word

now browsing by tag

 
 

Getting the Word Out: How Cyber Security Marketers Can Respond to Major Cyber Attacks

Source: National Cyber Security – Produced By Gregory Evans

As we head into the second half of 2017, cyber attacks and security breaches are increasing in both size and frequency. For example, information from the Computer Crime and Intellectual Property Section of the U.S. Department of Justice shows that more than 4,000 ransomware attacks occurred every day in 2016,…

The post Getting the Word Out: How Cyber Security Marketers Can Respond to Major Cyber Attacks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Source: National Cyber Security – Produced By Gregory Evans

Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says

Hackers allegedly linked to the Iranian government launched a digital espionage operation this month against more than 250 different Israel-based targets by using a recently disclosed and widely exploited Microsoft Word vulnerability, cybersecurity experts tell CyberScoop.

The hacking group, dubbed OilRig by security researchers and believed to be tied to Iranian intelligence services, utilized a software flaw in Word officially known as CVE-2017-0199 that allows attackers to execute a remote computer intrusion to take full control of a target device while leaving little or no trace, said Michael Gorelik, vice president of Israeli security firm Morphisec.

Over the last month, Morphisec has investigated the incident on behalf of multiple victims. Clients showed forensic evidence on their respective networks that could be linked back to OilRig. After its disclosure in March, CVE-2017-0199 was quickly exploited by nation-states and cybercriminals alike.

John Hultquist, ‎Director of Cyber Espionage Analysis at iSIGHT Partners, confirmed Morphisec’s findings.

“We have recently seen these actors and [other] cyber espionage actors targeting Asia adopt CVE-2017-0199. The vulnerability was a proliferation issue before it was patched, and remains one now,” said Hultquist.

OilRig has been around since at least 2015, according to numerous security industry experts who have watched the group target Israeli networks repeatedly and with varying tactics.

To exploit the Microsoft Word vulnerability, a target must open or preview an infected Microsoft Office or WordPad file, which OilRig sent out in large numbers to hundreds of Israeli-based targets, including government agencies and officials. When opened, the attachment designed by OilRig would download the Hanictor trojan, a variant of fileless malware capable of bypassing most security and anti-virus protections.

CVE-2017-0199 was patched earlier this month by Microsoft after an extraordinary nine-month delay from when it was initially communicated to the company privately. Getting the vast ecosystem of Microsoft users to patch machines is a slow and unreliable process, however, so many often remain vulnerable after a patch is published.

Point of initial contact

“The OilRig campaign is a multi-stage kill chain meant to burrow into Israeli critical defense infrastructure,” said Tom Kellermann, CEO of D.C.-based venture capital firm Strategic Cyber Ventures. Kellerman is a major investor in TrapX, another cybersecurity firm that also detected and helped clients defend against the Iranian cyberattack.

The beginnings of the Iranian operation are believed to have started with a series of phishing emails sent to Ben Gurion University employees although it quickly expanded to include various Israeli technology and medical companies. Ben Gurion University is home to Israel’s Cyber Security Research Center, a scientific institute that develops sophisticated cyber capabilities.

Gorelik said an investigation is ongoing to better understand the full scope of damage caused by the hackers. His firm, Morphisec, posted technical analysis of the attack on Thursday morning.

Investigators were able to identify a series of command and control servers activated by the hackers on April 16, which were subsequently used to launch the offensive cyber operation, according to a notification published Wednesday by Israel’s Computer Emergency Response Team. The first round of phishing emails were sent on April 19 and the last came on April 24. The malware-laden emails carried subject lines relating to nonexistent “resumes, exams and holiday plans,” said Gorelik.

Exploiting CVE-2017-0199 enables an attacker to download and execute a Visual Basic script containing PowerShell commands whenever a vulnerable user opens a document containing an embedded exploit, according to American cybersecurity firm FireEye. Malware payloads executed after the exploit can come from all manner of malware families.

FireEye previously found that various hackers — including both governments and cybercriminals — were using the same CVE-2017-0199 vulnerability to breach a wide array of different victims.

On April 11, researchers at FireEye described an attack exploiting CVE-2017-0199 this way:

A threat actor emails a Microsoft Word document to a targeted user with an embedded OLE2 embedded link object
When the user opens the document, winword.exe issues a HTTP request to a remote server to retrieve a malicious HTA file
The file returned by the server is a fake RTF file with an embedded malicious script
Winword.exe looks up the file handler for application/hta through a COM object, which causes the Microsoft HTA application (mshta.exe) to load and execute the malicious script
“This kind of vulnerability is very rare,” Gorelik said. “There has been progress from this group. This is one of the more advanced fileless campaigns I’ve seen. It was a targeted, large campaign using quite a big infrastructure. It’s fileless, so it’s very hard to detect. They regenerated signatures on the endpoint each and every time for the trojan so it’s very hard to remediate, identify or remove it.

He added, “this Iranian group is quite advanced I would say.”

The Iran-backed espionage campaign was first revealed in broad terms Wednesday through a vague press announcement issued by the Prime Minister’s Office, claiming that Israel’s newly formed Cyber Defense Authority helped to thwart the attack.

The attacks were “relatively well planned and took considerable resources. It is obvious that there was intelligence gathering prior to the attack and a careful selection of targets — in this case Israeli computing companies,” said Boaz Dolev, CEO of the Israeli security firm ClearSky in an interview with the Israeli newspaper Haaretz.

Source:

The post Iran-linked hackers used Microsoft Word flaw against Israeli targets, security firm says appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers exploited Word flaw for months while Microsoft investigated

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans To understand why it is so difficult to defend computers from even moderately capable hackers, consider the case of the security flaw officially known as CVE-2017-0199. The bug was unusually dangerous but of a common genre: it was in Microsoft … The post Hackers exploited Word […]

The post Hackers exploited Word flaw for months while Microsoft investigated appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

Gods Word Is The Same In Cyberspace – Seminar

Source: National Cyber Security – Produced By Gregory Evans

Gods Word Is The Same In Cyberspace – Seminar

Course description The Bible teaches us, “My people are destroyed for lack of knowledge (Hosea 4:6).”, “Wisdom is the principal thing; therefore get wisdom. And in all your getting, get understanding (Proverbs (4:7)”. Today, it is my desire to teach …

The post Gods Word Is The Same In Cyberspace – Seminar appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hey, Girl, The History Of The Word ‘Girl’ Is Actually Crazy

There’s “gal,” there’s “lady,” and now, there’s “kween” (comma, “yas”).

The ways modern girls evade calling each other “girls” are myriad, but most of them take on the same semi-ironic tone, mocking the days when femininity, monolithic as it was, could be neatly contained within the parameters of a word.

As much as those old-timey words smack of condescension ― “ladies” seems at home in the mouth of a suited courter, verbally italicized ― they can also generate feelings of solidarity among women, and so we use them, half-seriously. “Lady” has a disparaging air; it implies that a woman behaves as she “should.

Read More

The post Hey, Girl, The History Of The Word ‘Girl’ Is Actually Crazy appeared first on Parent Security Online.

View full post on Parent Security Online

Dumb Things We Do In The Name Of That 4-Letter Word: Love

Love is a beautiful emotion to experience, but sometimes love can mean “Loss Of Vital Energy,” because of the dumb things we do in the name of love! Yes, I know—the moment you see your love, birds begin singing, and all in the world seems right. Read More….

The post Dumb Things We Do In The Name Of That 4-Letter Word: Love appeared first on Dating Scams 101.

View full post on Dating Scams 101

WORD TO THE WISE: New credit card technology to help prevent fraud

Source: National Cyber Security – Produced By Gregory Evans

You have probably heard by now about the new technology at the checkout counter. Due to a large increase in counterfeit card fraud and continuing large-scale data breaches, the shift to use EMV, which stands for Europay, MasterCard and Visa, by major card issuers aims to offer added security to reduce the cost associated with such fraud. EMV is a global standard for cards equipped with computer chips and the technology used to authenticate chip-card transactions. Unlike the old magnetic-stripe cards, which stored unchanging data, the new EMV cards will be equipped with a small square metallic computer chip. When consumers are shopping instead of swiping their card, they now will be asked to insert their card into a slot or reader at the terminal. This will take a few seconds then a beep ends the transaction. You then will be asked to sign or enter a PIN. Unlike the magnetic-stripe cards the chip generates for every transaction a unique code that can no longer be used. The code is only good for that transaction making it much harder to be stolen or used by someone else. The BBB offers the following tips for the use of EMV cards. Oct. […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post WORD TO THE WISE: New credit card technology to help prevent fraud appeared first on National Cyber Security.

View full post on National Cyber Security

Ingenious kid hacks his parents’ phones so that the word ‘no’ automatically changes to ‘hell yes’ – before asking them if he can throw a party

Source: National Cyber Security – Produced By Gregory Evans

At first glance it might seem like the young man in this post has the coolest parents ever – parents who not only give the go-ahead for him to have a party, but consent with an emphatic ‘hell yes!’ But things aren’t quite what they seem. According to a recent post on Imgur/Reddit, prospective party host Brendan – under the username nasshole – managed to hack his parents’ phones in order to guarantee that he would get the ‘yes’ from his mom and dad in order to throw the bash. ‘Added a shortcut to parents’ phone every time they type “no”,’ explained the original poster of the text conversation. In a screenshot of a group conversation, the creative kid asks: ‘Hey guys can I throw a party tmrw night. [sic]’ From there, hilarity and confusion ensues, as the boy has programmed his mother’s phone to autocorrect the word ‘no’ to something else entirely. ‘HELL YES, [sic]’ is the response that comes from Brendan’s mom. But something isn’t quite right, so she tries again. ‘Wait,’ she writes. ‘I typed HELL YES. [sic]’ The confused mom is soon backed up by Brendan’s father Jim, whose cell phone has similarly lost the ability to type […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Ingenious kid hacks his parents’ phones so that the word ‘no’ automatically changes to ‘hell yes’ – before asking them if he can throw a party appeared first on National Cyber Security.

View full post on National Cyber Security