IT News, Solutions and Support

Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Tag: russia (page 1 of 2)

U.S. indicts seven Russians for hacking nuclear company Westinghouse

U.S. indicts seven Russians for hacking nuclear company WestinghouseThe United States on Thursday indicted seven Russian intelligence officers for conspiring to hack computers and steal data, including attempts to break into the computer networks of the nuclear power company Westinghouse Electric Co. The Justice Department said one of the Russian officers performed online reconnaissance and stole log-in credentials of Westinghouse workers, including staff that work at its advanced nuclear reactor development and new reactor technology units. Westinghouse, which is located outside of Pittsburgh, provides fuel, services and plant design to customers, including Ukraine.

People's Instagram accounts are being mysteriously taken over by Russians, and they can't get them back

‘The support service I’ve received from Instagram has been shockingly poor,’ one affected user told The Independent

Russian hacking attacks could 'flood US cities with sewage' and cause deadly explosions


Disruption of power grids and other utilities are part of Russia’s new ‘rules of war’

FBI issues formal warning on massive malware network linked to Russia


FBI issues formal warning on massive malware network linked to Russia  The HillFBI: Hundreds of thousands of home, office routers targeted in cyber attack  WDTN.comFull coverage

FSB to give internet messengers 10 days to hand over encryption keys

Preview Russia’s Federal Security Service (FSB) has ordered data exchange services such as internet messengers to give up the encryption keys for their clients’ correspondence within 10 days of receiving an official request.
Read Full Article at

More evidence ties alleged DNC hacker Guccifer 2.0 to Russian intelligence


It may be a while since you’ve heard the handle “Guccifer 2.0,” the hacker who took responsibility for the infamous DNC hack of 2016. Reports from the intelligence community at the time, as well as common sense, pegged Guccifer 2.0 not as the Romanian activist he claimed to be, but a Russian operative. Evidence has been scarce, but one slip-up may have given the game away.

An anonymous source close to the U.S. government investigation of the hacker told the Daily Beast that on one single occasion, Guccifer 2.0 failed to log into the usual VPN that disguised their traffic. As a result, they left one honest IP trace at an unnamed social media site.

That IP address, “identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow,” the Daily Beast reported. (The GRU is one of the Russia’s security and intelligence organs.)

Previous work by security researchers had suggested this, but it’s the first I’ve heard of evidence this direct. Assuming it’s genuine, it’s a sobering reminder of how fragile anonymity is on the internet — one click and the whole thing comes crashing down.

It’s a bit of a foregone conclusion now, since in the time since the hack the notion of Russian interference with the election has gone from unnerving possibility to banal fact. And while a single impression like that may sound a bit flimsy, investigators would of course be putting it together with all kinds of other activity and patterns to be clear this wasn’t just a random intern checking his feeds at an open terminal.

Let’s block ads! (Why?)

Russian Spy Gang Hijacks Satellite Links to Steal Data

Russian Spy Gang Hijacks Satellite Links to Steal Data

The Russian gang known as Turla have been hijacking satellite IP addresses of legitimate users to steal data from other infected machines.

The post Russian Spy Gang Hijacks Satellite Links to Steal Data appeared first on WIRED.

Microsoft releases 14 patches for Windows


Microsoft released patches for 14 vulnerabilities in its Windows operating system, Office and Internet Explorer software on Tuesday, including four it deemed critical, it’s highest severity rating.

All four of the critical bugs could allow attackers to remotely execute programs on a targeted system, something that in the past has allowed hackers to steal personal information such as passwords or take over machines for the purpose of sending spam.

The patches were released as part of the company’s monthly “patch Tuesdaysecurity update for its major software products. The company had originally planned to deliver 16 updates Tuesday, but two are marked as yet to appear. They include one that was expected to carry a critical rating.

At 14, the number of patches is a monthly record for 2013 and 2014.

They include a problem with Windows Object Linking and Embedding that could allow remote code execution if the user visits a website containing malicious code. If the user is logged in as the administrator, the attacker could gain the ability to install programs and change and delete data. A related patch for Internet Explorer fixes the vulnerability with malicious websites and 16 other problems with the software, said Microsoft.

A security update for the Microsoft Secure Channel software in Windows fixes a problem that leaves Windows Server vulnerable to attack from specially crafted packets. The fourth critical patch fixes a hole in Windows that allows attackers to invoke Microsoft XML Core Services from a malicious website and then remotely execute code on a target system.

A further seven patches are marked as important—the second highest rank.

One vulnerability in Microsoft Office allows for remote execution of code, four additional problems allow attackers to assign themselves higher privileges and two allow bypass of certain security features in Windows.

via Microsoft releases 14 patches for Windows security problems | PCWorld.

5 Million Gmail Passwords Leaked, Check Yours Now

5 Million Gmail Passwords Leaked, Check Yours Now.

5 Million Gmail Passwords Leaked, Check Yours Now

According to the Daily Dot, nearly 5 million usernames and passwords to Gmail accounts have been leaked on a Russian Bitcoin forum. Here’s what you should know.

The list has since been taken down, and there’s no evidence that Gmail itself was hacked—just that these passwords have been leaked. Most sources are saying that lots of the information is quite old, so chances are they were leaked long ago—though others are claiming 60% of the passwords are still valid (not to mention really, really horrible).

5 Million Gmail Passwords Leaked, Check Yours Now

To check if your password was one of the leaked, plug your Gmail address into this tool (which also checks against recent Yandex and leaks). If you’re paranoid, you may also want to change your password at this time. As always, make sure you use a strong password and enable two-factor authentication on  your account. Hit the link to read more.

Update: Looks like the IsLeaked tool is having some trouble due to unusually high traffic—if you get an error message, try reloading the page or checking back later.

5 Million Gmail Passwords Leaked to Russian Bitcoin Forum | The Daily Dot

Killing the Password

Passwords suck. Plain and simple. They inconvenience the user, and are far too easy to crack…or guess…or fall victim to internet trickery that gets you to give them away. A better solution is overdue. Killing the password is “Challenge Accepted” for DARPA

Anyway, check out the article and start thinking of a day when we are free of password hell. It may not be tomorrow, but it is coming.

Seven ways DARPA is trying to kill the password | PCWorld.


Older posts