DDOS attack on Newsweek after article about Donald Trump published

Newsweek’s website has been attacked by a large DDoS attack on Thursday night. The timing of this attack indicates that it may be related to an article published by Newsweek that accused a company owned by presidential candidate Donald Trump of doing business in Cuba in a direct violation of the Cuban trade embargo. If this is indeed the case it highlights yet another incident of politically motivated cyber interference in the current presidential race. Newsweek has indicated that the “main” IP addresses affiliated with the attack appear to be Russian, although this does not necessarily mean that the attack was carried out by Russian affiliated hackers. Newsweek claims that it is still investigating the attack.


-Michael Belle

Securing the IoT

Source Code for IoT Botnet ‘Mirai’ Released


Cars Are Getting Hacked, What’s New?

Image result

For those who didn’t know, cars are already fully capable of driving themselves and are available for purchase. Now due to legal issues there still must be a person operating the vehicle, but it’s not like that person has to do anything.

Well recently, Tesla was exposed for their self driving car feature being hacked remotely by two guys who were 12 miles away. The hackers were working with Tesla so no real harm was done. The hackers were able to do basically anything they wanted to do with the car from driving it to moving around seats inside of it. The hackers also said that it wasn’t just one model of Tesla, the same hack worked for numerous models they tried it on.

I guess the only bright side to this is that in order for the car to be hacked, the car had to be connected to a malicious WiFi hotspot and the car’s web browser had to be opened manually by the driver. So the moral here is if you ever have a self driving car, a) make sure you’re actually the one driving it. And b) just don’t open your web browser and you’ll be good, for now.

As a side note, Tesla did patch this flaw in their software within 10 days of the flaws being detected, so at least they work faster than apple.




Yahoo has 500 million users information breached, may be followed up with SEC investigations


Yahoo received an anonymous tip about a hacker who calls himself,  Peace or Peace of Mind, that 200 million account’s information was compromised back in July. He was seen selling 200 million Yahoo user account information on the dark web. Yahoo had also been going through the work and deal to sell its main business operations to Verizon also since July. Verizon claims that it knew nothing about a possible breach or anything regarding the breach until this past Thursday when Yahoo went public with its situation.

The anonymous tip triggered an investigation by Yahoo which actually uncovered that 500 million user’s information was compromised, since 2014. The information stolen includes names, email addresses, dates of birth, phone numbers, password information and possibly even the security question answers, as stated by Yahoo. The hackers received the hashed passwords of all compromised users. The hackers did not receive information on users payment card data or bank information because the information is not stored in the system that has not been affected so far in the investigation, says Yahoo.

Security experts from Symantec who are looking into the breach now, suspect it is an attack from a  nation state, suggesting Russia. They suspect it to be a nation state because a nation state would practically be the only entity to have enough resources to both break the encrypted passwords and enact anything malicious with that information, on the scale that was stolen.

The 4.83 billion deal with Verizon has obviously taken a blow. The SEC is also very likely to follow up with an investigation of Yahoo, to investigate whether or not they were withholding information from stockholders and the market.

Not very much detailed information has been released on this breach so far. Yahoo has only suggested its users change their passwords and other account passwords if you tend to use similar or the same password for other accounts.


‘Marissa was aware absolutely’: Yahoo chief ‘knew back in July that company was investigating a security breach’ – but only disclosed it to regulators and potential buyer Verizon this week

What Consumers Need to Know About the Yahoo Security Breach

Many Questions Still Unanswered After Yahoo Confirms Massive Data Breach

The future of Malware

Malware is constantly changing, just like human beings.
Researchers have found a new type of macro malware that avoids detection by going dormant, when it detects that its in a security researcher’s test environment.

The malware uses few techniques to figure out if the host is a legitimate target or not,it uses a feature in windows, Recent Files. It uses the Recent files feature to see how many word documents the user has and if they don’t have certain number of documents then it will not execute. Another method, is the malware  uses the IP of the computer network it’s on and see’s if it matches a blacklist and if it does match up then the malware doesn’t execute.

The reason why maker of the malware wouldn’t want the malware to execute while its in a VM(virtual machine) environment is so that it prolong the life span of the malware.

The malware is distributed through spam and phishing. The researches expect to see more malware in the future to have this ability.

-Brett Patterson brp5088
in dedication to Jar311


Malware Evades Detection with Novel Technique