Pose

now browsing by tag

 
 

#hacking | Dismissed PHP flaw shown to pose code execution risk

Source: National Cyber Security – Produced By Gregory Evans debug_backtrace reloaded A PHP bug initially dismissed as posing no security threat could potentially enable code execution outside the sandbox in shared-server environments, a new exploit has revealed. Discovered in the popular website language nearly two years ago, the vulnerability can allow attackers to execute arbitrary […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | Deepfakes Pose New Security Challenges

Source: National Cyber Security – Produced By Gregory Evans

Expect to hear a lot about deepfakes in 2020. It’s not that manipulating images is anything new, but with technology advantages and the increasing use of biometrics as an authentication tool, deepfakes will impact cybersecurity efforts.

For example, cybercriminals are now perfecting deepfakes to impersonate people to steal money and anything that might be valuable. The technology has been improved to reach a higher level, where it becomes difficult to tell the difference between a fraud and a friend.

According to McAfee researchers, deepfakes will make it more difficult to achieve true facial recognition, just as facial recognition software is increasingly used to unlock smartphones and as airport identification alternatives, to name a few use cases.

“As technologies are adopted over the coming years, a very viable threat vector will emerge, and we predict adversaries will begin to generate deepfakes to bypass facial recognition,” Steve Povolny, head of McAfee Advanced Threat Research, wrote in a McAfee blog post. This is because “enhanced computers can rapidly process numerous biometrics of a face, and mathematically build or classify human features, among many other applications.”

To do this, scammers turn to an analytics technology known as generative adversarial networks (GANs) to create fake but extremely realistic, images, text and video, making it more and more difficult to tell the real thing from a deepfake. This will make it more difficult for those charged with security to tell the difference between legitimate and fake.

Facial Recognition Already Has Flaws

Despite its growing adoption, facial recognition comes saddled with all types of security problems. The Washington Post reported on a recently released federal study showing these systems show biases against people of color and between genders and age groups. “The National Institute of Standards and Technology, the federal laboratory known as NIST that develops standards for new technology, found ‘empirical evidence’ that most of the facial-recognition algorithms exhibit ‘demographic differentials’ that can worsen their accuracy based on a person’s age, gender or race,” the article reported.

Now add deepfakes to the problems that already exist with facial recognition, and any type of criminal will be able to manipulate the analytics to bypass the law. Deepfakes will make law enforcement more difficult, from police on the street to nation-state election fraud. Those tasked with security will be asked to tell the difference between the real and the fake;  deepfakes will make it even more difficult.

So Easy, Even a Novice Can Do It

Some computer savviness will be necessary to create deepfakes, but this is going to be a tool available to novices, one that could raise the stakes for insider threats as well as outside cybercrime.

As an experiment for an Ars Technica article, Timothy Lee did a deep dive into how deepfake software works. It was time-consuming—it took two weeks for him to create a video that replaced Mark Zuckerberg with a character from Star Trek—and it required a lot of computer power, but it wasn’t expensive (a little more than $500). And he developed skills that will make him more proficient if he makes another video.

Now consider if an employee or a contractor wanted to deploy their own deepfake video as a malicious attack against the company or a fellow co-worker.

“Deepfake video or text can be weaponized to enhance information warfare. Freely available video of public comments can be used to train a machine-learning model that can develop a deepfake video depicting one person’s words coming out of another’s mouth,” Steve Grobman, McAfee’s Chief Technology Officer wrote. “Attackers can now create automated, targeted content to increase the probability that an individual or groups fall for a campaign. In this way, AI and machine learning can be combined to create massive chaos.”

Close But Not Quite There

At McAfee’s MPower conference in October, researchers discussed their pre-emptive strike against AI-generated deepfakes and image manipulation. While deepfake-related attacks are imminent, they aren’t yet happening, at least not on a high-scale level. Right now we’re seeing what could happen mostly with examples and experiments. So, the researchers said, this is one cybersecurity attack that security teams are addressing before the fact rather than in reaction to, and hopefully the tools will be in place sooner rather than later.

But the attackers and the technology isn’t quite there yet, either. “While an attacker can use deepfake techniques to convincingly emulate the likeness of an individual, it still difficult to digitally impersonate one’s voice without fairly obvious imperfections,” said Robert Capps, vice president of market innovation for NuData Security, in an email comment.

“Deepfake audio or video cannot currently be rendered in real-time without an attacker having a large volume of computing resources and a lot of high-quality audio and video source material to train computer machine learning algorithms,” Capps continued. “While deepfakes can be convincing to other humans, they are unable to pass physical or passive biometric verification, so coupling strong liveness detection, along with the collection of passive and physical biometric signals to verify a user’s identity, largely mitigate the current risks presented in banking transactions.”

Security challenges with deepfakes are out there, but hopefully, security professionals will have the tools in place to address them before serious damage is done.

Source link

The post #cybersecurity | #hackerspace |<p> Deepfakes Pose New Security Challenges <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | End-of-Life Devices Pose Data Breach Risk

Source: National Cyber Security – Produced By Gregory Evans End-of-life devices not properly sanitized of data can cause compliance issues and make corporate data vulnerable GDPR, CCPA and the rest of the alphabet soup of privacy laws should have organizations looking more deeply at how and where they store and use data. While most companies […] View full post on AmIHackerProof.com

#cybersecurity | hacker | Attackers pose as German, Italian & US gov’t agencies to spread malware

Source: National Cyber Security – Produced By Gregory Evans

Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan.

Business and IT services, manufacturing companies, and healthcare organizations make up a large share of the targets in this operation, said a blog post today from Proofpoint, which calls the group TA2101. In many cases, the emails are sent from addresses that are made to look authentic at first glance, only they end in the .icu top-level domain.

The Proofpoint Threat Insight Team observed TA2101 campaigns targeting German on Oct. 16 and 23, and then again on Nov. 6, during which time the actor pretended to be the Bundeszentralamt fur Steuern, aka the German Federal Ministry of Finance. The adversary sent hundreds of emails with lures designed to entice recipients into opening Word documents containing malicious macros. These macros executed a PowerShell script that delivered Cobalt Strike, a legitimate attack simulation tool that in the wrong hands can be used as actual malware.

The October emails, aimed largely at IT services companies, falsely claimed that recipients were due to receive a tax refund, and instructed them to open the Word doc to fill out a refund request form.

The Nov. 6 emails similarly targeted business and IT services companies. In this instance, however, the attached documents were disguised as an RSA SecureID key, but actually contained macros that delivered Maze ransomware. One day later, TA2101 sent out even more emails, except instead of impersonated the Federal Ministry of Finance, the attackers pretended to be the ISP 1&1 Internet AG.

Phishing activity targeting Italian organizations, especially manufacturing companies, took place on Oct. 29. For this scam, TA2101 emailed dozens of prospective victims a notification of law enforcement activities that purportedly came from Agenzia Entrate, the Italian Ministry of Taxation and threatened recipients with financial penalties. Again, opening the attached Word doc would trigger the embedded macros to install Maze.

The most recent campaign referenced in the blog post took place on Nov. 12 and zeroed in on American organizations. These emails, which used a uspsdelivery-service.com domain instead of .icu, seemed to come from the U.S. Postal Service and again appeared to include a Word document with an RSA SecurID key. Opening the document this case caused the macros to deliver the IcedID banking trojan.

“Proofpoint researchers have observed a consistent set of TTPs… that allows attribution of these campaigns to a single actor with high confidence. These include the use of .icu domains, as well as identical email addresses for the Start of Authority (SOA) resource records stored for the DNS entries for the domains used in these campaigns,” wrote Proofpoint researcher and blog post author Bryan Campbell. The SOA email addresses, gladkoff1991@yandex.ru, is also linked campaigns that attempted to spread Buran ransomware in September.”

“Additionally, Proofpoint researchers have observed that the canonical URLs used by this actor are formatted in a repeatable fashion with word_/.tmp in the string with slight variations made over time,” the blog post continued. “Proofpoint researchers suspect that the word_/.tmp usage might be linked to previous campaigns that were spotted earlier by the infosec community in 2019.”

Original Source link

The post #cybersecurity | hacker | Attackers pose as German, Italian & US gov’t agencies to spread malware appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | #ISC2Congress: IoT Devices Pose Off-Network Security Risk

Source: National Cyber Security – Produced By Gregory Evans

Internet of Things (IoT) devices can still be a serious security threat even when they are off network.

Speaking on day three of the (ISC)² Security Congress in Orlando, Florida, 802 Secure CSO Michael Raggo shared research that demonstrated the risks posed by everyday IoT devices. 

In his talk titled “Cyber Physical Security: Addressing IoT Risks,” Raggo cited examples of threat actors gaining access to data centers via WiFi thermostats and spying on conferences by hacking into smart TVs mounted on boardroom walls.

“The problem goes far above and beyond the potential breach of data or risks to that data. It also has an impact on safety, privacy, and the whole operation of your entire network, especially if it’s an industrial IoT type of network,” said Raggo.

“What that means in terms of your policies and how you approach the problem, is that this is more than just protecting data and avoiding data exfiltration. Now we are talking about the safety and the privacy of people and employees.”

The impact of IoT security issues is far-reaching. According to Raggo, “roughly 50% of the new buildings being built in the United States have some kind of IoT functionality.”

Raggo said that ensuring the reliability and security of the lighting, power, and HVAC systems of your home and your business is a real challenge if those systems aren’t connected to your own network.

Although many people are familiar with Wi-Fi and Bluetooth, according to Raggo they often don’t have a clear understanding of how IoT devices are configured and who can actually connect to them.   

Raggo referenced experiments conducted in his own lab that had produced worrying results, exposing vulnerabilities in smartphones and surveillance cameras. In one test, he used a wireless thumb drive to access data on a hub.

“I simply plugged it into a USB port in the back of the hub and immediately videos started being recorded to my thumb drive. There was no authentication required,” said Raggo.

One threat Raggo drew attention to was Bluetooth skimming, where threat actors steal money by breaching credit card details used in transactions. After being asked to investigate a fast-food restaurant that had suffered a breach, Raggo used readily available Bluetooth scanning tools to detect a long-range Bluetooth device placed under the cash register that had been used to skim data.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | #ISC2Congress: IoT Devices Pose Off-Network Security Risk appeared first on National Cyber Security.

View full post on National Cyber Security

Employees Pose Bigger Threat to Cybersecurity Than Hackers

Source: National Cyber Security – Produced By Gregory Evans

As the world becomes increasingly dependent on technology, the potential for data theft or system shutdown from a breach in cybersecurity looms large. IT professionals and law enforcement teams are scrambling to keep up with cyber criminals who are utilizing the latest sophisticated methodologies. Over the past year, 32% of…

The post Employees Pose Bigger Threat to Cybersecurity Than Hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Tinder scammers pose as flight attendants to trick victims into sending cash

Tinder is a pretty good way to find new people to meet, and eventually find a new partner to be with in life (if these things actually happen to work for you). It’s a different story, however, if you come to Tinder hoping for romance, but end up being catfished for money along the way. This has been the fate of a number of Tinder hopefuls in Thailand, with scammers posing as pretty women and draining them of “millions of baht,” in a rather sneaky deceit. Read More…. View full post on Dating Scams 101

Social media and webcams at work pose cyber threat

Cropped shot of an attractive young woman surfing the net in a coffee shop

Source: National Cyber Security – Produced By Gregory Evans

Social media and webcams at work pose cyber threat

A new cybersecurity report by Symantec equates the public’s past dismissal of seatbelts in cars with consumer’s laissez-faire attitude when it comes to defending their devices against hackers.
Cyberattacks are a risk many consumers are ignoring – and a number

The post Social media and webcams at work pose cyber threat appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cuomo to college students: Fake IDs pose identity theft risk

Source: National Cyber Security – Produced By Gregory Evans

ALBANY, N.Y. (AP) — New York Gov. Andrew Cuomo is warning college students about the risks of buying fake IDs online. Cuomo says state investigators have discovered “dozens” of cases of identity theft that occurred after the victim tried to purchase fake IDs online. Officials say the victims went online to buy fake driver’s licenses and handed over their name, address, date of birth and other personal details to scam artists who used the information to commit identity theft. Cuomo notes that the effects of identity theft can linger for years and says getting a fake ID isn’t worth the risk of getting caught or of being victimized by identity thieves. The warning from the Democratic governor comes as thousands of students return to college for the start of fall classes. Source: http://news10.com/2015/08/26/cuomo-to-college-students-fake-ids-pose-identity-theft-risk/

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Cuomo to college students: Fake IDs pose identity theft risk appeared first on National Cyber Security.

View full post on National Cyber Security

Dating apps pose US corporate security risk, says IBM

100620006-tinder-2-courtesy.530x298

Source: National Cyber Security – Produced By Gregory Evans

The millions of people using dating apps on company smartphones could be exposing themselves and their employers to hacking, spying and theft, according to a study by International Business Machines. IBM security researchers said 26 of 41 dating apps they analyzed on Google’s Android mobile platform had medium or high severity vulnerabilities, in a report published on Wednesday.IBM did not name the vulnerable apps but said it had alerted the app publishers to problems. Apps such as Tinder, OkCupid and Match have become hugely popular in the past few years due to their instant messaging, photo and geolocation services. About 31 million Americans have used a dating site or app, according to a 2013 Pew Research Center study. IBM found employees used vulnerable dating apps in nearly 50 percent of the companies sampled for its research. Using the same phone for work and play, a phenomenon known as “bring your own device,” or BYOD, means users and their employers are both open to potential cyberattacks. “The trouble with BYOD is that, if not managed properly, the organizations might be leaking sensitive corporate data via employee-owned devices,” said the IBM report. IBM said the problem is that people on dating apps […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Dating apps pose US corporate security risk, says IBM appeared first on National Cyber Security.

View full post on National Cyber Security