My TechDecisions

Network Security

Who Got Hacked This Week? Jan. 14 Edition

Who and what was hacked this week, January 14th, 2016? Read on to find out.

Leave a Comment

Who Got Hacked

Note: Each week we bring you the latest hacking news on the internet. Read on to find out who and what was hacked this week.

 

OSCE Suffers Major Cyber Attack

The Organization for Security and Co-operation in Europe has suffered a major cyberattack this week.

Based in Vienna, the OSCE includes 57 member states and is the largest security-oriented intergovernmental organization in the world. It focuses on issues like arms control, human rights, freedom of the press and fair election results.

Mersiha Causevic Podzic, a representative of the OSCE, said in an email that the organization became aware of a major information security incident in early November. The incident compromised the confidentiality of the organization’s IT network and put its integrity at risk.

It is believed that Russian hackers group APT28 (aka Pawn Storm, Sofacy, and Fancy Bears) was behind the attack.

The manner in which the OSCE was accessed has been identified along with some of the external communication destinations.

 

900 GB of Data Stolen from Cellebrite

Cellebrite, an Israeli company whose main product allows for data to be ripped from mobile phones, has itself been hacked.

More than 900 GB of data related to the company, including customer information, databases and technical data regarding Cellebrite products, was taken from servers related to Cellebrite’s website. The data also includes usernames and passwords for logging into Cellebrite databases. The data also contains evidence files from seized mobile phones and logs from Cellebrite devices.

Cellebrite is urging customers to change their passwords as a precaution.

 

Energy Department Warns U.S. Power Grid in “Imminent Danger”

The U.S. Energy Department has warned that the electricity system faces imminent danger from cyber-attacks.

 

27,000 Databases Held For Ransom in One Week

If you’re using MongoDB installations to create your database, you could be in trouble.

Hacker Harak1r1 has been accessing, copying and deleting poorly configured MongoDB databases and holding the lost data for ransom this past week. It is estimated that over 27,000 databases have been compromised. The hacker is demanding anywhere from 0.2 to 1 bitcoins ($184 to $906 U.S.).

The cause of the ransomware? The database administrators themselves. Every case involves a server with an administrator account that was configured without a password. There are currently 99,000 vulnerable MongoDB databases.

Administrators are advised to enable authentication, use firewalls and update MongoDB software to the latest release in order to stay secure.

 

FTC Sues D-Link Over Insecure Routers and IP Cameras

In the wake of IoT DDoS attacks of late, the FTC is suing D-Link due to failure to secure products.

The FTC maintains that D-Link failed to implement necessary security protection in routes and OP cameras that left thousands of consumers at risk to hacks.

D-Link has been accused of FTC Act violations like falsification about security, false claims of measures taken to secure devices, and failure to secure its software.

D-Link responded that the charges are baseless, and that the FTC fails to allege that actual customers suffered or are likely to suffer substantial injuries.

 

AutoFill Features Leak Personal Information to Hackers

The features used to automatically fill in information in browsers could be dangerous.

Hackers can use the autofill feature to trick users into spilling private information.

The way it works is that hackers could visibly include some pieces of information to autofill, and hide the rest. The browser will still fill all boxes. So a user could autofill name and company, the autofill could fill in phone number, email, address and more without the user knowing. Hackers could even invlude credic card information to autofill. Once submitted, hackers get the information.

A demo of how this works can be found here.

 

You Can Hack the Nintendo Classic to Add More Games

Owners of the highly popular Nintendo Classic have figured out a way to add more games using a hack. Be careful, though, it could also destroy the code of the entire system.

Jonathan Blackwood
Jonathan Blackwood

Jonathan Blackwood is the Editor-in-Chief of TechDecisions. Jonathan joined TechDecisions in 2014 and writes about technologies that help to innovate and improve practices for companies of all sizes, K-12 and higher education, government, healthcare, hospitality, retail and large venue spaces. He is especially interested in the future of work and education and the Internet of Things. Follow him @BlackwoodTweets.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Today’s LED Displays are Bright, Sharp, and Splashy

When just about anything can be purchased online, what’s setting physical retail establishments apart in 2019? A unique shopping experience. Which ...

Top 2019 Trends in LED Display for Hospitality

The latest in display technology can make a tremendous impact in creating a vibrant guest experience for your guests. Lobbies and elevator alcoves ...

Encouraging Employees to Embrace New Technology

It can seem like you have no control over employee adoption of new technology. However, there are tried and true strategies for getting employees t...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales