Phishers’ techniques and behaviours, and what to do if you’ve been phished

https://www.helpnetsecurity.com/2017/07/28/phishers-tactics-and-behaviours/

Excerpt:

“Once a user has been phished, how long does it takes for the phishers to misuse the stolen credentials?


How to protect the power grid from low-budget cyberattacks

https://www.helpnetsecurity.com/2017/07/28/power-grid-cyberattacks/

Excerpt:

“Cyberattacks against power grids and other critical infrastructure systems have long been considered a threat limited to nation-states due to the sophistication and resources necessary to mount them.”


Crooks Reused Passwords on the Dark Web, so Dutch Police Hijacked Their Accounts

Catalin Cimpanu

https://www.bleepingcomputer.com/news/security/crooks-reused-passwords-on-the-dark-web-so-dutch-police-hijacked-their-accounts/

Excerpt:

“Dutch Police are aggressively going after Dark Web vendors using data they collected from the recently seized Hansa Market.”


An Internet-connected fish tank let hackers into a casino’s network

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/27/internet-connected-fish-tank-hackers/

Excerpt:

“A high-tech, internet-connected fish tank in a North American casino has been used to exfiltrate data from the company’s network. Smart drawing pads used in an architectural firm were part of a botnet used to mount DDoS attacks against websites around the world owned by entertainment companies, design companies, and government bodies.”


Russian arrested, indicted for laundering funds from Mt. Gox hack

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/27/mt-gox-hack-arrest/

Excerpt:

“Alexander Vinnik, a Russian man arrested on Tuesday in Greece, is allegedly the operator of digital currency exchange BTC-e, through which funds from the Mt. Gox bitcoin exchange hack have been laundered.”


UniCredit Bank Hacked, 400,000 Accounts Exposed

Bogdan Popa

http://news.softpedia.com/news/unicredit-bank-hacked-400-000-accounts-exposed-517184.shtml

Excerpt:

“UniCredit has just announced in an official statement that its servers were breached by hackers, with details of approximately 400,000 clients said to be exposed.”


90% of consumers think security should be built into smart devices

https://www.helpnetsecurity.com/2017/07/26/security-smart-devices/

Excerpt:

“90% of consumers polled from Brazil, China, Germany, India, UK and US believe it is important that a connected device has security built into the product, digital platform security firm Irdeto has found.”


Banking Trojan Uses Mouse Movements to Distinguish Users From Virtual Machines

Catalin Cimpanu

https://www.bleepingcomputer.com/news/security/banking-trojan-uses-mouse-movements-to-distinguish-users-from-virtual-machines/

Excerpt:

“In July 2017, security researchers have spotted a new version of the proficient Ursnif banking trojan that comes with a clever trick to avoid sandbox environments and automated virtual machines by using mouse movements to detect if a real user is interacting with the computer.”


18-year-old arrested after reporting dumb bug in public transport e-ticket system

David Bisson

https://www.grahamcluley.com/18-year-old-arrested-reporting-dumb-bug-public-transport-e-ticket-system/

Excerpt:

“More than 45,000 users have voiced their disapproval on social media for Hungary's public transport system after police arrested an 18-year-old man for reporting a flaw in its new e-ticket system.”


UK govt urges teenagers to apply for cyber security training programme

https://www.helpnetsecurity.com/2017/07/25/uk-cyber-security-training/

Excerpt:

“UK teenagers are being encouraged to register in a cyber security training programme rolled out to help the nation address the risk of a future skills shortage.”


Google Groups misconfiguration leads to sensitive data leaks

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/25/google-groups-data-leak/

Excerpt:

“If your employees are using Google Groups to discuss issues and ideas, you might want to check whether the sharing setting for these groups is set to “Private”.”


MacOS malware used to spy on home users in the US

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/25/macos-malware-spy-fruitfly/

Excerpt:

“A new variant of the macOS malware Fruitfly has been found by security researcher Patrick Wardle on some 400 machines of (mostly) home users located in the US.”


Microsoft is taking down Russian hackers with the help of IP lawyers

Chris Merriman

https://www.v3.co.uk/v3-uk/news/3014286/microsoft-is-bringing-down-russian-hackers-with-ip-lawyers

Excerpt:

“Microsoft is not the first name you think of when you talk about vigilantism. But a team of Microsoft lawyers is using trademark law to sue Russian hacking group Fancy Bear off the web, for using domain names that infringe its copyright.”


Glassdoor pushes back against moves to identify anonymous reviewers

Lisa Vaas

https://nakedsecurity.sophos.com/2017/07/24/glassdoor-pushes-back-against-moves-to-identify-anonymous-reviewers/

Excerpt:

“So, what was it like to work at [redacted entity that administers publicly funded programs]? The US Department of Justice would like to know, and it has no qualms about peeling away the anonymity of Glassdoor reviewers to find out.”


Testing the security of connected cars and IoT devices

https://www.helpnetsecurity.com/2017/07/25/security-testing-connected-cars/

Excerpt:

“IBM Security announced the launch of two new security testing practice areas focused on automotive security and the Internet of Things (IoT).”


Addressing the deficit in cyber security workforce and national policy

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/24/cyber-security-workforce/

Excerpt:

“Whether they like it or not, in this day and age nearly all organizations have to think about their cybersecurity posture and find a way to minimize cybersecurity risk.”


Malware author behind $500m Citadel banking Trojan jailed for five years

Graeme Burton

https://www.v3.co.uk/v3-uk/news/3014236/malware-author-behind-usd500m-citadel-banking-trojan-jailed-for-five-years

Excerpt:

“One of the two Russian men behind the Citadel banking Trojan used to steal as much as $500m from bank accounts has been jailed for five years in the US.”


Think twice before buying a smart toy for your child

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/18/think-twice-buying-smart-toy/

Excerpt:

“For a while now, security researchers have been warning about the security and privacy dangers of many popular “smart” toys.”


US data breaches surge, businesses and healthcare organizations hit hardest

https://www.helpnetsecurity.com/2017/07/18/us-data-breaches-surge/

Excerpt:

“The number of US data breaches tracked through June 30, 2017 hit a half-year record high of 791, according to recent numbers released by the Identity Theft Resource Center (ITRC).”


Attackers are taking over NAS devices via SambaCry flaw

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/18/sambacry-flaw-nas-devices/

Excerpt:

“A Samba remote code execution flaw patched in May is being exploited to compromise IoT devices running on different architectures (MIPS, ARM, PowerPC, etc.), Trend Micro researchers warn.”


Meet Ovidiy Stealer: Bringing credential theft to the masses

https://www.proofpoint.com/us/threat-insight/post/meet-ovidiy-stealer-bringing-credential-theft-masses

Excerpt:

“Proofpoint threat researchers recently analyzed Ovidiy Stealer, a previously undocumented credential stealer which appears to be marketed primarily in the Russian-speaking regions. It is under constant development, with several updated versions appearing since the original samples were observed in June 2017. The growing number of samples demonstrate that criminals are actively adopting this malware. Ovidiy Stealer is priced at 450-750 Rubles (~$7-13 USD) for one build, a price that includes a precompiled executable that is also "crypted" to thwart analysis and detection.”


Hacker Steals $7 Million Worth of Ethereum From CoinDash Platform

Catalin Cimpanu

https://www.bleepingcomputer.com/news/security/hacker-steals-7-million-worth-of-ethereum-from-coindash-platform/

Excerpt:

“An unknown hacker has taken over the official website of the CoinDash platform and modified an Ethereum wallet address during the company's ICO (Initial Coin Offering). The hack took place today, just three minutes after CoinDash launched its ICO, which is something similar to an IPO.”


Australian PM seeks access to encrypted messages

http://www.bbc.com/news/technology-40606493

Excerpt:

“The Australian government says it wants new laws to force tech firms such as Apple and Facebook to provide access to encrypted messages. Some apps such as WhatsApp use end-to-end encryption, making messages unreadable if intercepted.”


Experts Recover AES256 Encryption Key From a PC's Electromagnetic Emissions

Catalin Cimpanu

https://www.bleepingcomputer.com/news/security/experts-recover-aes256-encryption-key-from-a-pcs-electromagnetic-emissions/

Excerpt:

“A team of researchers from Fox-IT and Riscure has put together a device using off-the-shelve electronic parts that deduces encryption keys using only electromagnetic emissions coming from a nearby computer.”


Hackers Attack Trump Hotels, Steal Credit Card Details and Personal Data

Bogdan Popa

http://news.softpedia.com/news/hackers-attack-trump-hotels-steal-credit-card-details-and-personal-data-516946.shtml

Excerpt:

“Hackers breached the systems used by 14 different Trump Hotels properties between August 10, 2016 and March 9, 2017, managing to steal sensitive information like guests’ credit card details and other personal information.”


Bupa data breach affects 500,000 insurance customers

http://www.bbc.com/news/technology-40595581

Excerpt:

“A Bupa employee inappropriately copied and removed information relating to 547,000 international health insurance plan customers, the company has said. The data included names, dates of birth, nationalities, some contact and administrative information but not financial or medical data.”


Thieves Used Infrared to Pull Data from ATM ‘Insert Skimmers’

Brian Krebs

https://krebsonsecurity.com/2017/07/thieves-used-infrared-to-pull-data-from-atm-insert-skimmers/

Excerpt:

“A greater number of ATM skimming incidents now involve so-called “insert skimmers,” wafer-thin fraud devices made to fit snugly and invisibly inside a cash machine’s card acceptance slot. New evidence suggests that at least some of these insert skimmers — which record card data and store it on a tiny embedded flash drive  — are equipped with technology allowing them to transmit stolen card data wirelessly via infrared, the same communications technology that powers a TV remote control.”


Security analytics and operations are becoming more difficult

https://www.helpnetsecurity.com/2017/07/13/security-analytics-oprations-difficult/

Excerpt:

“A new Enterprise Strategy Group (ESG) study, which involved a survey of more than 400 IT and cybersecurity professionals, found that 72 percent feel cybersecurity analytics and operations is more difficult today than it was two years ago, and that the rapidly evolving threat landscape and growing volumes of security alarms are the most common challenges facing enterprises today.”


Enterprises face 3,680 potential phishing emails each week

https://www.helpnetsecurity.com/2017/07/13/potential-phishing-emails/

Excerpt:

“GreatHorn analyzed more than 3.5 terabytes of data – over 373 million corporate emails – to gain insights into the sheer volume of email threats facing enterprises and the role of automated tools in helping them keep up with that challenge.”


BEC scams: How to avoid them and how to fight back 

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/13/bec-scams-fight-back/

Excerpt:

“Phishing and spear-phishing emails are a constant threat to all users, but enterprises are positively inundated with them.”


Data of 14 Million Verizon Customers Exposed in Server Snafu

Catalin Cimpanu

https://www.bleepingcomputer.com/news/security/data-of-14-million-verizon-customers-exposed-in-server-snafu/

Excerpt:

“Sensitive data for around 14 million Verizon customers was exposed online because a third-party contractor forgot to limit external access to an Amazon S3 server.”


More than 100m records potentially lost in huge telecoms breach

Kim Crawley

https://nakedsecurity.sophos.com/2017/07/11/more-than-100m-records-potentially-lost-in-huge-telecoms-breach/

Excerpt:

“India’s newest telecoms provider is investigating what could be the country’s biggest data breach, according to local reports, with the records of potentially more than 100m subscribers having been exposed online.”


EternalBlue vulnerability scanner statistics reveal there are exposed hosts worldwide

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/12/eternalblue-vulnerability-scanner-statistics/

Excerpt:

“After the recent massive WannaCry ransomware campaign, Elad Erez, Director of Innovation at Imperva, was shocked at the number of systems that still sported the Microsoft Windows SMB Server vulnerabilities that made the attack possible.”


Prolific Russian Hacker Gets Nine Years in Prison

Catalin Cimpanu

https://www.bleepingcomputer.com/news/security/prolific-russian-hacker-gets-nine-years-in-prison/

Excerpt:

“Alexander Tverdokhlebov, 29, a former Russian national, now a US citizen living in Los Angeles, was sentenced to nine years in prison for operating a banking trojan botnet, and stealing money from victims' bank accounts.”


UK executives badly informed about where data is stored compared to other countries

https://www.helpnetsecurity.com/2017/07/10/uk-executives-badly-informed/

Excerpt:

“When it comes to data compliance matters, one in five business decision makers within the UK admit they do not know which compliance regulations their company is subject to, while a worrying number do not believe the forthcoming GDPR applies to them, according to NTT Security.”


Satellite phone communications can be decrypted in near real-time

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/07/satellite-phone-communications-decrypted/

Excerpt:

“Satellite phone communications encrypted with the GMR-2 cipher can be decrypted in mere fractions of a second, two Chinese researchers have proved.”


Man Admits to Phishing for Bitcoins on Dark Web Forums

David Bisson

https://www.tripwire.com/state-of-security/latest-security-news/man-admits-phishing-bitcoins-dark-web-forums/

Excerpt:

“A man has admitted that he committed fraud and money laundering as part of a phishing scheme to steal Bitcoins on dark web forums.”


NZ Airport Travelers Forced to Surrender Device Passwords, Data Copied by Govt

Bogdan Popa

http://news.softpedia.com/news/nz-airport-travelers-forced-to-surrender-device-passwords-data-copied-by-govt-516834.shtml

Excerpt:

“New Zealand airport customs agents force thousands of travelers every year to hand over the passwords for their devices, in some cases inspecting files and even copying the data for the government.”


Ukrainian company compromised to spread NotPetya malware has servers seized by police

Graeme Burton

https://www.v3.co.uk/v3-uk/news/3013273/ukrainian-company-compromised-to-spread-notpetya-malware-has-servers-seized-by-police

Excerpt:

“The authorities in Ukraine have seized the servers of ME Doc, the company behind the accounting software whose infrastructure was compromised to propagate the NotPetya malware at the end of June.”


Man Who Hacked Kremlin Elites Gets Two Years in Prison

Catalin Cimpanu

https://www.bleepingcomputer.com/news/security/man-who-hacked-kremlin-elites-gets-two-years-in-prison/

Excerpt:

“A judge in Moscow sentenced today Vladimir Anikeyev, the ringleader of a Russian hacking group known as Shaltai Boltai (Russian for "Humpty Dumpty") to two years in prison.”


Operators of decade-old Malware-as-a-Service outfit charged

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/06/malware-as-a-service-outfit-charged/

Excerpt:

“As Crackas With Attitude hacker “Incursio” got handed a 2-year prison sentence for gaining unauthorized access to government computers and online accounts of a number of US government officials (including then-CIA Director John Brennan), his hacking colleagues are either awaiting sentencing in the US or prosecution by the UK Crown Prosecution Service.”


Why Kodi boxes can pose a serious malware threat

https://www.helpnetsecurity.com/2017/07/07/kodi-boxes-malware/

Excerpt:

“When new streaming devices, such as the Amazon Firestick and Apple TV, were first introduced, many were intrigued by the ease by which they could watch “over the top” content from the Internet, such as Netflix or Hulu, on their living room televisions.”


Cerber Ransomware Rebrands to CRBR Encryptor

JP Buntinx

http://themerkle.com/cerber-ransomware-rebrands-to-crbr-encryptor-despite-lack-of-new-features/

Excerpt:

“The Cerber ransomware is no more. The ransomware itself is still active, but now goes by a different name. As of last week, the malicious tool has rebranded to CRBR. Developers may be trying to confuse security researchers countering its efforts. It is not a new cyber threat, so current protection and countermeasures should hold up to it.”


Two charged with running hacking service used in ‘major computer intrusions’ of U.S. businesses

Rachel Weiner

https://www.washingtonpost.com/local/public-safety/two-latvians-charged-with-running-major-hacking-service/2017/07/05/17598108-6189-11e7-a4f7-af34fc1d9d39_story.html?utm_term=.7752dbd55c04

Excerpt:

“Two men from Latvia ran a malware service that has been in operation for more than a decade and used in major attacks against U.S. businesses, according to an indictment unsealed Wednesday in federal court in Alexandria, Va.”


Charges over cyber attack

https://www.castanet.net/news/Business/200925/Charges-over-cyber-attack

Excerpt:

“The small Ukrainian tax software company that is accused of being the patient zero of a damaging global cyber epidemic is under investigation and will face charges, the head of Ukraine's CyberPolice suggested Monday.”


UK student, 18, arrested in international cyberattack

https://phys.org/news/2017-07-uk-student-international-cyberattack.html#jCp

Excerpt:

“Jack Chappell is accused of supplying software that crashes websites by flooding them with data and with running a help-desk for cyber criminals.”


South Korean bitcoin exchange hacked, user accounts plundered

Zeljka Zorz

https://www.helpnetsecurity.com/2017/07/05/south-korean-bitcoin-exchange-hacked/

Excerpt:

“Bithumb, a South Korean bitcoin and ether exchange, has suffered a data breach that resulted in customer losses potentially reaching billions of South Korean won (currently, a billion won is equivalent to some 870,000 US dollars).”


Use of WhatsApp in NHS 'widespread', say doctors

Jane Wakefield

http://www.bbc.com/news/technology-40507440

Excerpt:

“Doctors and nurses are using WhatsApp and Snapchat to share information about patients "across the NHS", health professionals have told the BBC. GP Alisdair MacNair said he was aware of a number of medical groups using WhatsApp to discuss patients.”


Russia causing 'cyber-space mayhem', says ex-GCHQ boss

http://www.bbc.com/news/technology-40557092

Excerpt:

“Russian authorities are a threat to democracy, former GCHQ director Robert Hannigan has said. There was "a disproportionate amount of mayhem in cyber-space" coming from the country, he told the BBC.”