Tag Archives: Graham Cluley

Apple Fix OS X Security Hole

Apple has finally released a security fix through its software update service which closes a security hole in its OS X operating system.

Before the security fix was released, thousands of Apple computers were left vulnerable to a security hole which could have resulted in confidential data dropping into the hands of a hacker.

The vulnerability in the code for the OS X operating system meant that security certificates weren’t being authenticated properly when a secure connection was being made to a website. This meant that hackers could pose as a website and gather the data that was being sent before it was received by the real website.

The security hole was first found on Apple’s mobile devices which run on the iOS operating system and the same problem was then seen with the OS X operating system. A security fix was released for the mobile devices running on the iOS operating system last week but as the fixes weren’t released simultaneously, thousands of Apple computers have been left exposed.

Ryan Lackey who founded CryptoSeal expressed his disappointment with this on Twitter and that whoever made the decision should no longer be employed by Apple.

Lackey stated, “Whoever at Apple decided to wait 4+ days for 10.9.2 to patch the OSX vulnerability needs to no longer be in that position.”

Researchers believe that the security flaw has been present for months but that no one had reported it publicly.

Graham Cluley who is a security analyst believes that Apple has seriously dropped the ball and that there is no telling whether hackers have exploited the security hole.

Cluley stated, “It’s pretty bad what Apple have done, they’ve seriously dropped the ball. How much the problem has been exploited is hard to say. Hackers may now be trying to take advantage while users wait for the security fix.”

Have you applied the security fix? Do you think that security fixes for the OS X and iOS operating systems should have been released simultaneously?

Microsoft’s YouTube Channel Hijacked

On Saturday, a hacker hijacked Microsoft’s official YouTube channel and removed all the videos that were hosted on it. The hacker replaced the videos with others claiming that Microsoft was holding a contest.

The channel’s description was changed to “Wish to Become Sponsored? Message me.” Meanwhile the titles of two videos that the hacker published were “We are sponsoring” and “Make us a Background to Get Subbox!!!”

A message that was posted by the alleged hacker read “I DID NOTHING WRONG I SIMPLY SIGNED INTO MY ACCOUNT THAT I MADE IN 2006 :/” It is thought that the reasoning of such a statement being written is that the hijacker had registered during the early days of the website and that the account was claimed by Microsoft. If this is what happened, the major error made was that the original email retained access to the account.

This whole incident may have occurred due to YouTube making users link their old accounts with their Google accounts. It is believed that this mandatory action could be the reason how the previous owner gained access to the current account.

It is thought that the user’s email address was linked with the Google Account used by Microsoft on YouTube. If this is what happened, the hijacker may have been able to reset the password and therefore gain access to the account. Upon hearing such news, this may well cause a large amount of concern amongst other brands that use the website to promote their business.

Graham Cluley, a senior technology consultant at Sophos states “If that’s true, then it’s a colossal foul-up by YouTube that may concern other well-known brands who have established presences on the video network.”

Microsoft so far has refused to comment about this incident and how the account was hacked. They have now regained full control of the account and reinstalled all of the videos that had been deleted by the hijacker. The YouTube account of the user who it is believed conducted the hack has been terminated.

This is the second high profile incident of YouTube accounts being hijacked over the last two weeks. Last week, Sesame Street’s YouTube channel was hijacked and used to show videos of an adult nature.

To reduce the chances of your account being hijacked, it has been recommended to use strong and unique passwords and to ensure that no unwanted email addresses have access to your Google account.

Lulzsec Target Brazilian Government

Two of the official Brazilian government websites were brought down during the early hours of Wednesday morning. The sites are the official web pages of the Brazilian government and the scam is the equivalent of bringing down the Downing Street site.

The sites were inaccessible this morning after LulzSec had flooded the site. Users simply received an error message stating that the site had suffered a timeout.

The Brazilian government adds to a growing list of victims which includes the CIA, the US Senate, the US television broadcaster PBS, Britain’s Serious and Organised Crime Agency, Sony and Nintendo.

LulzSecBrazil tweeted: “TANGO DOWN brasil.gov.br & presidencia.gov.br,” when the job was done.

On Monday night 19 year old Ryan Clearly was arrested in his family home. Scotland Yard claimed that a “significant amount of material” was seized.

Although there were no tweets for over 10 hours from LulzSec they did eventually reply with two denials including:

“Seems the glorious leader of LulzSec got arrested, it’s all over now..wait..we’re all still here! Which poor bastard did they take down?”

His older brother Mitchell commented “He’s not the sort of person to do anything mad or go out and let his hair down or do anything violent. He stays in his room – you’ll be lucky if he opens his blinds, but that’s just family isn’t it? I barely see him – I’m more of a footballer person – he’s more of an inside person.”

The arrest appears to have prompted a scam on Facebook. It has been alleged that people may be making commission through sharing a picture of two pixelated men leading another pixelated man away from a building.

“Sharing and liking the page, followed by clicking on the link, led me to third party webpages that urged me to download a program called iLividSetupV1.exe which attempted to install a series of toolbars.” Sophos senior technology consultant Graham Cluley stated in a blog post.“It is certainly inventive to exploit the breaking news story of the arrested hacker,” he added.

$200,000 Attack on Gucci

Gucci recently came under attack from a disgruntled employee who was laid off earlier in the year.

A former network engineer Sam Chihlung Yin, 34 has been accused of illegally accessing Gucci’s servers and deleting a whole host of data. The attack comprised of shutting down servers, deleting data, as well as preventing employees from all over the country from sending and receiving emails.

The American fashion giant was attacked 6 months after they fired Yin who proceeded to attack the company’s IT infrastructure using a fake user account.

Using VPN access Yin wreaked havoc over Gucci’s systems for over 2 hours before being identified. Investigations revealed that Yin was quite skilful in exploiting the holes in Gucci’s systems through his extensive experience within the company.

He “deleted several virtual servers, shut down a storage area network and deleted a disk containing the corporate mailboxes from an email server.” According to court documents.

Charges included computer tampering, identity theft, falsifying records, computer trespass, criminal possession of computer related material, unlawful duplication of computer related material and unauthorised use of a computer.

Although the act appeared ‘revengeful’ in it’s nature rather than for financial profit Yin could potentially be behind bars for 15 years. In total Yin’s actions cost Gucci more than $200,000.

The New York district attorney Cyprus Vance stated “computer hacking is not a game, it is a serious threat to corporate security that can have a devastating effect on personal privacy, jobs and the ability of a business to function at all.”

The senior technology consultant at Sophos, Graham Cluley emphasised how important it was that companies place emphasis on protecting their corporate networks.

The Gucci incident coincided with the criminal act which saw Conde Nast $8 million out of pocket by tricking the company into paying a fake printing company. It was only a month after paying into a fake account that the scam was revealed.

“So make sure your defences are in place, and that only authorised users can access your sensitive systems.” Graham Cluley wrote on the Sophos company blog.

zbot Trojan: Two young malware creators arrested after Metropolitan Police investigation

A male and female, both aged 20 from Manchester, are being held in connection with an enquiry into the malicious code, which is designed to help cybercriminals target the financial details contained within any infected machine.

A spokesperson for officers working on the case explained that the Trojan, which is known as zbot as well as ZeuS, is one of the most widespread and effective examples of hacking tools currently circulating the internet. It has already been used to help steal the financial details of thousands of people around the world, with bank account and credit card information its main target. Continue reading

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal