Report: $3-5M in Ad Fraud Daily from ‘Methbot’
Brian Krebs
https://krebsonsecurity.com/2016/12/report-3-5m-in-ad-fraud-daily-from-methbot/
Excerpt:
“New research suggests that an elaborate cybercrime ring is responsible for stealing between $3 million and $5 million worth of revenue from online publishers and video advertising networks each day. Experts say the scam relies on a vast network of cloaked Internet addresses, rented data centers, phony Web sites and fake users made to look like real people watching short ad segments online.”
Crook Who Used His Home IP Address for Banking Fraud Gets 5 Years in Prison
Catalin Cimpanu
https://www.bleepingcomputer.com/news/security/crook-who-used-his-home-ip-address-for-banking-fraud-gets-5-years-in-prison/
Excerpt:
“A UK judge sentenced a crook part of a cybercrime operation that used banking malware to five years in prison for stealing £840,000 ($1,035,000) from victims all over the world.”
Hackers could take control of a plane using in-flight entertainment system
Cara McGoogan
http://www.telegraph.co.uk/technology/2016/12/20/hackers-could-take-control-plane-using-in-flight-entertainment/
Excerpt:
“A flaw in an in-flight entertainment system used by major airlines including Emirates, Virgin and Qatar could let hackers access a planes' controls.”
Hackers Might Have Turned Off the Lights in Ukraine for the Second Time
Bogdan Popa
http://news.softpedia.com/news/hackers-might-have-turned-off-the-lights-in-ukraine-for-the-second-time-511132.shtml
Excerpt:
“Ukraine experienced a new power outage during the weekend, and it’s believed that hackers are once again responsible, after they previously breached energy companies in 2015.”
8,000 exposed in Slovak Chamber of Commerce and Industry hack
Alexandra Gheorghe
https://hotforsecurity.bitdefender.com/blog/8000-exposed-in-slovak-chamber-of-commerce-and-industry-hack-17405.html
Excerpt:
“The official site of the Slovak Chamber of Commerce and Industry (scci.sk) got hacked and 8,000 users were affected, according to news reports.”
The economics of ransomware revealed
https://www.helpnetsecurity.com/2016/12/15/economics-ransomware-revealed/
Excerpt:
“70 percent of businesses infected with ransomware have paid ransom to regain access to business data and systems. In comparison, over 50 percent of consumers surveyed said they would not pay to regain access back to personal data or devices aside from financial data, according to IBM Security”
Growth rates of cryptographic keys and certificates
https://www.helpnetsecurity.com/2016/12/16/cryptographic-keys-certificates/
Excerpt:
“A new study conducted by Dimensional Research evaluated current and projected growth rates of cryptographic keys and digital certificates in the enterprise for 2016 and 2017. Study respondents included 505 IT professionals that manage these critical cryptographic assets in the U.S., U.K., France and Germany.”
'One billion' affected by Yahoo hack
http://www.bbc.com/news/world-us-canada-38324527
Excerpt:
“Yahoo has said more than one billion user accounts may have been affected in a hacking attack dating back to 2013.”
Ukrainian Defense Ministry Says Hackers Tried to Take Down Its Website
Bogdan Popa
http://news.softpedia.com/news/ukrainian-defense-ministry-says-hackers-tried-to-take-down-its-website-510971.shtml
Excerpt:
“Ukraine is the latest target of unknown hackers who attempted to take down the website of the defense ministry, according to local authorities.”
Seventeen-year-old sentenced for 2015 TalkTalk hack
Camilla Hodgson
http://www.reuters.com/article/us-talktalk-tlcm-gp-sentence-idUSKBN1421I0
Excerpt:
“A 17-year-old who admitted illegally hacking communications company Talk Talk last year was sentenced to a 12-month rehabilitation order on Tuesday.”
Russian Consulate Hacked, Passport Numbers and Personal Information Stolen
Bogdan Popa
http://news.softpedia.com/news/russian-consulate-hacked-passport-numbers-and-personal-information-stolen-510928.shtml
Excerpt:
“Security pentester Kapustkiy has managed to hack the website belonging to a Russian consular department, accessing personal information that includes names, emails, phone numbers, and passport numbers.”
Law enforcement operation targets users of DDoS tools
https://www.helpnetsecurity.com/2016/12/12/law-enforcement-ddos-tools/
Excerpt:
“From 5 to 9 December 2016, Europol and law enforcement authorities from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States carried out a coordinated action targeting users of DDoS tools, leading to 34 arrests and 101 suspects interviewed and cautioned.”
Cyberspies stole secrets from industrial giant ThyssenKrupp
Lucian Constantin
http://www.csoonline.com/article/3148704/security/cyberspies-stole-secrets-from-industrial-giant-thyssenkrupp.html
Excerpt:
“Germany-based industrial conglomerate ThyssenKrupp was hit by a cyberespionage attack earlier this year that resulted in data being stolen from its industrial solutions and steel producing units.”
‘Avalanche’ Crime Ring Leader Eludes Justice
Brian Krebs
https://krebsonsecurity.com/2016/12/avalanche-crime-ring-leader-eludes-justice/
Excerpt:
“The accused ringleader of a cyber fraud gang that allegedly rented out access to a criminal cloud hosting service known as “Avalanche” is now a fugitive from justice following a bizarre series of events in which he shot at Ukrainian police, was arrested on cybercrime charges and then released from custody.”
In-flight communication monitored for years by US, UK secret services
Luana Pascu
https://hotforsecurity.bitdefender.com/blog/in-flight-communication-monitored-for-years-by-us-uk-secret-services-17288.html
Excerpt:
“From as early as 2012, mobile phone activity on commercial airlines has been monitored by the intelligence agencies NSA (US) and GCHQ (UK) with Air France being a top target as of 2005, Le Monde announced yesterday, based on additional information from Edward Snowden’s leaked information.”
Cybersecurity advice for the nuclear industry
Zeljka Zorz
https://www.helpnetsecurity.com/2016/12/08/cybersecurity-nuclear-industry/
Excerpt:
“Less complexity, an active defense, transformative research, and institutionalized cybersecurity should be nuclear industry’s key priorities to stem the rising tide of cyber threats.”
Suspects arrested in Russia central bank cyberheist: bank official
Alexander Winning and Elena Fabrichnaya
http://www.reuters.com/article/us-russia-cenbank-cyberattack-idUSKBN13W2AK
Excerpt:
“Russian authorities arrested a large number of suspects in May in connection with the recently revealed electronic theft of $19 million from accounts held at the Russian central bank, an official said on Wednesday.”
Argentinian Government Site Suffers Major Breach, Personal Information Exposed
Bogdan Popa
http://news.softpedia.com/news/argentinian-government-site-suffers-major-breach-personal-information-exposed-510780.shtml
Excerpt:
“The official website of the Argentinian Ministry of Industry (Ministerio de Produccion) suffered a major breach that exposed not only private documents but also personal information and contact details of a big number of individuals.”
DailyMotion Allegedly Hacked, 85 Million User Accounts Stolen
Catalin Cimpanu
https://www.bleepingcomputer.com/news/security/dailymotion-allegedly-hacked-85-million-user-accounts-stolen/
Excerpt:
“An unknown hacker has supposedly breached video sharing platform DailyMotion and stolen details for 87.6 million accounts, belonging to approximately 85 million users, according to data breach index website LeakedSource.”
Sysadmin Gets Two Years in Prison for Sabotaging ISP
Catalin Cimpanu
https://www.bleepingcomputer.com/news/security/sysadmin-gets-two-years-in-prison-for-sabotaging-isp/
Excerpt:
“A judge in New York has sentenced Dariusz J. Prugar, 32, of Syracuse, New York, to two years in prison for hacking his former employee, Pa Online, an internet service provider (ISP) formerly located in Enola, Pennsylvania.”
AirDroid app opens millions of Android users to device compromise
Zeljka Zorz
https://www.helpnetsecurity.com/2016/12/02/airdroid-vulnerability/
Excerpt:
“Tens of millions of users of AirDroid, a remote management tool for Android, are vulnerable to man-in-the-middle attacks that could lead to data theft and their devices being compromised through malicious updates.”
Russia’s Central Bank Hacked, $31 Million Stolen
Bogdan Popa
http://news.softpedia.com/news/russia-s-central-bank-hacked-31-million-stolen-510692.shtml
Excerpt:
“Russia’s central bank suffered a major cyberattack that made it possible for hackers to steal no less than 2 billion rubles, which is approximately $31 million, according to reports.”
Saudi Arabia whacked by cyber attacks
John Leonard
http://www.v3.co.uk/v3-uk/news/2478970/saudi-arabia-whacked-by-cyber-attacks
Excerpt:
“Saudi Arabia has been hit by a wave of destructive cyber attacks that have resulted in data being erased at the government's aviation agency. Five additional targets were hit too, unnamed sources told Bloomberg.”
Hacker Gets 4 Years in Prison for Selling Stolen Bank Accounts on the Dark Web
Catalin Cimpanu
https://www.bleepingcomputer.com/news/security/hacker-gets-4-years-in-prison-for-selling-stolen-bank-accounts-on-the-dark-web/
Excerpt:
“A judge in Atlanta, Georgia, has sentenced Aaron James Glende, a hacker known as IcyEagle, to four years and two months in prison, followed by three years of supervised release, for selling access to stolen bank accounts and others, via the AlphaBay Dark Web marketplace.”
Uber now collecting location data even after you leave a driver’s car
Lisa Vaas
https://nakedsecurity.sophos.com/2016/12/01/uber-now-collecting-location-data-even-after-you-leave-a-drivers-car/
Excerpt:
“Last year, Uber gave us a heads-up about its new privacy policy and how it had given itself permission to routinely track our locations even after we’ve left the car, following us as we sally forth into businesses, cross the street, or head for our doctors’ appointments, even if the app is only running in the background.”
65% of social engineering attacks compromised employee credentials
https://www.helpnetsecurity.com/2016/12/02/social-engineering-attacks-compromised/
Excerpt:
“Social engineering is having a notable impact on organizations across a range of industrial sectors in the US.”
Online credit card fraud up 20% Black Friday to Cyber Monday
https://www.helpnetsecurity.com/2016/12/02/online-credit-card-fraud/
Excerpt:
“Iovation released new data that shows card-not-present fraud increased significantly from Black Friday to Cyber Monday 2016 when compared to the same period in past years.”
Read full article
