firm

now browsing by tag

 
 

Cybersecurity firm Symantec says hackers infiltrated power grid controls in America and abroad

Source: National Cyber Security – Produced By Gregory Evans

Attempts by hackers to break into the energy sector in the US and abroad have made headlines in recent months. According to a report by the cybersecurity firm Symantec, hackers have now successfully infiltrated power grid controls in the US and Turkey, and gained access to systems “that could provide…

The post Cybersecurity firm Symantec says hackers infiltrated power grid controls in America and abroad appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Mayweather vs McGregor fight: 239 illegal streams detected, says cybersecurity firm

Source: National Cyber Security – Produced By Gregory Evans

The much-hyped megafight between Floyd Mayweather and Irishman Conor McGregor may be over, but it has sparked a fierce battle outside the ring over piracy. According to data collected by cybersecurity firm Irdeto, a total of 239 illegal streams were found to have redistributed the boxing match this past weekend,…

The post Mayweather vs McGregor fight: 239 illegal streams detected, says cybersecurity firm appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Israeli firm hacks the hackers, and has advice how to beat them

Source: National Cyber Security – Produced By Gregory Evans

Hackers are a lot like the rest of us, a new study by Israeli cybersecurity firm Imperva shows. Just as some honest computer users are quick to respond to phishing messages – email scams designed to steal personal information – so do hackers respond to documents and files with titles…

The post Israeli firm hacks the hackers, and has advice how to beat them appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Endpoint security firm leaking terabytes of data

Source: National Cyber Security – Produced By Gregory Evans

Endpoint security software vendor Carbon Black has been found to be exfiltrating data from several Fortune 1000 companies due to the architecture of its Cb Response software, the information security services and managed services provider DirectDefense claims. A blog post written by its president, Jim Broome, described the Cb Response…

The post Endpoint security firm leaking terabytes of data appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ex-employee faces 7 years in prison after hacking into security firm and deleting client data

Source: National Cyber Security – Produced By Gregory Evans

A US man has been sentenced to seven years in federal prison after being found guilty of an audacious hacking scheme in which he used a Remote Access Trojan (RAT) to covertly delete a slew of sensitive computer files belonging to his former security company employer. After resigning from Florida-based…

The post Ex-employee faces 7 years in prison after hacking into security firm and deleting client data appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Portugal’s Watchful Software acquired by US cybersecurity firm Symantec

Source: National Cyber Security – Produced By Gregory Evans

Portugal’s Watchful Software acquired by US cybersecurity firm Symantec

American cybersecurity firm Symantec has acquired Portuguese security company Watchful Software. No terms of the deal, which closed in May, were disclosed. Watchful Software makes data security and loss prevention solutions for businesses. It will now join Symantec’s DLP (Data Loss Prevention) group but staff and R&D will remain based…

The post Portugal’s Watchful Software acquired by US cybersecurity firm Symantec appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyber security firm FireEye posts surprise rise in revenue

Source: National Cyber Security – Produced By Gregory Evans

Cyber security firm FireEye posts surprise rise in revenue

Cyber security firm FireEye Inc reported a surprise 3.4 percent rise in quarterly revenue, helped by strength in its product subscription and services business.

FireEye’s shares jumped 13.8 percent to $13.90 after the bell on Tuesday.

The company’s billings, a closely watched indicator of future business, fell 18 percent to $152.4 million in the first quarter, compared with a fall of 14 percent in the previous quarter.

However, billings in the latest quarter beat analysts’ estimates of $142.5 million, according to financial data and analytics firm FactSet.

FireEye expects billings of $173 million-$179 million in the second quarter, above analysts’ estimate of $170.9 million.

The company is amid a transition to a software-as-a-service model (SaaS) from its traditional business that centered around the sale of hardware boxes.

“The revenue level looks like it could be stabilizing, you’re probably seeing a change in complexion of the revenue towards more subscription and services,” Wedbush Securities analyst Steve Koenig said.

FireEye remains confident of renewed growth in the second half of 2017, helped by the introduction of products such as the Helix platform, which combines network processing and analytics with endpoint analytics.

“We fully expect in the fourth quarter that we’re going to be non-GAAP profitable, and then you would expect that to be the case from 2018 on,” FireEye Chief Financial Officer Frank Verdecanna said in an interview on Tuesday.

The Milpitas, California-based company also forecast revenue of $173 million to $179 million for the current quarter. Analysts on average were expecting revenue of $173.31 million, according to Thomson Reuters I/B/E/S.

FireEye, which provides web, email and malware security to businesses and governments, said its revenue rose to $173.7 million in the quarter ended March 31, from $168 million in the year-earlier period.

Analysts on average had expected revenue to fall about 2.6 percent to $163.7 million.

Net loss attributable to the company’s shareholders narrowed to $83 million, or 48 cents per share, from $155.9 million, or 98 cents per share.

Excluding items, FireEye reported a loss of 9 cents per share. Analysts were expecting a loss of 26 cents.

Through Tuesday’s close, the stock had risen 2.6 percent, underperforming the 10.8 percent gain in the broader Nasdaq Composite index.

(Reporting by Narottam Medhora in Bengaluru; Editing by Maju Samuel and Martina D’Couto)

Source:

The post Cyber security firm FireEye posts surprise rise in revenue appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Source: National Cyber Security – Produced By Gregory Evans

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Hackers allegedly linked to the Iranian government launched a digital espionage operation this month against more than 250 different Israel-based targets by using a recently disclosed and widely exploited Microsoft Word vulnerability, cybersecurity experts tell CyberScoop.

The hacking group, dubbed OilRig by security researchers and believed to be tied to Iranian intelligence services, utilized a software flaw in Word officially known as CVE-2017-0199 that allows attackers to execute a remote computer intrusion to take full control of a target device while leaving little or no trace, said Michael Gorelik, vice president of Israeli security firm Morphisec.

Over the last month, Morphisec has investigated the incident on behalf of multiple victims. Clients showed forensic evidence on their respective networks that could be linked back to OilRig. After its disclosure in March, CVE-2017-0199 was quickly exploited by nation-states and cybercriminals alike.

John Hultquist, ‎Director of Cyber Espionage Analysis at iSIGHT Partners, confirmed Morphisec’s findings.

“We have recently seen these actors and [other] cyber espionage actors targeting Asia adopt CVE-2017-0199. The vulnerability was a proliferation issue before it was patched, and remains one now,” said Hultquist.

OilRig has been around since at least 2015, according to numerous security industry experts who have watched the group target Israeli networks repeatedly and with varying tactics.

To exploit the Microsoft Word vulnerability, a target must open or preview an infected Microsoft Office or WordPad file, which OilRig sent out in large numbers to hundreds of Israeli-based targets, including government agencies and officials. When opened, the attachment designed by OilRig would download the Hanictor trojan, a variant of fileless malware capable of bypassing most security and anti-virus protections.

CVE-2017-0199 was patched earlier this month by Microsoft after an extraordinary nine-month delay from when it was initially communicated to the company privately. Getting the vast ecosystem of Microsoft users to patch machines is a slow and unreliable process, however, so many often remain vulnerable after a patch is published.

Point of initial contact

“The OilRig campaign is a multi-stage kill chain meant to burrow into Israeli critical defense infrastructure,” said Tom Kellermann, CEO of D.C.-based venture capital firm Strategic Cyber Ventures. Kellerman is a major investor in TrapX, another cybersecurity firm that also detected and helped clients defend against the Iranian cyberattack.

The beginnings of the Iranian operation are believed to have started with a series of phishing emails sent to Ben Gurion University employees although it quickly expanded to include various Israeli technology and medical companies. Ben Gurion University is home to Israel’s Cyber Security Research Center, a scientific institute that develops sophisticated cyber capabilities.

Gorelik said an investigation is ongoing to better understand the full scope of damage caused by the hackers. His firm, Morphisec, posted technical analysis of the attack on Thursday morning.

Investigators were able to identify a series of command and control servers activated by the hackers on April 16, which were subsequently used to launch the offensive cyber operation, according to a notification published Wednesday by Israel’s Computer Emergency Response Team. The first round of phishing emails were sent on April 19 and the last came on April 24. The malware-laden emails carried subject lines relating to nonexistent “resumes, exams and holiday plans,” said Gorelik.

Exploiting CVE-2017-0199 enables an attacker to download and execute a Visual Basic script containing PowerShell commands whenever a vulnerable user opens a document containing an embedded exploit, according to American cybersecurity firm FireEye. Malware payloads executed after the exploit can come from all manner of malware families.

FireEye previously found that various hackers — including both governments and cybercriminals — were using the same CVE-2017-0199 vulnerability to breach a wide array of different victims.

On April 11, researchers at FireEye described an attack exploiting CVE-2017-0199 this way:

A threat actor emails a Microsoft Word document to a targeted user with an embedded OLE2 embedded link object
When the user opens the document, winword.exe issues a HTTP request to a remote server to retrieve a malicious HTA file
The file returned by the server is a fake RTF file with an embedded malicious script
Winword.exe looks up the file handler for application/hta through a COM object, which causes the Microsoft HTA application (mshta.exe) to load and execute the malicious script
“This kind of vulnerability is very rare,” Gorelik said. “There has been progress from this group. This is one of the more advanced fileless campaigns I’ve seen. It was a targeted, large campaign using quite a big infrastructure. It’s fileless, so it’s very hard to detect. They regenerated signatures on the endpoint each and every time for the trojan so it’s very hard to remediate, identify or remove it.

He added, “this Iranian group is quite advanced I would say.”

The Iran-backed espionage campaign was first revealed in broad terms Wednesday through a vague press announcement issued by the Prime Minister’s Office, claiming that Israel’s newly formed Cyber Defense Authority helped to thwart the attack.

The attacks were “relatively well planned and took considerable resources. It is obvious that there was intelligence gathering prior to the attack and a careful selection of targets — in this case Israeli computing companies,” said Boaz Dolev, CEO of the Israeli security firm ClearSky in an interview with the Israeli newspaper Haaretz.

Source:

The post Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity firm Trustlook says 38% of ransomware victims pay up

Source: National Cyber Security – Produced By Gregory Evans

Cybersecurity firm Trustlook says 38% of ransomware victims pay up

Cybersecurity firm Trustlook has conducted some new research that shows it’s not only businesses that are threatened by ransomware. There is an increase in regular users being targeted by ransomware …

The post Cybersecurity firm Trustlook says 38% of ransomware victims pay up appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyber security firm has detected pre-installed malware on Android based devices that are stealing data

Source: National Cyber Security – Produced By Gregory Evans Israel-based cyber security firm Check Point has detected a malware that is not downloaded due to users’ use but is already present in Android device. According to a company blog post last week, the pre-installed malware was detected in 38 … The post Cyber security firm […]

The post Cyber security firm has detected pre-installed malware on Android based devices that are stealing data appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?