Anonymous member charged over revenge hacking of Australian intelligence websites

Dan Oakes

http://www.abc.net.au/news/2015-02-25/anonymous-member-charged-for-revenge-hacking/6262138

Excerpt:

“A Melbourne man, allegedly part of the Anonymous online collective, has been charged over the revenge hacking of Australian intelligence agency websites.”

 


Cyber attackers like to impersonate IT workers

http://www.net-security.org/secworld.php?id=18015

Excerpt:

“Mandiant, the (apparent) go-to firm for the forensic investigation of high-profile breaches, has released its annual M-Trends report (registration required), which shows that the threat landscape is more complex than ever.”

 


Insider threats continue to dominate

http://www.net-security.org/secworld.php?id=17993

Excerpt:

“Ordinary employees, privileged users and the supply chain – such as contractors and third party service providers – are all conduits for a traditional insider threat, according to Vormetric. But the spectrum of insider threats also includes the compromise of these insider accounts by hackers using APT attacks and other methods.”

 


96% say ISO 27001 is important for improving security defenses

http://www.net-security.org/secworld.php?id=17987

Excerpt:

“Already established as international best practice, the information security management standard ISO 27001 has become an effective weapon in the fight against cyber crime. It is therefore unsurprising that 96% of respondents to a new survey say that ISO 27001 plays an important role in improving their company’s cyber security defenses.”

 


How important is the critical information infrastructure?

http://www.net-security.org/secworld.php?id=17989

Excerpt:

“ENISA issued methodologies for the identification of Critical Information Infrastructure (CII) services in communication networks.”

 


Cyber readiness across government and critical infrastructure industries

http://www.net-security.org/secworld.php?id=17976

Excerpt:

“While the frequency and severity of cyberattacks against organizations are on the rise, a majority of IT leaders do not feel confident in their leaderships' ability to leverage intelligence that can predict a cyber vulnerability and effectively combat threats, according to Lockheed Martin.”

 


How cybercriminals hack our brains

http://www.net-security.org/secworld.php?id=17977

Excerpt:

“Cybercriminals are increasingly using persuasion techniques in order to manipulate employees to do things they normally wouldn’t, usually resulting in the loss of money or valuable data.”

 


Don’t wait until you’re attacked to take cybersecurity seriously

http://www.net-security.org/secworld.php?id=17978

Excerpt:

“CISOs foresee cyber terrorism and cybercrime posing significant risks to their organizations over the next three years, according to Raytheon and the Ponemon Institute.”

 


Visual hacking exposed

http://www.net-security.org/secworld.php?id=17971

Excerpt:

“While most security professionals focus on thwarting data breaches from cyber attacks, a new study exposes visual hacking, a low-tech method used to capture sensitive, confidential and private information for unauthorized use, as an under-addressed corporate risk.”

 


Credit card info stolen in BigFish Games site compromise

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17964

Excerpt:

“Seattle-based casual gaming company Big Fish Games has has its site and personal and financial information of some of its users compromised in an attack that started on last Christmas Eve.”

 


UK banks' customers can access accounts with their fingerprint

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17966

Excerpt:

“iPhone users who are also customers of UK banks RBS and NatWest can now access their online banking app by simply pressing their finger on their phone's home button.”

 


Vawtrack malware peddlers turn to malicious macros

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2967

Excerpt:

“Cybercriminals spreading new versions of the Vawtrak banking Trojan are the latest ones to use the once again popular macro-based attack.”

 


1 billion data records compromised in data breaches

http://www.net-security.org/secworld.php?id=17954

Excerpt:

“More than 1,500 data breaches led to one billion data records compromised worldwide during 2014, according to Gemalto's Breach Level Index (BLI). These numbers represent a 49% increase in data breaches and a 78% increase in data records that were either stolen or lost compared to 2013.”

 


Banking Trojan Dyreza sends 30,000 malicious emails in one day

http://www.net-security.org/malware_news.php?id=2964

Excerpt:

“A massive spam wave is installing banking Trojan Dyreza on tens of thousands of computers to steal sensitive financial data from unsuspecting customers, warns Bitdefender.”

 


Carbanak cyber gang stole hundreds of millions from banks

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17956

Excerpt:

“Since late 2013, an international cyber criminal group has been targeting banks around the world and has made off with $300 million - possibly even more - by compromising the banks' systems with malware and using the information gleaned via it to their advantage, Kaspersky Lab has revealed to the NYT”

 


Jeb Bush exposes 12,000 to ID theft after posting emails online

http://www.theaustralian.com.au/news/world/jeb-bush-exposes-12000-to-id-theft-after-posting-emails-online/story-e6frg6so-1227218539053

Excerpt:

“IT was meant to be a politically astute gesture of transparency, and would prove his tech credentials to boot.”

 


Phishing attacks increasingly target financial data

http://www.net-security.org/secworld.php?id=17949

Excerpt:

“28.8 percent of phishing attacks last year aimed to steal financial data from consumers, according to a new report by Kaspersky Lab. The results show how cybercriminals have shifted their focus from banks to payment systems and online shopping websites.”

 


16 million mobile devices infected by malware

http://www.net-security.org/malware_news.php?id=2963

Excerpt:

“Security threats to mobile and residential devices and attacks on communications networks rose in 2014, threatening personal and corporate privacy and information.”

 


Jeb Bush dumps emails full of private data online

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17941

Excerpt:

“Jeb Bush, who might end up being a candidate in the next 2016 US presidential election, has made a clumsy misstep in his attempt to provide "transparency" into his two turns as governor of Florida: he published a huge batch of emails he received both from his constituents and other people without redacting sensitive information contained in them."

 


War of the Words

Scott Janz and Emily Schneider

http://www.slate.com/articles/technology/future_tense/2014/12/cyberattacks_and_the_debate_over_what_counts_as_super_critical_infrastructure.html

Excerpt:

“If all you’re doing to protect yourself from online hackers is changing your password regularly, it’s a step in the right direction (though it’s not a good idea to keep credentials in a document named “Passwords”). But if you’re a government trying to protect infrastructure critical to keeping your country running—like electric power grids, banking institutions, airline and traffic controls, universities, and telecommunication structures—you need a lot more than a good password to stave off cyberthreats.”

 


Hackers rob US and global banks of millions in one of the largest heists ever

Kwame Opam

http://www.theverge.com/2015/2/14/8039593/hackers-malware-robbery-millions-bank-heist

Excerpt:

“Banks in Russia, Japan, the US, and Europe have fallen victim to a massive, sophisticated malware hack, allowing the perpetrators to steal hundreds of millions of dollars since 2013. According to a Kaspersky Labs report provided to the New York Times, more than 100 banks in 30 nations have been affected by the breach, with upwards of $300 million stolen in the process.”

 


Bank Hackers Steal Millions via Malware

David E. Sanger and Nicole Perlroth

http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html?_r=1

Excerpt:

“In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.”

 


Hackers Stole Hundreds of Millions in Massive Malware Bank Heist

Ashley Feinberg

http://gizmodo.com/hackers-stole-hundreds-of-millions-in-massive-malware-b-1685908496?utm_campaign=socialflow_gizmodo_facebook&utm_source=gizmodo_facebook&utm_medium=socialflow

Excerpt:

“In what may be one of the biggest bank heists to date, hackers have apparently siphoned hundreds of millions of dollars from over 100 banks in 30 nations. And according to the upcoming Kaspersky Lab report, this could be "the most sophisticated attack the world has seen to date."

 


French firms targeted with ransomware

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2958

Excerpt:

“French companies are the latest targets of cyber crooks wielding the CTB Locker (aka Critroni) ransomware.”

 


Be careful when talking in front of a Samsung SmartTV

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17928

Excerpt:

“Owners of Samsung SmartTVs that use its Voice Recognition feature to control the device should be aware that everything they say in front of their smart television set may end up in the hands of third parties.”

 


Anthem members targeted with phishing emails and calls

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17929

Excerpt:

“It didn't take long for scammers to attempt to take advantage of the Anthem data breach, as phishing messages impersonating credit monitoring services supposedly offered for free by Anthem have been spotted as early as last Friday.”

 


Anonymous launches the OpISIS and brings down ISIS social media accounts

Pierluigi Paganini

http://securityaffairs.co/wordpress/33288/hacking/anonymous-launches-opisis.html

Excerpt:

“Anonymous announced the OpISIS and launched a series of attacks against the jihadist websites supporting the ISIS and its propaganda on the Web.”

 


Investigating online dating fraud

http://www.net-security.org/secworld.php?id=17922

Excerpt:

“The one thing that online dating scammers have in common is that their preferred target demographic is vulnerable and trusting people with a limited social circle or support group.”

 


How can organizations guard against hackers in 2015?

Catalin Cosoi

http://www.net-security.org/article.php?id=2217

Excerpt:

“Advanced persistent threats, malware sent via attachments, direct targeting of specific users through spear phishing techniques, vulnerabilities exploited to silently deliver malware and poor implementations of BYOD policies in the corporate environment – these are only a few of the numerous ways hackers will continue to use to target the enterprise environment in 2015.”

 


Fessleak malvertising campaign used to serve ransomware

Pierluigi Paganini

http://securityaffairs.co/wordpress/33153/cyber-crime/fessleak-malvertising-campaign.html

Excerpt:

“Invincea has been monitoring the Fessleak campaign in which hackers leveraged Adobe Flash Player exploits and file-less infections to serve ransomware.”

 


Subdomain of Arizona Army National Guard website hacked by 3xp1r3 Cyber Army

Waqas

http://www.hackread.com/arizona-army-national-guard-website-hacked-3xp1r3-cyber-army/

Excerpt:

“The famous Bangladeshi hackers from 3xp1r3 Cyber Army are back in action. This time the hackers hacked and defaced the sub-domain of the official Arizona Department of Emergency & Military Affairs (DEMA) on Feb 2nd, 2015.”

 


Data Breach at Health Insurer Anthem Could Impact Millions

http://krebsonsecurity.com/2015/02/data-breach-at-health-insurer-anthem-could-impact-millions/

Excerpt:

“Anthem Inc., the nation’s second largest health insurer, disclosed Wednesday that hackers had broken into its servers and stolen Social Security numbers and other personal data from all of its business lines. Given the company’s size, this breach could end up impacting tens of millions of Americans.”

 


IT professional, hack thyself

Scott Register

http://www.net-security.org/article.php?id=2216

Excerpt:

“To anyone not living under a rock, the increasing threat of a cyber attack is very plain. IT professionals spend sleepless nights worrying that they’ll be the next Walmart or Sony or Visa. They hope that they’re doing everything they can to either prevent an intrusion – or if that’s not possible - prevent a serious breach and data loss.”

 


US health insurer Anthem suffers massive data breach

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17917

Excerpt:

“Anthem, the second-largest health insurer in the United States, has suffered a data breach that may turn out to be the largest health care breach to date, as the compromised database holds records of some 80 million individuals.”

 


Multi-factor authentication market will be worth US$1.6 billion by the end of 2015

http://www.net-security.org/secworld.php?id=17910

Excerpt:

“ABI Research found that the global mobile multi-factor authentication software and service market will be worth US$1.6 billion by the end of 2015. Username and passwords have been widely used to authenticate user identity but fail to provide adequate authentication. Authentication-based attacks continue to plague organizations of all sizes with the majority of breaches being attributed to weak or absent authentication.”

 


Fake Facebook Account Suspended emails lead to Trojans, ransomware

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2954

Excerpt:

“Fake Facebook account suspension emails are doing rounds of inboxes around the world, trying to convince the recipients that their account has been temporarily disabled due to the social network's "Terms and Policies renewal":”

 


A Single DDoS Attack Can Cost Businesses over $440,000

Michal Nemcok

http://blog.lifars.com/2015/02/02/a-single-ddos-attack-can-cost-businesses-over-440000/

Excerpt:

“Denial-of-Service (DoS) and Distributed-Denial-of Service (DDoS) attacks present major concerns to IT managers – mainly because of the high potential levels of damage and the simplicity of execution. DDoS attacks require very little technical knowledge, thus making them a relatively common occurrence.”

 


Raptr hacked, user info and passwords compromised

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17903

Excerpt:

“Gaming social networking site Raptr is the latest victim of hackers. Dennis Fong, the company's founder and CEO, announced that they have had a break in and that user data may have been compromised.”