Scam targets GMail users🕵

There’s an incredibly dangerous Google Docs phishing scam sweeping through the internet today. It uses Google’s own Apps system to compromise email accounts, so thousands of users are falling victim to it.

For many the warning about the phishing scam targeting GMail users came too late. The email messages appeared harmless and many clicked the link, not suspecting they were under attack.

Brandon Joiner of Ribbit Computers explains phishing scams involve sending out blast emails to tens of thousands of people.

'They are trying to see if they can hook anybody, or take the bait so to speak and click on the link. They are hoping to get personal information or credit card information at that time."

This phishing scam is particularly convincing because the emails appear to come from accounts you know.

Google confirms it is investigating what it calls a phishing email and is telling customers not to open their emails.

The company issued the following statement:

"We have taken action to protect users against an email impersonating Google Docs & have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail."

You can read original post on how it works and how to avoid it, but that doesn’t really help if you’ve already clicked the link. Here’s how to fix the Google Doc hack, for anyone already compromised.

The Docs attack works by tricking you into authorising a fake app, called “Google Docs,” and allowing it to read, send and delete your emails. The kind of damage a hacker can do with that access is huge: most of your other accounts probably use Gmail as the “reset account” email, so it would theoretically let a hacker get control of your Apple, Amazon, Facebook and Twitter accounts — just for starters.

Luckily, because the hack uses Google’s own Apps system to gain control, it’s also easy to delete. Go to Google’s account management page, Sign-In and Security, and then Connected Apps. Once you’re there, hit the button that says “Manage Apps” to see the full list of apps and permissions.

You’re looking for one titled “Google Docs,” but this is a good opportunity to go through the list and delete anything you don’t recognize, or anything with permissions that are far too broad. Google is already taking steps to fix this attack, so if you don’t see the Google Docs app in the list, it means you’re probably safe.

This attack was unusual for using Google’s own Apps framework to target users, but emails with links are not an unusual way to hack users. Nimrod Vax, the co-founder of security firm BigID and an expert on phishing attacks, described it as a “classic spear-phishing attack” that “works because it looks familiar.”

Going forward, he suggests using this opportunity to “really look at what permissions an app is asking for” — using Google’s account system was clever, but if you “look at permissions before you authorize an app, you can see what if what they’re asking for is unusual. There’s no reason a PDF reader would need to read and delete emails.”

If you’ve been phished, change your passwords to something you have never used before. Ideally, your passwords should be long and should not be words that could be found in a dictionary. The first things hackers do when breaking into a site is use computer programs that will try every word in the dictionary. Your email account is a ripe target for hackers because your inbox is the key to resetting the passwords of, and potentially breaking into, dozens of other accounts.

North Korea's 'devastating' new missiles mocked as FAKE☢

North Korea’s ‘devastating new nuclear missiles’ are being mocked as Fake.After footage shot at a parade of strength emerged appearing to show rockets wobbling with bent nose cones.

Speculation is mounting that Kim Jong-un may have substituted cardboard cutouts where he is lacking where it counts as tensions between Pyongyang and Washington escalate.

The communist country held a spectacular parade of weapons yesterday days after US President Donald Trump sent a strike force into the Pacific region after the war of words.

Around 60 of missiles were filmed rolling into Kim Il-Sung Square and the pictures initially struck fear into the hearts of analysts worldwide that North Korea’s nuclear weapons programme might be further advanced that previously thought.

But after official footage shot by media organisations allowed into the country and told to stand in a certain location and film in a certain direction emerged, many are questioning whether Kim Jong-un’s arsenal is really that deadly?

Moreover it’s claimed some of the weapons of mass destruction on show were really painted bits of WOOD. One so-called giveaway was a rocket which looked a shade different from others and its nose cone appeared wonky or at least pointing upwards oddly.

The parade was intended to celebrate the 105th anniversary of the birth of the nation's founder Kim Il-sung.

Experts claimed Jong-un was showing off his new intercontinental ballistic missiles (ICBM) - feared to be able to reach the US mainland several thousand miles away.

Falcon 9 Booster game-changer🚀

SpaceX has successfully launched and retrieved a recycled rocket - the first time in history the same booster has been used on two separate launches.

The used Falcon 9 rocket took off on a satellite delivery mission from the Kennedy Space Center in Florida on Thursday.

The booster's main section then separated from the rest of the rocket and flew itself back to a landing pad in the Atlantic, where it successfully touched down for its second return.

It was previously used on a mission in April last year and refurbished and tested on its return, still sporting its nine original engines.

There have been several other successful vertical landings, but none of these rockets had been reused until now. Thursday, SpaceX launched a geostationary communications satellite using a refurbished first stage Falcon 9 booster. The launch not only successfully inserted the satellite into orbit, but the booster again landed as planned on a floating platform located in deep water off the Florida coast.

So, these successes are technically satisfying, but are they important? They most certainly are. In fact, they could be a game-changer.

The reason is simple. The price of the fuel is only about 1% of the total cost of a rocket launch. The rest is the rocket itself, with 70% of the price tied up in the first stage of the booster. Being able to reuse the rocket represents a huge cost savings. Industry estimates suggest that reusing the first stage of the Falcon 9 booster might lead to a 30% reduction in the launch costs.

Thus, the typical cost of a SpaceX launch of $62 million might be reduced to $43 million -- a considerable contribution to the satellite company's bottom line. The cost of Thursday's launch has not been released, but SES, the company owning the satellite that was launched, has said they were interested in an even lower price of $30 million for this first attempt.

"This is a huge day. My mind's blown, frankly," said SpaceX founder Elon Musk.

He described it as an "incredible milestone in the history of space" and predicted, "this is going to be a huge revolution in space flight".

The Yahoo hack was one of the largest cyber crimes in history👀

The United States rarely blames foreign governments for hacks targeting US corporations. Yet in a Wednesday presser, the Department of Justice did just that — announcing indictments against two agents of the Russian FSB spy agency, Dmitry Dokuchaev and Igor Sushchin, for a 2014 breach of Yahoo that got access to 500 million users’ data.

This is a big deal. The Yahoo hack was one of the largest cyber crimes in history. This is also the first time the US government has ever brought charges against Russian officials for cyber-related crimes.

The US Federal Bureau of Investigation has been investigating the intrusion for two years.

Here's how the FBI says they did it:

The hack began with a spear-phishing email sent in early 2014 to a Yahoo company employee. It's unclear how many employees were targeted and how many emails were sent, but it only takes one person to click on a link, and it happened.

Once Aleksey Belan, a Latvian hacker hired by the Russian agents, started poking around the network, he looked for two prizes: Yahoo's user database and the Account Management Tool, which is used to edit the database. He soon found them.

So he wouldn't lose access, he installed a backdoor on a Yahoo server that would allow him access, and in December he stole a backup copy of Yahoo's user database and transferred it to his own computer.

The database contained names, phone numbers, password challenge questions and answers and, crucially, password recovery emails and a cryptographic value unique to each account.

It's those last two items that enabled Belan and fellow commercial hacker Karim Baratov to target and access the accounts of certain users requested by the Russian agents, Dmitry Dokuchaev and Igor Sushchin.

The account management tool didn't allow for simple text searches of user names, so instead the hackers turned to recovery email addresses. Sometimes they were able to identify targets based on their recovery email address, and sometimes the email domain tipped them off that the account holder worked at a company or organization of interest.

Once the accounts had been identified, the hackers were able to use stolen cryptographic values called "nonces" to generate access cookies through a script that had been installed on a Yahoo server. Those cookies, which were generated many times throughout 2015 and 2016, gave the hackers free access to a user email account without the need for a password.

Throughout the process, Belan and his colleague were clinical in their approach. Of the roughly 500 million accounts they potentially had access to, they only generated cookies for about 6,500 accounts.

The hacked users included an assistant to the deputy chairman of Russia, an officer in Russia's Ministry of Internal Affairs and a trainer working in Russia's Ministry of Sports. Others belonged to Russian journalists, officials of states bordering Russia, U.S. government workers, an employee of a Swiss Bitcoin wallet company and a U.S. airline worker.

So clinical was the attack that when Yahoo first approached the FBI in 2014, it went with worries that 26 accounts had been targeted by hackers. It wasn't until late August 2016 that the full scale of the breach began to become apparent and the FBI investigation significantly stepped up.

Russian strategic doctrine suggests that it sees cyber espionage as a valid and increasingly important kind of warfare. In an influential 2013 article, Russian Chief of the General Staff Valery V. Gerasimov argued that "non-military means,” including “new information technologies,” have eclipsed traditional weaponry in their strategic importance.

This is why it makes sense to hack Yahoo, even at the expense of exposing tens of millions of innocent people to email scams from a random hacker. Putin’s regime sees the world as existing in a perpetual gray area of pseudo-conflict; stealing information on dissidents and corporations that play major roles in the US economy is one way of strengthening Russia’s hand in that fight. The Kremlin doesn’t really care who gets hurt in the process.

Russian hacker🕵

The US State Department and FBI have announced a $3m reward for information leading to the arrest or conviction of Russian national Evgeniy Bogachev, the highest bounty US authorities have ever offered in a cyber case.

The FBI also issued a “Wanted” poster for Bogachev, who is charged in the United States with running a computer attack network called GameOver Zeus that allegedly stole more than $100m from online bank accounts.

Bogachev has been charged by federal authorities in Pittsburgh with conspiracy, computer hacking, wire fraud, bank fraud and money laundering in connection with his alleged role as administrator of GameOver Zeus.

He also faces federal bank fraud conspiracy charges in Omaha, Nebraska related to his alleged involvement in an earlier variant of Zeus malware known as Jabber Zeus.

Bureau officials said on Tuesday they believed Bogachev was still in Russia. He could not immediately be reached for comment.

Joseph Demarest, head of the FBI’s cyber-crime division, said the agency is aware of 60 different cyberthreat groups linked to nation-states. He did not identify which countries were believer to be behind these groups.

Demarest said that Russia’s internal security agency, the FSB, had recently expressed tentative interest in working with US authorities on investigating cybercrimes. He did not link the offer of cooperation to the Bogachev case.

China has not expressed any interest in cooperating with the United States on cybercrimes, he said. Last November, the United States indicted five Chinese military officers and accused them of hacking into US nuclear power, metals and solar products industries.

Demarest said the FBI learned within a month of Sony Pictures’ first report of a large-scale cyber-attack that North Korea was behind it.

“We were absolutely positive in a very short period of time” that the North Korean government was behind the attack, he said.

Despite assertions from some security experts that the Sony Pictures hackers might have had help from one or more insiders at the studio, Demarest said investigators had found no evidence to back up such claims.

The FBI had learned of “over 100 major” cyber-attacks in 2014, Demarest said, adding that evidence of insider collusion had turned up in “less than a handful” of those cases.