Against

now browsing by tag

 
 

How federal government departments are protecting Australians’ data against cyber hack

Source: National Cyber Security – Produced By Gregory Evans

How federal government departments are protecting Australians’ data against cyber hack

The federal government has conceded it can’t be certain public service departments are secure against major hacking attacks, as Malcolm Turnbull’s senior cyber adviser suggested Australia might have dodged the latest international crisis because it fell during the weekend. At least eight Australian businesses have been infected by the bug crippling some systems in Britain, Europe and the US, with …

The post How federal government departments are protecting Australians’ data against cyber hack appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Source: National Cyber Security – Produced By Gregory Evans

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Hackers allegedly linked to the Iranian government launched a digital espionage operation this month against more than 250 different Israel-based targets by using a recently disclosed and widely exploited Microsoft Word vulnerability, cybersecurity experts tell CyberScoop.

The hacking group, dubbed OilRig by security researchers and believed to be tied to Iranian intelligence services, utilized a software flaw in Word officially known as CVE-2017-0199 that allows attackers to execute a remote computer intrusion to take full control of a target device while leaving little or no trace, said Michael Gorelik, vice president of Israeli security firm Morphisec.

Over the last month, Morphisec has investigated the incident on behalf of multiple victims. Clients showed forensic evidence on their respective networks that could be linked back to OilRig. After its disclosure in March, CVE-2017-0199 was quickly exploited by nation-states and cybercriminals alike.

John Hultquist, ‎Director of Cyber Espionage Analysis at iSIGHT Partners, confirmed Morphisec’s findings.

“We have recently seen these actors and [other] cyber espionage actors targeting Asia adopt CVE-2017-0199. The vulnerability was a proliferation issue before it was patched, and remains one now,” said Hultquist.

OilRig has been around since at least 2015, according to numerous security industry experts who have watched the group target Israeli networks repeatedly and with varying tactics.

To exploit the Microsoft Word vulnerability, a target must open or preview an infected Microsoft Office or WordPad file, which OilRig sent out in large numbers to hundreds of Israeli-based targets, including government agencies and officials. When opened, the attachment designed by OilRig would download the Hanictor trojan, a variant of fileless malware capable of bypassing most security and anti-virus protections.

CVE-2017-0199 was patched earlier this month by Microsoft after an extraordinary nine-month delay from when it was initially communicated to the company privately. Getting the vast ecosystem of Microsoft users to patch machines is a slow and unreliable process, however, so many often remain vulnerable after a patch is published.

Point of initial contact

“The OilRig campaign is a multi-stage kill chain meant to burrow into Israeli critical defense infrastructure,” said Tom Kellermann, CEO of D.C.-based venture capital firm Strategic Cyber Ventures. Kellerman is a major investor in TrapX, another cybersecurity firm that also detected and helped clients defend against the Iranian cyberattack.

The beginnings of the Iranian operation are believed to have started with a series of phishing emails sent to Ben Gurion University employees although it quickly expanded to include various Israeli technology and medical companies. Ben Gurion University is home to Israel’s Cyber Security Research Center, a scientific institute that develops sophisticated cyber capabilities.

Gorelik said an investigation is ongoing to better understand the full scope of damage caused by the hackers. His firm, Morphisec, posted technical analysis of the attack on Thursday morning.

Investigators were able to identify a series of command and control servers activated by the hackers on April 16, which were subsequently used to launch the offensive cyber operation, according to a notification published Wednesday by Israel’s Computer Emergency Response Team. The first round of phishing emails were sent on April 19 and the last came on April 24. The malware-laden emails carried subject lines relating to nonexistent “resumes, exams and holiday plans,” said Gorelik.

Exploiting CVE-2017-0199 enables an attacker to download and execute a Visual Basic script containing PowerShell commands whenever a vulnerable user opens a document containing an embedded exploit, according to American cybersecurity firm FireEye. Malware payloads executed after the exploit can come from all manner of malware families.

FireEye previously found that various hackers — including both governments and cybercriminals — were using the same CVE-2017-0199 vulnerability to breach a wide array of different victims.

On April 11, researchers at FireEye described an attack exploiting CVE-2017-0199 this way:

A threat actor emails a Microsoft Word document to a targeted user with an embedded OLE2 embedded link object
When the user opens the document, winword.exe issues a HTTP request to a remote server to retrieve a malicious HTA file
The file returned by the server is a fake RTF file with an embedded malicious script
Winword.exe looks up the file handler for application/hta through a COM object, which causes the Microsoft HTA application (mshta.exe) to load and execute the malicious script
“This kind of vulnerability is very rare,” Gorelik said. “There has been progress from this group. This is one of the more advanced fileless campaigns I’ve seen. It was a targeted, large campaign using quite a big infrastructure. It’s fileless, so it’s very hard to detect. They regenerated signatures on the endpoint each and every time for the trojan so it’s very hard to remediate, identify or remove it.

He added, “this Iranian group is quite advanced I would say.”

The Iran-backed espionage campaign was first revealed in broad terms Wednesday through a vague press announcement issued by the Prime Minister’s Office, claiming that Israel’s newly formed Cyber Defense Authority helped to thwart the attack.

The attacks were “relatively well planned and took considerable resources. It is obvious that there was intelligence gathering prior to the attack and a careful selection of targets — in this case Israeli computing companies,” said Boaz Dolev, CEO of the Israeli security firm ClearSky in an interview with the Israeli newspaper Haaretz.

Source:

The post Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

FDA threatens action against medical device-maker over poor cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

The Food and Drug Administration (FDA) is threatening action if Abbott Labs fails to address safety and security issues in certain medical devices. The company recently purchased St. Jude Medical, which makes implanted cardiac devices that have been the subject …

The post FDA threatens action against medical device-maker over poor cybersecurity appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Citizens Invited to ‘Stand’ against Child Abuse

April is National Child Abuse Prevention Month, and GRADD’s Community Collaboration for Children and the Kentucky Cabinet for Health & Family Services’ Department for Community Based Services invite you to help raise awareness.

CCC and DCBS are sponsoring “The Stand Against Child Abuse” on Thursday, April 17, from 4:30 p.m. to 7:00 p.m. on the side lawn of Kentucky Wesleyan College

Several activities for children are planned, including bounce houses, petting zoo, face painting, balloons, bubbles, a coloring station, and more.

This annual event helps bring attention to an issue that, unfortunately, continues to plague our nation, state, and local communities.

According to the most recent DCBS statistics, Kentucky Child Protective Services investigated 2,677 allegations of abuse/neglect of minors within Daviess, Hancock, Henderson, McLean, Ohio, Union and Webster counties in 2016—including 1,187 cases which were substantiated.

Read More

The post Citizens Invited to ‘Stand’ against Child Abuse appeared first on Parent Security Online.

View full post on Parent Security Online

FOUR WAYS SOCIAL MEDIA MANAGERS CAN PROTECT THEIR COMPANY’S ACCOUNTS AGAINST HACKERS

These days, everyone is on social media, and customers expect you to be too. No matter what industry you’re in, if you don’t have a social media presence, you may not be visible or accessible to a large proportion of … View full post on National Cyber Security Ventures hacker proof, #hackerproof

The post FOUR WAYS SOCIAL MEDIA MANAGERS CAN PROTECT THEIR COMPANY’S ACCOUNTS AGAINST HACKERS appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

Parents speak out against bullying policy

A few parents say it’s time to address bullying at the grade school. They say it’s a problem. So is the way it’s handled.

Several moms went to the school board meeting tonight. One spoke at length about the problems her daughter and other students have had with bullying. She wants the school board to examine and change the bullying policy, at least at the grade school level.

At this month’s school board meeting public comments came first. Amy Huskisson started her time with a story her 6 year-old daughter told her about a 9 year-old boy at recess.

She says, “He chased her down, wrapped his arms around her, and squeezed her as hard as he could to the extent that her face turned red, almost a purpleish color.

Read More

The post Parents speak out against bullying policy appeared first on Parent Security Online.

View full post on Parent Security Online

A fight against child pornography or control over the citizens?

The Moldovan government’s initiative to toughen control over the Internet and private online communication (the theme that has recently become particularly topical in Georgia, too), has stirred fierce debates in public.

The matter concerns the bill that is popularly referred to as the ‘Big Brother’ Law’. The latter vests the investigative agencies with the right to block websites, monitor personal emails, SMS, as well as Viber and WhatsApp messages – and all those measures aim to ensure efficient fight against child pornography and terrorism.

Official Chișinău is looking forward to the Venice Commission’s final conclusion on the aforesaid bill.

However, the experts ring the alarm bells, claiming that the bill is nothing but an attempt to impose censorship on the Internet.

Read More

The post A fight against child pornography or control over the citizens? appeared first on Parent Security Online.

View full post on Parent Security Online

Ex-high school teacher sentenced to probation for sex crime against student

A former high school teacher will spend a year on probation but no time behind bars after having an inappropriate relationship with a student.

Aaron Clark, 37, was sentenced Monday to 364 days in jail, all of it suspended, by Superior Court Justice Robert Murray in Waldo County Superior Court. Clark taught math at Mount View High School in Thorndike prior to his arrest in June.

“I’m sorry about what this has done to her,” Clark said of the victim as he addressed the judge during the sentencing. “I never wanted anything but the best for her.”

His victim, who sat in the back of the courtroom flanked by advocates, put her head in her hands and cried as Clark began to speak.

Read More

The post Ex-high school teacher sentenced to probation for sex crime against student appeared first on Parent Security Online.

View full post on Parent Security Online

NY announces recommendations to protect against cyber crime

Source: National Cyber Security – Produced By Gregory Evans

NY announces recommendations to protect against cyber crime

A host of New York State government agencies today announced important tips consumers and businesses can follow to protect their online privacy and information from unscrupulous scammers. These helpful steps and reminders from the Department of State, Office of Information …

The post NY announces recommendations to protect against cyber crime appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Anonymous knocks 20pc of dark web offline in campaign against child pornography

They decided instead to keep the service offline as they found evidence that child pornography sites on the service went over the mandated free hosting limit, meaning that Freedom Hosting II was not only encouraging the sites but actually profiting from them as well.

A hacker linked to the group Anonymous has attacked a Dark Web hosting service after discovering that it was responsible for the management of child porn sites.

“Hello, Freedom Hosting II, you have been hacked”.

The hack may have affected up to a fifth of the dark web – sites accessible only using anonymising service “Tor”.

The hacker said that the action was their “first hack ever”, explaining that they “just had the right idea”.

Read More

The post Anonymous knocks 20pc of dark web offline in campaign against child pornography appeared first on Parent Security Online.

View full post on Parent Security Online