Monthly Archives: August 2016

Your internet provider been compromised? Malicious insiders are helping cybercriminals hack telecoms firms

Be they disaffected insiders or victims of blackmail, staff at telecommunications firms are providing cybercriminals with the information required to carry out cyberattacks against their employers

 

With the sector a top target for hackers — as demonstrated by last year’s TalkTalk hack — Kapersky Lab’s Threat Intelligence Report for the Telecommunications Industry warns telecoms providers that they need to do more to protect themselves from cyber threats, from both outside and inside their networks.

According to the report, 28 percent of all cyberattacks and 38 percent of all targeted attacks involve malicious activity by company insiders — although not everyone involved in passing corporate credentials and other inside information to hackers are willing participants in the criminal schemes.

One tactic used by hackers is to find compromising information on an employee — be it available on the open internet or from a previous cache of stolen data — at the organisation they wish to target.

Hackers will then blackmail the person, forcing them to hand over information which will compromise their employer or distribute spear phishing emails on their behalf, in order for the potentially embarrassing personal data not to come to light.

The report suggests that cybercriminals may have used data exposed following the hack of Ashley Madison, a dating website catering to adulterers, in order to blackmail workers.

However, Kaspersky warns that not all insider attacks are carried out by reluctant participants: some are done with the help of willing insiders who are more than happy to put their telecoms employer — and therefore their customers — at risk from cybercriminals.

More often than not, these malicious insiders will offer their services on underground message boards on the dark web, or via ‘black recruiters’, and are paid for their services. Researchers warn that these malicious insiders also have no qualms about identifying co-workers who could potentially be blackmailed.

Another example saw an SMS centre support engineer spotted on a popular dark web forum advertising their ability to intercept messages containing the one-time passwords used for the two-step authentication process required to login to customer accounts at a popular fintech company.

For the cybercriminals, recruiting an insider makes hacking a company a much simpler task, providing them with easy access to internal networks and data. The report notes how insiders at phone companies are mostly recruited to provide access to data, while staff at internet service providers are more often used to help carry out man-in-the-middle attacks.

“The human factor is often the weakest link in corporate IT security. Technology alone is rarely enough to completely protect the organisation in a world where attackers don’t hesitate to exploit insider vulnerability. Companies can start by looking at themselves the way an attacker would,” says Denis Gorchakov, senior information security analyst at Kaspersky Lab.

“If vacancies carrying your company name, or some of your data, start appearing on underground message boards, then somebody, somewhere has you in their sights. And the sooner you know about it the better you can prepare,” he adds.

String Manipulation Challenge – Difficulty (Medium)

 

This level is about string manipulation.
In this challenge, you will be given a string. Take all the numbers from the string and classify them as composite numbers or prime numbers. You should assume all numbers are one digit, and neither number 1 nor number 0 counts. Find the sum of every composite number, then find the sum of every prime number. Multiply these sums together. Then, take the first 25 non-numeric characters of the given string and increment their ASCII value by one (for example, # becomes $). Take these 25 characters and concatenate the product to them. This is your answer.
Your answer should look like this: oc{lujxdpb%jvqrt{luruudtx140224

 

 

 

6xcyna#r3jtl33gjgdq0oi#dz1ju$ww9i@#nyrz44jcj6dii7vh87f$6rjidebauux$9g467wwq28k9cv2oc@qtpvpi?94rgh4dlnncf2jj76jofmmv7xssqlnfysv9dndbnjlgfobaqldy#jhbep8gtf?bxcpdptbepjm05ouu83b0#vv5bt$@myh4w7vw0jd5g5jkmwvyl#u7e7ke7vyfdbxy5z@7qthl#nom9e?dcks#4y7auc10$jhyo41wrli9czmnknp154j0rgooxfigyvud2ro15#90vatic4wnyr2xhj1?2rv47#6rn3lubxcact$j#vvrhrrfjweg86ps3e#fk07wbfufbg3e8ewydjcocz7oc3$8bv4@j78#0rl7n4uf3cbyrc37o8hq3oe4btri0zivwum4ft0$nw3d#9hk9qiqgj7x#0vxiine15vsxqkh1kuk4w33fi0jymnc4z00rv0m1f$5@nl$noxj4w2?m579tln97d46w$gai29gfynldo16rv4g@vdjdunubuo$3j20e13m@5wc5584#t40pv4?a14$eg?1#?cttvnk#0yh?1ou7301?uby1b77fiyitu$inzgyix1a@#zp#y021nd?eu0k1wt$i#rtw

 

Fix a corrupted file – Challenge 2 (Amateur)

This level is about a corrupted file.

Someone, using the windows command line ftp client, downloaded a bz2 compressed png-file which contained an important password.
But he forgot something to take into consideration, and so the file got corrupted.
Get this file  HERE , reconstruct it and send the password as answer.

 

Submit Your Answers Below

The Stairs of Death

Three people are standing on some stairs. They are each wearing a hat. They are only allowed to face forwards, so they cannot see the color of their own hat, only the color of the hat of the one or two people in front of them (depending in which position they are). The hats they are wearing have been chosen from a pile of two red hats and two blue hats. All three men will be shot in one minute unless one of them shouts out (correctly!) the colour of their own hat. Who shouts out and how do they know the color of their hat? (Work out the answer for the most difficult situation!

KickassTorrents Founder Asked US to Drop the Case

Artyom Vaulin, the alleged KickassTorrents owner, through his lawyer has asked the DoJ to drop the charges against him and release him from prison, arguing that he can’t be held criminally liable for KAT users’ infringing behavior.

cc8f04ee00a1eba4f6eaa1db1e3a80ad.th.png

Artem Vaulin, the alleged founder of KickassTorrents, was arrested in Poland in July and has been held in a local prison since. The Polish police acted on a criminal complaint from the US government, and now the 30-year-old Ukrainian is charged with criminal copyright infringement and money laundering.

Vaulin hired an expert in file-sharing cases, who was defending MegaUpload and isoHunt – Ira Rothken. The lawyer claimed that allegations against the site owner are baseless. While not addressing whether Vaulin is indeed the owner of the site, Rothken argues that the changes don’t hold up and requests the US authorities to dismiss the criminal complaint against his client and release him from prison.

Ira Rothken argues that the alleged KAT owner can’t be held responsible for the infringing actions of the KickassTorrents users, since criminal secondary or indirect copyright infringement does not exist under US law. The lawyer points out that KickassTorrents itself never hosted any infringing content, but only stored torrent files. In other words, possible copyright infringements would take place after the visitors had left KickassTorrents. Besides, the affidavit lacks specific examples linking Vaulin to infringing downloads: actually, the only relevant infringement quoted is one committed by an agent from Homeland Security Investigations.

Vaulin’s defense believes that the absence of any specific allegations is not an oversight, but rather a side effect of how far the site owner is removed from the copyright infringing acts. Noting the weakness of the criminal claims, Rothken asks the US Department of Justice to drop the charges against Vaulin and set him free.

The lawyer has sent the US government a letter, which also urges the authorities not to question, interrogate, or interview Artyom Vaulin. In addition, Rothken asked to allow him immediately speak with Vaulin in prison so he can assist with his defense.