This

now browsing by tag

 
 

Cybersecurity #experts #agree — expect more #ransomware this #year

Ransomware is one of the easiest cyberattacks to detect because it comes with an actual ransom note. However, 2017 gave way to new propagation mechanisms, which automated worming and increased infection rates.

Employee-facing services and technologies are a top concern to cybersecurity professionals. About 40% of employees use personal devices to send work emails and share or access company data without the IT department’s oversight.

The bring your own device policy is challenging for IT departments to combat. Ultimately, the policy leads to unintended shadow IT, which is often the Achilles heel of solid security practices.

Negligent employee actions can cost a company about $280,000 per incident. If the cost were not enough, companies need to come to terms with the fact that 64% of security breaches are caused by ignorant employee actions.

To help companies better track the most high-risk employees​, in terms of their cybersecurity incompetencies, vendors like Microsoft are including simulated ransomware or phishing attacks in their services.

Hackers will always take advantage of human error and poor judgment, so it’s up to security teams to educate line of business employees.

advertisement:

The post Cybersecurity #experts #agree — expect more #ransomware this #year appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

This #destructive #wiper #ransomware was used to #hide a #stealthy #hacking #campaign

Source: National Cyber Security – Produced By Gregory Evans

This #destructive #wiper #ransomware was used to #hide a #stealthy #hacking #campaign

Ransomware is being used to hide an elaborate, targeted hacking campaign which went undetected for months before the attackers pulled the plug and encrypted hundreds of machines at once in an effort to remove stolen data while also covering their tracks.

The campaign targeted several Japanese organisations in attacks which lasted from three to nine before a ransomware attack used a wiper on compromised machines in an effort to hide the operation.

Forensic investigation of the infected machines by researchers at Cybereason has led them to the conclusion that the attacker made the attempt to wipe evidence of the operation and destroy any traces of attack.

The name of the ransomware comes from the .oni file extension of encrypted files as well as the email address in the ransom note, which translates to “Night of the Devil” – the name researchers have given to the operation. Researchers note that ONI shares much of its code with GlobeImposter ransomware.

Attacks using ONI ransomware have been carried out against Japanese targets for some time, but the investigation into the latest wave of attacks uncovered a new variant, MBR-ONI, a form of the ransomware which comes equipped with bootkit features.

The new bootkit ransomware is based on DiskCryptor, a legitimate disk encryption tool, the code of which has also been found in Bad Rabbit ransomware.

While MBR-ONI bootkit ransomware was used against a controlled set of targets, such as Active Directory server and other critical assets, ONI was used against the rest of the endpoints in an infected network.

The ONI-based attacks all begin in the same way, with spear-phishing emails distributing malicious Office documents which drops the Ammyy Admin remote access tool.

Once inside the system, attackers map the internal networks, harvesting credentials and moving laterally through the system – researchers suspect that the leaked NSA SMB exploit EternalBlue plays a role in enabling the attackers to spread through the network.

Ultimately compromise critical assets including the domain controller to gain full control of the network and the ability to exfiltrate any data deemed important.

Once the attackers are done with the infected network, ONI and MBR-ONI ransomware was run.

While ONI does provide a ransom note and the prospect of recovering encrypted data, researchers believe MBR-ONI is designed to never provide a decryption key, but rather as a wiper to cover the attackers’ footprints and conceal the true goals of the attack: espionage and removing data over a period of months.

During investigations of targeted organisations, it was found that some had been compromised since December 2016, indicating long-term planning and sophistication on behalf of the attackers.

While ONI and the newly discovered MBR-ONI exhibit all the characteristics of ransomware, our analysis strongly suggests that they might have actually been used as wipers to cover an elaborate scheme,” said Assaf Dahan, director of advanced security services at Cybereason

“The use of ransomware and/or wipers in targeted attacks is not a very common practice, but it is on the rise. We believe ‘The Night of the Devil’ attack is part of a concerning global trend in which threat actors use ransomware/wipers in targeted attacks,” he added.

Researchers haven’t been able to comprehensively conclude who is behind the campaign and Russian language in the code could provide a clue or a diversion in equal measure.

“The question of attribution is a tricky one. The Russian language traces found in the binary files could suggest that there is a Russian threat actor behind the attack. That being said, this kinda of data can also be easily manipulated by the attackers to throw researchers off track,” Dahan told ZDNet.

The post This #destructive #wiper #ransomware was used to #hide a #stealthy #hacking #campaign appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity breaches: Centre is looking to roll out this major innovative approach

Source: National Cyber Security – Produced By Gregory Evans

The government is working on creating a single framework for reporting breach of cyber security at financial institutions and a working group is soon likely to be formed, sources in the know told FE. The government is working on creating a single framework for reporting breach of cyber security at…

The post Cybersecurity breaches: Centre is looking to roll out this major innovative approach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

This Company is ready to pay you $500,000 if you can hack WhatsApp

Source: National Cyber Security – Produced By Gregory Evans

A company named Zerodium has recently announced that they are ready to pay you $500,000 if you can find an exploit in WhatsApp and Signal, two popular messaging apps with hundreds of millions of users across the world. A huge prize money like that is irresistible for hackers. To avail…

The post This Company is ready to pay you $500,000 if you can hack WhatsApp appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Stay safe online this summer, watch out for fake WiFi networks

Source: National Cyber Security – Produced By Gregory Evans

Better Business Bureau warns if you are traveling this summer and taking advantage of free WiFi, double check before connecting your device. Scammers use fake WiFi hotspots to steal personal information or gain access to your device. “Say you’re at a coffee shop, airport, hotel lobby, or other public place,…

The post Stay safe online this summer, watch out for fake WiFi networks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

CDC Warns Parents About This Dangerous Hotel Pool Habit

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ It’s pool season, and you know what that means: every kid within a ten-mile radius will be jumping, screaming and splashing their way into the abyss that is now summer break. …

The post CDC Warns Parents About This Dangerous Hotel Pool Habit appeared first on Become007.com.

View full post on Become007.com

This Bill Would Allow Hacking Victims to Hack Their Attackers

Source: National Cyber Security – Produced By Gregory Evans

This Bill Would Allow Hacking Victims to Hack Their Attackers

Call it a Stand Your Ground law for cyberspace. A Republican congressman is floating a bill that would make it legal for victims of hacker intrusions to hack back against the attacker, the first move to legalize any form of computer intrusion since the federal Computer Fraud and Abuse Act…

The post This Bill Would Allow Hacking Victims to Hack Their Attackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Swipe right on this dating app for everyone Grindr forgot

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Gender variant and giving up on Grindr? Tired of Tinder ignoring you? Are you no longer okay with OKCupid’s binary world? Hush now, babe. S’okay. We got you. The options are …

The post Swipe right on this dating app for everyone Grindr forgot appeared first on Become007.com.

View full post on Become007.com

Rip Off Britain – presenters urge viewers to AVOID identity theft using THIS simple step

Source: National Cyber Security – Produced By Gregory Evans

Rip Off Britain – presenters urge viewers to AVOID identity theft using THIS simple step

RIP OFF BRITAIN is back for a ninth series featuring the pitfalls and problems that consumers find themselves falling foul of. And Presenters Gloria Hunniford and Angela Rippon spoke to Express.co.uk ahead of the first episode about their own bank scam experiences and how to avoid identity theft.

Returning to front the BBC One Daytime shows are presenters Angela Rippon, Gloria Hunniford and Julia Somerville who will be travelling the length and breadth of the country to investigate the issues that have prompted viewers to contact the show.

With ten episodes featuring real-life stories from consumers who have found themselves at the wrong end of bad customer service, online security breaches and the ill-will of scammers, the team meet a variety of the people with stories to share, and will be offering tips and advice to make sure others don’t suffer the same fate.

Episodes across the series challenge high street banks, online safety and cybercrime, ticket tours, energy companies, investment scams and identity fraud.

In one episode the team meet a former hacker – who was arrested for his role in targeting websites including that of the CIA. However, Mustafa is now pushing for companies to up their online security.

In the show he lifts the life on how one of the biggest names in telecoms fell victim to a cyber-attack, and tells Rip Off Britain viewers how to avoid becoming a victim of a hack themselves.

In another episode the team also meet a homeowner from greater Manchester whose identity was stolen and used to put his house up for sale by fraudsters.

The crime was only intercepted by chance when his daughter saw her father’s property advertised online.

Many of the issues hit close to home, as Gloria reveals how she was affected by a banking scam.

The 77-year-old had £120,000 drained from her savings account after an imposter walked into a bank and pretended to be her.

Speaking to Express.co.uk, Gloria said: “i felt violated and very insecure.

“I’ve been warning people for years about bank security and identity theft, and it just goes to show this can happen to any secure account.”

Angela, 72, revealed her best advice for people to avoid identity theft: “Make sure you shred anything which has any information about you on it.

“Secondly, be careful what you put out there – on Twitter and Facebook – because it could be giving criminal the exact information they need.”

The first ten episodes are followed by a special week of live programmed from London. Consumers are invited to contact the show and have their queries addressed live int he programme – either online, or in person, with a drop in area popping up during the week outside BBC’s London HQ, New Broadcasting House.

Rip Off Britain will air on weekday mornings, BBC One, at 9.15am between the 1st and 12th of May – followed by a special week of Live programmes from Monday 15 May at the same time.

Source:

The post Rip Off Britain – presenters urge viewers to AVOID identity theft using THIS simple step appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Online Dating Sites Could Be Missing This Key Ingredient To Attraction

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Ask a group of people to describe eHarmony and they would probably paint a similar picture. It’s respected, trusted, and scientific – a service rooted in strong values with a focus …

The post Online Dating Sites Could Be Missing This Key Ingredient To Attraction appeared first on Become007.com.

View full post on Become007.com