TweakTown NewsRefine News by Category:
The federal government might have disrupted Cryptolocker ransomware operations, but the Benjamin F. Edwards & Co. brokerage house recently suffered an attack by the CryptoWall, the DOJ.NH website recently reported. The incident took place in late May, with the unauthorized third party compromising their computer systems - informing customers of the data breach.
Many companies are rolling out new security and try to educate users about safely and properly interacting with emails, online accounts, and other cloud-based services proves to be difficult. As users are compromised, critical work documents become unusable until a payment has been made to operators of the ransomware - and educating users to spot these social engineering techniques should be a first great step.
"We are seeing a new wave of ransomware created by Russian cybercriminals, and our recent survey shows that IT pros expect it to get worse the rest of the year," said Stu Sjouwerman, KnowBe4 CEO, in a press statement. "To add insult to injury, apart from the confidential files being encrypted and ransom extorted, the ransomware sends unidentified data out of the victim's network. That means the malware infection needs to be treated as a data breach with accompanying very high costs."
Cybercriminals trying to phish users typically rely on email to compromise unsuspecting victims, and remains the primary mechanism to launch malware attacks. There has been an uptick in activity that has led to more spam messages, along with coordinated spear phishing attacks targeting specific organizations.
The top brands suffering from phishing attacks and malicious spam: RingCentral, ADP, Her Magesty's Revenue Customs, HSBC, Bank of America, eFax, NatWest, RBS, IRS, Sage, "Court Notice," Lloyds Bank, Wells Fargo, and Broad Oak.
"Phishing and malicious spam continue to threaten networks and brands, and as a result, they key question a company needs to ask about the brands listed in this report is, 'Would any of my employees ever respond to an email from one of these brands?' If so, your business may already be infected with malware," said Greg Coticchia, Malcovery Security President and CEO, in a press statement.
Cybercriminals were able to gain access to at least 1,000 StubHub customer accounts in 2013, fraudulently purchasing tickets to concerns, sports games, and other live events. Using data breaches from other websites and relying on malware that compromised users, they were able to access account holder login and password data.
In a statement, StubHub said it applauded the efforts of New York City law enforcement to make arrests related to the case - including a case opened by the New York City District Attorney's Office. No internal technical or financial systems were breached by the hackers, and StubHub was quick to work with customers that were affected.
The large scale cyberattacks that lead to personal data and username/passwords being stole, and then used on different websites and services.
The hackers responsible for exposing vulnerabilities targeting the Toyota Prius and Ford Escape are developing a solution to better defend vehicles from cyberattacks. Both Charlie Miller and Chris Valasex plan to show off their "intrusion prevention device" during the Black Hat hacking conference next month - a solution that uses around $150 in electronic parts able to listen to car network traffic - with rogue activity and additional anomalies blocked.
"Cybersecurity is a global concern and it is a growing threat for all industries, including the automotive," noted Jack Pokrzywa, SAE International manager of global ground vehicle standards.
The Internet of Things (IoT) has drawn great interest from researchers and consumers, but security standards are currently fractured. Connected cars are becoming more common on U.S. roadways, and Internet or satellite connectivity provide a perfect attack opportunity for cybercriminals.
Small businesses and local mom-and-pop stores are familiar with cybersecurity risks they face, but major retailers and corporations also suffer from difficult point-of-sale (POS) systems struggling with security problems. Botnets made of thousands of compromised PCs are trying to launch brute-force attacks against POS with lackluster security in place.
"Point of sale architecture and security is such a niche industry in terms of how to secure these systems and how card data flows," said Lucas Zaichowsky, AccessData enterprise defense architect, said. "It's like a big black box; those who know it well are few and far between. Even PCI auditors don't understand it all that well."
Zaichowsky will speak during the Black Hat USA 2014 in early August, hoping to spur interest in helping POS dealers build better defense of POS technologies. Cybercriminals rely on exposing older versions of VNC, PCAnywhere and other remote management clients, able to brute-force their way into networks.
The lure of easy pickings in online cybercrime has drawn many criminals to the Internet, where they look to compromise users, steal debit and credit card information along with other personal data. The use of social engineering to manipulate victims remains popular, but many Internet users provide information to criminals too easily.
The basic tips apply: don't provide personal information when you don't have to, such Social Security numbers; always monitor bank accounts; avoid clicking links in unsolicited emails, or other suspicious messages; and choosing a secure password are important.
"Con artists are going online to steal your hard-earned money," said Bob Gallo, AARP Illinois State Director, in a press statement. "Common sense should tell us that if it sounds too good to be true, chances are it is. But AARP's nationwide Fraud Watch Network can also help you beat con artists at their own game and get critical information to fight back and protect your money."
Cybercriminals in Nigeria are continually evolving their attack strategies, and have created next-generation malware able to compromise businesses and organizations that they previously ignored. The old school "419" phishing tactics once infamously deployed by Nigerian spammers still occurs, but the criminals want to steal data from a larger number of victims using better designed strategies.
Utilizing Remote Administration Tools (RATs) from online hacker forums, Nigerian cybercriminals aim for full control of compromised systems. Silver Spaniel is able to circumvent legacy firewalls and typical anti-virus and anti-malware software because it has been modified to ensure it can evade them efficiently.
"These Silver Spaniel malware activities originate in Nigeria and employ tactics, techniques and procedures similar to one another," said Ryan Olson, Palo Alto Networks Unit 42 Intelligence Director, in a statement. "The actors don't show a high level of technical acumen, but represent a growing threat to businesses that have not previously been their primary targets."
The continued political unrest in Iraq has led to armed conflict, but has led to a rise in something a bit more surprising: a cyberwar that has used social media and coordinated malware and other cyberattacks against rival political factions.
The use of the "Njrat" malware, to compromise PCs and create a rudimentary botnet, has drawn interest among cybersecurity experts - and other similar tactics are being deployed. The criminals are interested in stealing data and using hijacked microphones and cameras to see what is happening in select regions.
"The key parties are local groups within Iraq using malware for targeted intelligence on each other," said Andrew Komarov, Intel Crawler chief of security, in a statement. "It is very hard to confirm who is the author, as some of the malware is used from public sources, but it is very visible that it is used within Iraq, and not outside against foreign countries, which may explain the beginning of internal local cyberwar."
Nonprofit organization Goodwill Industries reportedly suffered a data breach and customer credit card data is at risk. The company was first contacted last Friday by federal authorities, informing them of the potential data theft affecting American stores.
It's unknown how many stores have been impacted, but fraud details have been tracked to a pattern that hit at least 21 states, including California, Colorado, Pennsylvania, Texas, Washington, Wisconsin and others spread across the country. Goodwill is investigating with a newly created "response team":
"We are proactively engaged with the payment card industry contacts, the Secret Service and all Goodwill headquarters to identify what problem, if any, exists so that we can take prompt and appropriate actions as well as communicate appropriately to any affected parties."
Cyberattacks are increasingly difficult to detect and defend against, with foreign state-sponsored hackers sometimes able to compromise large amounts of data. Both businesses and customers struggle following data breaches, and the direct cost of cybercrime negatively hurts everyone, security specialists continue to warn.
Heartbleed gained attention because of the threat it posed to casual consumers, but these issues remain a significant problem for businesses and security leaders.
"I think that these kinds of issues are really symptoms of a bigger problem," said Richard Ford, head of Florida Institute of Technology's Department of Computer Science and Cybersecurity, in a press statement. "Our entire computing infrastructure - and that includes embedded devices and control systems - is highly vulnerable to attackers. We have built a very complex ecosystem around us, and it is both critical to the smooth functioning of our lives and very fragile. I worry not about a cybercriminal, but an attacker who simply wants to destroy."