What are some of the most interesting takeaways from Verizon’s latest annual security report?
- 69% of attacks are perpetrated by outsiders
- 39% of all attacks are perpetrated by organized criminal groups
- 23% of bad actors are identified as nation-state or state affiliated
- 43% of breaches involved small businesses victims
- 52% of breaches involved hacking
- 33% included social attacks
- 28% involved malware
The ScarCruft Korean-speaking APT is changing up its espionage tactics to include an unusual piece of malware devoted to harvesting Bluetooth information – while also showing some overlap with the DarkHotel APT.
"If a device’s name includes the full name of the owner, this flaw allows attackers to determine the identity of owner and geolocate them via the Linksys Smart Wi-Fi router’s public IP address.
While geolocation by IP address is not precise, services like WiGLE allow anyone to get the exact geographical coordinates of a WiFi network based solely on its MAC address or SSID. An attacker can query the target Linksys Smart Wi-Fi router, get it’s MAC address, and immediately geolocate it."
"First commercially introduced in 2013, Cisco Trust Anchor module (TAm) is a proprietary hardware security module used in a wide range of Cisco products, including enterprise routers, switches and firewalls. TAm is the root of trust that underpins all other Cisco security and trustworthy computing mechanisms in these devices. Thrangrycat allows an attacker to make persistent modification to the Trust Anchor module via FPGA bitstream modification, thereby defeating the secure boot process and invalidating Cisco’s chain of trust at its root. While the flaws are based in hardware, Thrangrycat can be exploited remotely without any need for physical access. Since the flaws reside within the hardware design, it is unlikely that any software security patch will fully resolve the fundamental security vulnerability."
During the 2018 "annus horribilis", users disgusted at privacy flops swore to dump Facebook. But where else is there to go?
Fujie charged with killing them softly with his scripts. And by them, we mean, the health insurance giant's computers US prosecutors today formally accused two people of being part of a Chinese hacking crew responsible for one of the biggest cyber-heists in American history.…
"Dozens of documents supposedly pertaining to Iran's Rana operation was publicly leaked May 5 via a user group on the Telegram app called Black Box. The Rana documents were the third set of documents on Iran's cyber espionage operations that have been leaked in recent weeks by an unknown actor whose motives remain unclear."
Firm ever so sorry, takes security of info seriously, vows not to do it again etc Insurer Chubb scored a privacy own goal recently when a double-sided printing error on bulk mailers sent to customers about a policy document change contained a stranger's personal details on one side of the sheet.…
The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by North Korean government.
You know the drill: Patch and stop using C Cisco Talos researchers have uncovered an SQLite use-after-free() vulnerability that could allow an attacker to, in theory, remotely execute code on an affected device
Attackers are installing China Chopper Web shells on SharePoint Servers to carry out remote code execution attacks. Potentially affected SharePoint products include all versions, from SharePoint Server 2010 through SharePoint Server 2019, as described in Microsoft's Security Advisory CVE-2019-0604.
With news of a malware attack on accounting firm Wolters Kluwer causing a “quiet panic” in the accounting world this week, our assertion that financial institutions—from banks to brokers—are part of the vital infrastructure of society has been solidified.
According to its website, Wolters Kluwer provides software and services to all of the top 100 accounting firms in the United States, 90 percent of the top global banks, and 93 percent of Fortune 500 companies. With many of its tax, accounting, and vital storage services down since Monday, employees and customers have been unable to access data during a busy filing period (taxes for non-profits are due May 15.
The U.S. Department of Justice today announced charges against nine individuals, 6 of which are members of a hacking group called "The Community" and other 3 are former employees of mobile phone providers who allegedly helped them steal roughly $2.5 million worth of the cryptocurrency using a method known as "SIM Swapping."
It also wants to be the country's data-privacy police: commissioners called for more resources and ability to impose penalties.
A security researcher has demonstrated a new way to track mouse movements even if users block JavaScript.
Drupal, Typo3 and Joomla are all impacted by the bug.
A team of security researchers has exploited Microsoft’s patchy macro documentation to hide malicious code inside innocent-looking macros.
The Android security update patches 15 bugs, four rated critical, 10 rated high and one ranked moderate in severity.
Oleksii Petrovich Ivanov has been extradited in the U.S. after allegedly launching malvertising campaigns that caused victims to view malicious ads on more than 100 million occasions.
Forensic analysis shows a Chinese APT using Equation Group hacking tools at least a year before Shadow Brokers dumped its cache in April 2017.
Binance, one of the largest cryptocurrency exchanges in the world, confirmed today that the company lost nearly $41 million in Bitcoin in what appears to be its largest hack to date. In a statement, Binance's CEO Changpeng Zhao said the company discovered a "large scale security breach" earlier on May 7.
At the company's I/O 2019 developer conference, Google has announced its plan to introduce two new privacy and security-oriented features in the upcoming versions of its Chrome web browser. In an attempt to allow users to block online tracking, Google has announced two new features—Improved SameSite Cookies and Fingerprinting Protection.
Cisco has patched a critical flaw in its virtualized function automation tool, Cisco Elastic Services Controller.
Government employees are working to determine the source and severity of a cyberattack that forced most city servers offline.
ESET research uncovers Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments
Singapore’s central bank sent a payment to Canada using blockchain technology last week, in a clear signal that the technology has value.
The updated Add-on Policy aims to rid Firefox of third-party malicious code that hides what it's really up to.
Snowballing attacks using a recently patched critical bug show no sign of abating.
The Israel Defense Force (IDF) claims to have neutralized an "attempted" cyber attack by launching airstrikes on a building in Gaza Strip from where it says the attack was originated. As shown in a video tweeted by IDF, the building in the Gaza Strip, which Israeli fighter drones have now destroyed, was reportedly the headquarters for Palestinian...
Job-hunting site Ladders leaves job seeker data exposed on the Internet.
Critical flaws in the software of Sierra Wireless' AirLink routers enable an array of malicious attacks.
The malware has new tricks, like using the stunnel encrypted tunneling mechanism and abusing a legitimate shareware app.
Sudden flurry of forum posts leaves a few clues Updated Programmers say they've been hit by ransomware that seemingly wipes their Git repositories' commits and replaces them with a ransom note demanding Bitcoin.…
Europol announced the shut down of two prolific dark web marketplaces—Wall Street Market and Silkkitie (also known as Valhalla)—in simultaneous global operations against underground websites for trading drugs, stolen credit card numbers, malicious software, and other illegal goods.
Belgian coder Bernard Fabrot just finished a 3.5-year computational marathon, solving a fascinating cryptopuzzle set at MIT back in 1999.
If you use a Dell computer, then beware — hackers could compromise your system remotely. Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers.
A team of security researchers has discovered several vulnerabilities in various implementations of OpenPGP and S/MIME email signature verification that could allow attackers to spoof signatures on over a dozen of popular email clients. The affected email clients include Thunderbird, Microsoft Outlook, Apple Mail with GPGTools, iOS Mail, GpgOL,...
An exploit of the vulnerability offers attackers a ransomware surface that doesn't need email.
In recent years, we have seen how hackers prey on those too lazy or ignorant to install security patches, which, if applied on time, would have prevented some devastating cyber attacks and data breaches that happened in major organisations. The United States Department of Homeland Security (DHS) has ordered government agencies to more swiftly plug...
For years, Facebook asked some new users for email passwords, then grabbed their contacts without consent (or any way to stop the process).
NIST thinks it has reached an important milestone in complex software testing with something called Combinatorial Coverage Measurement (CCM).
An ongoing attack against Electrum Bitcoin wallets has just grown bigger and stronger with attackers now targeting the whole infrastructure of the exchange with a botnet of over 152,000 infected users, raising the amount of stolen users' funds to USD 4.6 million. Electrum has been facing cyber attacks since December last year when a team of cybercriminals...
A team of security researchers has claims to have found a publicly-accessible database that exposes information on more than 80 million U.S. households—nearly 65 percent of the total number of American households. Discovered by VPNMentor's research team lead by hacktivists Noam Rotem and Ran Locar
Criminal activities against accountants on the rise – Buhtrap and RTM still active
