Tag Archives: hacked

Voter Database Security Is A Myth

In this post, guest author David Maman, CTO and founder of GreenSQL – the database security company – questions the security reliability of voter databases.

imageSome of us spend days and months of indecision, hours in front of the TV watching campaign commercials and presidential debates, researching on the Net, mulling the options with family and friends, all ultimately to go to the polls to exercise our constitutional right to vote. For millions among us, this is a final decision and a terminal point.

Not for me.

As an information security specialist and database security researcher, I wonder where my vote goes, in what database it’s maintained, and, of course, how secure it is.

Hard experience has taught me that right now, somewhere, a hacker is trying to penetrate the voter databases “just for fun,” “to prove something,” or if I really want to be paranoid, “because he’s part of a powerful, international organization that seeks to dictate our political process by determining elections.”

Paranoia? I wish. One only has to read the news… last year, the databases of major companies were hacked: LinkedIn, Visa, KT Mobile, Sony, Zappos, etc. Of course, that tally doesn’t include the organizations who don’t know they were hacked.

Want news on voter databases being hacked in the last few years? Take a look at the list below, the result of a two-minute Google search:

July 15, 2012: Florida Allowed to Access Citizen Database for Voter Purge

July 27, 2012: Obama Administration to Open Voter Database

March 26, 2012: GOP’s Voter Vault Database Hacked, Candidates’ Identity Altered

August 2011: No Personal Information Compromised After Voter Database Hacked

At a time when databases are being constantly penetrated by unauthorized users and personal information is being stolen, misused or just maliciously exposed, the question remains: How secure are voter databases?

As if selecting a candidate isn’t vexing enough, now, I have a bigger concern: “How can I be sure my vote ultimately goes to the candidate of my choice?” “Will my vote be manipulated in any way, whether by foreign or domestic entities?” “Will my voter information be used to make it easier to have my identity stolen? (Even the FBI says identity theft represents a more serious threat than drugs.)”

About GreenSQL:

GreenSQL, the Database Security Company, delivers out-of-the-box database security solutions for small and mid-sized organizations. Started as an open source project back in 2006, GreenSQL became the no. 1 database security solution for MySQL with 100,000 users worldwide. In 2009, in response to market needs, GreenSQL LTD developed a commercial version, bringing a fresh approach to protecting databases of small- and medium-sized businesses.

GreenSQL provides database security solutions that are affordable and easy to install and maintain. GreenSQL supports Microsoft Azure, SQL Server (all versions including SQL Server 2012), MySQL and PostgreSQL.

1 Comment

Filed under Cyber Crime, Guest Writers, Point of View

Ashampoo Database Hacked – What You Need To Know

I could spend all day, every day, reporting on nothing more than the latest cyber criminal targeted intrusions into enterprise IT systems.  Two reports from my today’s Tech Net News column illustrate that we are barely scratching the surface of this significant, continuous, and rapidly expanding problem:

European Space Agency website and FTP servers hacked

Dramatic increase in cyber attacks on critical infrastructure

If you’re an everyday reader here, then you may recall that I regularly recommend that you take advantage of the German software developer Ashampoo’s, occasionally offered free application multipacks.

The downside (for some) is, you must register and provide an email address. Additional benefits can be gained by registering as an  Ashampoo member, which includes creating a password.

Unfortunately, Ashampoo has become a victim of a cyber criminal targeted intrusion aimed at their customer database. According to the company:

“Hackers gained access to one of our servers. We discovered the break-in and interrupted it instantly. The security gap through which the hackers gained access was closed immediately.

The stolen pieces of information are data of addresses such as name and e-mail address. Billing information (e.g. credit card information or banking information) is definitely not affected … it is not stored on our system.”

If you have taken advantage of Ashampoo’s offers, then it’s important that you exercise extreme caution with any future emails sent by the company and, any unsolicited email sent by any company, for that matter.

As well, if you have registered as an Ashampoo member, it’s important that you change your account password. Additionally, if you have used the same password elsewhere (you’d be surprised how often this occurs), it’s imperative that you change these passwords immediately.

My thanks to my buddy John B. (a great Scot!), for bringing this unfortunate incident to my attention this morning.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

14 Comments

Filed under Cyber Crime, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, Email, Malware Advisories, Phishing, Tech Net News, Windows Tips and Tools

WordPress.com Hacked (Again)

imageAnytime a users email account, or web site gets hacked, it’s seemingly always the user’s fault – never the service provider’s fault. Or so we’re led to believe – full transparency is rarely a strong point of Internet service providers.

So, I’ll climb on the Kudos bandwagon, (with some reservations), and congratulate WordPress for coming clean on yesterday’s low-level server hack.

From WordPress

Tough note to communicate today: Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed.

Our investigation into this matter is ongoing and will take time to complete. As I said above, we’ve taken comprehensive steps to prevent an incident like this from occurring again.

It’s not my intent to castigate WordPress, but they don’t get away entirely free. Looking back to June of last year, following a hack in one of my Gmail accounts, I made the following points.

………………. I am certain of this – ANY website, or service, can be hacked.

What I find very annoying is, Gmail, WordPress, and others, simply refuse to acknowledge, that vulnerabilities exist in their systems – especially WordPress.

Listen up WordPress – if the Pentagon can be hacked, and it has been, frequently, then WordPress is definitely NOT invulnerable to hacking – despite your assurances to the contrary.

If you run a WordPress.com site, here’s Matt Mullenweg’s advice:

Based on what we’ve found, we don’t have any specific suggestions for our users beyond reiterating these security fundamentals:

  • Use a strong password, meaning something random with numbers and punctuation.
  • Use different passwords for different sites.
  • If you have used the same password on different sites, switch it to something more secure.

I’ll throw in my own unvarnished advice: If you use the Internet, expect to be attacked – on all fronts.

In the past, when I’ve taken issue with WordPress (always based on their self declared invincibility to hacking), I’ve dealt with several reader comments which attempted to make the point that perhaps I was an ungrateful cur – after all, WordPress provides a free service. The reality is somewhat different.

My association with WordPress is the very definition of a symbiotic relationship – they provide the service free – I provide good content – they advertise based on my content – they make $$$$$$ – lots of $$$$$$.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under blogging, Cyber Crime, Cyber Criminals, cybercrime, Internet Security Alerts, Opinion, Point of View, WordPress

Cyber Criminals Bump Up Efficiency Using Cloud Services

In a comment response yesterday to regular reader Mal C., I made the point – “It’s the person at the keyboard, that’s where the trouble starts – not the OS”. Continuing the discussion with regular reader John B., I expanded on this –

“It’s the person at the keyboard, that’s where the trouble starts – not the OS”, is operative – no matter the operating system.

Just one example: Email accounts are continuously been phished (“your account will be deactivated”, is a popular approach), with the objective being to have the user respond with, password, DOB, mobile telephone number, etc.

If the phish is successful (and many are), the crook ends up controlling that account. Cyber crimes like this, are not system specific. They depend on unaware, undereducated users, for their success.”

As luck would have it, this morning I got an invitation from Commtouch, to post an upcoming article here on Tech Thoughts (which will be published on their site shortly), that partly supports this view.

Cloud Streamlines Efficiency of Identity Theft

Working with cloud-based services significantly improves economies of scale – for cybercriminals, too. Phishers are already benefiting from free hosting by hiding phishing pages within hacked legitimate sites.  Now, they are leveraging cloud-based form management sites, such as Google docs or formbuddy.com. to collect information from unwitting victims.

With this technique, the phisher does not have to worry about creating/managing/storing back-end form data and can more easily scale the harvesting of phished data.  Those duped into filling out the form will not be aware of this nuance.

We just hope victims are paying attention when they fill out a seemingly legitimate form that directly asks for an “email address password.” If their attention lags, they are giving the phisher a significant pay-off for a minimal investment: Identity theft.

This attack targets users of HomeAway holiday rentals – See the images below. Click on an image to expand.

image

A look at the page source reveals that the filled in form is sent to “formbuddy.com” and not collected directly by the phisher.  Formbuddy.com collects and stores all the responses to the “form” shown above, and then emails a neat summary to the phisher (whose login name is “fanek”).

image

As a matter of interest, WOT (Web of Trust) warns against visiting formbuddy.com, as per the following screen capture.

image

As an aware and educated computer user, I know that you wouldn’t be deceived by this type of clumsy attempt to defraud – under no circumstances would you disclose your email address password to anyone.

As I said at the opening, these schemes depend on unaware, undereducated users, for their success. Unfortunately, that describes far to many Internet users.

About Commtouch:

Commtouch provides proven Internet security technology to more than 150 security companies and service providers including 1&1, Check Point, F-Secure, Google, Microsoft, Panda Security, Rackspace, US Internet, WatchGuard and Webroot,, for integration into their solutions. Commtouch’s GlobalView™ and patented Recurrent Pattern Detection™ (RPD™) technologies are founded on a unique cloud-based approach, and protect effectively in all languages and formats.  Commtouch’s Command Antivirus utilizes a multi-layered approach to provide award winning malware detection and industry-leading performance.

More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Cloud Computing, Cyber Crime, Cyber Criminals, Don't Get Scammed, Don't Get Hacked, email scams, Freeware, Internet Security Alerts, Online Safety, Phishing, Windows Tips and Tools, WOT (Web of Trust)

Think You’re Immune From Online Fraud? Maybe Not!

Guest writer Dave Brooks, a vastly experienced computer Tech from New Hampshire, who is an expert at online safety, shares this chilling story on why even exercising proper security measures won’t guarantee your online financial safety.

image Bill is constantly trying to pound security into his reader’s heads, and with good reason, but unfortunately, no matter how careful you are, there are things that are beyond your control when buying stuff online.

Case in point: at Bill’s request I’m going to relay a recent unnerving personal experience, if only to show that even the most security conscious are still at risk.

I’m very online safety/security conscious and I buy online only from reputable, well known stores. My online bank account password looks like an alien language, my ATM pin is 8 digits long (compared to 4 or so many people use), and I monitor my account closely.

Even so my ATM card number was recently used, in the middle of the night, in Georgia, while I was sound asleep in New Hampshire. Luckily Bank of America has decent monitoring, and I have a ton of alerts set up to email me when certain things happen with my account.

I woke up in the morning to find an alert that my card was used while I was asleep, and an email from Bank of America that they had detected suspicious activity on my account, had frozen the transaction, and placed a lock on my account to prevent further activity.

image

The charge was for the amount of $1.22; it’s apparently common practice by those that use stolen card numbers to make a small charge such as this to confirm that the number is good before using it to make larger purchases.

Thanks in part to my diligent monitoring, and Bank of America’s account monitoring system, the thieves were never able to get to step two and spend my hard earned cash on god knows what.

A call to the number provided in the alert email I got from the bank (after confirming it was in fact their number by matching it up on the Bank of America website; phishing emails are pretty convincing nowadays!), confirmed the illegal activity. Bank of America cancelled my ATM card, and cancelled the charge, and a trip to my local bank branch netted me a new ATM card.

image My number was likely stolen from a hacked online database of a company that I had made an online purchase from in the past, but there’s no way to confirm this – it could have just as easily been a dishonest employee from a local store where I used my card.

I have since opened a second account with an ATM card, and use only that account for online purchases, (I had been contemplating doing this for a year or more or more, but never did),

I keep a balance of about 5 bucks in it, and when I want to buy something online, I transfer the purchase amount from my main account to the “internet” account to cover it. At least that way, my main account is less exposed, and if it happens again I’ll be able to determine if it was the “internet” or “local purchase” that led to the compromise.

Bottom line here is, even though you think you’re safe, if you purchase stuff online, your bank or credit card info is out there for the taking. The best you can do is keep a close eye on your accounts for suspicious activity, and try to minimize possible damage that might be done if your card number is stolen.

Guest Writer: This is a guest post by Dave Brooks a professional computer technician from New Hampshire, USA. Dave has become a regular guest writer, who’s articles are always a huge hit.

Pay a visit to Dave’s site at Tech-N-Go, and checkout the Security Alerts.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

7 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Guest Writers, internet scams, Online Banking, Windows Tips and Tools

Online Dangers – Even a Tech Can Get Taken

Think you’re immune from online fraud? Do you believe – “It could never happen to me”? Read what guest writer Dave Brooks, a vastly experienced computer tech from New Hampshire, has to say about what happened to him.

image Bill is constantly trying to pound security into his reader’s heads, and with good reason, but unfortunately no matter how careful you are, there are things that are beyond your control when buying stuff online.

Case in point: at Bill’s request I’m going to relay a recent unnerving personal experience, if only to show that even the most security conscious are still at risk.

I’m very online safety/security conscious and I buy online only from reputable, well known stores. My online bank account password looks like an alien language, my ATM pin is 8 digits long (compared to 4 or so many people use), and I monitor my account closely.

Even so my ATM card number was recently used, in the middle of the night, in Georgia, while I was sound asleep in New Hampshire. Luckily Bank of America has decent monitoring, and I have a ton of alerts set up to email me when certain things happen with my account.

I woke up in the morning to find an alert that my card was used while I was asleep, and an email from Bank of America that they had detected suspicious activity on my account, had frozen the transaction, and placed a lock on my account to prevent further activity.

The charge was for the amount of $1.22; it’s apparently common practice by those that use stolen card numbers to make a small charge such as this to confirm that the number is good before using it to make larger purchases.

Thanks in part to my diligent monitoring, and Bank of America’s account monitoring system, the thieves were never able to get to step two and spend my hard earned cash on god knows what.

A call to the number provided in the alert email I got from the bank (after confirming it was in fact their number by matching it up on the Bank of America website; phishing emails are pretty convincing nowadays!), confirmed the illegal activity. Bank of America cancelled my ATM card, and cancelled the charge, and a trip to my local bank branch netted me a new ATM card.

My number was likely stolen from a hacked online database of a company that I had made an online purchase from in the past, but there’s no way to confirm this – it could have just as easily been a dishonest employee from a local store where I used my card.

I have since opened a second account with an ATM card, and use only that account for online purchases, (I had been contemplating doing this for a year or more or more, but never did),

I keep a balance of about 5 bucks in it, and when I want to buy something online, I transfer the purchase amount from my main account to the “internet” account to cover it. At least that way, my main account is less exposed, and if it happens again I’ll be able to determine if it was the “internet” or “local purchase” that led to the compromise.

Bottom line here is, even though you think you’re safe, if you purchase stuff online, your bank or credit card info is out there for the taking. The best you can do is keep a close eye on your accounts for suspicious activity, and try to minimize possible damage that might be done if your card number is stolen.

Guest Writer: This is a guest post by Dave Brooks a professional computer technician from New Hampshire, USA. Dave has become a regular guest writer, who’s articles are always a huge hit.

This article is Dave’s response to today’s article “How to Conduct Online Banking Safely”.

Thank you Dave for such a quick response – a great article, crafted quickly.

Pay a visit to Dave’s site at Tech-N-Go, and checkout the Security Alerts.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Don't Get Scammed, Don't Get Hacked, Interconnectivity, Internet Safety, Internet Security Alerts, Online Banking, Online Safety, Tech Net News, Windows Tips and Tools

Monster.com Hacked – Irresponsible Response

monster OK, so let’s say your Doctor’s (substitute a professional of your choice), office was burglarized and all medical records, including yours, were stolen.

Your Doctor, nice guy that he is, didn’t want to cause you unnecessary anxiety, so he didn’t advise you that your confidential records were now out in the wild blue.

Can’t, or won’t happen, you’re thinking. Think again.

Monster.com, a web site that bills itself as the “world’s leading career network” is a web site used by people looking for a new job. Information required to register with the site includes, user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data.

According to Patrick Manzo of Monster Worldwide, Monster.com suffered a database penetration (sometime this month – no date given), during which “certain contact and account data were taken”. So let me rephrase that for you – Monster was hacked and personal information stolen.

Simply put – if you have an account with Monster.com, your confidential information is now freely available to the vast hoards of cyber criminals who trade in this currency.

Your minimum expectations, if you are registered with Monster.com, should be that you would be notified of such a serious breech. Not too much to expect, I would suggest.

But no, Monster’s view is, since there is no direct evidence of misuse of the stolen information (yet), a small notice of this occurrence posted on their main page is sufficient notice. No other notification that your personal information is now at risk. Bizarre!

Note to Monster: Hey, don’t worry about this massive penetration of your data base – these cyber criminals just dropped in to have a look around your obviously under protected database environment.

Your attitude flies in the face of reality. Get real! You obviously need to be dragged, kicking and screaming into the real world of cyber crime.

As a consequence of this penetration, if you are a Monster.com customer, you need to do the following at once:

Change your password for ALL your accounts, not just Monster.com.

Be on guard against “phishing” fraudulent emails, and fraudulent telephone calls in the near term.

It’s not very often that I’m struck speechless by the shenanigans pulled by some of the larger Internet entities but this one; well it’s just too calculated, too condescending, too….. too damn stupid!

3 Comments

Filed under Application Vulnerabilities, Don't Get Hacked, Interconnectivity, Internet Safety, Malware Advisories, Networking, Online Safety, Privacy, Spyware - Adware Protection, System Security, Windows Tips and Tools

Makeuseof.com Web Site Stolen and Held for Ransom

When we think of kidnapping, extortion or blackmail, I think it’s safe to say, not many of us would consider that a popular Web Site could be kidnapped and held for ransom. But that’s what it appears has happened to Makeuseof.com, a very popular Web Site that specializes in Cool Websites, Cool Software and Internet Tips.

As a contributing writer for Makeuseof.com, I need access to the site in order to post articles. This morning however, when I attempted to login to the site, I found that Makeuseof had disappeared off the map. Gone, vanished; nowhere to be found. Web sites of course, can go down due to all sorts of technical issues.

But no technical issues proved to be connected with the disappearance of Makeuseof. After just a few minutes of investigating, I was taken aback when I learned that the Makeuseof domain had been stolen!

(Click pic for larger)

By following the threads on this, I discovered the site’s ownership/domain had been transferred from GoDaddy, to NameCheap, each of which is a web registrar company.

As Mark O’Neil, Managing and Publishing Editor of Makeuseof explains it “The problem was quickly traced to our GoDaddy account and we found out that it had been hacked by someone. The hacker had transferred ownership of the makeuseof.com domain from the GoDaddy account to another web registrar company called NameCheap.

Looking at the emails now we can say that it took him less then an hour to do that. The WHOIS entry is here and you can see that it is an Ali Ferank in Dubai. That’s our bad guy.

We can now confirm that the attacker, in fact, got the access details through Gmail and set up a forward filter to send incoming emails from GoDaddy to another Gmail account. Now the account had a strong approximate 15 character long password. How the hell did he manage to get in? Is it another Gmail Security Flaw?

The thief, Ali Ferank, an alias without doubt, has since contacted Makeuseof demanding $2,000 to restore ownership of Makeuseof.com to its rightful owners.

Mark has raised some penetrating questions with respect to the hasty compliance to the transfer of the domain by GoDaddy that need immediate and substantive answers. As Mark asks “Why did GoDaddy go so fast? In fact in the transfer confirmation email that we received from GoDaddy, it stated that we have 3 business days to cancel the transfer. However, when we logged into the account the domain was already moved, in less then an hour. Is it THAT EASY to snatch the domain from GoDaddy?

The position on this kidnapping and extortion plot, taken by Makeuseof, as expressed by Mark O’Neil is one of defiance “We are not going to pay. We are not going to give into these kinds of people. We work hard for our money and we are not going to hand it over to criminals looking for a quick payday. If we have a spare $2000 available, we would much rather give it to our hard working writers who deserve it”.

For updates on this continuing story, checkout Makeuseof’s temporary home on Blogspot. If this situation continues longer than is currently anticipated articles will be posted to this temporary site.

7 Comments

Filed under Application Vulnerabilities, Don't Get Hacked, internet scams, Malware Advisories, Web Development, Windows Tips and Tools