Cyber Security News Update 8/17/2018 – AskCyberSecurity.com
The dark web is a place with a large amount of mystery and mystique surrounding it; it represents the dark underside of the internet where you can find anything at all…for the right price. In many ways this reputation is well deserved, because you can (or used to be able to) get just about anything you wanted from the dark web; just like any good secret market you had to know how to gain entrance, which requires using a Tor browser. The dark web and its denizens have been under increasing scrutiny and assault by law enforcement from the world over as more and more of its illicit dealings have come to light. Cryptocurrencies helped bolster the dark web because transactions through certain cryptocurrencies could be made untraceable and someone buying weapons, drugs, private information, or people certainly didn’t want their information existing anywhere. There have been FBI raids against major sellers and buyers which have closed down hidden markets that were previously thought to be untouchable like the Silk Road. Now, there is another group that’s prowling the depths of the dark web: Recorded Future, a cyber-security group that infiltrates the markets and forums of the dark web. Recorded Future works with agencies and companies to spot potential attacks and help track down malicious actors; they do so through a variety of methods such as reading through forums and offers to creating models that use past activity to predict future dangers.
Source: Fast Company
The FCC, and its chairman Ajit Pai, are under scrutiny from the Commerce, Science, and Transportation (CST) Committee for potentially misleading the public and Congress about a cyber attack during the Net Neutrality debate in 2017. The FCC’s Inspector General found that there was no such attack, but that the outage was possibly caused by an overload of traffic caused by John Oliver asking for American citizens to make their opinions heard by visting the FCC’s website. This spike in traffic may have caused the effects normally associated with a Denial of Service (DDoS) attack but where, in reality, no more than unprepared infrastructure failing under loads it was not designed to handle. This aspect of the failure has been acknowledged by Chairman Pai, but he has not changed his story from the outage being due to a targeted DDoS attack.
Apple has made the claim that their servers are impervious, even though their associated services repeatedly see hacks and illicit access. A teenager broke into Apple’s secure servers and downloaded 90 GB of supposedly secure material, including the authorization keys that allow the owner to log into any Apple device. Worse, somehow, this teenager hacker broke into Apple’s servers for more than a year without being detected or stopped. When Apple eventually noticed the hacking attempts, they alerted the FBI and the hacker’s house was raided. The given motive for the hacking was that he wanted to work with Apple, though it appears that the shared his exploits with the hacking community at large through WhatsApp. This breach represents a major security vulnerability for Apple, its products, and its customers.