Monthly Archives: November 2016

Mirai botnet attack hits thousands of home routers, throwing users offline

Nearly a million users across Europe were thrown off the internet during the weekend into Monday after criminals tried to hijack home routers as part of a coordinated cyber attack.

Security researchers said that routers given to customers in Germany by their internet providers were at risk of attack from the notorious Mirai malware, most notable for its large-scale botnet that brought parts of the internet offline on the US east coast last month.

Mirai, if used to attack specific targets, can bring down websites, services, or even internet infrastructure, which can mean widescale outages.

The routers, most of which were made by Zyxel and Speedport, had port 7547 open, typically used by internet providers to remotely manage and maintain in case of outage or issue.

The exploit code used to attack the routers is believed to be derived from a modified version of Mirai, which instead of commandeering vast numbers of internet-connected surveillance cameras was used in a botched attempt to hijack home routers. According to the SANS Internet Storm Center, which was first to report the issue, honeypots pretending to be affected routers are receiving exploit orders as quickly as once every five minutes.

there are more than 41 million devices on the searchable internet with port 7547 open.

But instead of diverting those routers’ internet traffic to the criminals’ intended target to bring websites or services offline, the routers crashed.

With the deadline days away, expansion of FBI hacking powers looks likely

Rule 41 might be the least interesting name for one of the most significant factors this year in security and privacy.

Why? Because the rule is about to change, allowing the FBI to vastly broaden its spying powers.

Earlier this year, the Supreme Court proposed a new rule that would allow US judges to issue warrants outside their jurisdiction. Under existing rules, judges can only issue orders within their jurisdiction, often only a few miles across or covering a few local districts. The hope was that this rule change would make cases more efficient, such as in cyber-related cases, which typically span multiple districts and even countries.

Simply put: all it would take would be for the FBI ask a friendly judge to sign off on a search warrant that would let the agency use its so-called network investigative techniques — or NITs — to carry out hacks and conduct searches on computers and devices potentially anywhere in the world.

We’ve seen good uses of that hacking effort, such as catching users of a dark web child porn site, but one prominent privacy-minded lawmaker said in a statement that the rule change “would allow the government to get a single warrant to hack an unlimited number of Americans’ computers if their computers had been affected by criminals, possibly without notifying the victims.”

Here’s the twist. The proposed rule change will automatically go into effect on December 1 — that’s Today– unless Congress intervenes.

Hackers Advances To San Francisco transport systems

San Francisco's local transport system was targeted over the weekend
San Francisco’s local transport system was targeted over the weekend

San Francisco’s transport agency has been hit by a hack attack which led to customers being able to travel for nothing.

The hackers have made a ransom demand of 100 Bitcoin, which amounts to about $70,000 (£56,000 ; €66,000).

As a precaution, staff shut off all ticketing machines on the network.

Computers across the city’s transport network, including at stations, were disabled with screens displaying a message from the attackers.

The message read: “You Hacked, ALL Data Encrypted. Contact For Key( ,Enter”.

Yandex is a Russian internet company that, among other things, provides email and social networking tools.

The trains themselves were not affected – and city officials said a full investigation was underway.

‘2,000 machines hacked’

“There has been no impact to the transit service, to our safety systems or to our customer’s personal information,” a spokesman told the BBC.

“The incident remains under investigation, so it wouldn’t be appropriate to provide any additional details at this point.”

The Municipal Transportation Agency – known as Muni – looks after trains, trams and buses around the city, including San Francisco’s iconic cable cars.

On Sunday, ticketing machines were back up – but it was not clear if the hack had been contained.

It appeared to include many employee terminals as well as machines that may be used to look after payroll and employees’ personal information.

The hacker told Hoodline on Sunday that Muni had “one more day” to make a deal.

Cyberattack Exposes Sensitive Data on Over 134,000 US Sailors

The U.S. Navy said hackers have gained access to the Social Security numbers and other sensitive information of more than 134,000 current and former U.S. sailors.

The data breach occurred after a hackers compromised the laptop of an employee of Navy contractor Hewlett Packard Enterprise.

In a statement released Wednesday, the Navy said that the information was accessed by “unknown individuals” and that an investigation was underway to identify and help those whose information was exposed.

The information was taken from what is known as the Career Appoints database, which is used to submit re-enlistment and occupation requests.

The statement said there was no evidence of “misuse” of the compromised information.

Hewlett Packard Enterprise informed the Navy of the breach October 27.

This is the latest in a string of data breaches in the U.S. this year. In a report issued Tuesday by the Identify Theft Resource Center, 901 breaches occurred in 2016, exposing the records of more than 34 million people.

The breaches occurred in the government, financial, business, educational and healthcare sectors.

The most breaches, 397, occurred in the business sector, exposing records on more than 5.5 million people.

There were 61 cyberattacks in the government/military sector, compromising the records of 12.9 million people.

Despite the large number of data breaches this year, none compare to the worst-ever data breach of U.S. federal government records. In 2015, the security clearance applications and other sensitive information of some 21.5 million people were compromised.

Top 5 U.S. data breaches

  • U.S. Office of Child Support Enforcement (federal agency): 5 million records exposed.
  • Banner Health (a nonprofit health health system): 3.6 million records exposed
  • Newkirk Products (a provider of healthcare identification cards for health insurance plans): almost 3.5 million records exposed
  • Washington Department of Fishing & Wildlife (a Washington state wildlife protection agency): 2.4 million records exposed
  • 21st Century Oncology (a provider of integrated cancer care services): 2.2 million records expose

Parents’ Guide: 10 Basic Signs of Cyberbullying

Cyberbullying is a more urgent problem than many parents can imagine. Think about it – around half of teenagers have been cyberbullied on the Internet and only one in ten of them tells an adult about it. Right this moment your kid can get mean messages on the phone, read inappropriate comments under their Facebook picture, receive online threats, etc.

Cyberbullying may have a strong influence on teenagers leading sometimes to unexpected and hurtful consequences. Not to let that happen, parents need to be attentive to their kids and to notice any basic signs of cyberbullying. Even if your kids don’t tell you about this problem directly, they can give it up in many different ways. So, if you notice any of the following things in your kid, you better have a serious conversation.

1. Constant checking of their devices. If you notice that your kid has been online much more often lately, it may be a sign. Cyberbullied kids usually fail to resist checking whether there are any new comments or messages about them online. It is also possible that they start playing a lot of videogames and sit in different online chats just to escape the problem. Of course, many kids today spend an excessive amount of time online and it doesn’t always mean something, but it is definitely worth checking.


Pumpic2. Change of interests. If you notice that your kids are not interested in the things the used to like, it may also be a sign. Kids can see their previous hobbies meaningless and feel apathy towards everything. It also concerns friends and relatives. If your child doesn’t spend as much time with you or their friends as before, you should get alarmed.


3. Unusual emotions after visiting the web. If you see that your kid is angry, upset or on the verge of tears after going online, something if definitely wrong.



Pumpic4. Bad school performance. Many kids who have been cyberbullied by other kids from school, start skipping classes not to see their offenders. Thus, their grades often drop because they are stressed out and cannot focus on their studying.




5. Nervousness. Kids are often nervous for many reasons. There can be a test tomorrow, a new crush, a fight with best friend, etc. However, if you see your kid nervous after checking their phone and this state is more frequent than usual, it is time to start a conversation.



6. Secrets. Does your child shut the laptop every time you enter the room? Do they refuse telling or showing what they do there? Well, it may be nothing, but if they seem too scared that you see their screen, you better do something about it.


Pumpic7. Physical reaction. Of course, cyberbullying is nonphysical and all the harassment happens online or over the phone. However, the consequences many be quite physical because of all the stress and fear. It can be frequent headaches, sleeping troubles, etc.



8. Weight changes. Loss or gain of weight can actually be a sign of cyberbullying, too. If you see such changes, you better seriously talk to your kid.





9. Derpession. If you see that your kids are too gloomy and depressed all the time, you cannot ignore it.




10. Any other life changes. If you notice that any things are different in your kids’ life, it may be connected to cyberbullying. Of course, there can be many different reasons for that, but it wouldn’t hurt to ask.


Cyberbullying is a rising problem that should be dealt with, first of all, by parents. If it goes on for too long, kids can get emotionally traumatized and carry the consequences of that for a very long time. If you notice that your child acts in an unusual way, you should always try to figure out what’s wrong. The best way to do it is to have trustful and honest relationships with your kids so that they feel safe to share their problems with you.

You Cannot Take Your Picture Back From the Internet

Here are the biggest dangers of posting photos online

1. You lose control over your images

As soon as pictures of your kids appear online, anyone may view them, copy, save, tag or spread them – and you will never get to know. Besides, most of the people skip reading terms and conditions of social media sites like Facebook. Well, having read attentively enough you can find a clause that states that you give up all copyrights, ownership and your consent of any media you share on the platform. This means that popular sites like Facebook are not obliged to ask your consent and may use any content you put on their platform in any way they want.

2. You can’t take a photo back from the Internet

pictures of your kids


Once your photo is uploaded to the Web, you can’t take it back. Any images, as well as any messages, will stay in the worldwide network forever, stored on the servers. If you delete them from the timeline on your FB profile or the message history on Whatsapp, they still won’t disappear from the Internet.

Even changing picture privacy settings in your profile to keep all photos available only for the people on your friends list doesn’t guarantee that someone won’t see it else. Even your friends or relatives may appear to be a “weak link,” having saved a photo or a video of your kid and passing it on through other resources.

Moreover, if you change your mind and delete a photo quickly from your timeline, it can already be viewed and saved by someone.

3. Digital kidnapping

A growing crime called ‘digital kidnapping’ means that individuals or companies steal children’s photos without their parents’ permission and repost these images across the Internet for advertising purposes, frauds or things even worse.

4. Collecting data and targeted advertising

Things you post online have valuable information for data collectors and advertisers. They collect data about you to show targeted advertising to you as their potential customer. As a person who posts photos of a kid, you might be interested in kids toys or clothes – and voila! – you see dozens of related ads on your screen.

Moreover, any time you take your child’s images and post pictures online it leaves his/her digital footprints. Social networking sites like Facebook collect information about your kid and form their identity in the worldwide web years before children decide to sign up for a network.

5. Avoid sharing important information about your kid

By giving too many details, you may as well reveal vital information about your children to online fraudsters and predators. Therefore:

  • Turn off GPS tags when posting images of your child in order not to show places where he/she spends much time;
  • Try not to post too many photos concerning your kid’s hobbies – sports groups, extracurricular activities, etc.;
  • Do not post pictures of any documents containing official information about your child;
  • Some experts even advise using a nickname instead of your kid’s real name in any posts online.

6. Don’t post half-naked photos of your children

post pictures online


Avoid showing up online photos where your little ones are half-naked (at the seaside, etc.) no matter how cute and innocent these images seem to be. You never know who and with what purposes may look through them.

7. Think of possible consequences before sharing photos of your children without their consent

Statistics say that:

  • Over 1/3 of admissions officers of academic institutions learn more about prospective students on Facebook and Google+. In over 35% of such checks, the discovered information had negatively impacted prospective students’ applications.
  • Recruiters in 75% of companies examine applicants’ online reputation. 84% of recruiters think that online reputation impacts hireability.

Obviously, any information that creates your kid’s online identity – even childhood photos – may potentially compromise not only his/her school life but also education and career in future. Moreover, photos that often seem to be cute and funny to parents may appear to be embarrassing for the kids, especially in their teen years, sometimes even with their peers mocking and making fun.

In some cases, children can even sue their parents for posting their childhood photos online without their consent, and therefore violating their right to a personal life, just like an 18-year-old girl Rami from Austria did. Cases of children suing their parents have happened across the US and other countries.

For the same reasons, you’d better always ask the consent of other parents whose children are in the same photo with your child before posting such an image online.

The good thing you can do is involve your children in the process as they grow. Always let them decide which of their photos are OK to share online and which are not.

Make sure you don’t overshare online and monitor what your kids post, too!

AdultFriendFinder network finally comes clean to members about hack

(Image: file photo)

The company behind has only just begun directly informing its users that their data has been stolen, a week after it publicly admitted that its networks had been compromised.

Friend Finder Networks, which owns several adult dating and entertainment sites including and, alerted users of a “security incident” in a message on Sunday, a little over a week after we first reported of the scale of the breach, which affected over 400 million accounts.

recently learned of a security incident that compromised certain customer usernames, passwords, and email addresses,” said the message. “Immediately upon learning this information, we took several steps to investigate the situation and retained external partners to support our investigation.”

But AdultFriendFinder was far from proactive about informing its users.

Several of the site’s users contacted me to say that they were only alerted to the security issue from a message in the user’s inbox after they logged into one of the sites.

They heard about the hack from the media, and yet had not received any emails from the company directly.

That’s a problem for the hundreds of millions of users who no longer use the site but may still be affected by the breach. alone claims to have 700 million users, but according to an analysis of the last login dates, over 200 million users haven’t logged in since 2010.

Friend Finder Networks has been wholly silent — with the exception of a press release posted late in the day last Monday, two days after news of the hack first broke, confirming the hack and that it was investigating the breach. The statement said that the company was “in the process of notifying affected users to provide them with information and guidance on how they can protect themselves,” but gave no timeline on delivery.

One user, who did not want to be named, told me that they thought it was “unacceptable” that they had to hear about the hack from the media rather than the company.

The message users received over the weekend. (Image: supplied)

The press release also said that the company “encourages” users to change their passwords, as opposed to forcing its users to reset their passwords when they next log in, an act that most security professionals considered to be standard practice after a data breach.

Another user who emailed told me that when they went to change their password, the page suggested users should use “characters a-z” and “numbers 0-9,” and said that passwords are not case sensitive. An analysis by LeakedSource, a breach notification site which obtained the database, first noted that the sites converted user passwords into lower-case, which if stolen makes them easier to decrypt.

A spokesperson for the company, now handled by a public relations firm known to specialize in “crisis communications,” did not comment but referred back to the previous press release.

Three mobile data breach: Company confirms data from 133,827 accounts could have been accessed

Security breach puts Three customer data at risk.

Image: Three

Three mobile has confirmed that information about almost 134,000 customers was accessed following a data breach, although the company, one of the largest mobile network providers in the UK, has said no banking information has been obtained by outsiders.

The company says information from 133, 827 of its nine million customer accounts was accessed in total.

For 107,102 customers, the information which could have been obtained included whether they are a handset or SIM-only customer, contract start and end date, handset type, Three account number, how long they’ve been with Three, whether the bill is paid by cash or card, billing date, and name.

For a further 26,725 customers the information which could have been obtained included name, address, date of birth, gender, handset type, contract start and end date, whether they are a handset or SIM only customer, telephone number, email address, previous address, marital status, employment status, Three account number and phone number, and how long they’ve been with Three.

Three men arrested in connection with the breach have been released on bail while the National Crime Agency investigates the case.

In a message to customers, Three CEO Dave Dyson has apologised for the inconvenience caused by the breach and assured customers no bank information was accessed.

“We believe the primary purpose of this was not to steal customer information but was criminal activity to acquire new handsets fraudulently,” he said.

“I understand that our customers will be concerned about this issue and I would like to apologise for this and any inconvenience this has caused,” he said. “In total, information from 133,827 customer accounts was obtained but no bank details, passwords, pin numbers, payment information or credit/debit card information are stored on the upgrade system in question.”

Dyson says Three has “put in place increased security” for the affected customer accounts and that the company is “working closely with law enforcement agencies on this matter”.

The company says information was obtained after being accessed using an authorised login into its database of customers eligible for a phone upgrade. Three has warned customers to be “cautious” about anyone contacting them about the incident and to not give out their banking information.

How To Temporarily Change Android MAC Address Without Rooting

MAC is the acronym for Media Access Control. Its address is a unique code made up of 12 (XX:XX:XX:XX:XX:XX) characters for a particular hardware like say the network adapter of WiFi devices.

There are many reasons for wanting to change the MAC address of your device. For instance, if you want to connect to a WiFi hotspot then it will be a good idea to change the MAC address temporarily. It will protect your privacy. Another very good reason to opt for this is to ensure smooth interoperability.

For instance, your internet service provider binds their service to a particular address and you want to change your network card or want to install a new router you will find that the service won’t work properly anymore. It may not even work at all. You can solve this problem by changing the MAC address of the new interface.

images (28)

You can of course change this address permanently or temporarily depending on your requirement. Usually you need a rooted phone to change the address but to change the address temporarily you can use a phone that is not rooted.

To temporarily change android MAC address without rooting the first thing you need is to know the MAC address. To find it on your tablet just touch the Menu key and go to Settings. Scroll down to About Tablet and there select Status. Just scroll down and view the address. If you are using an android phone you can do the same thing or alternatively on About Phone select Hardware Information and see the address. Another way is to select Wireless Network from Settings and there select WiFi settings and get the address from the Advanced section.

Next thing is to download a free app called the Android Terminal Emulator. Install it on your device. You need to know the name of your card to actually make the change. So open the app and type

ip link show

You will get a list of the different interfaces. On the list search for the address that matches the one that you found out earlier. Now to change it to the temporary address just type in the following commands:

ip link set AAAA address XX:XX:XX:YY:YY:YY

ip link set AAAA broadcast XX:XX:XX:YY:YY:YY.

Here AAAA is the name of the interface that you want to change and XX:XX:XX:YY:YY:YY is the new temporary address that you are assigning to the hardware. Remember that the address is made up of characters so it can be numbers or alphabets. Now to check whether the address has changed just type

ip link show AAAA

While denoting the new address it is important to keep in mind that only the last 3 sets should be changed. The first three sets should be kept same. If you change them you will face a lot of authentication issues.

As these changes are temporary whenever you reboot your device the MAC address will change back to the original address so you will have to repeat the above instructions again.

There are also some apps available on Google Playstore which supposedly help in temporarily changing the MAC address without rooting like the MAC changer app. All you have to do is follow the instructions given in the app.

KGB Keylogger from Refog Software

KGB Keylogger is a multi-functional keyboard tracking software that is widely used by both regular users and IT security specialists for tracking the key strokes typed on a given machine.

KGB Keylogger

KGB Keylogger Features at a Glance

  • Stealth mode and visible mode of work;
  • Logs keyboard input, including language-specific characters;
  • Logs Clipboard entries;
  • Monitors and logs network activities;
  • Custom list of monitored applications;
  • Detailed information for each log entry, including the time stamp, application name and window caption;
  • Screenshots at custom frequency (regular intervals or on mouse clicks);
  • Export of logs into HTML;

The software works as described and is pretty fully featured for a Keylogger including a screen capture feature, not just the normal text/keyboard capturing facility.

The interface is nice and it’s fairly easy to use.

It has good ratings at places like Softpedia (5/5).

You can download the trial version here (Valid for 7 days):

KGB Keylogger – Trial