Major Hacks of the Year 2015
Chances
are that you didn't go a few days without hearing the word "cyber"
last year. It's for good reason. 2015 was a year of data breaches and
hacks, impacting the public and private sector alike.
Android
Stagefright
Our
personal devices weren't safe. Researchers discovered a massive
vulnerability in the Android operating system affecting millions of
devices. The vulnerability, known
as Stagefright,
was
contained deep in the code that handles processing and displaying
images. The especially horrific part was that this vulnerability
could be triggered simply by sending the victim a specially crafted
text message. Google has since released a patch fixing the
vulnerability, but many devices could still remain affected and
unpatched.
Botnet
of Things
The
Internet! It's everywhere! More and more household (and
non-household) items are being connected to the Internet, a
phenomenon known as the Internet of Things (IoT). Unfortunately, with
this explosion of Internet-connected devices came equally explosive
security vulnerabilities. Hackers demonstrated the ability to
remotely
control Jeep vehicles,
taking over the steering wheel and even disabling the brakes.
Hacking
Team Hacked
There
was a lot of schadenfreude at the news that the Hacking Team, a known
purveyor of spying tools to oppressive regimes, was itself targeted
by hackers. The notorious Italy-based spyware vendor had
its own servers compromised,
with attackers releasing
over
400GB of internal data and communications with clients. The releases
included revelations of dealings with regimes targeting activists and
journalists, including Azerbaijan, Kazakhstan, Uzbekistan, Russia,
Bahrain, Saudi Arabia and the UAE.
Equation
Group
Nation-state
actors aren't just using off-the-shelf spying tools by outfits like
Hacking Team, but are busily developing their own. Researchers at
Kaspersky Labs discovered a family of malware, developed by
theEquation
Group,
that could insert itself in the firmware of a number of different
brands of hard drives. This malware could then easily persist on that
machine, reinstalling itself from a secret sector on the hard drive
even if the operating system was completely reinstalled. Due to the
complexity of the malware, it is likely that the Equation Group is
state-sponsored, and Reuters
quoted anonymous
former employees of NSA who claimed that the malware was directly
developed by the Agency.
State-sponsored
malware and attack campaigns highlight the terrifying capabilities of
nation-state actors and reinforce the importance of security best
practices and rejecting backdoors.
Read
More Here <<=>> https://goo.gl/Ip7wS7
Комментарии