target

now browsing by tag

 
 

The #Olympics are an #irresistible #target for #cybercriminals

Source: National Cyber Security News

The Olympic Games are a massive draw, not only for sports fans, but also for cybercriminals.
It’s a high-profile event taking place in a concentrated location that attracts large numbers of visitors, many of whom will be spending a lot of money.

The Winter Games kicking off Friday in Pyeongchang, South Korea, are no exception.

Billed as a sports extravaganza, the Olympics are also infused with politics as governments and activists seek to take advantage of the global stage. That’s especially true in Pyeongchang, where tensions have built up over North Korea’s involvement.

All of this makes the Games a prime target for cyberattacks — from thieves or spies.

Here’s what hackers are going after — and how fans can protect themselves:

Hacking the Games themselves

Computer systems connected to the Olympics have been compromised in the past.

In 2016, Russian hackers broke into a World-Anti Doping Agency database through an account created by the International Olympic Committee (IOC) for the Summer Games in Rio. The group stole information about star American athletes like Simone Biles and Venus Williams.

“Some attackers have a political intent — they can attack the organization,” said Seongsu Park, a researcher with cybersecurity firm Kaspersky.

Read More….

advertisement:

View full post on National Cyber Security Ventures

BlackBerry #Mobile site the #latest #target of #cryptocurrency mining #hackers

Source: National Cyber Security – Produced By Gregory Evans

TCL Communication Technology Holding Ltd., the operator of the BlackBerry Mobile site, is the latest victim of cryptocurrency-loving hackers in the latest of a rash of cryptomining hijacking cases.

The website for BlackBerry Mobile was discovered by a Reddit user last week to be serving up code to visitors from Coinhive, the notorious Monero mining script service. The same person who discovered the code did note that it was only the global TCL- owned Blackberrymobile.com site that was affected, not country-specific sites or those owned by BlackBerry Ltd.

Coinhive itself chimed in on Reddit, saying that one of its users had hacked the Blackberry Mobile website using a vulnerability in the Magento webshop software. “We’re sorry to hear that our service has been misused,” the company said. “This specific user seems to have exploited a security issue in the Magento webshop software (and possibly others) and hacked a number of different sites. We have terminated the account in question for violating our terms of service now.”

TCL is far from the first company to be targeted by cryptomining code, and it won’t be the last. The first outbreaks of cryptomining-related hacking occurred in September, when The Pirate Bay and then Showtime were exposed as using the method. As cryptocurrencies boomed, so instances of hackers and site owners trying to cash in on Monero mining. A RiskIQ report Sept. 26 found that more than 1,000 sites were now hijacking the computing power of site visitors to mine for cryptocurrencies.

By October, leading content delivery network Cloudflare Inc. was the first major provider to crack down on the method, banning all sites from its network that have cryptocurrency mining code installed.

The method spread to apps later the same month, when the first reports emerged of Coinhive scripts appearing in Android apps, and the new attack vector has seemingly continued to grow. Only this weekend, a security researcher discovered 291 apps across third-party Android stores that included the miming code, although they appear to be the same app and code with 291 different names.

Commenting on the Android outbreak, HackRead noted that though the biggest victims of cryptocurrency miners were previously website owners and unsuspecting visitors, now Android users are also at risk. The advice, as always, is to practice safe internet: Do not download unknown apps from Android stores, make sure they have up-to-date antivirus software installed and keep an eye on their processor usage because cryptocurrency miners trigger high usage.

The post BlackBerry #Mobile site the #latest #target of #cryptocurrency mining #hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers #target Office as #Microsoft warns of new #vulnerability being #exploited by Russia-linked #hackers

Source: National Cyber Security – Produced By Gregory Evans

Cyber crooks are taking advantage of a recently discovered vulnerability in Microsoft Office to hide malicious code in Word documents, the software giant has warned.

Furthermore, the flaws are being taken advantage of by a Russia-linked hacking group called APT28, who are expoiting a vulnerability in the Dynamic Data Exchange (DDE) component of Office.

According to the researchers, the hackers have been exploiting the flaw for around a month.

This is responsible for transporting data and messages between applications. The exploit affects Outlook email accounts, Word documents and Excel spreadsheets.

The hackers, also known collectively as Fancy Bear and linked with the Russian government, have benefited from the protocol because it doesn’t warn users to enable macros. However, pop-ups asking users to update files may sometimes appear.

Security firm McAfee claimed that the hacking group has been taking advantage of the recent New York terror attack to propagate its malicious code, inserting malware into a document talking about the incident.

“McAfee Advanced Threat Research analysts identified a malicious Word document that appears to leverage the Microsoft Office Dynamic Data Exchange (DDE) technique that has been previously reported by Advanced Threat Research,” it claimed.

“This document likely marks the first observed use of this technique by APT28. The use of DDE with PowerShell allows an attacker to execute arbitrary code on a victim’s system, regardless whether macros are enabled.

“APT28, also known as Fancy Bear, has recently focused on using different themes. In this case it capitalised on the recent terrorist attack in New York City.

“The document itself is blank. Once opened, the document contacts a control server to drop the first stage of the malware, Seduploader, onto a victim’s system.”

Microsoft has since released a specialist advisory detailing the vulnerability and how it affects users. It is now working on a patch, but the Advisory effectively serves notice to other hacking groups of a glaring flaw in Office that others will now seek to exploit.

“In an email attack scenario, an attacker could leverage the DDE protocol by sending a specially crafted file to the user and then convincing the user to open the file, typically by way of an enticement in an email,” it said.

“The attacker would have to convince the user to disable Protected Mode and click through one or more additional prompts. As email attachments are a primary method an attacker could use to spread malware, Microsoft strongly recommends that customers exercise caution when opening suspicious file attachments.

“Microsoft strongly encourages all users of Microsoft Office to review the security-related feature control keys and to enable them. Setting the registry keys described in the following sections disables automatic update of data from linked fields.”

The post Hackers #target Office as #Microsoft warns of new #vulnerability being #exploited by Russia-linked #hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyber #hackers target #Spain’s top #court as Catalonia’s #leader is #threatened with 30 years in prison if he declares #independence

Source: National Cyber Security – Produced By Gregory Evans

Cyber #hackers target #Spain’s top #court as Catalonia’s #leader is #threatened with 30 years in prison if he declares #independence

Spain’s most senior court fell victim to a massive cyber attack as hackers launched an “Operation Free Catalonia” campaign.

The country’s constitutional court said unknown hackers had accessed its computer systems on Friday.

The Spanish National Security Department said the hack was part of a recent campaign to flood government websites with slogans in support of independence for the Spanish region of Catalonia.

Social media groups linked to cyber hacking group Anonymous said they would roll out action as part of “Operation Free Catalonia”.

Meanwhile, Spanish attorney general José Manuel Maza is reportedly preparing to have Carles Puigdemont – president of Catalonia and figurehead of the independence movement – arrested for rebellion.

El Pais reported Puigdemont faces a charge of sedition, punishable by up to 30 years in prison, if he formally declares independence or tries to change the Spanish constitution.

It comes after the regional leaders of Catalonia – including Barcelona – held an independence referendum earlier this month on whether to break away from the rest of Spain.

The separatists claimed victory with a majority of more than 2million votes, but the ballot was declared illegal by the government in Madrid .

There were allegations of police brutality as officers used force to break up pro-independence rallies and close polling stations.

Spain’s Prime Minister Mariano Rajoy on Saturday said he would curb the powers of the parliament of Catalonia, sack its government and call an election within six months in a bid to thwart the independence movement.

It came after Puigdemont failed to meet a deadline to withdraw the threat of a declaration of independence, instead accusing Madrid of refusing to negotiate.

“If the government continues to impede dialogue and continues with the repression, the Catalan parliament could proceed, if it is considered opportune, to vote on a formal declaration of independence,” Puigdemont said in a letter to the Prime Minister.

He also said after the referendum: “At this historic moment… I call for the right for Catalonia to independent and form a republic.”

The Prime Minister responded in parliament on Wednesday: “It’s not that difficult to reply to the question: has Catalonia declared independence?

“Because if it has, the government is obliged to act in one way, and if it has not, we can talk here.”

The measures to curb Catalonia’s autonomy and hold fresh elections must now be approved by Spain’s upper house, the Senate, where a vote is scheduled for October 27.

King Felipe used a prize-giving ceremony in the north-western region of Asturias to indicate support for the government.

The king, normally a ceremonial figure, said: “Catalonia is and will remain an essential part. Spain needs to face up to an unacceptable secession attempt on its national territory, which it will resolve through its legitimate democratic institutions.”

The post Cyber #hackers target #Spain’s top #court as Catalonia’s #leader is #threatened with 30 years in prison if he declares #independence appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Fancy #Bear returns: #Russian #hackers target #US cyber conference with #booby-trapped file

Source: National Cyber Security – Produced By Gregory Evans

Fancy #Bear returns: #Russian #hackers target #US cyber conference with #booby-trapped file

In early October, the Russian hacking group, infamous for infiltrating the computer networks of the Democratic National Committee (DNC) last year, launched a new operation targeting potential attendees of an upcoming US cybersecurity conference, research suggests.

The Kremlin-linked unit, known as APT28 or Fancy Bear, weaponised a real Word document titled “Conference_on_Cyber_Conflict.doc” with a reconnaissance malware known as “Seduploader” to target delegates from Washington DC-based Cyber Conflict US, or CyCon.

The two-page file, lifted from the conference’s website, was created on 4 October and threat researchers from Cisco Talos, who first spotted the malware, said that attacks peaked three days later.

“Due to the nature of the document, we assume that the targeted people are linked or interested by the cybersecurity landscape,” three Talos experts wrote in a joint report (22 October).

High profile speakers billed to talk at CyCon, which is set to take place on 7-8 November, includes former US National Security Agency director Keith Alexander and current commanding general of the US Army’s Cyber Command, Paul Nakasone.

The Fancy Bear hackers, known to Talos as “Group 74”, has been linked to the Seduploader in the past and regularly uses real-world events as the launch pad for attacks.

Multiple cybersecurity analysts believe the hackers are associated with Russian intelligence.

“In this case, Group 74 did not use an exploit or any 0-day but simply used scripting language embedded within the Microsoft Office document,” Talos said.

Zero-day exploits are typically used in sophisticated attacks and exploit a gap in security previously unknown to anyone, including vendors and manufacturers.

“We could suggest that they did not want to utilise any exploits to ensure they remained viable for any other operations,” the team continued.

“Actors will often not use exploits due to the fact that researchers can find and eventually patch [fix] these which renders the actors’ weaponised platforms defunct.”

If the Fancy Bear cyberattack was successful, the team would attempt to siphon any secretive data from victims’ computers. In one of its most famous attacks, it exfiltrated tens of thousands of emails from the DNC network, which were later leaked online for the world to see.

A US military spokesperson told The Daily Beast that it was aware of the attempted hacks and had launched an investigation. “We will publish details as appropriate,” he added.

News of the Fancy Bear operation was published in the wake of a report from US-Cert, a division of homeland security, which said officials had observed attempted hacks on “government entities and organisations in the energy, nuclear, water, aviation, and critical manufacturing sectors”.

These were also linked, at least on first analysis, to Russian cyber-espionage operatives.

The post Fancy #Bear returns: #Russian #hackers target #US cyber conference with #booby-trapped file appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers target Schuyler Co. 911 center, system temporarily disrupted

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans SCHUYLER COUNTY, NY (WENY) — Roughly two weeks ago, Schuyler County officials say hackers were able to gain access to the communications system for the whole county. The mode of access is now being investigated on a state and federal level. “The New York State Cyber […] View full post on AmIHackerProof.com | Can You Be Hacked?

Hackers target govt websites in cyber spillover from Arakan crisis

Source: National Cyber Security – Produced By Gregory Evans

Hackers targeted several government websites this week, according to state media, apparently in retaliation for Burma’s treatment of the country’s Muslim minority, as international attention on the plight of the Rohingya in northern Arakan State intensifies. The Burmese-language state-run daily Kyemon reported on Tuesday that six government websites had been…

The post Hackers target govt websites in cyber spillover from Arakan crisis appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers target jobseekers

Source: National Cyber Security – Produced By Gregory Evans

Khawar Latif suspected fraud from the start. In May, the 25-year-old founder of a domain registration business, who lives in Pakistan, received an invitation to chat about a job with someone claiming to represent the Financial Industry Regulatory Authority. “See your website and like to discuss with you about our…

The post Hackers target jobseekers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Could voting fraud panel create an easy target for hackers?

Source: National Cyber Security – Produced By Gregory Evans

Officials from both parties had a consistent answer last year when asked about the security of voting systems: U.S. elections are so decentralized that it would be impossible for hackers to manipulate ballot counts or voter rolls on a wide scale. But the voter fraud commission established by President Donald…

The post Could voting fraud panel create an easy target for hackers? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers Target Your Mobile Bank App; You Can Fight Back

Hackers Target Your Mobile Bank App; You Can Fight BackSource: National Cyber Security – Produced By Gregory Evans BRAVE NEW BANK This NerdWallet series delves into what’s new in retail banking and what’s in it for you. We explore some of the surprising things in store for products, tech and security and look at how they’ll affect consumers. By 2021, millions more of us […] View full post on AmIHackerProof.com | Can You Be Hacked?