Pose

now browsing by tag

 
 

#cybersecurity | #hackerspace | End-of-Life Devices Pose Data Breach Risk

Source: National Cyber Security – Produced By Gregory Evans End-of-life devices not properly sanitized of data can cause compliance issues and make corporate data vulnerable GDPR, CCPA and the rest of the alphabet soup of privacy laws should have organizations looking more deeply at how and where they store and use data. While most companies […] View full post on AmIHackerProof.com

#cybersecurity | hacker | Attackers pose as German, Italian & US gov’t agencies to spread malware

Source: National Cyber Security – Produced By Gregory Evans

Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan.

Business and IT services, manufacturing companies, and healthcare organizations make up a large share of the targets in this operation, said a blog post today from Proofpoint, which calls the group TA2101. In many cases, the emails are sent from addresses that are made to look authentic at first glance, only they end in the .icu top-level domain.

The Proofpoint Threat Insight Team observed TA2101 campaigns targeting German on Oct. 16 and 23, and then again on Nov. 6, during which time the actor pretended to be the Bundeszentralamt fur Steuern, aka the German Federal Ministry of Finance. The adversary sent hundreds of emails with lures designed to entice recipients into opening Word documents containing malicious macros. These macros executed a PowerShell script that delivered Cobalt Strike, a legitimate attack simulation tool that in the wrong hands can be used as actual malware.

The October emails, aimed largely at IT services companies, falsely claimed that recipients were due to receive a tax refund, and instructed them to open the Word doc to fill out a refund request form.

The Nov. 6 emails similarly targeted business and IT services companies. In this instance, however, the attached documents were disguised as an RSA SecureID key, but actually contained macros that delivered Maze ransomware. One day later, TA2101 sent out even more emails, except instead of impersonated the Federal Ministry of Finance, the attackers pretended to be the ISP 1&1 Internet AG.

Phishing activity targeting Italian organizations, especially manufacturing companies, took place on Oct. 29. For this scam, TA2101 emailed dozens of prospective victims a notification of law enforcement activities that purportedly came from Agenzia Entrate, the Italian Ministry of Taxation and threatened recipients with financial penalties. Again, opening the attached Word doc would trigger the embedded macros to install Maze.

The most recent campaign referenced in the blog post took place on Nov. 12 and zeroed in on American organizations. These emails, which used a uspsdelivery-service.com domain instead of .icu, seemed to come from the U.S. Postal Service and again appeared to include a Word document with an RSA SecurID key. Opening the document this case caused the macros to deliver the IcedID banking trojan.

“Proofpoint researchers have observed a consistent set of TTPs… that allows attribution of these campaigns to a single actor with high confidence. These include the use of .icu domains, as well as identical email addresses for the Start of Authority (SOA) resource records stored for the DNS entries for the domains used in these campaigns,” wrote Proofpoint researcher and blog post author Bryan Campbell. The SOA email addresses, gladkoff1991@yandex.ru, is also linked campaigns that attempted to spread Buran ransomware in September.”

“Additionally, Proofpoint researchers have observed that the canonical URLs used by this actor are formatted in a repeatable fashion with word_/.tmp in the string with slight variations made over time,” the blog post continued. “Proofpoint researchers suspect that the word_/.tmp usage might be linked to previous campaigns that were spotted earlier by the infosec community in 2019.”

Original Source link

The post #cybersecurity | hacker | Attackers pose as German, Italian & US gov’t agencies to spread malware appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | #ISC2Congress: IoT Devices Pose Off-Network Security Risk

Source: National Cyber Security – Produced By Gregory Evans

Internet of Things (IoT) devices can still be a serious security threat even when they are off network.

Speaking on day three of the (ISC)² Security Congress in Orlando, Florida, 802 Secure CSO Michael Raggo shared research that demonstrated the risks posed by everyday IoT devices. 

In his talk titled “Cyber Physical Security: Addressing IoT Risks,” Raggo cited examples of threat actors gaining access to data centers via WiFi thermostats and spying on conferences by hacking into smart TVs mounted on boardroom walls.

“The problem goes far above and beyond the potential breach of data or risks to that data. It also has an impact on safety, privacy, and the whole operation of your entire network, especially if it’s an industrial IoT type of network,” said Raggo.

“What that means in terms of your policies and how you approach the problem, is that this is more than just protecting data and avoiding data exfiltration. Now we are talking about the safety and the privacy of people and employees.”

The impact of IoT security issues is far-reaching. According to Raggo, “roughly 50% of the new buildings being built in the United States have some kind of IoT functionality.”

Raggo said that ensuring the reliability and security of the lighting, power, and HVAC systems of your home and your business is a real challenge if those systems aren’t connected to your own network.

Although many people are familiar with Wi-Fi and Bluetooth, according to Raggo they often don’t have a clear understanding of how IoT devices are configured and who can actually connect to them.   

Raggo referenced experiments conducted in his own lab that had produced worrying results, exposing vulnerabilities in smartphones and surveillance cameras. In one test, he used a wireless thumb drive to access data on a hub.

“I simply plugged it into a USB port in the back of the hub and immediately videos started being recorded to my thumb drive. There was no authentication required,” said Raggo.

One threat Raggo drew attention to was Bluetooth skimming, where threat actors steal money by breaching credit card details used in transactions. After being asked to investigate a fast-food restaurant that had suffered a breach, Raggo used readily available Bluetooth scanning tools to detect a long-range Bluetooth device placed under the cash register that had been used to skim data.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | #ISC2Congress: IoT Devices Pose Off-Network Security Risk appeared first on National Cyber Security.

View full post on National Cyber Security

Employees Pose Bigger Threat to Cybersecurity Than Hackers

Source: National Cyber Security – Produced By Gregory Evans

As the world becomes increasingly dependent on technology, the potential for data theft or system shutdown from a breach in cybersecurity looms large. IT professionals and law enforcement teams are scrambling to keep up with cyber criminals who are utilizing the latest sophisticated methodologies. Over the past year, 32% of…

The post Employees Pose Bigger Threat to Cybersecurity Than Hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Tinder scammers pose as flight attendants to trick victims into sending cash

Tinder is a pretty good way to find new people to meet, and eventually find a new partner to be with in life (if these things actually happen to work for you). It’s a different story, however, if you come to Tinder hoping for romance, but end up being catfished for money along the way. This has been the fate of a number of Tinder hopefuls in Thailand, with scammers posing as pretty women and draining them of “millions of baht,” in a rather sneaky deceit. Read More…. View full post on Dating Scams 101

Social media and webcams at work pose cyber threat

Cropped shot of an attractive young woman surfing the net in a coffee shop

Source: National Cyber Security – Produced By Gregory Evans

Social media and webcams at work pose cyber threat

A new cybersecurity report by Symantec equates the public’s past dismissal of seatbelts in cars with consumer’s laissez-faire attitude when it comes to defending their devices against hackers.
Cyberattacks are a risk many consumers are ignoring – and a number

The post Social media and webcams at work pose cyber threat appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cuomo to college students: Fake IDs pose identity theft risk

Source: National Cyber Security – Produced By Gregory Evans

ALBANY, N.Y. (AP) — New York Gov. Andrew Cuomo is warning college students about the risks of buying fake IDs online. Cuomo says state investigators have discovered “dozens” of cases of identity theft that occurred after the victim tried to purchase fake IDs online. Officials say the victims went online to buy fake driver’s licenses and handed over their name, address, date of birth and other personal details to scam artists who used the information to commit identity theft. Cuomo notes that the effects of identity theft can linger for years and says getting a fake ID isn’t worth the risk of getting caught or of being victimized by identity thieves. The warning from the Democratic governor comes as thousands of students return to college for the start of fall classes. Source: http://news10.com/2015/08/26/cuomo-to-college-students-fake-ids-pose-identity-theft-risk/

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Cuomo to college students: Fake IDs pose identity theft risk appeared first on National Cyber Security.

View full post on National Cyber Security

Dating apps pose US corporate security risk, says IBM

100620006-tinder-2-courtesy.530x298

Source: National Cyber Security – Produced By Gregory Evans

The millions of people using dating apps on company smartphones could be exposing themselves and their employers to hacking, spying and theft, according to a study by International Business Machines. IBM security researchers said 26 of 41 dating apps they analyzed on Google’s Android mobile platform had medium or high severity vulnerabilities, in a report published on Wednesday.IBM did not name the vulnerable apps but said it had alerted the app publishers to problems. Apps such as Tinder, OkCupid and Match have become hugely popular in the past few years due to their instant messaging, photo and geolocation services. About 31 million Americans have used a dating site or app, according to a 2013 Pew Research Center study. IBM found employees used vulnerable dating apps in nearly 50 percent of the companies sampled for its research. Using the same phone for work and play, a phenomenon known as “bring your own device,” or BYOD, means users and their employers are both open to potential cyberattacks. “The trouble with BYOD is that, if not managed properly, the organizations might be leaking sensitive corporate data via employee-owned devices,” said the IBM report. IBM said the problem is that people on dating apps […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Dating apps pose US corporate security risk, says IBM appeared first on National Cyber Security.

View full post on National Cyber Security

Hacking attacks pose danger of big financial losses for small businessesNational Cyber Security

nationalcybersecurity.com – It’s not just big businesses like JPMorgan Chase, Target and Home Depot that get hacked. Small companies suffer from intrusions into their computer systems, too. The costs associated with computer …

View full post on Hi-Tech Crime Solutions Weekly

Hacking attacks pose danger of big financial losses for small businesses

Hacking attacks pose danger of big financial losses for small businesses

It’s not just big businesses like JPMorgan Chase, Target and Home Depot that get hacked. Small companies suffer from intrusions into their computer systems, too. The costs associated with computer and website attacks can run well into the thousands and […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

View full post on National Cyber Security