Month: November 2015

IT management firm LANDESK hacked


IT management firm LANDESK, which provides IT and security management services, has alerted its employees of a possible data breach.

The company recently warned its employees in a letter dated 18 November 2015, that hackers have obtained personal information, including names and social security numbers, of some LANDESK employees and former Wavelink employees.

On 25 November 2015, LANDESK stated that “We recently became aware of some unusual activity on our systems and immediately initiated safeguards as a precaution and began an investigation. As part of our ongoing investigation in partnership with a leading computer forensics firm, we recently learned that a small amount of personally identifiable information for a limited number of our employees may have been accessible during the breach. While no data compromises of personally identifiable information are confirmed at this point, we have reached out with information and security resources to individuals who may have been affected. The security of our networks is our top priority and we are acting accordingly. The few employees who may have been affected were notified promptly, and at this point the impact appears to be quite small.”

It was learnt from an unnamed LANDESK employee that the breach was first observed in June 2014 and was discovered when several employees complained about slow Internet speeds. The employee informed that the company has found remnants of text files with lists of source codes, and build servers  that the attackers compiled. He added that the attackers are slowly archiving data from the build and source code servers, uploading it to LANDESK’s web servers, and downloading it.

Claiming the breach as a speculation, LANDESK confirmed that security is and will continue to be a high priority for the company. 

(Perfect Training Center)


Hilton payment system attacked


Last time Huge card breach at Hilton Hotel propertiesand then after its payment system attacked. One of the largest US based hotel chain Hilton revealed that hackers had infected some of their point-of-sale computer systems with malware crafted to steal credit card information.

They didn’t disclosed what data was taken, but cautioned everyone who used payment cards at Hilton Worldwide hotels between November 18 and December 5 of last year or April 21 and July 27 of this year to check for any irregular activity from their debit or credit cards.

In an online post Hilton said that the Malware that infected system had a potential to retrieve cardholders’ names, account numbers, security codes and expiration dates.

They further wrote that they are investigating the breach with the help of third-party forensics experts, law enforcement and payment card companies.

Starwood hotels, which operate the Sheraton and Westin chains, announced four days before Hilton that hackers had attacked their payment system resulting in leaking of customer credit card data in some of their establishments.

“The malware was designed to collect certain payment card information, including cardholder name, payment card number, security code and expiration date,” the group said in a statement.

Starwood and Hilton are not the only one whose payment system has been hacked but last month Trump hotels has face the similar incidence of cyber attack.

“We believe that there may have been unauthorised malware access to some of the computers that host our front desk terminals and payment card terminals in our restaurants, gift shops and other point-of-sale purchase locations at some hotels,” Trump Hotel Collection said at a website devoted to details of the incident.

According to Trump hotels, the access could have taken place in between May 19 of last year and June 2 of this year.

Brian Krebs, cyber threat blogger at explained the cyber attack on payment systems as “just the latest in a long string of credit card breaches involving hotel brands, restaurants and retail establishments.”

(Perfect Training Center)

Dell says “sorry” for installing vulnerable digital certificate


Dell has apologized as it confirmed via a blog post that a certificate (eDellRoot), installed on its PCs that introduced a security vulnerability.

It is said that the certificate allows attackers to cryptographically impersonate HTTPS-protected websites. However, the company has issued a software tool that removes the transport layer security credential from affected machines.

The certificate will not reinstall itself, once it is properly removed using the recommended Dell process.

“The certificate was implemented as part of a support tool and intended to make it faster and easier for our customers to service their system. Customer security and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it,” the company said in the blog post.

According to the blog post, Dell’s customers, Hanno Böck, Joe Nord and Kevin Hicks, aka rotorcowboy, informed the company about the presence of such certificate on its PC.

Dell has claimed that the certificate was not a malware but was there to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service their customers.

“We have posted instructions to permanently remove the certificate from your system here. We will also push a software update starting on November 24 that will check for the certificate, and if detected remove it. Commercial customers who reimaged their systems without Dell Foundation Services are not affected by this issue. Additionally, the certificate will be removed from all Dell systems moving forward,” the company added. 

(Perfect Training Center)

Cyber Caliphates hack Twitter accounts of heads of Security Agencies of America


A group called ‘cyber caliphates’ setup by British ISIS fighter Junaid Hussain hacked about 54,000 Twitter accounts and posted personal details of heads of America’s security agencies on November 01.

The personal details posted online included passwords and phone numbers of CIA, FBI and NSA heads.

The attack was initiated in retaliation for the drone attack that killed Hussain in August.

Hussain led IS’s computer hacking division and was killed by a US drone in a joint operation with the UK. His widow, mother-of-two Sally Jones who is popularly known as ‘Mrs Terror’ is on a Government list of the most dangerous British recruiters for IS.

Since their leader’s death, Cyber Caliphate, which briefly took control of a Pentagon-owned Twitter account in January, has kept a low online profile.

Experts described it as a worrying escalation of the global cyber war.

The group also tweeted that they had details of members of the Saudi royal family, although this could not be verified.

Having spent several months apparently harvesting sensitive data, the details of the hot shots of security agencies were posted at 9 pm (GMT 1530 hours) on Sunday and till 11 pm (GMT 1730 hours) when Twitter was contacted by a security agency, it had suspended Cyber Caliphate’s account.

Among those affected are mostly believed to have Saudi Arabia orgins but some are feared to be British nationals as well.

It was not immediately clear how the hacked accounts were used. Victims were also unaware they had been hacked.

The incident came after the Government announced that the internet activity of everyone in Britain will have to be stored for a year under new surveillance laws.

 Cyber Caliphate is a group of hackers which is directly linked to ISIS.

In May, the hackers linked to the group who were involved in hijacking of social media accounts belonging to the US CENTCOM published a video threatening crippling cyber attacks against Europe, United States, Europe and Australia. The terrorists claimed to have the necessary cyber capabilities to spy on Western communications.

(Perfect Training Center)