Users

now browsing by tag

 
 

#cyberfraud | #cybercriminals | There’s A New Cyber Threat Targeting Netflix Users

Source: National Cyber Security – Produced By Gregory Evans

There’s a new phishing scam targeting Australian Netflix customers – and it’s incredibly easy to be fooled by it. The highly convincing email requests users to update their payment information via a link to an official looking website. Whatever you do, do not click that link. Here’s what you need to know.

Australian Netflix users have been hit by a fresh wave of phishing scams designed to steal your money. The email uses official branding and even uses the customer’s username – just like a real Netflix email. The supplied link also looks legit.

Despite being outed by the media last Friday, the scam is still reaching potential victims. I know this because my wife just received the below email:

“Sorry for the interruption, but we are having trouble authorising your Credit Card,” the email states. “Please visit www.netflix.com/youraccountpayment to enter your payment information again or to use a different payment method. When you have finished, we will try to verify your account again. If it still does not work, you will want to contact your credit card company.”

Clicking on the link takes you to a phishing site that looks just like the real Netflix site. Typing in your credit card details will result in currency theft and the locking of your Netflix account.

The only signs that something dodgy is afoot are the sender’s email address and the URL permalink (which is different to the supplied hyperlink.) While these red flags are obvious to tech-savvy users, I imagine there are many casuals out there who would fail to notice.

Needless to say, if you receive one of these emails you should delete it without clicking on any of the supplied links. You can read up on how to identify and avoid email scams here as well as in the video below.


10 Steps To Avoid Falling Victim To An Email Phishing Scam

One of the most popular ways for cybercriminals to steal personal information is by using email phishing scams. Cybercriminals often use this method of attack to trick employees from large organisations into clicking onto malicious links so they can gain access to corporate networks that contain valuable data. Here are 10 tips on how to avoid becoming a email phishing victim.

Read more

Source link

The post #cyberfraud | #cybercriminals | There’s A New Cyber Threat Targeting Netflix Users appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Fake Tor Browser Found Stealing Bitcoin From Darknet Market Users

Source: National Cyber Security – Produced By Gregory Evans

/latest/2019/10/fake-tor-browser-found-stealing-bitcoin-from-darknet-market-users/

A fake version of the popular Tor Browser, used to access the deep web, has been found to be stealing the bitcoin of users looking to shop on darknet markets.

According to researchers, the malicious version of the browser has been promoted as its Russian version on posts published on Pastebin, optimized to rank on search engines for queries related to cryptocurrencies, drugs, censorship, and politicians.

The malicious browser is distributed through two domains, created in 2014, to Russian users as it if were an official version. The website’s pages mimic those of the Tor project’s official website, but add a warning to the user telling them their privacy is at risk because their browser is supposedly outdated.

A translated version of the message reads:

Your anonymity is in danger! WARNING: Your Tor Browser is outdated. Click the button “Update”


On the Pastebin and forum posts, the cybercriminals advertise various features the Tor browser doesn’t actually have, such as an anti-captcha system that allows them to bypass checks. In reality, users download a compromised version of the official Tor browser’s 7.5 version, released in January of last year.

Cybersecurity researchers at ESET further discovered the altered Tor version stops the browser from asking users for an update, as this would update them to a non-compromised version of the official Tor browser.

To get to users’ bitcoins, the browser includes a script that detects when users are about to fund their BTC wallets on darknet markets, and replaces thee destination wallets with their own.

The criminals’ three identified bitcoin wallets made a total of 863 transactions, and currently have 4.8 BTC (around $38,000) in them. The wallets have been active since 2017. Back in July, Chainalysis found that darknet markets were on pace to see $1 billion worth of bitcoin transactions this year.

As reported U.S. authorities recently took down one of the largest child porn websites on the darknet after tracing bitcoin transactions.

Featured image by Kaur Kristjan on Unsplash.

Source link
——————————————————————————————————

The post #deepweb | <p> Fake Tor Browser Found Stealing Bitcoin From Darknet Market Users <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | Negligent Users are Biggest Cybersecurity Threat to German Organizations: Survey

Source: National Cyber Security – Produced By Gregory Evans

You are only as strong as your weakest link and the cybersecurity industry is no different. A recent survey by SolarWinds, a provider of IT management software, pointed out that negligent users are the biggest cybersecurity threat to German organizations. The company did the survey in a bid to highlight the threats the cybersecurity professionals are facing daily.

The research, which surveyed over 100 information technology professionals from Germany, stated that user errors constituted the largest share of cybersecurity incidents in the last 12 months, at a whopping 80 percent. The study stressed on the fact that internal factors are the most pressing cybersecurity threats. User errors were followed by exposures caused by poor network system or application security at 36 percent, and external actors infiltrating the company’s network at 31 percent.

To understand the factors contributing to the trend, the survey also found out that poor passwords were one of the major concerns for German techies. Nearly 45 percent of the respondents stated that poor and weak passwords were one of the biggest reasons for the breaches, while 42 percent of the respondents stated that sharing passwords is also another grave contributor. Other factors were accidental exposure, deletion, modification of critical data and even copying data into unsecured devices.

To top it all, it was also revealed that 89 percent of IT experts felt that they were unequipped to successfully implement and manage cybersecurity tasks today, with their current IT skillset.

“Our research shows once again that the biggest risk to the organization comes from the inside, aligning with research SolarWinds conducted in other regions earlier this year,” said Tim Brown, vice president of security, SolarWinds. “This underscores the continued need for organizations to address the human side of IT security and consistently educate users on how to avoid mistakes while encouraging an environment of learning and training. However, that alone is not enough; tech pros also need the best possible technology to effectively fight against both threats from the inside and potentially more sophisticated threats from the outside. SolarWinds is committed to helping IT and security teams by equipping them with powerful, affordable solutions that are easy to implement and manage. Good security should be within the reach of all organizations.”

It is not always an accidental error from insiders; sometimes these incidents are a part of a much larger scheme. Earlier this year, a recruiter from the telecommunications company AT&T Network was charged for paying insiders to upload malware on the company’s computer networks to unlock cell phones.

According to the United States Department of Justice (DOJ), the insiders, who worked in AT&T’s Bothell Customer Service Center, allegedly exploited AT&T’s proprietary locking software to remove millions of phones from the AT&T network system and payment plans, which incurred a loss of a million dollars to the company. It’s said that Fahd and his co-conspirators gave over $1 million in bribes to install malware and spying devices in the company.

Source link
____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

The post #cybersecurity | Negligent Users are Biggest Cybersecurity Threat to German Organizations: Survey appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | SolarWinds Research Reveals Negligent Users as Top Cybersecurity Threat to German Organisations

Source: National Cyber Security – Produced By Gregory Evans

BERLIN–(BUSINESS WIRE)–SolarWinds (NYSE:SWI), a leading provider of powerful and affordable IT management software, today released findings of its latest cybersecurity research at it-sa (Booth #127). The research highlights the threats technology professionals face today and those they expect over the next 12 months, revealing internal factors as the most prominent cybersecurity threat.

The research of over 100 IT professionals in Germany revealed internal user mistakes created the largest percentage of cybersecurity incidents over the past twelve months (80%), followed by exposures caused by poor network system or application security (36%), and external threat actors infiltrating the organisation’s network or systems (31%).

Poor password management ranked as the leading cause of concern for German IT professionals regarding insider threats. Forty-five percent of tech pros surveyed indicated poor password management or weak passwords as the most common cause of accidental or careless insider breaches, while 42% cited sharing passwords as the most common problem. Password management issues, accidental exposure, deletion, corruption or modification of critical data (40%), and copying data to unsecured devices (36%) were the other leading causes reported that lead to insider mistakes.

The survey results also found that 89% of tech pros surveyed indicated they feel unequipped to successfully implement and manage cybersecurity tasks today with their current IT skillset.

“Our research shows once again that the biggest risk to the organization comes from the inside, aligning with research SolarWinds conducted in other regions earlier this year,” said Tim Brown, vice president of security, SolarWinds. “This underscores the continued need for organizations to address the human side of IT security and consistently educate users on how to avoid mistakes, while encouraging an environment of learning and training. However, that alone is not enough; tech pros also need the best possible technology to effectively fight against both threats from the inside and potentially more sophisticated threats from the outside. SolarWinds is committed to helping IT and security teams by equipping them with powerful, affordable solutions that are easy to implement and manage. Good security should be within the reach of all organizations.”

SolarWinds at it-sa, The IT Security Expo and Congress

Booth 127, Hall 9

  • When: October 8 – 10, 2019
  • Where: Nuremberg, Germany

At it-sa, Europe’s largest IT security expo, SolarWinds Head Geek™, Sascha Giese, along with other technical experts, will be onsite to provide in-depth demos of SolarWinds security solutions. These include SolarWinds® Access Rights Manager (ARM), SolarWinds Security Event Manager (SEM), SolarWinds Backup, and SolarWinds Patch Manager—plus a suite of monitoring and management platforms with security baked in, including capabilities for robust endpoint detection and response. These products address the gaps identified by the research findings, including the need for more affordable solutions, technologies that help mitigate skills shortages, a layered approach to security, and solutions that fight threats from both the inside and outside of an organization’s technology infrastructure.

“SolarWinds security solutions help address the gaps identified by the research findings,” stated Sascha Giese. “ARM, for example, helps organizations detect compromises or malicious behavior from inside the company, while helping to drive more effective compliance programs. Nearly two-thirds of tech pros surveyed indicate they already use an access rights management solution, underscoring its importance. At it-sa, I’m looking forward to learning even more about the security pain points of our customers and prospects—so we can do even more to help get them resolved.”

Key Findings

Threat Trends: Internal Users Put Organisations at Risk

Types of cybersecurity threats leading to security incidents within the past 12 months:

  • Out of a variety of security incidents, 80% of respondents attributed the largest portion of cybersecurity threats to internal users making mistakes, while 31% attributed at least a portion to external threat actors; followed by 36% that indicated exposures caused by poor network system and/or application security have led to security incidents.
  • 70% indicated regular employees are the users who pose the biggest risk for insider abuse and/or misuse, followed by privileged IT administrators and executives (45% and 33%, respectively).
  • 45% named poor password management as the most common cause of accidental/careless insider breaches from employees and contractors, while 42% of tech pros surveyed state that sharing passwords is the most common cause, followed by accidentally exposing, deleting, corrupting, and/or modifying critical data and copying data to unsecured devices (40% and 36%, respectively).

The following cybersecurity threats could lead to security incidents in the next 12 months:

  • 55% of respondents are extremely concerned or moderately concerned (combined) about internal users making mistakes that put organisations at risk. This is followed by 50% and 42% indicating exposure caused by poor network system and/or system security and external threat actors infiltrating their organisation’s network and/or systems as the top concerns, respectively.
  • Nearly half of tech pros surveyed are extremely concerned or moderately concerned (combined) that cybercriminals will lead to security incidents in the next twelve months, while one-third of tech pros feel the same about cyberterrorists—and one-fifth of tech pros indicating nation-state actors as top concerns within the same timeframe.

IT Skillsets and Landscape: Not Sufficiently Equipped

  • 89% of tech pros feel unequipped to successfully implement and manage cybersecurity tasks today given their current IT skillset, while over half of tech pros surveyed (54%) feel unequipped to utilize predictive analytics to determine the likelihood of outcomes in their architecture.
  • One-fourth of tech pros feel the most significant barrier to maintaining and improving IT security within their organisation is the complexity of their IT infrastructure, followed by budget constraints (20%), and lack of manpower (19%).
  • 45% of tech pros surveyed have adopted a hybrid approach to their IT security, protecting and managing the security of their own network but also using a managed provider to deliver some security services—while 43% are self-managed and 6% outsource entirely.

Top Security Technologies

  • Top technologies used by technology professionals according to respondents include:
  • Detection:

    • Access rights management (64%)
    • IDS and/ or IPS (48%)
    • Vulnerability assessment (38%)
  • Protection:

    • Email security (77%)
    • Data encryption (70%)
    • Endpoint protection (65%)
    • Patch management (65%)
  • Risk management:

    • Identity governance (58%)
    • Asset management (55%)
    • Governance, risk, and compliance (GRC) (45%)
  • Response and recovery:

    • Backup and recovery (70%)
    • Access rights management (50%)
    • Incident response (37%)

The findings are based on a survey fielded in August/September 2019, which yielded responses from 110 technology practitioners, managers, and directors in Germany from public- and private-sector small, mid-size and enterprise organisations.

Additional Resources

Connect with SolarWinds

Information regarding employment opportunities with SolarWinds Berlin is available at https://solarwinds.jobs/jobs/?location=Germany

#SWIproducts

#SWIsecurity

#SWIresearch

About SolarWinds

SolarWinds (NYSE:SWI) is a leading provider of powerful and affordable IT infrastructure management software. Our products give organizations worldwide, regardless of type, size or IT infrastructure complexity, the power to monitor and manage the performance of their IT environments, whether on-premises, in the cloud, or in hybrid models. We continuously engage with all types of technology professionals—IT operations professionals, DevOps professionals, and managed service providers (MSPs)—to understand the challenges they face maintaining high-performing and highly available IT infrastructures. The insights we gain from engaging with them, in places like our THWACK online community, allow us to build products that solve well-understood IT management challenges in ways that technology professionals want them solved. This focus on the user and commitment to excellence in end-to-end hybrid IT performance management has established SolarWinds as a worldwide leader in network management software and MSP solutions. Learn more today at www.solarwinds.com.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks of) their respective companies.

© 2019 SolarWinds Worldwide, LLC. All rights reserved.

Source link
____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

The post #cybersecurity | SolarWinds Research Reveals Negligent Users as Top Cybersecurity Threat to German Organisations appeared first on National Cyber Security.

View full post on National Cyber Security

#androidsecurity | Google opens its Android security-key tech to iPhone and iPad users – TechCrunch

Source: National Cyber Security – Produced By Gregory Evans

Google will now allow iPhone and iPad owners to use their Android security key to verify sign-ins, the company said Wednesday.

Last month, the search and mobile giant said it developed a new Bluetooth-based protocol that will allow modern Android 7.0 devices and later to act as a security key for two-factor authentication. Since then, Google said 100,000 users are already using their Android phones as a security key.

Since its debut, the technology was limited to Chrome sign-ins. Now Google says Apple device owners can get the same protections without having to plug anything in.

Signing in to a Google account on an iPad using an Android 7.0 device (Image: Google)

Security keys are an important security step for users who are particularly at risk of advanced attacks. They’re designed to thwart even the smartest and most resourceful attackers, like nation-state hackers. Instead of a security key that you keep on your key ring, newer Android devices have the technology built-in. When you log in to your account, you are prompted to authenticate with your key. Even if someone steals your password, they can’t log in without your authenticating device. Even phishing pages won’t work because only legitimate websites support security keys.

For the most part, security keys are a last line of defense. Google admitted last month that its standalone Titan security keys were vulnerable to a pairing bug, potentially putting it at risk of hijack. The company offered a free replacement for any affected device.

The security key technology is also FIDO2 compliant, a secure and flexible standard that allows various devices running different operating systems to communicate with each other for authentication.

For the Android security key to work, iPhone and iPad users need the Google Smart Lock app installed. For now, Google said the Android security key will be limited to sign-ins to Google accounts only.

Source link

The post #androidsecurity | Google opens its Android security-key tech to iPhone and iPad users – TechCrunch appeared first on National Cyber Security.

View full post on National Cyber Security

US #cybersecurity firm #McAfee eyes #digital #wallets as users #pile in for #e-payments

US cybersecurity software-maker McAfee is now turning its attention to digital wallets as a new revenue stream, against the backdrop of more and more people signing up for these services, The Economic Times reported.

According to the report, McAfee, which has over 25% of its global workforce based in its Bengaluru office, is targeting the space as the number of digital wallet users spiked after the government’s demonetisation initiative.

“India has a large number of digital wallets compared to other countries. While these wallets are expanding to the nether regions of the country, the number of scams is also increasing by the day,” Anand Ramamoorthy, managing director, South Asia, McAfee, was quoted as saying.

“The scale is quite large and so building security features becomes difficult,” he said. “There are various issues a user faces starting from fake apps, fake transactions and a lot more, which are unique cases in India. Looking at all these cases, we are trying to build security that solves it all levels,” he added.

The Economic Times had earlier reported that several scammers were committing fraud by sending false payment confirmation messages to merchants.

Explaining digital wallet security, Ramamoorthy said that the company first tracks how apps are reading into personal data of users on the phone such as address book and photos and then secures that data. He said that in order to add another layer of security, McAfee tries to find the device on a map faster than usual and then backs up the data, locks the device and wipes out the data from the device.

The company is already working with mobile wallet companies but is now sharpening focus to secure the back-end as well as the front-end for consumers.

In another strategic move in March, the company had said that it was extending its cloud security platform to protect Microsoft’s Azure platform that provides cloud services.

Interestingly, this was McAfee’s first joint solution following its acquisition of Skyhigh Networks, a specialist in the cloud security, in November 2017. According to McAfee’s 2017 cloud adoption and security report, nearly 93% of organisations use some form of cloud services.

advertisement:

The post US #cybersecurity firm #McAfee eyes #digital #wallets as users #pile in for #e-payments appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

PayThink #Users are #compromising #most #security #tech

Source: National Cyber Security – Produced By Gregory Evans

It took Bonnie and Clyde three years to rob about a dozen banks, but the scourge of bankers today is a quiet Russian hacking group called, appropriately enough, MoneyTaker, and they don’t need nearly as much drama to abscond with cash.

Using often tailor-made hack attacks that regularly rely on near-undetectable fileless malware, the MoneyTaker gang has, in barely a year and a half, robbed millions from 20 banks so far and counting. What’s worse is that the gang has stolen data that could let it hijack Swift transactions, leading Swift for the first time to issue a report on cyber-vulnerabilities with the banks it works with.

While hackers usually don’t discriminate, they’ve got no problem attacking servers at hospitals, schools and corporations with trade secrets and valuable intellectual property, banks hold a special place in their heart as that is where the money is, as yet another famous Depression-era bank robber once said.

Once a bank’s security is compromised, hackers can pay themselves from the funds on hand, transferring sums large and small to their accounts. However, with information about the global payment systems like Swift that’s also available only at the bank, hackers can do a lot more damage.

Hackers are getting better at “data mining” all the time. According to Kaspersky, Russian hackers operating just a couple of Darknet marketplaces in 2017 were offering this year an astounding 85,000 servers for sale (meaning, the authentication information that will let a hacker take control of the server), some for as little as $6! In 2016 there were “only” 70,000 such servers for sale, meaning that whatever we are doing to keep hackers at bay, it isn’t enough.

Included in those compromised servers are apparently some containing key Swift information, and it’s just a matter of time before the MoneyTaker gang will also use that information for fun and profit.

How are gangs like MoneyTaker getting away with this, especially with servers belonging to banks which are presumably protected by the latest cybersecurity systems? According to a study by the SANS Institute, it’s the “human factor” that is at work: As many as 95% of all attacks on enterprise networks begin with a spear phishing attack in which hackers dispatch their malware hidden inside email attachments. That attack could consist of trojans that pave the way for malware that allows hackers to take over servers, or the newer fileless malware attacks (where an agent installs itself in memory, hijacking servers for the use of hackers).

Cybersecurity systems, as sophisticated as they are, are clearly not doing the job — and maybe they never will, given that in the end the effectiveness of those systems can be overridden by workers inside the organization. The best systems then are the ones that take away from users and employees any opportunity to override security by responding to the phishing messages that get them, and their organizations, into trouble.

Systems like that need to be able to analyze messages and incoming files for malware or threats, and remove them before passing the file or message on to workers.

In addition, the system has to be robust and innovative enough to arrest malware that is passed on in innovative ways with traditional cybersecurity systems, like sandboxes that are perhaps not up to date on phenomena like fileless malware. With thousands of security systems out there, organizations are understandably confused about what systems are the most effective. But in our opinion, the systems that will perform best are the ones that limit opportunities for spearphishers to have their way with employees.

The post PayThink #Users are #compromising #most #security #tech appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Pizza Hut hack: Thousands of customers’ data stolen as users report fraudulent card transactions

Source: National Cyber Security – Produced By Gregory Evans

Pizza Hut hack: Thousands of customers’ data stolen as users report fraudulent card transactions

Hackers hit Pizza Hut earlier in October and reportedly stole customers’ financial information. Pizza Hut said that its website was hacked and some of its customers who used the fast food chain’s website and app were affected by the breach.

Although Pizza Hut reportedly sent out emails notifying its customers of the breach, the alerts came two weeks after the company’s website was hacked. Some users took to Twitter to complain about the delayed notification. Some customers also reported fraudulent card transactions, which they suspect may have occurred due to the Pizza Hut hack.

“Pizza Hut has recently identified a temporary security intrusion that occurred on our website. We have learned that the information of some customers who visited our website or mobile application during an approximately 28-hour period (from the morning of October 1, 2017, through midday on October 2, 2017) and subsequently placed an order may have been compromised,” the company said in an email sent to affected customers, Bleeping Computer reported.

“Pizza Hut identified the security intrusion quickly and took immediate action to halt it,” the fast food chain added. “The security intrusion at issue impacted a small percentage of our customers and we estimate that less than one percent of the visits to our website over the course of the relevant week were affected.”

It is still unclear as to how many users may have been affected by the breach and whether the hackers were able to get their hands on any corporate data. IBTimes UK has reached out to Pizza Hut for further clarity on the incident and will update this article in the event of a response.

Source:

The post Pizza Hut hack: Thousands of customers’ data stolen as users report fraudulent card transactions appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Craigslist Sides With LinkedIn In Battle Over Users’ Data

Source: National Cyber Security – Produced By Gregory Evans

Listings service Craigslist is backing LinkedIn in a fight with startup HiQ Labs over scraping. Website operators “have every right to employ technological measures” to block scraping by outside companies, Craigslist argues in a friend-of-the-court brief filed this week with the 9th Circuit Court of Appeals. Craigslist’s involvement marks the…

The post Craigslist Sides With LinkedIn In Battle Over Users’ Data appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Best Practices for Cybersecurity Are Simple and Keep Users in Mind

Source: National Cyber Security – Produced By Gregory Evans

As students, faculty and staff settle into the routines of a new semester, it’s the perfect time for a refresher on cybersecurity. Perhaps this is why October is designated National Cybersecurity Awareness Month. CIOs and CISOs have an opportunity to educate users on the basics of good cyberhygiene before they…

The post Best Practices for Cybersecurity Are Simple and Keep Users in Mind appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures