Hackers could read non-corporate Outlook.com, Hotmail for six months

Hackers could read non-corporate Outlook.com, Hotmail for six months

Enlarge (credit: Getty / Aurich Lawson)

Late on Friday, some users of Outlook.com/Hotmail/MSN Mail received an email from Microsoft stating that an unauthorized third party had gained limited access to their accounts, and was able to read, among other things, the subject lines of emails (but not their bodies or attachments, nor their account passwords), between January 1st and March 28th of this year. Microsoft confirmed this to TechCrunch on Saturday.

The hackers, however, dispute this characterization. They told Motherboard that they can indeed access email contents and have shown that publication screenshots to prove their point. They also claim that the hack lasted at least six months, doubling the period of vulnerability that Microsoft has claimed. After this pushback, Microsoft responded that around 6 percent of customers had suffered unauthorized access to their emails, and that these customers received different breach notifications to make this clear. However, the company is still sticking to its claim that the hack only lasted three months.

Not in dispute is the broad character of the attack. Both hackers and Microsoft's breach notifications say that access to customer accounts came through compromise of a support agent's credentials. With these credentials the hackers could use Microsoft's internal customer support portal, which offers support agents some level of access to Outlook.com accounts. The hackers speculated to Motherboard that the compromised account belonged to a highly privileged user, and that this may have been what granted them the ability to read mail bodies. The compromised account has subsequently been locked to prevent any further abuse.

Read 2 remaining paragraphs | Comments

Bloomberg: Super Micro motherboards used by Apple, Amazon contained Chinese spy chips

Article intro image

(credit: Wikipedia)

Tiny Chinese spy chips were embedded onto Super Micro motherboards that were then sold to companies in the US, including Amazon and Apple, reports Bloomberg. The report has attracted strenuous denials from Amazon, Apple, and Super Micro.

Bloomberg claims that the chips were initially and independently discovered by Apple and Amazon in 2015 and that the companies reported their findings to the FBI, prompting an investigation that remains ongoing. The report alleges that the tiny chips, disguised to look like other components or even sandwiched into the fiberglass of the motherboards themselves, were connected to the management processor, giving them far-reaching access to both networking and system memory. The report says that the chips would connect to certain remote systems to receive instructions and could then do things like modify the running operating system to remove password validation, thereby opening a machine up to remote attackers.

The boards were all designed by California-based Super Micro and built in Taiwan and China. The report alleges that operatives masquerading as Super Micro employees or government representatives approached people working at four particular factories to request design changes to the motherboards to include the extra chips. Bloomberg further reports that the attack was made by a unit of the People's Liberation Army, the Chinese military.

Read 3 remaining paragraphs | Comments

The DNC keeps the Watergate file cabinet next to server hacked by Russia

The basement of the Democratic National Committee's Washington, DC, headquarters holds one of the most fitting images to come out of the hacks that dogged Democrats in the 2016 presidential election. On the left: a 1960s era file cabinet that was jimmied open during the 1972 Watergate break-in. On the right: a DNC server that was hacked by what the US intelligence community says were Russian operatives.

The photo is from an 8,300-word New York Times article about how two separate Russian government groups hacked the DNC. The hacks first came to light in June, and the rough outline is well known. For months, the intruders had free reign over the DNC's computers. Over time, the Russians extended their reach into the Gmail accounts of Clinton campaign chairman John Podesta, former secretary of State Colin Powell, and others. The series of DNC blunders, bordering on ineptitude, that allowed the attacks to succeed has been well documented. Those blunders are now coming into sharper focus.

Like the feeble filing cabinet, the shortcomings exposed in the New York Times' blow-by-blow account show just how ineffective and doomed the DNCs's defenses were against a much-better organized adversary. Equally important, the report reveals how a "series of missed signals, slow responses, and a continuing underestimation of the seriousness of the cyberattack"—apportioned in almost equal parts by members of the FBI, the DNC, and the Clinton campaign—allowed the hacking drama to play out.

Read 3 remaining paragraphs | Comments

AdultFriendFinder hacked: 400 million accounts exposed

Enlarge

AdultFriendFinder has been hacked, revealing the account details of more than 400 million people who would undoubtedly prefer to keep their identities private on the "world's largest sex and swinger community" site.

The hacked database—which appears to be one of the largest ever single data breaches in history—apparently contains account details for numerous adult properties belonging to the California-based Friend Finder Network, and includes customers' e-mail addresses, IP addresses last used to log-in to the site, and passwords.

According to data breach notification site LeakedSource.com, the passwords were either kept in plain text format, or used the largely discredited SHA1 hashing algorithm. It claimed to have cracked 99 percent "of all available passwords" which "are now visible in plaintext."

Read 6 remaining paragraphs | Comments