hackers

now browsing by tag

 
 

Hackers are Using Infected PC Games to Make Millions Mining Crypto | #computerhacking | #hacking | #cybersecurity | #infosecurity | #hacker

Source: National Cyber Security – Produced By Gregory Evans

Antivirus company Avast has discovered a new malware named “Crackonosh” that is being hidden in free versions of popular PC games. The malware hijacks your computer to be used in […]

The post Hackers are Using Infected PC Games to Make Millions Mining Crypto | #computerhacking | #hacking | #cybersecurity | #infosecurity | #hacker appeared first on National Cyber Security.

View full post on National Cyber Security

US govt offers $10 million reward for tips on nation-state hackers | #computerhacking | #hacking | #cybersecurity | #infosecurity | #hacker

Source: National Cyber Security – Produced By Gregory Evans

The United States government has taken two more active measures to fight and defend against malicious cyber activities affecting the country’s business and critical infrastructure sectors. One initiative is a […]

The post US govt offers $10 million reward for tips on nation-state hackers | #computerhacking | #hacking | #cybersecurity | #infosecurity | #hacker appeared first on National Cyber Security.

View full post on National Cyber Security

Uganda: Hackers Target Govt Covid Certificate Control System | #government | #hacking | #cyberattack | #cybersecurity | #infosecurity | #hacker

Source: National Cyber Security – Produced By Gregory Evans

The government has attributed rising cases of fake Covid-19 test certificates to actions of fraudsters within labour export companies. According to the Ministry of Health, the fraudsters are forging results […]

The post Uganda: Hackers Target Govt Covid Certificate Control System | #government | #hacking | #cyberattack | #cybersecurity | #infosecurity | #hacker appeared first on National Cyber Security.

View full post on National Cyber Security

Microsoft: Hackers Now Only Need Under 45 Minutes to Insert Ransomware | #microsoft | #hacking | #cybersecurity | #cybersecurity | #infosecurity | #hacker

Source: National Cyber Security – Produced By Gregory Evans

Jamie P., Tech Times 29 September 2020, 01:09 pm Hacking is no longer a new thing in the computer and internet world. Most of them use businesses, individuals, or groups that […]

The post Microsoft: Hackers Now Only Need Under 45 Minutes to Insert Ransomware | #microsoft | #hacking | #cybersecurity | #cybersecurity | #infosecurity | #hacker appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Hackers Steal Customer Info from UK FinTech Loqbox

Source: National Cyber Security – Produced By Gregory Evans

A UK-based fintech was hit by a “sophisticated” cyber-attack last month, compromising the payment information and personal details of its customers.

The firm, which helps customers improve their credit score by taking out and repaying loans with it, revealed the incident in an email to customers seen by MoneySavingExpert.

It happened on February 20 this year, and although the number of customers affected is thus far unknown, the variety of personal information compromised should set alarm bells ringing for those affected.

It includes customers’ names, dates of birth, postal addresses and phone numbers alongside: the first six and last four digits of their card number, expiry date, sort code and two digits from their bank account number.

This information isn’t enough on its own for hackers to use in payment or account takeover fraud, but it could certainly be deployed to make follow-on phishing attacks more convincing.

If a victim responded to such an email with more of their details, hackers could piece together enough digital information to commit a range of identity fraud scams.

“Cyber-criminals are quick to create genuine-looking fake sites and emails designed to manipulate further information out of their victims including passwords or other missing data,” warned ESET cybersecurity specialist, Jake Moore.

Loqbox itself has claimed to have notified the relevant regulatory authorities and police, and has taken steps to address the security issues which led to the breach.

It reassured customers that any funds paid into accounts were still secure. However, there’s no public breach notification on its website or Twitter feed, the latter not having been updated since June 2019.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Hackers Steal Customer Info from UK FinTech Loqbox appeared first on National Cyber Security.

View full post on National Cyber Security

2 Chinese Charged with Laundering $100 Million for North Korean Hackers

Source: National Cyber Security – Produced By Gregory Evans

North Korea Hacking Cryptocurrency

Two Chinese nationals have been charged by the US Department of Justice (DoJ) and sanctioned by the US Treasury for allegedly laundering $100 million worth of virtual currency using prepaid Apple iTunes gift cards.

According to a newly unsealed court document, the illicit funds originated from a $250 million haul stolen from two different unnamed cryptocurrency exchanges that were perpetrated by Lazarus Group, a cybercrime group with ties with the North Korean government.

The two individuals in question — Tian Yinyin (田寅寅, and Li Jiadong (李家东) — were both charged with operating an unlicensed money transmitting business and money laundering conspiracy.

Prosecutors said the defendants worked on behalf of the threat actors based in North Korea to allegedly launder over a $100 million worth of stolen cryptocurrency to obscure transactions, adding the hacking of cryptocurrency exchanges posed a severe threat to the security of the global financial system.

It’s worth noting that Lazarus Group was one among the three hacking outfits to be sanctioned by the US government last September for conducting a variety of financially-motivated operations ranging from cyber-espionage to data theft, so as to fund the country’s illicit weapon and missile programs.

Per the US Treasury, the Lazarus Group stole the funds in 2018 after an employee of a cryptocurrency exchange unwittingly downloaded malware through an email, which gave the threat actor access to private keys, virtual currency, and other customer information.

“Lazarus Group cyber actors used the private keys to steal virtual currencies (250 million dollar equivalent at date of theft) from this exchange, accounting for nearly half of the DPRK’s estimated virtual currency heists that year.” the Treasury said.

While the name of the exchange remains unknown, a report by Kaspersky back in August 2018 detailed a campaign that involved dropping malware in the corporate networks of a number of crypto-exchanges by sending spear-phishing emails.

Stating that North Korea trains hackers to “target and launder stolen funds from financial institutions,” the Treasury added that both Tian and Li received $91 million from North Korea-controlled accounts that can be traced by the 2018 cryptocurrency exchange hack and an additional $9.5 million from a hack of a second exchange.

Prosecutors said the two individuals helped convert more than $34 million of the illicit funds they received back into Chinese yuan by moving them to a bank account linked to the exchange account, in addition to converting $1.4 million worth of cryptocurrency into Apple gift cards.

Created in 2007, the Lazarus Group has gone after a number of targets, including militaries, governments, financial institutions, media companies, and utility sectors, to perpetrate monetary heists and destructive malware attacks, making it the most-profitable cryptocurrency-hacker syndicate in the world.

A United Nations report last August estimated North Korea to have generated an estimated $2 billion for its weapons programs through “widespread and increasingly sophisticated cyberattacks” targeting banks and cryptocurrency exchanges.

The Original Source Of This Story: Source link

The post 2 Chinese Charged with Laundering $100 Million for North Korean Hackers appeared first on National Cyber Security.

View full post on National Cyber Security

#school | #ransomware | Dutch University Pays $220K Ransom to Russian Hackers

Source: National Cyber Security – Produced By Gregory Evans University president says damage from the ransomware attack “can scarcely be conceived.” The University of Maastricht located in the Netherlands experienced a ransomware attack on December 24 and wound up paying the hackers 200,000 euros or $220,000 in bitcoin to unblock its computers, reports Reuters. “The […] View full post on AmIHackerProof.com

Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers

Source: National Cyber Security – Produced By Gregory Evans

microsoft azure hacking

Cybersecurity researchers at Check Point today disclosed details of two recently patched potentially dangerous vulnerabilities in Microsoft Azure services that, if exploited, could have allowed hackers to target several businesses that run their web and mobile apps on Azure.

Azure App Service is a fully-managed integrated service that enables users to create web and mobile apps for any platform or device, and easily integrate them with SaaS solutions, on-premises apps to automate business processes.

According to a report researchers shared with The Hacker News, the first security vulnerability (CVE-2019-1234) is a request spoofing issue that affected Azure Stack, a hybrid cloud computing software solution by Microsoft.

If exploited, the issue would have enabled a remote hacker to unauthorizedly access screenshots and sensitive information of any virtual machine running on Azure infrastructure—it doesn’t matter if they’re running on a shared, dedicated or isolated virtual machines.

According to researchers, this flaw is exploitable through Microsoft Azure Stack Portal, an interface where users can access clouds they have created using Azure Stack.

By leveraging an insure API, researchers found a way to get the virtual machine name and ID, hardware information like cores, total memory of targeted machines, and then used it with another unauthenticated HTTP request to grab screenshots, as shown.

microsoft azure screenshots

Whereas, the second issue (CVE-2019-1372) is a remote code execution flaw that affected the Azure App Service on Azure Stack, which would have enabled a hacker to take complete control over the entire Azure server and consequently take control over an enterprises’ business code.

What’s more interesting is that an attacker can exploit both issues by creating a free user account with Azure Cloud and running malicious functions on it or sending unauthenticated HTTP requests to the Azure Stack user portal.

Check Point published a detailed technical post on the second flaw, but in brief, it resided in the way DWASSVC, a service responsible for managing and running tenants’ apps and IIS worker processes, which actually run the tenant application, communicate with each other for defined tasks.

Since Azure Stack failed to check the length of a buffer before copying memory to it, an attacker could have exploited the issue by sending a specially crafted message to DWASSVC service, allowing it to execute malicious code on the server as the highest NT AUTHORITY/SYSTEM privilege.

“So how can an attacker send a message to DWASSVC (DWASInterop.dll)? By design, when running the C# Azure function, it runs in the context of the worker (w3wp.exe),” the researchers said.

“This lets an attacker the possibility to enumerate the currently opened handles. That way, he can find the already opened named pipe handle and send a specially crafted message.”

Check Point researcher Ronen Shustin, who discovered both vulnerabilities, responsibly reported the issues to Microsoft last year, preventing hackers from causing severe damage and chaos.

After patching both issues late last year, the company awarded Shustin with 40,000 USD under its Azure bug bounty program.

The Original Source Of This Story: Source link

The post Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers appeared first on National Cyber Security.

View full post on National Cyber Security

Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks

Source: National Cyber Security – Produced By Gregory Evans

Indonesian magecart hacker arrested

The Indonesian National Police in a joint press conference with Interpol earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online shoppers.

Dubbed ‘Operation Night Fury,’ the investigation was led by Interpol’s ASEAN Cyber Capability Desk, a joint initiative by law enforcement agencies of Southeast Asian countries to combat cybercrime.

According to the press conference, all three accused (23, 26, and 35 years old) were arrested last year in December from Jakarta and Yogyakarta and charged with criminal laws related to the data theft, fraud, and unauthorized access.

Just like most of the other widespread Magecart attacks, the modus operandi behind this series of attacks also involved exploiting unpatched vulnerabilities in e-commerce websites powered by Magento and WordPress content management platforms.

Hackers then secretly implanted digital credit card skimming code—also known as web skimming or JS sniffers—on those compromised websites to intercept users’ inputs in real-time and steal their payment card numbers, names, addresses and login details as well.

Though Indonesian police claim these hackers had compromised 12 e-commerce websites, experts at cybersecurity firm Sanguine Security believe the same group is behind the credit card theft at more than 571 online stores.

“These hacks could be attributed because of an odd message that was left in all of the skimming code,” Sanguine Security said.

“http://feedproxy.google.com/”Success gan’ translates to ‘Success bro’ in Indonesian and has been present for years on all of their skimming infrastructures.’

The police revealed that the suspects used stolen credit cards to buy electronic goods and other luxury items, and then also attempted to resell some of them at a relatively low price through local e-commerce websites in Indonesia.

js credit card skimmer

On an Indonesian news channel, one of the accused even admitted to hacking e-commerce websites and injecting web skimmers since 2017.

Moreover, experts also observed similar cyberattacks linked to the same online infrastructure even after the arrest of three people, and thus believes that there are more members of this hacking group who are still at large.

The Original Source Of This Story: Source link

The post Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Pwn2Own Miami: Hackers scoop $250,000 in prizes during inaugural ICS security contest

Source: National Cyber Security – Produced By Gregory Evans

Industrial control systems taken to pieces in ‘drama-filled’ live hacking event

The inaugural edition of Pwn2Own Miami closed its doors on Thursday (January 23), with organizers from Trend Micro’s Zero Day Initiative (ZDI) heralding the industrial control systems live hacking event a success.

Taking place as part of the S4 industrial security conference, Pwn2Own Miami took a similar format to ZDI’s established hacking contests in Vancouver and Tokyo, but with a specific focus on industrial control systems (ICS) instead of PCs or mobile devices.

Over the course of the three-day event, more than $250,000 in prizes were handed out, as hackers demonstrated a string of exploits that made short shrift of many leading ICS platforms that are used to run organizations within the manufacturing, heavy industry, and critical infrastructure sectors.

Among the highlights of Pwn2Own Miami, Steven Seeley and Chris Anastasio successfully demonstrated a denial-of-service (DoS) exploit against the Triangle Microworks SCADA Data Gateway.

The hackers went on to achieve remote code execution in both Inductive Automation’s Ignition platform and the Rockwell Automation Studio 5000 design software.

Pwn2Own Miami is the world’s first ICS-focused live hacking event

Operating under the ‘Incite Team’ banner, the pair netted a total of $50,000 and were crowned ‘Masters of Pwn’.

Discussing the reaction to the debut Pwn2Own Miami, Brian Gorenc, director of vulnerability research and head of Trend Micro’s ZDI program, told The Daily Swig: “It has definitely been a successful debut in the ICS world.

“We had tons of interest in the contest as the event approached, and it all played out on the contest floor. We have had over 10 successful entries, several partial wins, and a couple of failures. [It was a] very drama-filled event.”

He added: “Some of the most interesting entries involve the researchers chaining numerous vulnerabilities together to gain code execution. One of the teams chained five vulnerabilities together to gain code execution on an HMI target. Quite impressive!”

Looking ahead, Gorenc said ZDI would be looking to make more of an impact on the ICS space.

“[We] plan to continue to bring our unique brand of researcher engagement to this community,” he said.

“Vulnerabilities submitted in these targets will continue to be purchased through the ZDI program throughout the year. We hope the increased exposure with the ICS community will result in more submissions outside of Pwn2Own Miami.”

The team may have to wait a little while to advance their plans in the ICS sector, however, as preparations are already underway for the flagship Pwn2Own live hacking event, scheduled to take place in Canada in March.

“With just eight weeks between contests, the team will be hard at work to ensure the flagship contest is successful,” Gorenc said. “We look forward to seeing what research is demonstrated.”

Check out the ZDI blog for a full list of the exploits that were showcased during Pwn2Own Miami.

READ MORE Project Zero relaxes 90-day vulnerability disclosure deadline to boost patch adoption

Source link

The post #hacking | Pwn2Own Miami: Hackers scoop $250,000 in prizes during inaugural ICS security contest appeared first on National Cyber Security.

View full post on National Cyber Security