Enlarge Recently a cache of 2,337 e-mails from the office of a high-ranking advisor to Russian president Vladimir Putin was dumped on the Internet after purportedly being obtained by a Ukrainian hacking group calling itself CyberHunta . The cache shows that the Putin government communicated with separatist forces in Eastern Ukraine, receiving lists of casualties and expense reports while even apparently approving government members of the self-proclaimed Donetsk People’s Republic. And if one particular document is to be believed, the Putin government was formulating plans to destabilize the Ukrainian government as early as next month in order to force an end to the standoff over the region, known as Donbass. Based on reporting by the Associated Press’s Howard Amos and analysis by the Atlantic Council’s Digital Forensic Research Lab , at least some of the e-mails—dumped in a 1-gigabyte Outlook .PST mailbox file—are genuine. Amos showed e-mails in the cache to a Russian journalist, Svetlana Babaeva, who identified e-mails she had sent to Surkov’s office. E-mail addresses and phone numbers in some of the e-mails were also confirmed. And among the documents in the trove of e-mails is a scan of Surkov’s passport (above), as well as those of his wife and children. A Kremlin spokesperson denied the legitimacy of the e-mails, saying that Surkov did not have an e-mail address. However, the account appears to have been used by Surkov’s assistants, and the dump contains e-mails with reports from Surkov’s assistants. The breach, if ultimately proven genuine, would appear to be the first major publicized hack of a Russian political figure. And in that instance, perhaps this could be a response to the hacking of US political figures attributed to Russia. Read 6 remaining paragraphs | Comments
Read More:
Some hacked e-mails, documents from Putin advisor confirmed as genuine
prisoninmate writes: The Linux 4.7 kernel branch officially reached end of life, and it has already been marked as EOL on the kernel.org website, which means that the Linux kernel 4.7.10 maintenance update is the last one that will be released for this branch. It also means that you need to either update your system to the Linux 4.7.10 kernel release or move to a more recent kernel branch, such as Linux 4.8. In related news, Linux kernel 4.8.4 is now the latest stable and most advanced kernel version, which is already available for users of the Solus and Arch Linux operating systems, and it’s coming soon to other GNU/Linux distributions powered by a kernel from the Linux 4.8 series. Users are urged to update their systems as soon as possible. Read more of this story at Slashdot. 
It’s no secret that ransomware hackers are in the business to make money. But a new business arrangement hitting the news today may surprise many. Vice’s Motherboard, citing research and investigation (PDF) from security firm F-Secure, is reporting that a Fortune 500 company, the name of which hasn’t been unveiled, hired a ransomware gang to hack its competitors. From the article: In an exchange with a security researcher pretending to be a victim, one ransomware agent claimed they were working for a Fortune 500 company. “We are hired by [a] corporation to cyber disrupt day-to-day business of their competition, ” the customer support agent of a ransomware known as Jigsaw said, according to a new report by security firm F-Secure. “The purpose was just to lock files to delay a corporation’s production time to allow our clients to introduce a similar product into the market first.”In a statement to Motherboard, Mikko Hypponen said, “If this indeed was a case where ransomware was used on purpose to disrupt a competitor’s operation, it’s the only case we know of.” F-Secure adds that the consumer representative noted that “politicians, governments, husbands, wives — people from all walks of life contract [them] to hack computers, cell phones.” Read more of this story at Slashdot. 
An anonymous reader quotes an article from Motherboard: According to a new paper, security researchers are now working closely with the Tor Project to create a “hardened” version of the Tor Browser, implementing new anti-hacking techniques which could dramatically improve the anonymity of users and further frustrate the efforts of law enforcement… “Our solution significantly improves security over standard address space layout randomization (ASLR) techniques currently used by Firefox and other mainstream browsers, ” the researchers write in their paper, whose findings will be presented in July at the Privacy Enhancing Technologies Symposium in Darmstadt, Germany. The researchers say Tor is currently field-testing their solution for an upcoming “hardened” release, making it harder for agencies like the FBI to crack the browser’s security, according to Motherboard. “[W]hile that defensive advantage may not last for too long, it shows that some in the academic research community are still intent on patching the holes that their peers are helping government hackers exploit.” Read more of this story at Slashdot. 
Two days after Fiverr, a marketplace for digital services, removed user listings from its website that advertised DDoS-for-hire services, the company’s website suffered a six-hour long DDOS attack. Softpedia reports: The incident took place on the morning of May 27 (European timezones), and the service admitted its problems on its Twitter account. At the time of writing, Fiverr has been back up and functioning normally for more than two hours. Fiverr’s problems stem from an Incapsula probe that found DDoS-for-hire ads on its marketplace, available for $5. Incapsula reported the suspicious listings to Fiverr, who investigated the issue and removed the ads. Fiverr first removed all listings advertising blatantly illegal DDoS services, but later also removed the ads offering to “test” a website for DDoS “protection” measures. Read more of this story at Slashdot.