Tuesday, May 26, 2015

What would you hire a hacker for?

The hacker community has never seen it as a good idea. And they were right: Hacker's List service, which offers the possibility to hire "hackers", had a security breach which allowed to know the real names of those who offered their services and those who demanded them, besides what they have ordered. A new super sensitive online data leak for the umpteenth time... We'll also discuss the spanish companies lack of interest on INFOSEC issues and about a sheriff who exceeded his functions.

The Hacker's List service was launched in February and then began to grow exponentially until it drew attention of a researcher, who created a robot search engine to analyze what kind of services were requested, including spying on partner's Whatsapp, closing someone's Instagram account or stealing an exam from the teacher's computer... but was discovered so much more: it was possible to know name and other data of "hackers", of those who hired them, and what purpose.

And while the population jumps without reservation into commit small computer crimes, companies are still with their heads in the clouds. A study by the Center for Industrial Cyber Security ensures that only 17% of Spanish companies have a plan on IT risk management. A 44% are still defining one and 22.2%  are functioning on the fly. In contrast, another recent study says that cyber attacks are the main concern of 84% of managers and executives in financial sector.

Though sometimes we go from one extreme to another, as the sheriff of San Bernardino, California, United States, who is accused of having used more than 300 times a spying telephone device which allowed to geolocate phones without a warrant. Overzealous which possibly will not lead to a reprimand, because the FBI has risen up in his defense.

We ended up with an important warning which has to do with the devices currently being more attacked: routers. There is already circulating in the underworld an exploit, a program which modifies the DNS servers of routers configuration which have never changed its password. Modified DNS redirect us from a web we want to visit to other malicious site. The solution: disable your router's remote access.

Hopefully our readers may have a nice day and do not hesitate when making small changes to their devices if so they manage to be safer.


Post a Comment