TweakTown NewsRefine News by Category:
Victims of the CoinVault ransomware have another option when trying to retrieve information - and not paying a ransom to hackers. Cybersecurity company Kaspersky Lab has partnered with the National High Tech Crime Unit (NHTCU) of the Netherlands' police, providing decryption keys and a decryption application online.
Using information collected from a CoinVault command & control server, Kaspersky Lab, NHTCU and the Netherlands' National Prosecutors Office hope victims will be able to retrieve files without paying a ransom.
"If you get infected with the CoinVault ransomware, please check noransom.kaspersky.com," urged Jornt van der Wiel, security researcher for the global research and analysis team at Kaspersky Lab. "We have uploaded a huge number of keys onto the site. If we do not currently have records for a particular Bitcoin wallet, you can check again in the near future, because together with the National High Tech Crime Unit of the Netherlands' police we are continuously updating the information."
Phishing remains a successful social engineering tactic used by cybercriminals, taking just 82 seconds to catch the first victim, according to a new report compiled by Verizon. An unfortunately alarming number of 25 percent of phishing email recipients are likely to open the fraudulent email - and trying to educate employees remains difficult for companies.
Instead of worrying about using a complicated software exploit, it's easier - and extremely effective - for hackers to just phish a victim and get them to turn over usernames and passwords. Companies that properly teach their employees to identify and avoid phishing emails reduce their likelihood of falling victim from one in four down to one in 20, according to researchers.
"They should be treating employees as tools in the fight rather than as lambs to the slaughter," said Bob Rudis, lead author of the Verizon report, in a statement published by BBC.
Pedophiles are adapting their habits and using the so-called "dark net" to find children to exploit, while creating new business opportunities.
Even though most people use the dark net to avoid government detection, 80 percent of traffic to dark net sites were believed to be related to child pornography, according to a recent British research study. There is an increased effort to prevent this type of dark net use, but cybersecurity experts believe the problem is just getting worse.
"It was just an awful realization, discovering there were tens of thousands of people who are not only trading child pornography, but planning to exploit children," said Greg Virgin, a cybersecurity consultant, in a statement published by CBS News. "We found one site where users openly advertised the ages of the children they were interested in. The average youngest age they were seeking for girls was zero years old. And the average age for boys was one."
As part of the US Defense Department's "Better Buying Power 3.0" initiative, the government wants to see closer relationships forged with the private sector. The main goal of the program is to make sure the US doesn't lose a technological edge over foreign adversaries, as the DoD dumps money into new R&D efforts.
A major effort will focus on keeping next-generation weapons technology and defense systems secure from cyberattacks - something that is of major concern, especially from China, Russia, and other countries with sophisticated cyber militaries.
"It includes the industrial base that supports us and their databases and their information," said Frank Kendall, undersecretary of defense for acquisition, technology and logistics, in a statement. "It includes what we hold in government. It includes the logistics support information, the sustainment information, the design information, the tactical information. Everything associated with the product is a potential point of attack. And we are under attack in the cyber world, and we've got to do a better job protecting our things."
The Europol Cybercrime Centre and the FBI teamed up to bring down the Beebone botnet, a custom operation that installed malware on unknowing victims. At least 12,000 machines were infected - with an estimate up to 100,000 zombie PCs - hijacked by cybercriminals. The malware was used to collect stolen passwords and download third-party applications onto victim PCs, officials noted.
"The fact that it [the malware] is complicated suggests that it could be used for more targeted attacks," said Paul Docherty, director of Portcullis Security, recently told the BBC. "If those responsible were able to harness similar difficult-to-detect code they could potentially move the point of attack from home users to corporate users or other entities which typically hold large amounts of sensitive, valuable data."
The polymorphous malware utilized its unique ability to change its "shape" so it was better able to evade cybersecurity defenses - and continue hijacking new users.
TV5Monde in France suffered a major cyberattack that led to hijacked websites and social media accounts, along with causing a three-hour broadcast blackout. The Cyber Caliphate, a pro-ISIS hacker group, didn't take public responsibility for the attack - but pro-ISIS images and "hacked by an Islamist group" markings were left on compromised accounts.
"We are no longer able to broadcast any of our channels. Our websites and social media sites are no longer under our control and are all displaying claims of responsibility by Islamic State," said Yves Bigot, TV5Monde director general, told the AFP.
France's culture minister will host an emergency meeting with major French media groups so they are able to study their cybersecurity protocols. A terrorism investigation has been opened by the Paris prosecutor's office following the cyberattack, which is the most sophisticated shown by the Islamic State.
Ransomware infections tend to be a frightening scenario for businesses often caught off-guard when an employee mistakenly compromises a workplace machine.
Cybersecurity experts are increasingly worried about ransomware, one of the fastest rising hacker-related crimes, which demands a ransom payment in exchange for files held hostage. The traditional method of infection is a malicious file attached to an email, but criminals are finding ways to point victims to hijacked websites.
Unless home users or companies have data backed up, and are careful of emails opened and websites visited, ransomware can prove especially catastrophic. Even though US government and private sector cybersecurity experts warn against paying ransoms, many companies choose to pay the ransom and move on.
The Russian government is being blamed for hacking into a computer system used by the White House, and the hackers were able to view classified information. It's possible the cyber intrusion, with alleged ties to the US State Department breach, was in retaliation for sanctions against Russia.
However, White House officials didn't specifically single out Russia for launching the cyberattack - but there is an active investigation by the Secret Service, FBI and US intelligence agencies. "In this case, as we made clear at the time, we took immediate measures to evaluate and mitigate the activity," said Mark Stroh, National Security Council spokesman. "As has been our position, we are not going to comment on [this] article's attribution to specific actors."
Not surprisingly, the Kremlin has issued a statement saying Russia is a constant scapegoat for organized cyberattacks: "In regard to CNN's sources, I don't know who their sources are," said Dmitry Peskov, spokesman for Russian President Vladimir Putin, in a statement published by RT. "We know that blaming everything on Russia has already turned into some sort of sport."
In a discussion on Last Week Tonight, Edward Snowden told comedian John Oliver about how we can think about the governments surveillance of citizens in a more relatable manner.
It is often discussed that the general population isn't up in arms about breaches of sensitive data as they can't closely relate with exactly whats going on. In an attempt to educate some, Oliver took a new approach as spotted on News.com.au.
Talking to Americans on the street, Oliver showed us that there was quite a number of people who weren't exactly sure who Snowden was - often confusing him for Wikileaks founder Julian Assange. He then asked how people would feel if their naughty 'nudes' were available for the taking.
One angry person stated "if I had knowledge that the US government had a picture of my d*ck, I would be very pissed off," with Snowden adding "well, the good news is there's no program named 'The D*ck Pic Program'. The bad news is [the government's] still collecting everybody's information - including your d*ck pics."
A Linux Australia server hosting a conference attendee database was compromised after cybercriminals were able to gain root level access. Information taken related to the Linux Aus Conference for 2013, 2014 and 2015, along with PyCon Australia 2013 and 2014 - stolen data included names, email addresses, physical mailing addresses, phone numbers, and passwords.
Hackers were able to trigger a remote buffer overflow after installing a remote access tool, and then rebooted the server so software was loaded into memory. From there, a command & control center was installed and began operation - and system administrators note that it doesn't look like personal information was taken, but an investigation continues.
"In accordance with our values of transparency and openness, we wish to inform you of a security breach of Linux Australia's servers," said Joshua Hesketh, organization president of Linux Australia. "This incident has resulted in the possible, but not confirmed, release of personal information."