Social media hacktics | This week in cybersecurity
Russian hackers are using new tactics to target victims by using social media, tricking users into clicking on links promising vacation packages and other enticing deals. According to The New York Times, this attack gained hackers access to the computer of a Pentagon official, taking advantage of a space where users are generally more trusting. Read more.
Sears has reported a security breach involving unauthorized credit card activity following some customer purchases at its Kmart stores. Certain credit card numbers were “compromised” in the event, the company said in an emailed statement without providing exact figures. Read more.
South Korean cybersecurity experts noticed intrusions at government-affiliated websites following a new pattern—a technique that doesn’t require tainted email links or forceful server assaults, and they concluded that North Korea was the culprit. Officials believe that North Korea’s cyber-attacking operation comprises six groups and 1,300 hackers, with a dozen supporting organizations of 5,000 more hackers. Read more.
In the midst of the WannaCry outbreak earlier this month, ShadowBrokers announced a monthly subscription service for new exploits. Today, the group has begun marketing its “monthly dump service,” and announced a price — 100 Zcash or approximately $23,000 USD, and instructions on how to subscribe. The first dump is expected between July 1 and July 17, as described in a mass email to confirmed subscribers. Read more.
A multi-billion dollar firm once described as the world’s most profitable spy operation leaked sensitive files tied to a U.S. military project. The cache of more than 60,000 files was discovered on a publicly accessible Amazon server, including passwords to a U.S. government system containing sensitive information and the security credentials of a lead senior engineer at Booz Allen Hamilton. Read more.
Hackers have published more than 25,000 photographs of patients at a Lithuanian cosmetic surgery clinic after the clinic refused to pay out 300 bitcoins (currently worth nearly $700,000) in ransom earlier this year. Read more.
Senators have introduced a bill to establish a bug bounty pilot program for the Department of Homeland Security. This comes after similar programs were recently implemented from the Army, the Air Force and the Pentagon. Senator Hassan (D-NH) sponsored the bill, citing that “federal agencies like DHS are under assault every day from cyberattacks. Read more.