Hacker Steals 900 GB of Cellebrite Data
The hackers have been hacked. Motherboard has obtained 900 GB of data related to Cellebrite, one of the most popular companies in the mobile phone hacking industry. The cache includes customer information, databases, and a vast amount of technical data regarding Cellebrite’s products.
The breach is the latest chapter in a growing trend of hackers taking matters into their own hands, and stealing information from companies that specialize in surveillance or hacking technologies.
On average, an American office worker sends and receives roughly 120 emails per day, a number that grows with each passing year. The ubiquity and utility of email has turned it into a fine-grained record of our day-to-day lives, rich with mundane and potentially embarrassing details, stored in a perpetual archive, accessible from anywhere on earth and protected, in some cases, by nothing more than a single password.
Source: The New York Times
A Few States Now Actually Help You Figure Out If You’ve Been Hacked:
THOUSANDS OF US companies were hacked last year, and each time people’s private data was taken. Was yours? You may not know because it’s hard to keep track, much less do anything about it when there are so many incidents all the time. But if the data collected on breaches in the US were available to you, it would be a lot easier to check whether you’ve interacted with compromised businesses and institutions. That data exists.
San Francisco’s light-rail system was held hostage by hackers
Station agent computers displayed the message “You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681 ,Enter.” on Friday and Saturday, according to the Examiner.
A person in control of the cryptom27@yandex.com email address took credit for the attack and demanded SFMTA to cough up more than $70,000 worth of bitcoins, a type of digital currency, according to the Examiner.
Trump’s Win Signals Open Season for Russia’s Political Hackers:
YESTERDAY, AMERICA ELECTED as president the apparently preferred candidate of Russia’s intelligence agencies. After a campaign season marred by the influence of hackers, including some widely believed to be on Vladimir Putin’s payroll, that outcome means more than a mandate for Trump and his coalition. For Russia, it will also be taken as a win for the chaos-injecting tactics of political hacks and leaks that the country’s operatives used to meddle in America’s election—and an incentive to try them elsewhere.
Source: Wired
YOU MAY HAVE thought that if you owned your digital devices, you were allowed to do whatever you like with them. In truth, even for possessions as personal as your car, PC, or insulin pump, you risked a lawsuit every time you reverse-engineered their software guts to dig up their security vulnerabilities—until now.
Last Friday, a new exemption to the decades-old law known as the Digital Millennium Copyright Act quietly kicked in, carving out protections for Americans to hack their own devices without fear that the DMCA’s ban on circumventing protections on copyrighted systems would allow manufacturers to sue them. One exemption, crucially, will allow new forms of security research on those consumer devices. Another allows for the digital repair of vehicles. Together, the security community and DIYers are hoping those protections, which were enacted by the Library of Congress’s Copyright Office in October of 2015 but delayed a full year, will spark a new era of benevolent hacking for both research and repair.
Source: Wired
Why Obama thinks about cybersecurity as fighting a pandemic:
After facing an unprecedented wave of cyberattacks against private and public organizations during his presidency, President Obama thinks about digital threats like a public health crisis, he said in a Wired Magazine interview published Wednesday.
Instead of approaching cybersecurity as a traditional battle, he thinks about defending systems as if preparing for a pandemic.
This metaphor lines up with mantras that many security experts have been repeating for a long time: Do everything you can to avoid a breach — but know they are basically inevitable, and be prepared to detect and fight back when they happen. Detect problems as soon as you can, and share the intel so other people can fend off the same sort of attack.
Source: Washington Post
There could be an algorithm that said, ‘Go penetrate the nuclear codes and figure out how to launch some missiles. If that’s its only job, if it’s self-teaching and it’s just a really effective algorithm, then you’ve got problems.
Source: Wired