Shipping firm warns that hackers may leak confidential information
Danny Palmer
http://www.zdnet.com/article/shipping-firm-warns-that-hackers-may-leak-confidential-information/
Excerpt:
“Global shipping firm Clarksons has warned that confidential data stolen as a result of a "cybersecurity incident" could be made public, following the company's refusal to pay a ransom to hackers.”
75% of insider breaches are accidental
https://www.helpnetsecurity.com/2017/11/30/insider-breaches/
Excerpt:
“Approximately 25% of insider threats are hostile with the remaining 75% due to accidental or negligent activity, according to NTT Security.”
No key required: How thieves use relay boxes to steal cars
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/28/use-relay-boxes-steal-cars/
Excerpt:
“Getting in your car and starting it without having to pull the key out of your pocket is one of the small conveniences that come with many modern vehicles. Unfortunately, the capability is also convenient for car thieves.”
Surge in exposed credentials puts companies at risk
https://www.helpnetsecurity.com/2017/11/29/exposed-credentials/
Excerpt:
“The volume of credential exposures has increased to 16,583 from April to July 2017, compared to 5,275 last year’s analysis by Anomali. 77% of the FTSE 100 were exposed, with an average of 218 usernames and password stolen, published or sold per company. In most cases the loss of credentials occurred on third party, non-work websites where employees reuse corporate credentials.”
Imgur just learned 1.7M accounts got exposed in 2014 hack
Steven Musil
https://www.cnet.com/news/imgur-just-learned-1-7m-accounts-exposed-in-2014-hack/
Excerpt:
“Image-sharing site Imgur says 1.7 million email addresses and passwords were compromised in a 2014 breach that was only recently discovered.”
Should you risk buying your child smart toys currently on offer?
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/27/smart-toys-risk/
Excerpt:
“As the end-of-the-year holiday season approaches, many security researchers, consumer groups and even governments warn against buying specific products or, at least, to make an effort read up about potential risks before buying them.”
Czech high court says alleged Russian hacker can be extradited to United States
https://uk.reuters.com/article/uk-czech-usa-cybercrime/czech-high-court-says-alleged-russian-hacker-can-be-extradited-to-united-states-idUKKBN1DO1GI
Excerpt:
“The Prague High Court ruled on Friday that Russian citizen Yevgeniy Nikulin can be extradited to the United States where he is accused of hacking social networks including LinkedIn, a court spokeswoman said.”
Eight Arrests Made in Connection with $3.5M Credit Card Skimming Scheme
David Bisson
https://www.tripwire.com/state-of-security/latest-security-news/eight-arrests-made-in-connection-with-3-5m-credit-card-skimming-scheme/
Excerpt:
“Federal and local authorities have arrested eight individuals in connection with a credit card skimming scheme that caused losses in excess of $3.5 million.”
Defining and securing the Internet of Things
https://www.helpnetsecurity.com/2017/11/22/defining-securing-iot/
Excerpt:
“The EU Cybersecurity Agency ENISA published a report on the security of the Internet of Things (IoT). The study aims to set the scene for IoT security in Europe. It serves as a reference point in this field and as a foundation for relevant forthcoming initiatives and developments.”
Uber suffered massive data breach, paid hackers to keep quiet about it
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/22/uber-data-breach/
Excerpt:
“Uber suffered a breach in October 2016, which resulted in the compromise of sensitive information of some 57 million users and drivers, and paid off the hackers to keep mum about it.”
Google knows where Android users are even if they disable location services
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/22/android-location-tracking/
Excerpt:
” As it turns out, turning off location services on Android devices does not mean that Google can’t pinpoint your location.”
Using Unsecured IoT Devices, DDoS Attacks Doubled in the First Half of 2017
Pierluigi Paganini
http://securityaffairs.co/wordpress/65827/hacking/iot-devices-ddos-attacks.html
Excerpt:
“According to a report recently published by the security firm Corero the number of DDoS Attacks doubled in the First Half of 2017 due to unsecured IoT.”
Hackers hit Sacramento transit system, demand money to stop attack
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/21/sacramento-regional-transit-hack/
Excerpt:
“Hackers looking for a payout have hit the Sacramento Regional Transit (SacRT) system, defacing the agency website, erasing data from some of its servers, and demanding money to stop the attack and not do further damage.”
Defining and securing the Internet of Things
https://www.helpnetsecurity.com/2017/11/22/defining-securing-iot/
Excerpt:
“The EU Cybersecurity Agency ENISA published a report on the security of the Internet of Things (IoT). The study aims to set the scene for IoT security in Europe. It serves as a reference point in this field and as a foundation for relevant forthcoming initiatives and developments.”
Data theft High Court cases up 25 per cent in just one year
Graeme Burton
https://www.v3.co.uk/v3-uk/news/3021481/data-theft-high-court-cases-up-25-per-cent-in-just-one-year
Excerpt:
“The number of High Court cases involving the theft of confidential data increased by 25 per cent in 2016, according to commercial law firm EMW, with an increasing number of cases involving staff theft of customer databases and money-spinning financial algorithms.”
South Korea Winter Olympics: Cyber lessons from the past
Rob Brownsword
https://www.helpnetsecurity.com/2017/11/20/south-korea-winter-olympics/
Excerpt:
“There is little doubt that guns, gates, and guards will be on full alert in Pyeongchang, South Korea as the nation readies itself for the 2018 Winter Olympics, which begin Feb. 9. In concert with feats of strength, dazzling stadiums and piping national anthems, the threat of cyberattacks looms large at the Olympic Games.”
Why hackers reuse malware
Marc Laliberte
https://www.helpnetsecurity.com/2017/11/20/hackers-reuse-malware/
Excerpt:
“Software developers love to reuse code wherever possible, and hackers are no exception. While we often think of different malware strains as separate entities, the reality is that most new malware recycles large chunks of source code from existing malware with some changes and additions (possibly taken from other publically released vulnerabilities and tools).”
German government bans children’s smartwatches, tells parents to destroy them
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/20/germany-kids-smartwatches-ban/
Excerpt:
“The Federal Network Agency (Bundesnetzagentur), Germany’s regulatory agency for public utility companies, has categorized children’s smartwatches as spying devices, and has banned their sale.”
Identity theft concerns won’t hold back holiday shopping
https://www.helpnetsecurity.com/2017/11/21/identity-theft-concerns/
Excerpt:
“Despite concerns about identity theft and fraud, consumers don’t plan to curb their holiday shopping, according to Discover.”
100 percent of enterprises have suffered mobile malware attacks
Ian Barker
https://betanews.com/2017/11/17/enterprise-mobile-malware/
Excerpt:
“A new study of over 850 organizations around the world shows that all of them have experienced a mobile malware attack.”
Scammers Steal S$80K from Woman Using Fake Police Website
David Bisson
https://www.tripwire.com/state-of-security/latest-security-news/scammers-steal-s80k-woman-using-fake-police-website/
Excerpt:
“Scammers stole S$80,000 from a woman by tricking her into visiting a fake phishing website for the Singapore Police Force (SPF).”
Tennessee city still not recovered from ransomware attack
Doug Olenick
https://www.scmagazine.com/tennessee-city-still-not-recovered-from-ransomware-attack/article/707847/
Excerpt:
“The City of Spring Hill, Tenn. is still suffering from the effects of a ransomware attack that struck the municipality in early November when government officials refused to pay the $250,000 ransom demanded by the cybercriminals.”
Feds charge man they say worked for 'darknet' marketplace
Kate Brumback
https://phys.org/news/2017-11-feds-darknet-marketplace.html
Excerpt:
“An Illinois man who federal prosecutors say worked as a spokesman for a "darknet" marketplace for illicit internet commerce has been charged in Atlanta.”
Think you deleted that embarrassing WhatsApp message you sent? Think again
Graham Cluley
https://www.welivesecurity.com/2017/11/16/whatsapp-deleted-messages/
Excerpt:
“At the end of last month, to the undoubted delight of many users, WhatsApp began rolling out a long craved-for feature: the ability to “unsend” those messages that you almost instantly regret as soon as you hit the Send button.”
Sharp rise in fileless attacks evading endpoint security
https://www.helpnetsecurity.com/2017/11/16/fileless-attacks-evading-endpoint-security/
Excerpt:
“A new Ponemon Institute survey of 665 IT and security leaders finds that over-reliance on traditional endpoint security is leaving organizations exposed to significant risk. 54 percent of respondents said their company experienced a successful attack. Of those respondents, 77 percent were victim to fileless attack or exploit.”
McAfee's own anti-hacking service exposed users to banking malware
Zack Whittaker
http://www.zdnet.com/article/mcafees-own-anti-hacking-service-exposed-users-to-banking-malware/
Excerpt:
“Security firm McAfee has blocked access to malware that appeared to be sent from the company's own network.”
Formidable Forms plugin vulnerabilities expose WordPress sites attacks
Pierluigi Paganini
http://securityaffairs.co/wordpress/65617/hacking/formidable-forms-plugin-flaws.html
Excerpt:
“A researcher from Finland-based company Klikki Oy has discovered several vulnerabilities in the Formidable Forms plugin that expose websites to attacks.”
PayPal Will Hand Over User Transaction Data to the Canada Revenue Agency
JP Buntinx
https://themerkle.com/paypal-will-hand-over-user-transaction-data-to-the-canada-revenue-agency/
Excerpt:
“When thinking about popular online payment methods, PayPal is a platform that comes to mind immediately. It is a global powerhouse when it comes to sending and receiving money online. That doesn’t mean the company is without its flaws, though, as a recent email to Canadian users is a cause for concern. Releasing transaction data to the Canada Revenue Agency is an interesting decision, to say the very least.”
Google: There are 1.9 billion usernames and passwords on the black market
Nicholas Fearn
https://www.v3.co.uk/v3-uk/news/3021130/19-billion-usernames-are-on-the-blackmarket-says-google
Excerpt:
“Research by Google and the University of California has found that there are more than 1.9 billion usernames and passwords available on the black market, many of which can be used to access Google accounts.”
Sent WhatsApp messages can be deleted, but they don't really go away
Brandon Vigliarolo
https://www.techrepublic.com/article/sent-whatsapp-messages-can-be-deleted-but-they-dont-really-go-away/
Excerpt:
“Encrypted messaging platform WhatsApp recently added the ability to delete sent messages, but the team at Android Jefe (article is in Spanish) has discovered that they don't quite disappear completely.”
Is the healthcare industry prepared to combat evolving cyber threats?
https://www.helpnetsecurity.com/2017/11/15/healthcare-combat-evolving-cyber-threats/
Excerpt:
“One in four UK healthcare IT professionals aren’t confident in their organisation’s ability to respond to cyberattacks, according to Infoblox.”
Infosec expert viewpoint: IoT security initiatives
Mirko Zorz
https://www.helpnetsecurity.com/2017/11/15/iot-security-initiatives/
Excerpt:
“IoT went quickly from buzzword to mainstream, and connected devices have become common in households and enterprises around the globe. A worrying lack of regulation has fueled a plethora of security problems causing headaches to security teams and endangering end users.”
Sharp rise in fileless attacks evading endpoint security
https://www.helpnetsecurity.com/2017/11/16/fileless-attacks-evading-endpoint-security/
Excerpt:
‘A new Ponemon Institute survey of 665 IT and security leaders finds that over-reliance on traditional endpoint security is leaving organizations exposed to significant risk. 54 percent of respondents said their company experienced a successful attack. Of those respondents, 77 percent were victim to fileless attack or exploit.”
Medigate announces $5.35M seed round to protect connected medical devices
https://www.helpnetsecurity.com/2017/11/14/medigate/
Excerpt:
“Israeli startup Medigate today announced $5.35 million in seed funding for its mission to secure the use of the millions of connected medical devices on healthcare provider networks. Backing for the technology platform, which lets CISOs and security teams defend networked medical devices from cyberattacks, comes from YL Ventures, with additional funding from Blumberg Capital.”
Fasten data leak: Nearly 1 million users' sensitive data mistakenly exposed by US ride-hailing firm
India Ashok
http://www.ibtimes.co.uk/fasten-data-leak-nearly-1-million-users-sensitive-data-mistakenly-exposed-by-us-ride-hailing-firm-1646872
Excerpt:
“Over one million users' personal and financial data was inadvertently publicly exposed by US-based ride hailing firm Fasten. The leaked data includes names, emails, phone numbers, credit card data, links to photos, device IMEI numbers, GPS data and users' taxi routes.”
IcedID: Original new banking Trojan emerges
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/13/icedid-banking-trojan/
Excerpt:
“IcedID, a new banking Trojan that does not seem to have borrowed code from other similar threats, has entered the financial cybercrime arena.”
Phishing is a greater threat to users than keyloggers and third-party breaches
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/10/account-hijacking-threats/
Excerpt:
“When it comes to loosing access to their accounts, phishing is a greater threat to users than keyloggers and third-party breaches, researchers have found.”
This phishing attack pretends to come from someone you trust
Danny Palmer
http://www.zdnet.com/article/this-phishing-attack-pretends-to-come-from-someone-you-trust/
Excerpt:
“A wave of cyberattacks is targeting organisations' financial departments with a social engineering and phishing campaign designed to trick victims into downloading credential-stealing malware and other threats.”
Poland eyes cybersecurity in skies
https://phys.org/news/2017-11-poland-eyes-cybersecurity.html
Excerpt:
“Poland on Wednesday agreed to test a cybersecurity pilot programme for the aviation sector as Europe's EASA civil aviation authority tackles the potential threats posed by hackers to air traffic.”
Ukrainian Parliament Considers Making Cryptocurrencies Tax-Exempt
JP Buntinx
https://themerkle.com/ukrainian-parliament-considers-making-cryptocurrencies-tax-exempt/
Excerpt:
“Europe is a pretty interesting region when it comes to cryptocurrency. Although there is no clear regulation on this front just yet, things are undergoing some big changes as we speak. Over in Ukraine, a new proposal revolves around making Bitcoin and other cryptocurrencies tax-exempt in the near future. Whether or not this bill will be approved by the country’s parliament remains to be determined.”
Feds: Ex-employee targeted Minnesota company with 'hacker-for-hire'
Mark Reilly
https://www.bizjournals.com/twincities/news/2017/11/07/feds-ex-employee-targeted-minnesota-company-with.html
Excerpt:
“Federal prosecutors say a cyberattack on a Monticello-based technology company was prompted by a former worker who hired outside hackers to bring down its websites.”
Vietnamese APT32 group is one of the most advanced APTs in the threat landscape
Pierluigi Paganini
http://securityaffairs.co/wordpress/65271/apt/apt32-cyber-espionage-2017.html
Excerpt:
“According to the incident response firm Volexity, Vietnamese APT32 group is today one of the most advanced APTs in the threat landscape”
Malicious Text Message Can Hijack Mobile Phones to Mine Cryptocurrency
JP Buntinx
https://themerkle.com/malicious-text-message-can-hijack-mobile-phones-to-mine-cryptocurrency/
Excerpt:
“Most people who have kept tabs on developments in the world of Bitcoin will know that traditional computers aren’t all that powerful. More specifically, the mining process associated with Bitcoin requires dedicated hardware, known as ASIC miners. While using a computer to mine is still possible, the profits generated from doing so are negligible at best. Using mobile phones for this specific purpose is a whole other story.”
AP finds hackers hijacked at least 195 Trump web addresses
Tami Abdollah
https://phys.org/news/2017-11-ap-hackers-hijacked-trump-web.html
Excerpt:
“Four years ago, well before the furor over allegations Moscow meddled in the 2016 election that put Donald Trump in the White House, at least 195 web addresses belonging to Trump, his family or his business empire were hijacked by hackers possibly operating out of Russia, The Associated Press has learned.”
Android security triple-whammy: New attack combines phishing, malware, and data theft
Danny Palmer
http://www.zdnet.com/article/android-security-triple-whammy-new-attack-combines-phishing-malware-and-data-theft/
Excerpt:
“Attackers are combining credential phishing, credit card data theft, and malware into a single campaign targeting banking details.”
Fake WhatsApp app in official Google Play Store downloaded by over a million Android users
Pierluigi Paganini
http://securityaffairs.co/wordpress/65159/malware/fake-whatsapp-app.html
Excerpt:
“A fake WhatsApp version deployed on the Play Store was downloaded by over a million users, a failure for the automated checks implemented by Google.”
Arrest Made In FireEye Corporate Network Hacking Attempt
Michael Novinson
http://www.crn.com/news/security/300094921/arrest-made-in-fireeye-corporate-network-hacking-attempt.htm?itc=refresh
Excerpt:
‘The person who attacked the personal online accounts of a FireEye employee several months ago was arrested and taken into custody Thursday by international law enforcement, FireEye said Thursday.”
Threat actors using default SSH credentials to hijack Ethereum miners
Pierluigi Paganini
http://securityaffairs.co/wordpress/65104/breaking-news/hackers-hijack-ethereum-miners.html
Excerpt:
“Hackers target Ethereum-mining farms in the attempt to hijack the funds by replacing the user’s wallet with their one.”
Estonia blocks certificates on 760,000 ID cards due to identity theft risk
https://www.helpnetsecurity.com/2017/11/03/estonia-id-certificates-blocked/
Excerpt:
“On 3 November 2017 at midnight, Estonia will block the certificates of 760,000 ID cards.”
Crooks poison results for financial-related searches to deliver banking malware
Zeljka Zorz
https://www.helpnetsecurity.com/2017/11/03/financial-related-searches-deliver-banking-malware/
Excerpt:
“Cyber crooks are using a clever approach to deliver banking malware to the right victims: they are poisoning the search results for specific banking-related keywords.”
State Bank of Vietnam Moves to Ban Digital Currency Use
Daniel Dob
https://themerkle.com/state-bank-of-vietnam-moves-to-ban-digital-currency-use/
Excerpt:
“Without any prior warning, it appears the State Bank of Vietnam has recently submitted a legislative proposal to the country’s government meant to ban a wide range of digital currency-related activities.”
Undetectable ATM shimmers used to steal Chip Based Card worldwide
Pierluigi Paganini
http://securityaffairs.co/wordpress/65080/breaking-news/atm-shimmers-attacks.html
Excerpt:
“Crooks continue using skimmers in card frauds, these devices are becoming even more sophisticated, last wave of attacks leverages on so-called Shimmers.”
Former Yahoo CEO, Equifax CEO to Testify at Senate Hearing About Data Breaches
http://fortune.com/2017/11/01/yahoo-ceo-equifax-ceo-testify-senate-data-breaches/
Excerpt:
“Former Yahoo CEO Marissa Mayer and the current and former CEOs of Equifax will testify before a U.S. Senate panel on Nov. 8 on two massive data breaches, a committee spokesman told Reuters on Wednesday.”
50,000 Australian Employees’ Personal Data Exposed Online
David Bisson
https://www.tripwire.com/state-of-security/latest-security-news/50000-australian-employees-personal-data-exposed-online/
Excerpt:
“Negligence by a third-party contractor exposed the personal information of approximately 50,000 Australian employees online.”
59% of Employees Hit by Ransomware at Work Paid Ransom Out of Their Own Pockets
Catalin Cimpanu
https://www.bleepingcomputer.com/news/security/59-percent-of-employees-hit-by-ransomware-at-work-paid-ransom-out-of-their-own-pockets/
Excerpt:
“A survey of more than 1,000 office workers carried out by business cloud services provider Intermedia has revealed that 59% of employees that had their computer hit by ransomware paid the ransom demand out of their own pockets.”
Smartphone Exploits Earn Hackers Over $500,000
Eduard Kovacs
http://www.securityweek.com/smartphone-exploits-earn-hackers-over-500000
Excerpt:
“White hat hackers earned more than half a million dollars at this year’s Mobile Pwn2Own competition after successfully demonstrating exploits against Samsung’s Galaxy S8, Apple’s iPhone 7 and Huawei’s Mate 9 Pro.”
Ransomware victims are paying the ransom in record numbers
https://www.helpnetsecurity.com/2017/11/02/ransomware-ransom/
Excerpt:
“Intermedia examined the critical security behavioral habits of more than 1,000 office workers.”
7 tips to reduce risks of data breaches
https://www.helpnetsecurity.com/2017/11/02/reduce-security-risk/
Excerpt:
“A recent study conducted by Forrester Consulting found that two-thirds of organizations have been breached five times in the past two years. It’s clear that traditional approaches are not working, and companies need to completely rethink their security approach.”
Global threat intelligence market to reach $12.6 billion by 2025
https://www.helpnetsecurity.com/2017/11/03/global-threat-intelligence-market/
Excerpt:
“The global threat intelligence market is anticipated to reach $12.6 billion by 2025, according to a new report by Grand View Research, Inc.”
Silence – a new Trojan attacking financial organizations
GReAT
https://securelist.com/the-silence/83009/
Excerpt:
“In September 2017, we discovered a new targeted attack on financial institutions. Victims are mostly Russian banks but we also found infected organizations in Malaysia and Armenia. The attackers were using a known but still very effective technique for cybercriminals looking to make money: gaining persistent access to an internal banking network for a long period of time, making video recordings of the day to day activity on bank employees’ PCs, learning how things works in their target banks, what software is being used, and then using that knowledge to steal as much money as possible when ready.”
Read full article
