Using only their wits, an extensive list of control systems related search terms, a paper clip, and the Internet-facing device search engine SHODAN, two researchers spear-headed an ambitious effort to compile a list of almost 500,000 devices with predicted control systems impact.
From a Department of Homeland Security report about how vulnerable America’s power, water and nuclear systems are to attack. Our question: Paper clip!? 

Massive phishing attack appears to hit cybersecurity conference

image

About 7,500 registered attendees of this year’s Black Hat cybersecurity conference got an email similar to the one above.

Obvious phishing scheme right? Actually, no.

Though Black Hat is known for pranks and hacks (they tell you not to use the Wi-Fi under any circumstances at the event, because you will be hacked), the e-mail was actually sent out by a Black Hat volunteer who got a bit ahead of himself on Sunday.

"Hanlon’s Razor states, ‘Never attribute to malice that which is adequately explained by stupidity,’" wrote Trey Ford, Black Hat’s general manager, in a blog post. -David

We were hacked by British Parliament … sort of

If you watched this video on phishing attacks today, you may have noticed that our security expert, Eric Fiterman, mentioned the username and password of a Gmail account he set up.

Well, that video was taped a month ago, and poor Eric forgot to change his password. (Eric has since changed the password, so if you haven’t tried yet, you’re out of luck.)

Lo and behold, three people tested it out and snooped around in the Gmail account: One from Canada (174.115.2.104), one from Michigan (71.205.161.243) and one from the United Kingdom (194.60.38.10). 

Eric wouldn’t be a good security expert if he didn’t get more information about those IP addresses. And what did he find out about the third one?

% Information related to ‘194.60.0.0 - 194.60.63.255’

inetnum:         194.60.0.0 - 194.60.63.255 
netname:         HOP
descr:           Houses of Parliament
country:         GB
admin-c:         IM3186-RIPE
tech-c:          JN2461-RIPE
mnt-by:          UK-HOP-MNT
mnt-by:          RIPE-NCC-END-MNT
mnt-lower:       RIPE-NCC-END-MNT
mnt-routes:      COLT-UK
mnt-routes:      NC-NOC
source:          RIPE # Filtered
status:          ASSIGNED PI

Looks like News Corp. isn’t the only hacker in Britain. -David