Menu

user_mobilelogo

Nationwide Dyn Hack

Nationwide Hack

New Weapons Used to Disrupt Major Websites

On Friday last week, leading major websites were inaccessible to people across wide portions of the United States. According to the source article on this; a company that manages crucial parts of the internet’s infrastructure said it was under attack. These sources reported sporadic problems reaching several websites, including Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times.

The company, Dyn, houses servers that monitor and reroute internet traffic. Dyn said it began experiencing what security experts called a distributed denial-of-service attack just after 7 a.m. Reports that many sites were inaccessible started on the East Coast, but spread westward in three waves as the day wore on and into the evening.

In addition, something new to consider along with this attack is specifics about this indicate that it relied on hundreds of thousands of internet-connected devices like cameras, baby monitors, on line security devices, and home routers that have been infected — without their owners’ knowledge — with software that allows hackers to command them to flood a target with overwhelming traffic.

It is also reported that the Federal Bureau of Investigation and the Department of Homeland Security were looking into the incident and all potential causes, including criminal activity and a nation-state attack. According to these reports, Kyle York, Dyn’s chief strategist, said his company and others that host the core parts of the internet’s infrastructure were targets for a growing number of more powerful attacks. “The number and types of attacks, the duration of attacks and the complexity of these attacks are all on the rise,” Mr. York said.

Security researchers have long warned that the increasing number of devices being hooked up to the internet, the so-called Internet of Things, would present an enormous security issues. And the assault on Friday, security researchers say, is only a glimpse of how those devices can be used for online attacks.

Dyn is based in Manchester, N.H., and indicated that it had fended off the assault by 9:30 a.m. But by 11:52 a.m., but found it was again under attack. After fending off the second wave of attacks, Dyn said at 5 p.m. that it was again facing a flood of traffic.

DDoS - A distributed denial-of-service attack, or DDoS, occurs when hackers flood the servers that run a target’s site with internet traffic until it stumbles or collapses under the load. While most web masters, DNS providers, and large server provioning companies are aware these attacks are common, this attack last week provides evidence that there is evidence that they are becoming more powerful, more sophisticated and increasingly aimed at core internet infrastructure providers. Definitely not good news for the average home consumer. Going after companies like Dyn can cause far more damage than aiming at a single website.

The core service provider Dyn, is one of many outfits that host the Domain Name System, or DNS. DNS, which functions as a switchboard for the internet; does translate user-friendly web addresses like fbi.gov into numerical addresses that allow computers to speak to one another. Without the DNS servers operated by internet service providers, the internet could not operate.

In this specific case on Friday, the attack was aimed specifically at the Dyn infrastructure that supports internet connections. While the attack did not affect the websites themselves, it blocked or slowed users trying to gain access to those sites. Mr. York, the Dyn strategist, said in an interview during a lull in the attacks that the assaults on its servers were complex.

“This was not your everyday DDoS attack,” Mr. York said. “The nature and source of the attack is still under investigation.”

A notice from Dyn on its website about the outage:

Later in the day, Dave Allen, the general counsel at Dyn, said tens of millions of internet addresses, or so-called I.P. addresses, were being used to send a fire hose of internet traffic at the company’s servers. He also confirmed that a large portion of that traffic was coming from internet-connected devices that had been co-opted by type of malware, called Mirai.

Dale Drew, chief security officer at Level 3, an internet service provider, found evidence that roughly 10 percent of all devices co-opted by Mirai were being used to attack Dyn’s servers. Just one week ago, Level 3 found that 493,000 devices had been infected with Mirai malware, nearly double the number infected last month.

Mr. Allen added that Dyn was collaborating with law enforcement and other internet service providers to deal with the attacks.

In a recent report, Verisign, a registrar for many internet sites that has a unique perspective into this type of attack activity, reported a 75 percent increase in such attacks from April through June of this year, compared with the same period last year.

The attacks were not only more frequent, they were bigger and more sophisticated. The typical attack more than doubled in size. What is more, the attackers were simultaneously using different methods to attack the company’s servers, making them harder to stop. The most frequent targets were businesses that provide internet infrastructure services like Dyn.

“DNS has often been neglected in terms of its security and availability,” Richard Meeus, vice president for technology at Nsfocus, a network security firm, wrote in an email. “It is treated as if it will always be there in the same way that water comes out of the tap.”

Last month, Bruce Schneier, a security expert and blogger, wrote on the Lawfare blog that someone had been probing the defenses of companies that run crucial pieces of the internet.

“These probes take the form of precisely calibrated attacks designed to determine exactly how well the companies can defend themselves, and what would be required to take them down,” Mr. Schneier wrote. “We don’t know who is doing this, but it feels like a large nation-state. China and Russia would be my first guesses.”

While i may be too early to determine who was behind Friday’s attacks, it is this type of attack that has election officials concerned. They are worried that an attack could keep citizens from submitting votes.

Thirty-one states and the District of Columbia allow internet voting for overseas military and civilians. Alaska allows any Alaskan citizen to do so. Barbara Simons, the co-author of the book “Broken Ballots: Will Your Vote Count?” and a member of the board of advisers to the Election Assistance Commission, the federal body that oversees voting technology standards, said she had been losing sleep over just this prospect.

“A DDoS attack could certainly impact these votes and make a big difference in swing states,” Dr. Simons said on Friday. “This is a strong argument for why we should not allow voters to send their voted ballots over the internet.”

This month the director of national intelligence, James Clapper, and the Department of Homeland Security accused Russia of hacking the Democratic National Committee, apparently in an effort to affect the presidential election. There has been speculation about whether President Obama has ordered the National Security Agency to conduct a retaliatory attack and the potential backlash this might cause from Russia.

Gillian M. Christensen, deputy press secretary for the Department of Homeland Security, said the agency was investigating “all potential causes” of the attack.

Vice President Joseph R. Biden Jr. said on the NBC News program “Meet the Press” this month that the United States was prepared to respond to Russia’s election attacks in kind. “We’re sending a message,” Mr. Biden said. “We have the capacity to do it.”

But technology providers in the United States could suffer blowback. As Dyn fell under recurring attacks on Friday, Mr. York, the chief strategist, said such assaults were the reason so many companies are pushing at least parts of their infrastructure to cloud computing networks, to decentralize their systems and make them harder to attack.

“It’s a total wild, wild west out there,” Mr. York said.


By NICOLE PERLROTHOCT. 21, 2016 Erin McCann contributed reporting from New York.

A version of this article appears in print on October 22, 2016, on page A1 of the New York edition with the headline: New Weapons Used in Attack on the Internet. Photo
A map of the areas experiencing problems, as of Friday afternoon, according to downdetector.com.

Experts Warn Of Security Flaw

Android Devices At RiskPeople visit an Android stand at the Mobile World Congress in Barcelona March 4, 2015. (REUTERS/Gustau Nacarino)iComEx is reporting today that tech security researchers warned in reports a Linux flaw lets attackers hijack internet traffic and it also affects nearly 80 percent of Android devices. Mobile security company Lookout reports that the recently discovered Linux flaw could impact around 1.4 billion Android devices.

“The vulnerability lets attackers obtain unencrypted traffic and degrade encrypted traffic to spy on victims,” explained Lookout Security Researcher Andrew Blaich, in a blog post Monday.

While the Linux flaw is not specific to Android, its potential to affect a large number of devices has grabbed plenty of attention.

Reports say that this flaw first appeared with the introduction of Linux 3.6 in 2012, according to Ars Technica, which warns that an attacker could insert malicious code or content into unencrypted TCP internet connections between two parties. Even if the connection is encrypted, an attacker may be able to terminate it, Ars Technica adds.

“If you’re running an enterprise mobility program, a number of Android devices are potentially vulnerable to a serious spying attack,” wrote Blaich, in the Lookout blog post. “CISOs [Chief Information Security Officers] should be aware that this new vulnerability affects their Linux environments, Linux-based server connections (e.g., to popular websites), in addition to Android devices.”

Blaich also urges companies to check if any of the traffic to their services, such as email, is using unencrypted communications. “If so, targeted attacks would be able to access and manipulate unencrypted sensitive information, including any corporate emails, documents, or other files,” he added.

"We have been aware of this issue and we're taking the appropriate actions," explained a spokesman for Google, in an email to FoxNews.com.

Digital Trends reports that the flaw, which will likely be remedied when the new version of Android, Android 7.0 Nougat, becomes available to the public. The final release of Android 7.0 Nougat will be available by the end of September, according to Android Authority.

 Source: Ars Technica

The New “QuadRooter” Hack Affects Over 900 million Android Devices

Original Article: By White Cat

iComEx - Educate About Android QuadRooter Hack

Right now over 900 million Android devices are affected by the new “QuadRotter” hack. If you own an Android phone, then you need to read this article and then go to the google page link below and see if your phone is at risk. If you haven't heard of this then let's quickly review what has happened. If you have questions please call us if you are unable to discern problematic issues after going to the link below and continue to have android phone issues.

"A set of 4 security flaw in the Qualcomm chipsets that powers the Android devices is vulnerable to hackers. If any one of the 4 vulnerabilities is exploited, it will allow attackers to gradually take over a user’s handset and gain root access.

Qualcomm is the world’s leading designer of LTE (Long Term Evolution) chipsets with a 65% share of the LTE modem baseband market. Hackers would simply have to trick people into downloading a malicious app to make all this possible.

The vulnerabilities have been disclosed by a team of Check Point researchers at the DEF CON 24 security conference in Las Vegas.

Critical Quadrooter Vulnerabilities:

  1. CVE-2016-2503 discovered in Qualcomm’s GPU driver and fixed in Google’s Android Security Bulletin for July 2016.
  2. CVE-2016-2504 found in Qualcomm GPU driver and fixed in Google’s Android Security Bulletin for August 2016.
  3. CVE-2016-2059 found in Qualcomm kernel module and fixed in April, though patch status is unknown.
  4. CVE-2016-5340 presented in Qualcomm GPU driver and fixed, but patch status unknown.

Check If Your Device Is Vulnerable To Hackers:  https://play.google.com/store/apps/details?id=com.checkpoint.quadrooter

By using Check Point’s free app you can check if your smartphone or tablet is vulnerable to Quadrooter attack. However these flaws can only be fixed by installing a patch from the device’s distributors after receiving fixed driver packs from Qualcomm."

Part of having technology means you as a user must keep up with how to keep your technology current and free from hacking and compromise. As professionals iComEx will continue to help educate you our clients as to what is going on out there in the Cyber world and bring you the right information to keep your technology up to date and provide sources for the fixes put in place by leading manufacturers. If you have specific questions regarding additional technology you use for personal or business use, please call us and ask those questions you need to for peace of mind. 972-712-2100 is a call away from you knowing you have done all you can regarding a compromise in technical equipment you have purchased.

iComEx Supports Kids In Dallas County

Crystal Charity Ball Dallas County Kids

Crystal Charity Ball 2016 BeneficiariesFor over 18 years, iComEx has been supporting charities in the Dallas Fort Worth metroplex, and in the State of Texas. One of those charities is Crystal Charity Ball in Dallas. If you don't know about Crystal Charity Ball, we would like to take this opportunity to share with you about who they are and what they do. Click on this link and see all the Crystal Charity Ball History Of Giving by this organization.  Dallas County children receive year after year millions of dollars raised by this wonderful organization. Please check them out and consider a donation to help Kids in Dallas County.

Since 1952, the sole purpose of The Crystal Charity Ball has been to aid, support and make contributions to children's charities in Dallas County.  As a nonprofit organization, independent of any national affiliation, members of The Crystal Charity Ball Committee have raised more than $130 million for more than 140 worthy beneficiaries over the past 60 years.

In 2016, the 100 active members of The Crystal Charity Ball Committee committed to raise $5,650,258. These funds will support seven commendable Dallas organizations and give children hope for a healthier more productive future.  The generous spirit of Underwriters, Children’s Book participants, Silent Auction and Special Gift donors, and Contribution Ticket patrons will help turn promises into reality for children served by The Crystal Charity Ball.

We invite you to give now to support kids in Dallas...by making a quick donation: Donate Now

On December 3, 2016, the committee members will hold a beautiful, elegant gala to honor these philanthropic donors.

If you are interested in applying for support for an organization in Dallas County, here is how it works. While applications for 2016 Beneficiaries are complete, applications for 2017 will be available September 1, 2016.

The Selection Process will go through several rounds of review and here are tentative dates:

  • Initial Review - Fall 2016
  • Researcher Site Visits - Between January 8 - 20, 2017 (Scheduling will occur January 7-8, 2017)
  • Round I - January 20-21, 2017
  • Round II Agency Presentations - January 27-28, 2017
  • Final Round Agency Presentation - February 4, 2017
  • If Selected as a Beneficiary: Beneficiary Meetings will occur the week of February 8-12, 2017

** The 2017 beneficiaries will be selected around February 4, 2017 **

APPLICATIONS FOR 2017 WILL BE AVAILABLE SEPTEMBER 1, 2016.

2016 Beneficiaries:

Captain Hope's Kids/Hope Supply Co.

THE PROJECT: Hope for Homeless Children

THE COMMITMENT: $600,000

 
Community Partners of Dallas

THE PROJECT: A Forever Home for Community Partners

THE COMMITMENT: $1,359,236

 
Girl Scouts of Northeast Texas

THE PROJECT: STEM Center of Excellence Girl Exploration Center

THE COMMITMENT: $976,000

 
Notre Dame School of Dallas

THE PROJECT: Hearts and Hammers Campaign

THE COMMITMENT: $676,020

 
Parkland Foundation

THE PROJECT: Mobile Medical Clinic and Pediatric Screenings


THE COMMITMENT: $789,002

 
Teach for America

THE PROJECT: Elementary Education Initiative


THE COMMITMENT: $500,000

 
The Family Place

THE PROJECT: Children’s Counseling Center

THE COMMITMENT: $750,000

 
The Crystal Charity Ball Educational Scholarship Project

 
The Crystal Charity Ball Endowment Fund

Thank you Crystal Charity Ball for all the work you do. You have made a tremendous difference in the lives of millions of kids in Dallas County...

Keith Clay Floors New Website

Keith Clay Floors Redesigned WebsiteFor over 30 years Keith Clay Floors has provided the Dallas / Fort Worth metroplex with superior quality flooring solutions. Clients just like you enjoy the professional floor restoration, floor refinishing, floor repair, floor installation and floor maintenance services that have always been a quality hallmark of Keith Clay Floors for both residential and commercial settings. Call 972-463-6604 or 817-663-5235 today to request a quote. or submit the Request a Quote form.

A wide range of hard surface flooring services are provided, including:

  • Hardwood Floor Installation
  • Hardwood Floor Repair
  • Hardwood Floor Restoration
  • Hardwood Floor Refinishing & Sanding
  • Marble Floor Installation
  • Marble Floor Repair
  • Marble Floor Restoration
  • Marble Floor Honing & Polishing
  • Tile Floor Installation
  • Tile Floor Repair
  • Tile Floor Restoration
  • Tile Floor Stripping & Refinishing

Keith Clay Floors works with almost any kind of hard surface flooring product. From hardwood floors the ceramic tile floors, from Mexican tile floors to brick floors, from marble floors to polish concrete floors, and many more.

Keith Clay Floors provides several exclusive services in the Dallas area: floor installation, floor refinishing, and floor maintenance. This also includes natural stone and marble polishing and marble honing. Each of these jobs takes special skill and knowledge to make your home look its best. We make sure all of this work is done right. We are experts at installing tile and slate. Refinishing hardwood floors takes expertise, tools, and patience and we have them. We recommend the best maintenance for your brick floors, which is sealing and waxing. For slate floors we recommend a sealer that makes it easier to clean in the future.

When it comes to exclusive services we at Keith Clay Floors do our absolute best to achieve the highest service possible. Whether is it installation, refinishing, or maintenance we can help. We take care of professional maintenance and explain the proper home care of your floor. We have the skilled personnel to install your floors professionally giving you complete satisfaction.


iComEx serves Dallas, Frisco, Plano, Allen, McKinney, Sherman, Denison, Pottsboro, and all points North and South of the Texoma border.

  Connect with Us

iComEx

Phone: 972-712-2100

Toll Free: 877-282-6900

Fax: 214-291-5853

Email: Click Here

Facebook

Google+

Twitter

YouTube

LinkedIn