Tag Archives: Possible
(Reuters) – New Zealand-based fuel supplier Z Energy Ltd on Wednesday said it has been presented with evidence that customer data from its Z Card Online database was accessed by a third party in November 2017.
The database held customer data such as names, addresses, registration numbers, vehicle types and credit limits with the company, Z Energy said in a statement. The data accessed did not include bank details, pin numbers or information that would put customer finances directly at risk, it said.
Z Energy did not specify the extent to which its customer data had been compromised.
The company said it had notified affected customers and advised the Privacy Commissioner of the breach. It said the system in question had been closed since December 2017.
The Z Card allows customers to manage fuel accounts online, and is used primarily by companies with vehicle fleets.
Z Energy said it had been made aware of a potential vulnerability in the system in November, but had not found evidence of any data breaches at that time.
Z Energy operates in both New Zealand and Australia. New laws in Australia requiring companies to report data breaches took effect in late-February this year.
Reporting by Ambar Warrick in Bengaluru
TORONTO/KIEV (Reuters) – Hackers have infected at least 500,000 routers and storage devices in dozens of countries, some of the world’s biggest cyber security firms warned on Wednesday, in a campaign that Ukraine said was preparation for a future Russian cyber attack.
The U.S. Department of Homeland Security said it was investigating the malware, which targets devices from Linksys, MikroTik, Netgear Inc (NTGR.O), TP-Link and QNAP, advising users to install security updates.
Ukraine’s SBU state security service said the activity showed Russia was readying a large-scale cyber attack ahead of the Champions League soccer final, due to be held in Kiev on Saturday.
“Security Service experts believe the infection of hardware on the territory of Ukraine is preparation for another act of cyber-aggression by the Russian Federation aimed at destabilising the situation during the Champions League final,” it said in a statement.
Cisco Systems Inc (CSCO.O), which has been investigating the threat for several months, has high confidence that the Russian government is behind the campaign, according to Cisco researcher Craig Williams. He cited the overlap of hacking code with malware used in previous cyber attacks that the U.S. government have attributed to Moscow.
Cisco, which uncovered the campaign several months ago, alerted authorities in Ukraine and the United States before going public with its findings about the malware it dubbed VPNFilter.
It also shared technical details with rivals who sell security software, hardware and services so they could issue alerts to their customers and protect against the threat.
Cisco described the mechanisms that the malware uses to hide communications with hackers and a module that targets industrial networks like ones that operate electric grids, said Michael Daniel, chief executive officer of Cyber Threat Alliance, a nonprofit group.
“We should be taking this pretty seriously,” said Daniel, whose group’s 17 members include Cisco, Check Point Software Technologies Ltd (CHKP.O), Palo Alto Networks Inc (PANW.N) and Symantec Corp (SYMC.O).
Cyber security firms, governments and corporate security teams closely monitor events in Ukraine, where some of the world’s most costly and destructive cyber attacks have been launched.
They include the first documented cases where hacks have caused power outages and the June 2017 NotPetya cyber attack that quickly spread around the world, causing network outages that lasted weeks at some companies. Victims included Beiersdorf AG (BEIG.DE), FedEx Corp (FDX.N), Merck & Co Inc (MRK.N), Mondelez International Inc (MDLZ.O) and Reckitt Benckiser Group Plc (RB.L).
Cisco said it does not know what the hackers have planned. The malware could be used for espionage, to interfere with internet communications or launch a destructive attack like NotPetya, according to Williams.
The Kremlin did not immediately respond to a request for comment. Russia has denied assertions by nations including Ukraine and Western cyber-security firms that it is behind a massive global hacking program that has included attempts to harm Ukraine’s economy and interfering in the 2016 U.S. presidential election.
VPNFilter has infected devices in at least 54 countries, but by far the largest number is in Ukraine, according to Cisco.
Netgear representative Nathan Papadopulos said the company was looking into the matter. He advised customers to make sure their routers are patched with the latest version of its firmware, disable remote management and make sure they have changed default passwords shipped with the device.
A Linksys spokeswoman had no immediate comment. MikroTik, TP-Link and QNAP could not be reached.
Reporting by Jim Finkle in Toron to and Pavel Polityuk in Live; Writing by Jim Finkle and Jack Stubbs; Editing by Mark Heinrich and Jeffrey Benkoe
NEW YORK/LONDON (Reuters) – Federal prosecutors in New York have been investigating since at least last year whether Chinese tech company Huawei Technologies Co Ltd [HWT.UL] violated U.S. sanctions in relation to Iran, according to sources familiar with situation.
The prosecutors have been investigating alleged shipping of U.S.-origin products to Iran and other countries in violation of U.S. export and sanctions laws, two of the sources said on condition of anonymity.
The probe, first reported by the Wall Street Journal on Wednesday, is being run out of the U.S. Attorney’s office in Brooklyn, the sources said. John Marzulli, a spokesman for the prosecutor’s office, would neither confirm nor deny the existence of the investigation.
The Department of Justice in Washington declined to comment.
Huawei, which makes handsets and telecommunications network equipment, said it complies with “all applicable laws and regulations where it operates, including the applicable export control and sanction laws and regulations of the UN, US and EU.”
News of the Justice Department probe follows a series of U.S. actions aimed at stopping or reducing access by Huawei and Chinese smartphone maker ZTE Corp (000063.SZ) to the U.S. economy amid allegations the companies could be using their technology to spy on Americans.
In February, Senator Richard Burr, the Republican chairman of the U.S. Senate Intelligence Committee, cited concerns about the spread of Chinese technologies in the United States, which he called “counterintelligence and information security risks that come prepackaged with the goods and services of certain overseas vendors.”
Republican Senators Marco Rubio and Tom Cotton have introduced legislation that would block the U.S. government from buying or leasing telecommunications equipment from Huawei or ZTE, citing concern the Chinese companies would use their access to spy on U.S. officials.
U.S. authorities last week banned American companies from selling to ZTE (000063.SZ) for seven years, saying the Chinese company had broken a settlement agreement related to Iran sanctions with repeated false statements – a move that threatens to cut off ZTE’s supply chain.
The ZTE ban was the result of its failure to comply with an agreement with the U.S. Commerce Department reached last year after it pleaded guilty in federal court to conspiring to violate U.S. sanctions by illegally shipping U.S. goods and technology to Iran.
In 2016, the Commerce Department made documents public that showed ZTE’s misconduct and also revealed how a second company, identified only as F7, had successfully evaded U.S. export controls.
In a 2016 letter to the Commerce Department, 10 U.S. lawmakers said they believed F7 to be Huawei, citing media reports.
In April 2017, lawmakers sent another letter to Commerce Secretary Wilbur Ross asking for F7 to be publicly identified and fully investigated.
Reporting by Arjun Panchadar in Bengaluru, Karen Freifeld in New York, Eric Auchard in London; Editing by Frances Kerry and Paul Simao
Washington, D.C., has issued a permit allowing Elon Musk’s Boring Company to do preparatory and excavation work in what is now a parking lot north of the National Mall. The company says the site could become a Hyperloop station.
The permit, reported Friday by the Washington Post, was issued way back on November 29th of 2017. The permit is part of an exploratory push by the city’s Department of Transportation, which according to a spokesperson is examining the feasibility of digging a Hyperloop network under the city. The Hyperloop is an as-yet theoretical proposal to use depressurized tubes and magnet-levitated pods to move passengers at very high speeds.
A Boring Company spokesperson told the Post that “a New York Avenue location, if constructed, could become a station” in an underground transportation network. The Boring Company last year showcased the possibility of moving cars underground on mag-lev sleds, though that concept wasn’t quite a version of the Hyperloop proper.
The increasing prominence of Musk’s own Boring Company in pushing for Hyperloop construction is a notable reversal of the entrepreneur’s initial plans for the concept. When he unveiled a paper describing the idea in 2013, Musk said he wouldn’t be directly involved with building it. That led several independent startups, including Hyperloop One and Hyperloop Transportation Technologies, to take up the cause.
Get Data Sheet, Fortune’s technology newsletter.
But last summer, Musk started touting tentative Hyperloop partnerships between the Boring Company and governments in the Northeast U.S. A few weeks before the D.C. permit was issued, Maryland issued a permit for the Boring Company to build a 10.3-mile tunnel on a route between Baltimore and D.C.
The Hyperloop concept as a whole, though, has come under renewed scrutiny lately. It’s unclear how such a huge project would be paid for — selling Boring Company flamethrowers is unlikely to cover the bill. More fundamentally, urban planners have argued that the Hyperloop, which would use small pods to carry a few riders at a time, can’t scale sufficiently to really address urban transportation needs. Musk, in an unusual fit of pique, recently replied to one such criticism by calling its author an ‘idiot.’
PYEONGCHANG (Reuters) – Pyeongchang Olympics organizers were looking into a disruption of non-critical systems on the day of the opening ceremony but could not yet confirm if it was a cyberattack, Games spokesman Sung Baik-you said on Saturday.
The Winter Olympics opened with a spectacular ceremony on Friday, attended by several heads of state who witnessed the joint march of North and South Korean athletes, as Games systems played up.
The ceremony was also attended by North Korean ceremonial leader Kim Yong Nam and North Korean leader Kim Jong Un’s sister, Kim Yo Jong, as well as U.S. Vice President Mike Pence.
Some local media reported system problems, including the Games website and some television sets, were due to a cyberattack but Sung said it was still too early to determine whether hackers had attempted to damage them.
“There were some issues that affected some of our non-critical systems last night for a few hours,” Sung told reporters, without detailing what the issues specifically were.
“We apologize for the inconvenience caused. It has not disrupted any event or had any effect on safety and security for athletes or spectators.”
Sung said security experts were currently investigating the incident.
“Experts are watching to ensure and maintain any systems at expected service levels. We are currently investigating the cause of the issue. At this time we cannot confirm (a cyberattack),” he added.
“We are investigating the cause and we will share more information. All competitions are running as planned.”
It was also not clear whether failure to deploy drones as part of the programme during the two-hour opening ceremony was in any way related to the system problems.
The International Olympic Committee said pre-recorded footage of the drones was used instead.
“Due to impromptu logistical changes it (drone deployment) did not proceed,” the IOC spokesman said with elaborating further.
The Winter Games, staged only 80km (50 miles) from the North Korean border, saw the two Koreas, who are technically still at war since a 1953 armistice, march together at the opening ceremony for the first time since 2006.
South Korea has been using the Pyeongchang Games to break the ice with the reclusive North, which has been trading nuclear threats with the United States recently.
Reporting by Karolos Grohmann; editing by Sudipto Ganguly
(Reuters) – Major cryptocurrency exchange Coinbase said on Wednesday it will investigate accusations of insider trading, following a sharp increase in the price of bitcoin cash hours before it announced support for the virtual currency.
Bitcoin cash, a clone of bitcoin, jumped to $ 8,500 on Coinbase’s exchange on Tuesday afternoon, hours before the San Francisco-based exchange launched trading in bitcoin cash.
Trading in bitcoin cash will be suspended until 1200 ET (1700 GMT) Wednesday, a Coinbase status page showed.
Meanwhile, bitcoin, the world’s most popular cryptocurrency, fell more than 10 percent on Wednesday to a one-week low of $ 15,800. Bitcoin has risen some 1,700 percent this year and nearly 80 percent this month alone.
“If we find evidence of any employee or contractor violating our policies — directly or indirectly — I will not hesitate to terminate the employee immediately,” Coinbase Chief Executive Brian Armstrong said in a blog post. (bit.ly/2CMbaA3)
Additionally, Coinbase employees have been restricted from trading in bitcoin cash for several weeks, Coinbase said on Twitter.
Earlier on Tuesday, traders on Twitter alleged that news of Coinbase’s launch of bitcoin cash support had been leaked before the official announcement.
Bitcoin cash was created on Aug. 1 when Hong Kong-based exchange Bitfinex said a minority of bitcoin miners would create a new version of bitcoin to make trading faster and easier.
Reporting by Nikhil Subba and Mekhla Raina in Bengaluru; Editing by Amrutha Gayathri and Sai Sachin Ravikumar
SpaceX believes that the explosion of a Falcon 9 rocket earlier this month was caused by a breach of the helium system within the second stage of the rocket. The company may start launching again as early as November of this year.
WiFi Whisperer calls attention to the data leaking from your phone by displaying it on screen and whispering it back to you in an eerie voice. The post ‘Wifi Whisperer’ Siphons Your Data in the Creepiest Way Possible appeared first on WIRED.