Here’s the Best Summary of The Washington Post’s Latest ‘Fake News’ Fiasco


Michael Krieger
January 3, 2017

It’s quite ironic that the one newspaper most hysterical in warning the American public about the dangers of “fake news,” has become the most prolific publisher of it. The most recent example, of course, relates to the entirely made up story that those dastardly Russians had hacked into the U.S. power grid through a Vermont utility. The paper’s source for the story? Anonymous government officials. Unsurprisingly, the entire thing was a fairytale.

Most of you will already be aware of the story, but this is such a monumental example of journalistic malpractice, it deserve far more attention and scrutiny.

In that regard, Forbes contributor Kalev Leetaru, has done an excellent job of shining further light on how it all went down in his piece, “Fake News” And How The Washington Post Rewrote Its Story On Russian Hacking Of The Power Grid. Here are some key…

View original post 5 more words

Someone Hijacking Unsecured MongoDB Databases for Ransom



Nearly two years back, we warned users about publicly accessible MongoDB instances – almost 600 Terabytes (TB) – over the Internet which require no authentication, potentially leaving websites and servers at risk of hacking.

These MongoDB instances weren’t exposed due to any flaw in its software, but due to a misconfiguration (bad security practice) that let any remote attacker access MongoDB databases without using any special hacking tool.

MongoDB later resolved the issue in the next version of its software by setting unrestricted remote access by default in the configuration, thousands of site administrators have not updated their servers yet.

But trust me, they’ll now regret this!

A Hacker is now hijacking and wiping out unsecured MongoDB databases, but keeping a copy of those databases for asking administrators a ransom of 0.2 Bitcoins (nearly US$211) to return the lost data. So, admins without backups are left in a bind.

In fact, the rising price of Bitcoin even hints at some of its troubles. At the time od writing, 1 Bitcoin = USD1063.93.

Security researcher and co-founder of the GDI Foundation Victor Gevers (@0xDUDE) discovered the attacks and notified exposed non-password-protected MongoDB installations to owners via Twitter.

Gevers identified nearly 200 instances of a MongoDB installation that’s been erased and held for ransom, while this number reached approximately 2,000 databases as of 4:00 p.m, as reported by John Matherly, the Founder of Shodan, where many exposed MongoDB databases can be found.

These attacks have been going on for over a week, targeting servers all over the world. It is believed that instead of encrypting the data, the attacker who goes by the name “harak1r1,” ran a script that replaced the content of the database with the attacker’s ransom note.

While accessing one of the open servers, Gevers found that in place of the database content, there is only one table, named “WARNING,” which reads:


16 Victims Already Paid the Ransom

It appears that around 16 organizations so far have paid the ransom to the attacker.

Matherly has been warning of the dangers of exposed MongoDB installations since 2015, allowing an attacker to remotely access the databases over the Internet without the need of any form of authentication.

Matherly said the majority of publicly exposed 30,000 MongoDB instances run on cloud servers such as Amazon, Digital Ocean, Linode, and Internet service and hosting provider OVH and do so without authentication, making cloud services buggier than datacenter hosting.

How to Know if You’ve Been Hacked?

  • Check the MongoDB accounts to see if no one added a secret (admin) user.
  • Check the GridFS to look if someone stored any files there.
  • Check the log files to see who accessed the MongoDB.

How to Protect Yourself?

  • Enable authentication that provides you ‘Defense in depth’ if your network is compromised. Edit your MongoDB configuration file — auth = true.
  • Use firewalls — Disable remote access to the MongoDB, if possible. Admins are advised to use firewalls to protect the MongoDB installations by blocking access to port no. 27017.
  • Configure Bind_ip — Limit access to the server by binding local IP addresses.
  • Upgrade — Administrators are strongly recommended to upgrade their software to the latest release.

MongoDB is the most popular, open-source NoSQL database used by companies of all sizes, from eBay and Sourceforge to The New York Times and LinkedIn. Administrators are encouraged to follow a security checklist provided by the company.

Swati - Hacking News
Technical Writer, Security Blogger and IT Analyst. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

The Times Are Changing: Assange Goes on FOX News and Destroys the Russia Hack Conspiracy Theory

Tales from the Conspiratum

Wikileaks founder Julian Assange made his first video appearance in months, emerging in an interview with Sean Hannity to state, again, unequivocally, leaked documents did not come from Russian hackers.

Source: The Times Are Changing: Assange Goes on FOX News and Destroys the Russia Hack Conspiracy Theory
Jan 4, 2017

Wikileaks founder Julian Assange came forward after a long period of silence for a video interview with Fox News’ Sean Hannity — in particular, to decimate claims leaked emails from the Democratic establishment had been hacked and provided by Russian government actors.

“The narrative has begun that, in fact, the U.S. government is accusing Wikileaks of having received materials from Russia and Russia’s cybercriminals with the political agenda of influencing the election. And obviously they’re talking, not just about the John Podesta emails, the DNC emails, but in other ways. I’ve asked you before, I’ll ask you again…

View original post 1,389 more words

The US Has Begun Amassing Troops on Russian Border

Tales from the Conspiratum

This Obomber cretin just does not get it. You’d think a Nobel Peace prize winner would at least attempt to look the part. Pathetic.

Let’s all thank the Gods of reason that Putin is at the helm on the other side.

As a deterrent against “Russian aggression.”

Source: The US Has Begun Amassing Troops on Russian Border

Darius Shahtahmasebi

January 4, 2017  

(ANTIMEDIA) Lithuania has confirmed the presence of U.S. special forces inside its territory, stating the deployment’s purpose is to train local forces and act as a deterrent against Russian aggression. Supposedly, Vladimir Putin has been deploying nuke-ready missiles in the Russian province of Kaliningrad, an area that borders Poland, Belarus, and Lithuania. This move has prompted the neighboring Baltic states to become “highly concerned” about Russian military activity.

“The United States was the first to offer additional safety assurance measures to the Baltic countries following…

View original post 440 more words