October 2017 - Cybersecurity experts

Breaking: Domino’s Hacked in 2017 & Late 2016, Criminal Claims

wefightforsecurityOctober 31, 2017cyber security, information securitycyber security, dominos 2017, dominos australia, dominos hack, dominos hack 2016, dominos hack 2017, dominos pizza, pizza security

Dominos has been hacked, but this is not surprising since we spoke to a criminal who claimed publicly and privately reiterated his claims that he had hacked into Domino’s Venezuala website dominos.com.ve allegedly using a SQL injection, which he publicly announced. We were unable to independently prove the claims by said criminal, since they wouldn’t share where the exploit was that they allegedly used.

Why did the criminal allegedly hack dominos? We do not want to mention the bizarre and insane conspiracy he or she was chasing, but let’s just say this criminal who hacked Domino’s was chasing something that didn’t exist that other news outlets publicly named over and over in the 2016 U.S election. We have no idea how domino’s fit into their conspiracy theory, except that they sell pizza and the conspiracy theory was partially pizza based.

So, why are we just now writing about a Domino’s hack against Venezulua that allegedly took place in late 2016? Because Domino’s who we contacted at the time said something to the effect that they would handle it, but now a Domino’s hack against Australians is showing a pattern in their security that is too familiar and we believe is unhealthy for their customers.

The 2017 Domino’s hack in Australia is interesting, since Domino’s is saying a third party is at fault due to a rating system that a third party used to manage that leaked customer personal details. This is interesting, because criminals want in your site and they are going to look for the weakest link to get into your site and unfortunately third parties are the most vulnerable when it comes to code.

A company like Domino’s can have a strict security code, but if it doesn’t ensure that their security model is also being used by their third parties and auditing their code, then they enter a security weakness into their threat model. This is a weakness that we take seriously and audit all third party code.

We may be publishing more of what occured in the 2016 domino hack, as this is now relevant information, so please check back as this is a developing news event.

Louisana Government Department Of Education Hacked

wefightforsecurityOctober 11, 2017October 11, 2017cyber securitydata security, doe, gov hacked, louisana department of education, lousiana government hacked, lousiana school hack

United States Department Of Education failing to secure their systems.

Louisiana Department Of Education referred to as DOE had a subdomain hacked yesterday. This was discovered by a researcher and was posted on Twitter September 10th at 4:58 PM . The researcher received an email from the Louisiana governments EDGAR System with a link to the malicious page.

The malware on the page is served up by powershell and is believed to be called Cobalt Strike. Immediately on hearing this, our CEO alerted some other government contractors, since we do security work for the government, but do not have any contacts in Lousiana.

This ended up in the researcher being told to contact US CERT by a well known researcher. 11 hours ago it was no longer available to access, hopefully it is down for repair.

Unfortunately, this is not the first time this month that we have reported on the United States Education systems being hacked.

While the exploit point is unknown, EDGAR is known to be exploited often and has come under scrutiny by congress for the system being exploited and not being disclosed for far too long.

We will continue to keep you up to date on the Lousiana government DOE hack as the events are still developing.

Google dorks — What are they and do Google Dorks hurt my business?

wefightforsecurityOctober 10, 2017October 10, 2017Uncategorized

Google dorks, many have heard of them but few know what they are. Do Google dorks hurt my website? That depends on your website, but let’s first breakdown what they are.

Google dorks is simply a way to refer to a refined Google search using special built-in Google features like inurl:crazy or intext:crazy or “crazy” – insane. We will now break down each one and what it does. If you did a search inurl:crazy it will return results for all urls with crazy in them and if you do a search for intext:crazy, it will return all meta descriptions and other text it detects and displays with crazy in it. The third example is the best one, because that will only show you results for the word crazy, but not if the word insane is in the title or description.

How can Google dorks hurt my website or get it hacked?

Certain files are easy to find using Google dorks, we’ve been able to view web hosts databases, electric grids, things you wouldn’t imagine are connected to the internet. We aren’t going into what Shodan is today, but let’s just say this is nothing compared to what you can find using Shodan.

We viewed one of John McAfee’s companies using google dorks and discovering a vulnerability that impacted their security. We reported it to Mcafee and the developers of the product and it was fixed. We do find it humorous that John says he loves hackers to hack him, because he gets attacked first with the newest attacks, when this issue has been known since the early 2000’s. In McAfee’s defense his company didn’t write the code for this software, they simply were using it without a security audit of the code.

With Google dorks, you never access the website, that is if you are smart. Instead, you go to Google cache and anything that happens is indexed by Google and on Google’s domain, so you are viewing a copy of a website that Google hosts. If you go beyond viewing, then you may be in trouble.

Google dorks are powerful and can find all sorts of things that shouldn’t be openly accessible to the web, but for some reason are.

So, are you vulnerable to Google dorks? Hire us and you will find out so much more, like if you are vulnerable to SQL injections, XSS, CSRF, etc.

Cabrillo College Hacked 28k Students affected, 12k SSNS exposed

wefightforsecurityOctober 10, 2017October 10, 2017Uncategorized

Cabrillo college students have been hacked, which is unfortunate since 28 thousand students personal details are stolen along with their passwords, names, dates of birth, addresses and emails along with 12 thousand of the students social security numbers expected to have also been stolen.

The amount of data stolen in the criminal Cabrillo college hack is far worse than one may think. This affects students all the way back to 2009 and the way students used to be identified was by their SSN, until a few years ago they switched to user ids. This means that 12 thousand alma mater students of Cabrillo college are exposed to identity theft. One now has the social security number of a person, the day of their birth and their addresses along with name. This is all it takes to setup virtually any account online. It is highly advisable that all students get a credit freeze to avoid their identity being stolen. The school has not announced if it is providing identity protection or if it has followed the law and informed all the students about the data breach. They have had more than a month to do so, since the data breach was detected September 5th.

source: http://www.santacruzsentinel.com/social-affairs/20171009/cabrillo-college-hack-exposed-40000-students-data

Planet Zuda In Readers Digest

wefightforsecurityOctober 9, 2017Uncategorized

Planet Zuda was in Readers digest explaining when you should give out your Social Security number, unfortunately a typo has us as Planet Zuta. An excerpt of what we said in Readers Digest says “First, focus on where you have to give your SSN”

If you want to read more, check out Readers Digest.

https://www.rd.com/advice/saving-money/times-to-never-disclose-social-security-number/

Month: October 2017