TweakTown NewsRefine News by Category:
Most companies combat advanced persistent threats (APTs) using anti-virus and anti-malware security software, according to the "Advanced Persistent Threat Awareness" report released by the ISACA non-profit information security group. The study found 96 percent of survey participants note AV or anti-malware solutions as the most popular option - with 60 percent also relying on remote access.
APTs are described as stealthy, prolonged attacks typically aimed at cyberespionage attacks against businesses and governments. Due to large numbers of malware, security experts try to keep end-users and networks secure while pinpointing activity from command and control network traffic.
"The technical controls most often identified as being used to prevent APTs are network perimeter technologies, such as firewalls and access lists within routers, as well as anti-malware and anti-virus," according to the ISACA report. "While these controls are proficient for defending against traditional attacks, they are probably not as well suited for preventing APTs for a number of researchs," including spear phishing or zero-day threats.
E-ZPass customers in Massachusetts, New York and New Jersey are being warned of an email phishing scam from criminals claiming to be from the E-ZPass "Customer Service Center." The email subject is "Payment for driving on toll road," and informs customers that they have unpaid tolls.
The fake email has the following message: "Dear customer, you have not paid a toll for driving on a toll road. This invoice is sent repeatedly, please service your debt in the shortest possible time. The invoice can be downloaded here."
Security experts point out a couple of different problems with this email, including: bad grammar and the realization that an official summons wouldn't ask recipients to download an invoice. Furthermore, the real E-ZPass Service Center doesn't email customers regarding payment problems and other correspondence.
Security company Kaspersky Lab today announced its updated product lineup for home consumers, including the Kaspersky Anti-Virus 2015, Kaspersky Internet Security 2015 and Kaspersky Internet Security - Multiple-Device 2015. Designed to protect Microsoft Windows, Apple OS X and Google Android devices from current threats in a rather complex security world.
New features include Webcam protection aimed at keeping built-in Web cameras safe and secure from outside hacking. Kaspersky also included a Wi-Fi security notification module that ensures public Wi-Fi hotspots are secure, informing users of vulnerable network connections or unsecured password transmission. Ransomware which encrypts files also is a major threat to PC users, so the Kaspersky Lab System Watcher module verifies all running processes to prevent criminals from encrypting files.
"Today's threat landscape is persistently evolving and at Kaspersky Lab we're continuously staying one step ahead of the cybercriminals," said Justin Priestley, Kaspersky Lab consumer sales SVP, in a statement. "We provide our customers with the most advanced protection tools available, like the innovative Webcam Protection and System Watcher features. Our 2015 suite of products, especially Kaspersky Lab Internet Security, is equipped with technologies that have proven to be effective not only in independent tests, but in the real-world, protection 300 million people across the globe."
A team of researchers at CrowdStrike is claiming China's "Deep Panda" cyber offensive group has begun targeting, and has now compromised, US national security think tanks. In an alarming statement, co-founder Dmitri Alperovitch asserted that the attacks seem to be tied into monitoring activity from the newly founded Islamic State of Iraq and the Levant (ISIS).
In a blog post, CrowdStrike's co-found Dmitri Alperovitch outlined the company's work with human rights groups and security think tanks. Former senior government officials frequently work in organizations like these, and so are a natural target of hostile intelligence services, Alperovitch said, adding that he has "great confidence" the Deep Panda group is affiliated with the Chinese government. It's one of 30 CrowdStrike closely follows in China, but the company points out it is also one of the most sophisticated.
As the armed ISIS faction launched an attack on an oil refinery, Alperovitch claims Deep Panda began a hunt for files from US thinktank employees. He pointed out that China is the top foreign investor in Iraq's oil infrastructure, and so espionage fits in with the country's national interests. "It wouldn't be surprising if the Chinese government is highly interested in getting a better sense of the possibility of deeper US military involvement that could help protect the Chinese oil infrastructure in Iraq," Alperovitch wrote. "In fact, the shift in targeting of Iraq policy individuals occurred on June 18, the day that ISIS began its attack on the Baiji oil refinery."
Public utility companies and federal governments need to be more aware to the real threat of cyberattacks, with criminals reaching new levels of network penetration. Following suspicions of a cyberattack, companies need to conduct an in-house and third-party security audit to determine how the incident occurred.
It was previously noted that public utility companies struggling to meet growing cyberattack threats - but the realization that eastern European hackers were able to compromise oil and gas companies as part of "Dragonfly" provides a more frantic view of cybersecurity. The U.S. government is mulling over stricter regulations to force utility companies to be more careful with network connections and security from outside threats.
"These infections not only gave the attackers a beachhead in the targeted organizations' networks, but also gave them the means to mount sabotage operations against infected (industrial control system) computers," Symantec noted.
The popular video website Dailymotion was compromised by cybercriminals able to inject malicious code, redirecting visitors and secretly installing malware. The iframe first appeared on June 28 and installed the Sweet Orange Exploit Kit, targeting Oracle Java, Microsoft Internet Explorer and the Adobe Flash Player.
It seems only a small number of users were compromised, and Dailymotion quickly restored videos and ensured they were safe again.
"If the kit successfully exploited any of these vulnerabilities, then Trojan.Adclicker was downloaded onto the victim's computer," according to Symantec researchers. "This malware forces the compromised computer to artificially generate traffic to pay-per-click Web advertisements in order to generate revenue for the attackers."
Most of us understand that one of the ways to keep people who aren't authorized to get into your iPhone out is by using a password. The problem for many is that unlocking the screen of your device with a password can be a nuisance. Apple is tipped to be working on a new feature for the iPhone 6 that will make password security easier to live with.
According to rumors floating around the web, the iPhone 6 will get automatic unlocking. Apple has filed a patent application that outlines ways that the next iPhone might get automatic unlocking. The app outlines a method where the iPhone will only deploy password locks when it is used on an unknown network.
That would mean if you try to use your iPhone at home, no password would be needed, but if you try to use it on a network at the local coffee shop, it would ask for a password. The patent app is titled "Location-Sensitive Security Levels and Setting Profiles Based on Detected Location." As with all patent apps, there is no guarantee that this tech will ever be used.
The Stanford Federal Credit Union contacted around 18,000 of its customers, informing them their personal information was accidentally included in an email to another bank customer. The personal information sent includes customer names, mailing addresses, member numbers, credit information, loan offers, and tax identification numbers.
The incident took place on April 30 and the bank began informing customers in early June. The employees quickly discovered the mistake and data was reportedly destroyed before the customer opened the email.
"While we are confident this information was never seen by unauthorized individuals and you are not at risk, we feel it is important to communicate with our members in any situation involving their information or accounts," said Joan Opp, Stanford Federal Credit Union CEO, in a statement. "I also want to emphasize that our electronic systems were in no way compromised and your accounts remain secure."
Anti-piracy firm Rightscorp says more than 140 Internet service providers (ISPs) in the United States are disconnecting repeat copyright offenders. Most ISPs send notices to repeat copyright offenders, telling them that protected content, such as music, movies, and other content are being shared.
However, Rightscorp tracks what users are downloading and sharing on BitTorrent, then approaches user ISPs - and most fines are about $20 per shared file. Repeat offenders, however, need swifter punishment according to copyright holders, which is why Rightscorp is speaking with so many U.S. ISPs. It remains difficult to identify how many times a person must be caught sharing files to be considered a "repeat infringer," with companies such as AT&T refusing to unplug users unless a court order is issued.
"We push ISPs to suspend accounts of repeat copyright infringers and we currently have over 140 ISPs that are participating in our program, including suspending the accounts of repeat infringers," said Christopher Sabec, Rightscorp CEO, when speaking about the current state of copyright infringement.
May spam email traffic averaged 69.8 percent, a 1.3 percent drop from April, but security experts continue to tell Internet users to be weary of sometimes rather clever spam. There was a large amount of mass mailings for schools and universities, along with "offers" for student loan repayment plans also popular phishing techniques.
Email search sites were the most popular targets (32.2 percent) ahead of social media websites (23.9 percent), and financial and payment organizations were in the No. 3 spot (12.8 percent). Spammers rely on unsuspecting and gullible Internet users to click compromising links that install malware - or otherwise steal credentials.
"Spammers are constantly thinking up new tricks or turning to old favorites to catch out their victims," said Tatyana Shcherbakova, Kaspersky Lab Senior Spam Analyst, in a statement. "It's not just about advertising: this month we came across a number of mass mailings imitating official notifications from various services and companies. The attachments in these emails contained malware from the Andromeda family. This family consist of backdoors that allow attackers to silently control infected computers, which often become part of a botnet."