first on Avira Blog.
Uber site flaw allows hacker to display rival ad
A flaw in taxi cab network Uber’s site allowed a security researcher to manipulate the firms home page and display a rival advert, it has been claimed.
The post Uber site flaw allows hacker to display rival ad appeared first on We Live Security.
OPM: Are Personnel Records of All Fed Workers Exposed?
Two weeks ago OPM, the US Office of Personnel Management got hacked and the information of 4 million federal government workers was exposed. This is of course, horrible. But it’s not all: On Friday we learned that the issue at hand was huge and much bigger than everyone believed at first.
As can be read in a letter to OPM Director Karen Archuletta, David Cox, the president of the American Federation of Government Employees, believes that “based on the sketchy information OPM has provided, the Central Personnel Data Files was the targeted database, and the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees.”
Cox goes on and says that the thinks the hackers have the Social Security number, military records and even veterans status’ information of every affected person. Addresses, birth dates, job and pay histories, health and life insurances and pension information, age, gender, and almost everything else you’d never want anyone else to know are included on his list as well.
Sounds bad? It’s not all. The letter states: “Worst, we believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous.”
I bet they now wish that “only” 4 million records got stolen … 
The post OPM: Are Personnel Records of All Fed Workers Exposed? appeared first on Avira Blog.
Garage door hacked in under 10 seconds using only a child’s toy?
A famous football coach once said, “If you’re not getting better, you’re getting worse” and ironically this statement applies to your own security as well. If you’re not keeping up-to-date with the latest security, then it’s probably getting worse because the threats just keep getting better.
This simple fact has been proven again by a researcher who demonstrates how he can hack most garage doors using nothing more than a modified electronic toy. Researcher Samy Kamkar has published his findings and a video explaining how he was able to hack a number of fixed-code garage door openers in under 10 seconds.
I’ve released OpenSesame, a new vulnerability that can open fixed code garages in under 10 seconds with a Mattel toy https://t.co/0oRayWw8JV
— Samy Kamkar (@samykamkar) June 4, 2015
Not only is this a case of how old technology can be outdated by modern devices, but in this example the cause is a child’s toy that even today has already been discontinued by its manufacturer and is considered a throwaway item by some. Recycling hackers unite.
There’s no doubt that hardware-hacking gadgets are starting to become more popular such as mobile phone jammers and issues with keyless entry systems on cars.
Luckily, for those of us fortunate enough to have a garage door, Samy has chosen not to reveal the inner-workings of his research, so that criminals can’t benefit. But, let’s face it, the cat is out of the bag on this one, and the clock is now ticking.
Samy has also recorded a video explaining how to can protect yourself from attacks like these.
Video
Protecting against OpenSesame
Most of the tips involve learning about the technology in everyday objects such as garage doors. Once you know how the tech works, you can understand how it can be vulnerable to various attack types.
Until next time, stay safe out there.
The dummies guide to hacking Whatsapp
WhatsApp – the super popular messaging app (800 million users), acquired by Facebook for $20 billion, has done it again… After a bug that exposed restricted profile pictures, data encryption that can be breached in 3 minutes, and the use of IMEI (International Mobile Equipment Identity) as a cryptographic key (it’s like using your Social Security Number as a password), WhatsApp is yet again in the headlines for privacy concerns…
The latest story – hacking Whatsapp. As reported by The Hacker News, anyone can hack your WhatsApp account with just your number and 2 minutes alone with your phone…
This video, posted on YouTube, shows how a hacker answers an authenticating call, intercepts a secret PIN, and uses that to access a WhatsApp account he just created on another phone.
This is not tied to a bug or loophole – it is the way that WhatsApp was built.
Bottom line? Please be very careful whom you lend your phone to, and make sure you don’t leave it lying around. Even locked, a garden-variety hacker can access your WhatsApp account in 2 minutes.
The post The dummies guide to hacking Whatsapp appeared first on Avira Blog.
OPM Data Breach: Data of 4 Million Federal Workers Exposed
According to the official news release, hackers managed to breach the Office of Personnel Management (OPM). With the information of 4 million federal government workers exposed, it is one of the biggest in the federal government’s history. The hack was discovered because “within the last year, the OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its networks”.
In order to determine the full impact the OPM is now investigating the issue together with the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) and the Federal Bureau of Investigation (FBI).
In their statement the agency wrote: “Since the intrusion, OPM has instituted additional network security precautions, including: restricting remote access for network administrators and restricting network administration functions remotely; a review of all connections to ensure that only legitimate business connections have access to the internet; and deploying anti-malware software across the environment to protect and prevent the deployment or execution of tools that could compromise the network.”
Sounds all good, but who is to blame? According to The Washington Post and the Wall Street Journal the hackers might have been Chinese, a link that China’s Foreign Ministry Spokesman calls “irresponsible”.
The post OPM Data Breach: Data of 4 Million Federal Workers Exposed appeared first on Avira Blog.
4 million government employees’ personal data stolen in OPM hack
Four million federal employees have had their personal data stolen from the Office of Personnel Management, according to a statement on its website.
The post 4 million government employees’ personal data stolen in OPM hack appeared first on We Live Security.
