Slashdot security articles

Syndicate content Slashdot: Generated for TarPitt (217247)
News for nerds, stuff that matters: Generated for TarPitt (217247)
Updated: 5 hours 19 min ago

House GOP Campaign Committee Says Its Emails Were Hacked During 2018 Campaign

Tue, 12/04/2018 - 10:15
The National Republican Congressional Committee was hacked this election cycle, it admitted Tuesday afternoon. From a report: "The NRCC can confirm that it was the victim of a cyber intrusion by an unknown entity. The cybersecurity of the Committee's data is paramount, and upon learning of the intrusion, the NRCC immediately launched an internal investigation and notified the FBI, which is now investigating the matter," NRCC spokesman Ian Prior said in a statement. "To protect the integrity of that investigation, the NRCC will offer no further comment on the incident." The major breach included thousands of emails from four senior aides, according to Politico, which first reported the hacks. An outside vendor noticed and alerted the committee in April. The committee then launched an internal investigation and alerted the FBI.

Marriott's Breach Response Is So Bad, Security Experts Are Filling In the Gaps

Tue, 12/04/2018 - 03:00
An anonymous reader quotes a report from TechCrunch: Last Friday, Marriott sent out millions of emails warning of a massive data breach -- some 500 million guest reservations had been stolen from its Starwood database. One problem: the email sender's domain didn't look like it came from Marriott at all. Marriott sent its notification email from "email-marriott.com," which is registered to a third party firm, CSC, on behalf of the hotel chain giant. But there was little else to suggest the email was at all legitimate -- the domain doesn't load or have an identifying HTTPS certificate. In fact, there's no easy way to check that the domain is real, except a buried note on Marriott's data breach notification site that confirms the domain as legitimate. But what makes matters worse is that the email is easily spoofable. Many others have sounded the alarm on Marriott's lackluster data breach response. Security expert Troy Hunt, who founded data breach notification site Have I Been Pwned, posted a long tweet thread on the hotel chain giant's use of the problematic domain. As it happens, the domain dates back at least to the start of this year when Marriott used the domain to ask its users to update their passwords. Williams isn't the only one who's resorted to defending Marriott customers from cybercriminals. Nick Carr, who works at security giant FireEye, registered the similarly named "email-mariott.com" on the day of the Marriott breach. "Please watch where you click," he wrote on the site. "Hopefully this is one less site used to confuse victims." Had Marriott just sent the email from its own domain, it wouldn't be an issue.

Two iOS Fitness Apps Were Caught Using Touch ID To Trick Users Into Payments of $120

Mon, 12/03/2018 - 18:45
secwatcher shares a report from Threatpost: Two apps that were posing as fitness-tracking tools were actually using Apple's Touch ID feature to loot money from unassuming iOS victims. The two impacted apps were the "Fitness Balance App" and "Calories Tracker App." Both apps looked normal, and served functions like calculating BMI, tracking daily calorie intake or reminding users to drink water; and both received good reviews on the iOS store. However, according to Reddit users and researchers with ESET, the apps steal money -- almost $120 from each victim -- thanks to a sneaky popup trick involving the Apple Touch ID feature. According to heated victims who took to Reddit to air their complaints, after a user launches one of the apps, it requests a fingerprint scan prompting users to "view their personalized calorie tracker and diet recommendations." After the users use Touch ID, the app then shows a pop-up confirming a payment of $119.99. The pop-up is only visible for a second, according to users. "However, if the user has a credit or debit card directly connected to their Apple account, the transaction is considered verified and money is wired to the operator behind these scams," said Lukas Stefanko, malware analyst with ESET security, in a Monday post on the scam.

Mapping the Spectral Landscape of IPv6 Networks

Mon, 12/03/2018 - 07:22
Trailrunner7 writes: Like real estate, we're not making any more IPv4 addresses. But instead of trying to colonize Mars or build cities under the sea, the Internet's architects developed a separate address scheme with an unfathomably large pool of addresses. IPv6 has an address space of 2^128, compared to IPv4's 2^32, and as the exhaustion of the IPv4 address space began to approach, registries started allocating IPv6 addresses and there now are billions of those addresses active at any given time. But no one really knows how many or where they are or what's behind them or how they're organized. A pair of researchers decided to tackle the problem and developed a suite of tools that can find active IPv6 addresses both in the global address space and in smaller, targeted networks. Known as ipv666, the open source tool set can scan for live IPv6 hosts using a statistical model that the researchers built. The researchers, Chris Grayson and Marc Newlin, faced a number of challenges as they went about developing the ipv666 tools, including getting a large IPv6 address list, which they accumulated from several publicly available data sets. They then began the painful process of building the statistical model to predict other IPv6 addresses based on their existing list. That may seem weird, but IPv6 addresses are nothing at all like their older cousins and come in a bizarre format that doesn't lend itself to simple analysis or prediction. Grayson and Newlin wanted to find as many live addresses as possible and ultimately try to figure out what the security differences are between devices on IPv4 and those on IPv6.

Prison Inmates Catfished $560,000 Out of Military Service Members in Sextortion Scam, NCIS Says

Sun, 12/02/2018 - 16:20
Hundreds of military service members reportedly got caught up in a sextortion scam run by prison inmates using cellphones, according to a release issued by the Naval Criminal Investigative Service (NCIS). From a report: Military agents from multiple criminal investigation groups have served summons and issued warrants for arrests related to the scheme. According to the NCIS, South Carolina and North Carolina prison inmates, assisted by outside accomplices, sought out service members through dating sites and social media, then took on false identities, feigned romantic interest, and exchanged photos. Once the inmates had successfully catfished their targets, they would then pose as the father of the fake persona, insisting their child was underage and that the target had therefore committed a crime by exchanging photos. In some situations, the "father" claimed he wouldn't press charges if the target gave him money. Sometimes the catfisher would pose as law enforcement requesting money for the family.

SKY Brasil Exposes 32 Million Customer Records

Sun, 12/02/2018 - 11:19
Independent security researcher Fabio Castro found data belonging to 32 million customers of SKY Brasil exposed online. "Using the advanced features of the Shodan search engine, he was able to discover multiple servers in Brazil running Elasticsearch that made information available without authentication," reports BleepingComputer. "A cluster of servers called 'digital-logs-prd' attracted the researcher's attention and with a simple command, he listed the indices available, one of them 429.1GB in size." From the report: The file included personally identifiable information of SKY Brasil customers, which featured full name, email address, service login password, client IP address, payment methods, phone number, and street address. SKY Brasil is a telecommunications company that also offers television services, being the second largest provider of pay-TV services in the country, according to statistics from March. In a conversation with BleepingComputer, Castro said that he reported his findings to the company who fixed the problem by restricting access with a password, an operation that takes just a few minutes. Because the server has been exposed for a long time, the protective measure may have come too late. Castro told us that it is very possible that criminals have already grabbed the data.

Intel Sues Ex-Engineer For Trying To Steal 3D XPoint Technology On His Way To Micron

Sun, 12/02/2018 - 08:16
Intel has filed a lawsuit last week against one of their former hardware engineers, alleging they tried to steal confidential chip blueprints to potentially pass on to Micron. "The lawsuit [...] is the latest twist in the tale of Intel and Micron's difficult partnership over 3D XPoint memory," reports The Register. From the report: The legal complaint, aimed at former employee Doyle Rivers, alleges that having "secretly" accepted a position at Chipzilla's former bedfellow, Micron, Rivers had a go at taking confidential trade and personnel data with him as he left. Intel alleged that a few days before leaving, "Rivers tried to access and copy a 'top secret' designated Intel file that Intel's electronic security system blocked from being copied." Chipzilla said the document was related to what it was at pains to say is its "independent" work to productize the 3D XPoint tech into its Optane product line. In other words, blueprints secret to Intel. No one outside Intel, "including Micron" had been privy to such data, the complaint alleged. Intel's security system stopped the file from escaping, but according to the complaint, that did not stop Rivers from allegedly hoovering up a selection of personnel files into a USB device plugged into his computer. The chipmaker also claimed that Rivers "aggressively" recruited his former colleagues to join him on his grand adventure to pastures new. Intel demanded that Rivers return the USB drive, but he apparently "never responded" to them. Instead, "he handed the USB device over to his new employer." It was later discovered by a forensic investigator that it had been wiped. Intel is now demanding "a neutral forensic investigator" be allowed to take a look at Rivers' PC to see what was on there, and when exactly the USB stick was erased. There's a deadline of November 16 for Rivers to agree to this probing.

Jailed 'Iceman' Hacker Now Charged With Drone-Smuggling Scheme Orchestrated From Prison

Sun, 12/02/2018 - 06:34
In 2010, Max Ray Butler received a 13-year prison sentence for "hacking" -- at the time, the longest one ever -- after stealing nearly 2 million credit cards and running up fraudulent charges over $86 million. But eight years into his sentence, he's now being charged with commiting five more counts of wire fraud while still in prison, as well as possessing stolen credit card numbers and contraband in prison, plus two more related counts of conspiracy. An anonymous reader quotes the Washington Times: Previously known as Max Ray Butler and by his hacker alias, "Iceman," Max Ray Vision has been charged in a nine-count indictment filed by federal prosecutors that places him at the center of a scheme that allegedly involved using a smuggled cellphone, stolen banking data and a consumer-grade drone to make an airdrop into prison, The Daily Beast first reported Friday.... Prosecutors alleged in the indictment that Vision used a smuggled T-Mobile "My-Touch" cellphone while incarcerated at the Federal Correctional Center in Oakdale, Louisiana, to access the internet and obtain stolen debit card numbers. "Using MoneyGram and Western Union websites, and their respective mobile applications," a grand jury charged in the indictment, "Butler wired funds from the bank accounts associated with the stolen debit card numbers to other inmates at Oakdale FCC," including five co-defendants also charged in the indictment. He later instructed his fellow inmates to transfer the funds obtained from the stolen debit cards to a former cellmate who had been released in May 2015, according to the indictment... Vision's former cellmate allegedly used the stolen funds to purchase an unmanned aerial vehicle, or drone, that was then used in April 2016 to attempt to smuggle another cellphone and other unspecified contraband into prison, according to the indictment... He allegedly began using the smuggled Android phone in Oct. 2014, according to the indictment, roughly 18 months before the airdrop. "The potential for greater crimes [sic] opportunities are obvious," complained the Bureau of Prisons concluded in a report cited by The Daily Beast, "i.e. escape, introduction of firearms, etc. "Although [Vision] was only equipped with a smartphone, he proved that he is more than capable to disrupt and circumvent the security of the institution and present a clear danger to the community in general."

Node.js Event-Stream Hack Reveals Open Source 'Developer Infrastructure' Exploit

Sat, 12/01/2018 - 14:18
"[O]n Nov. 26 it was publicly revealed that a widely deployed open-source Node.js programming language module known as event-stream had been injected with malicious code that looked to steal cryptocurrency wallets," reports eWeek, adding "The event-stream library has over two million downloads." An anonymous reader quotes Ars Technica: The backdoor came to light [November 20th] with this report from Github user Ayrton Sparling. Officials with the NPM, the open source project manager that hosted event-stream, didn't issue an advisory until six days later.... "This compromise was not targeting module developers in general or really even developers," an NPM official told Ars in an email. "It targeted a select few developers at a company, Copay, that had a very specific development environment set up. Even then, the payload itself didn't run on those developers' computers; rather, it would be packaged into a consumer-facing app when the developers built a release. The goal was to steal Bitcoin from this application's end users...." According to the Github discussion that exposed the backdoor, the longtime event-stream developer no longer had time to provide updates. So several months ago, he accepted the help of an unknown developer. The new developer took care to keep the backdoor from being discovered. Besides being gradually implemented in stages, it also narrowly targeted only the Copay wallet app. The malicious code was also hard to spot because the flatmap-stream module was encrypted. The attack is the latest to exploit weaknesses in a widely used supply chain to target downstream end users... The supply-chain attacks show one of the weaknesses of open source code. Because of its openness and the lack of funds of many of its hobbyist developers and users, open source code can be subject to malicious modifications that often escape notice. "The time has come," concludes Ars Technica, "for maintainers and users of open source software to devise new measures to better police the millions of packages being used all around us." Sophos' security blog also asks why so many developers "immediately and blindly trusted the new maintainer," and shared a concerned comment from developer named Chris Northwood. "Nothing's stopping this happening again, and it's terrifying."

Is Linux Taking Over The World?

Sat, 12/01/2018 - 12:41
"2019 just might be the Year of Linux -- the year in which Linux is fully recognized as the powerhouse it has become," writes Network World's "Unix dweeb." The fact is that most people today are using Linux without ever knowing it -- whether on their phones, online when using Google, Facebook, Twitter, GPS devices, and maybe even in their cars, or when using cloud storage for personal or business use. While the presence of Linux on all of these systems may go largely unnoticed by consumers, the role that Linux plays in this market is a sign of how critical it has become. Most IoT and embedded devices -- those small, limited functionality devices that require good security and a small footprint and fill so many niches in our technology-driven lives -- run some variety of Linux, and this isn't likely to change. Instead, we'll just be seeing more devices and a continued reliance on open source to drive them. According to the Cloud Industry Forum, for the first time, businesses are spending more on cloud than on internal infrastructure. The cloud is taking over the role that data centers used to play, and it's largely Linux that's making the transition so advantageous. Even on Microsoft's Azure, the most popular operating system is Linux. In its first Voice of the Enterprise survey, 451 Research predicted that 60 percent of nearly 1,000 IT leaders surveyed plan to run the majority of their IT off premises by 2019. That equates to a lot of IT efforts relying on Linux. Gartner states that 80 percent of internally developed software is now either cloud-enabled or cloud-native. The article also cites Linux's use in AI, data lakes, and in the Sierra supercomputer that monitors America's nuclear stockpile, concluding that "In its domination of IoT, cloud technology, supercomputing and AI, Linux is heading into 2019 with a lot of momentum." And there's even a long list of upcoming Linux conferences...

Lenovo Finally Pays $7.3 M Fine Over Invasive 2014 'Superfish' Adware Pre-Installations

Sat, 12/01/2018 - 10:34
Leonovo will add $7.3 million into a $1M fund settling a class action lawsuit over their undisclosed pre-installation of Superfish's targeting adware on 28 different laptop models in 2014. Within one year the U.S. Department of Homeland Security had warned that the adware made laptops vulnerable to SSL spoofing, allowing the reading of encrypted web traffic and the redirecting of traffic from official websites to spoofs, while according to Bloomberg the original software itself also "could access customer Social Security numbers, financial data, and sensitive heath information, the court said." An anonymous reader quotes Softpedia: According to a "SuperFish Vulnerability" advisory published by Lenovo on their support website following the discovery of the pre-installed software by consumers, the VisualDiscovery comparison search engine software was designed to work in the background, intercepting HTTP(S) traffic with the help of a self-signed root certificate that allowed it to decrypt and monitor all traffic, encrypted or not.... "VisualDiscovery was installed on nearly 800,000 Lenovo laptops sold in the United States between September 1, 2014 and February 28, 2015," also states the settlement agreement. "On January 18, 2015, in response to mounting complaints about the effects of VisualDiscovery, Lenovo instructed Superfish to turn it off at the server level...." Out of the 800,000 who bought the laptops that came with VisualDiscovery pre-installed, the 500,000 ones who registered their devices with Lenovo or bought them from retailers such as Best Buy and Amazon will be contacted directly by the Chinese company and informed about the settlement agreement. The rest of the customers who cannot be reached straightaway will be targeted by Lenovo using multiple online advertising platforms, from Google to Twitter and Facebook. A separate settlement with the FTC in 2017 was criticized for its failure to fine Lenovo -- though it did require the company to get affirmative consent for any future adware programs, plus regular third-party audits of its bundled software for the next 20 years.

Researchers Are Proposing a New Way To Generate Street Addresses by Extracting Roads From Satellite Images

Fri, 11/30/2018 - 14:15
An estimated 4 billion people in the world lack a physical address. Researchers at the MIT Media Lab and Facebook are now proposing a new way to address the unaddressed: with machine learning. From a report: The team first trained a deep-learning algorithm to extract the road pixels from satellite images. Another algorithm connected the pixels together into a road network. The system analyzed the density and shape of the roads to segment the network into different communities, and the densest cluster was labeled as the city center. The regions around the city center were divided into north, south, east, and west quadrants, and streets were numbered and lettered according to their orientation and distance from the center. When they compared their final results with a random sample of unmapped regions whose streets had been labeled manually, their approach successfully addressed more than 80% of the populated areas, improving coverage compared with Google Maps or OpenStreetMaps. This isn't the only way to automate the creation of addresses. The organization what3words generates a unique three-word combination for every 3-by-3-meter square on a global grid. The scheme has already been adopted in regions of South Africa, Turkey, and Mongolia by national package delivery services, local hospitals, and regional security teams. But Ilke Demir, a researcher at Facebook and one of the creators of the new system, says its main advantage is that it follows existing road topology and helps residents understand how two addresses relate to one another.

Trump Admin Takes First Steps To Overhaul H-1B Visa That Tech Companies Use To Hire Internationally

Fri, 11/30/2018 - 13:37
President Donald Trump's immigration authorities are moving to enact broad changes to a visa that allows American companies to bring international workers to the country. From a report: On Friday, U.S. Citizenship and Immigration Services and the Department of Homeland Security released a proposed rule that takes the first steps toward overhauling the H-1B visa. The new rule would prioritize applications for workers with advanced degrees from American universities. The policy would also change the application process companies go through when they want to secure H-1B visas for foreign talent. Instead of completing a petition for the new employee, companies would register for free online to enter what's been described as the "H-1B lottery." Immigration law caps the number of regular H-1B visas that can be awarded each year at 65,000. An additional 20,000 may be awarded to workers with master's degrees and PhDs. Under the new system, USCIS would review all applications, including those for workers with advanced degrees, during a registration period before the actual petitions are filed.

Marriott Says 500 million Starwood Guest Records Stolen in Massive Data Breach

Fri, 11/30/2018 - 06:50
An anonymous reader writes: Starwood Hotels has confirmed its hotel guest database of about 500 million customers has been stolen in a data breach. The hotel and resorts giant said in a statement filed with U.S. regulators that the "unauthorized access" to its guest database was detected on or before September 10 -- but may have dated back as far as 2014. "Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014," said the statement. "Marriott recently discovered that an unauthorized party had copied and encrypted information, and took steps towards removing it." Specific details of the breach remain unknown. We've contacted Starwood for more and will update when we hear back. The company said hat it obtained and decrypted the database on November 19 and "determined that the contents were from the Starwood guest reservation database." Some 327 million records contained a guest's name, postal address, phone number, date of birth, gender, email address, passport number, Starwood's rewards information (including points and balance), arrival and departure information, reservation date, and their communication preferences.

Google Shut Out Privacy, Security Teams From Secret China Project

Thu, 11/29/2018 - 19:30
An anonymous reader quotes a report from The Intercept about Google's secretive plans to build a censor version of its search engine for China: The objective, code-named Dragonfly, was to build a search engine for China that would censor broad categories of information about human rights, democracy, and peaceful protest. Yonatan Zunger, then a 14-year veteran of Google and one of the leading engineers at the company, was among a small group who had been asked to work on Dragonfly. He was present at some of the early meetings and said he pointed out to executives managing the project that Chinese people could be at risk of interrogation or detention if they were found to have used Google to seek out information banned by the government. Scott Beaumont, Google's head of operations in China and one of the key architects of Dragonfly, did not view Zunger's concerns as significant enough to merit a change of course, according to four people who worked on the project. Beaumont and other executives then shut out members of the company's security and privacy team from key meetings about the search engine, the four people said, and tried to sideline a privacy review of the plan that sought to address potential human rights abuses. Google's leadership considered Dragonfly so sensitive that they would often communicate only verbally about it and would not take written notes during high-level meetings to reduce the paper trail, two sources said. Only a few hundred of Google's 88,000 workforce were briefed about the censorship plan. Some engineers and other staff who were informed about the project were told that they risked losing their jobs if they dared to discuss it with colleagues who were themselves not working on Dragonfly.

Democrats Demand Info On Law Enforcement's Use of Amazon Facial Recognition Tool

Thu, 11/29/2018 - 16:10
An anonymous reader quotes a report from The Hill: A group of Democratic lawmakers sent a letter to Amazon CEO Jeff Bezos on Thursday saying that the company's previous explanations to Congress about its Rekognition software were inadequate. Democratic lawmakers expressed concern about the potential threat the technology poses to civil liberties in the hands of police. "Facial recognition technology may one day serve as a useful tool for law enforcement officials working to protect the American public and keep us safe," the letter reads. "However, at this time, we have serious concerns that this type of product has significant accuracy issues, places disproportionate burdens on communities of color, and could stifle Americans' willingness to exercise their First Amendment rights in public." In the letter on Thursday, the Democratic members requested that Amazon provide them with results from accuracy tests of the Rekognition software. They also asked again for information on their government clients and if they audited law enforcement's use of facial recognition to ensure that its not being employed in violation of civil rights law. "Customer trust, privacy, and security are our top priorities at AWS," Michael Punke, Amazon's vice president for global public policy, wrote in response. "We have long been committed to working with federal and state legislatures to modernize outdated laws to enhance the privacy and security of our customers by preventing law enforcement from accessing data without a warrant."

US iOS Users Targeted by Massive Malvertising Campaign

Thu, 11/29/2018 - 12:50
A cyber-criminal group known as ScamClub has hijacked over 300 million browser sessions over 48 hours to redirect users to adult and gift card scams, a cyber-security firm revealed this week. From a report: The traffic hijacking has taken place via a tactic known as malvertising, which consists of placing malicious code inside online ads. In this particular case, the code used by the ScamClub group hijacked a user's browsing session from a legitimate site, where the ad was showing, and redirected victims through a long chain of temporary websites, a redirection chain that eventually ended up on a website pushing an adult-themed site or a gift card scam. These types of malvertising campaigns have been going on for years, but this particular campaign stood out due to its massive scale, experts from cyber-security firm Confiant told ZDNet today. "On November 12 we've seen a huge spike in our telemetry," Jerome Dang, Confiant co-founder and CTO, told ZDNet in an email. Dangu says his company worked to investigate the huge malvertising spike and discovered ScamClub activity going back to August this year.

Mass Router Hack Exposes Millions of Devices To Potent NSA Exploit

Thu, 11/29/2018 - 10:50
More than 45,000 Internet routers have been compromised by a newly discovered campaign that's designed to open networks to attacks by EternalBlue, the potent exploit that was developed by, and then stolen from, the National Security Agency and leaked to the Internet at large, researchers say. From a report: The new attack exploits routers with vulnerable implementations of Universal Plug and Play to force connected devices to open ports 139 and 445, content delivery network Akamai said in a blog post. As a result, almost 2 million computers, phones, and other network devices connected to the routers are reachable to the Internet on those ports. While Internet scans don't reveal precisely what happens to the connected devices once they're exposed, Akamai said the ports --which are instrumental for the spread of EternalBlue and its Linux cousin EternalRed -- provide a strong hint of the attackers' intentions. The attacks are a new instance of a mass exploit the same researchers documented in April. They called it UPnProxy because it exploits Universal Plug and Play -- often abbreviated as UPnP -- to turn vulnerable routers into proxies that disguise the origins of spam, DDoSes, and botnets.

I've Got a Bridge To Sell You. Why AutoCAD Malware Keeps Chugging On

Thu, 11/29/2018 - 09:25
Criminal hackers continue to exploit a feature in Autodesk's widely used AutoCAD program in an attempt to steal valuable computer-assisted designs for bridges, factory buildings, and other projects, researchers say. From a report: The attacks arrive in spear-phishing emails and in some cases postal packages that contain design documents and plans. Included in the same directory are camouflaged files formatted in AutoLISP, an AutoCAD-specific dialect of the LISP programming language. When targets open the design document, they may inadvertently cause the AutoLISP file to be executed. While modern versions of AutoCAD by default display a warning that a potentially unsafe script will run, the warnings can be disregarded or suppressed altogether. To make the files less conspicuous, the attackers have set their properties to be hidden in Windows and their contents to be encrypted. The attacks aren't new. Similar ones occurred as long ago as 2005, before AutoCAD provided the same set of robust defenses against targeted malware it does now. The attacks continued to go strong in 2009. A specific campaign recently spotted by security firm Forcepoint was active as recently as this year and has been active since at least 2014, an indication that malware targeting blueprints isn't going away any time soon. [...] Forcepoint said it has tracked more than 200 data sets and about 40 unique malicious modules, including one that purported to include a design for Hong Kong's Zhuhai-Macau Bridge.

Bloomberg is Still Reporting on Challenged Story Regarding China Hardware Hack

Thu, 11/29/2018 - 08:50
Erik Wemple, writing for The Washington Post: According to informed sources, Bloomberg has continued reporting the blockbuster story that it broke on Oct. 4, including a very recent round of inquiries from a Bloomberg News/Bloomberg Businessweek investigative reporter. In emails to employees at Apple, Bloomberg's Ben Elgin has requested "discreet" input on the alleged hack. "My colleagues' story from last month (Super Micro) has sparked a lot of pushback," Elgin wrote on Nov. 19 to one Apple employee. "I've been asked to join the research effort here to do more digging on this ... and I would value hearing your thoughts (whatever they may be) and guidance, as I get my bearings." One person who spoke with Elgin told the Erik Wemple Blog that the Bloomberg reporter made clear that he wasn't part of the reporting team that produced "The Big Hack." The goal of this effort, Elgin told the potential source, was to get to "ground truth"; if Elgin heard from 10 or so sources that "The Big Hack" was itself a piece of hackery, he would send that message up his chain of command. The potential source told Elgin that the denials of "The Big Hack" were "100 percent right." According to the potential source, Elgin also asked about the possibility that Peter Ziatek, senior director of information security at Apple, had written a report regarding a hardware hack affecting Apple. In an interview with the Erik Wemple Blog, Ziatek says that he'd never written that report, nor is he aware of such a document. Following the publication of Bloomberg's story, Apple conducted what it calls a "secondary" investigation surrounding its awareness of events along the lines of what was alleged in "The Big Hack." That investigation included a full pat-down of Ziatek's own electronic communications. It found nothing to corroborate the claims in the Bloomberg story, according to Ziatek.