Monday 7th August 2017
We collect the news so that you don't have to!
Ariana Grande's Instagram Account Hacked
This time, hackers managed to take control of Ariana Grande's Instagram account, and the attackers started posting racist and homophobic messages, while also threatening other American stars to breach their accounts. While no hacking group or individual claimed the attack, the Instagram account is believed to have been breached by a fan of Selena Gomez and Kylie Jenner, as reported by clevver. The main evidence pointing in this regard is some of the messages posted by the hacker, who called for Ariana Grande fans to follow two different accounts whose profile picture showing the two stars.
http://www.itsecurityguru.org/2017/08/07/ariana-grandes-instagram-account-hacked/
Cisco accidentally loses customer data due to Meraki cloud configuration error
Cisco has admitted to losing some customers' data last week due to a Meraki cloud configuration data. The company revealed in an update on Friday that its engineering team made a configuration change on the North American object storage service that led to some of its customer data being deleted in the process. Meraki is a subsidiary of Cisco that offers cloud-managed information technologies for wireless, switching, security, EMM, communications and security cameras via its web-based dashboard interface.
http://www.itsecurityguru.org/2017/08/07/cisco-accidentally-loses-customer-data-due-meraki-cloud-configuration-error/
China's web users fear losing tools to bypass 'Great Firewall'
Enterprising internet users in China fear the tools they use to tunnel through the country's "Great Firewall" may soon disappear, as Beijing tightens its grip on the web. Tens of millions of people are estimated to use Virtual Private Networks (VPNs) to bypass Chinese internet restrictions -- getting access to blocked websites such as Facebook and Twitter. Beijing has for years turned a blind eye to these holes in its Great Firewall, but recent events suggest the virtual tunnels may soon be bricked up. In January China's Ministry of Industry and Information Technology (MIIT) announced it would be banning the use of unlicensed providers of the services.
http://www.itsecurityguru.org/2017/08/07/chinas-web-users-fear-losing-tools-bypass-great-firewall/
Forget sexy zero-days. Siemens medical scanners can be pwned by two-year-old-days
Hackers can exploit trivial flaws in network-connected Siemens' medical scanners to run arbitrary malicious code on the equipment. These remotely accessible vulnerabilities lurk in all of Siemens' positron emission tomography and computed tomography (PET-CT) scanners running Microsoft Windows 7. These are the molecular imaging gizmos used to detect tumors, look for signs of brain disease, and so on, in people. They pick up gamma rays from radioactive tracers injected into patients, and perform X-ray scans of bodies.
http://www.itsecurityguru.org/2017/08/07/forget-sexy-zero-days-siemens-medical-scanners-can-pwned-two-year-old-days/
Cuscal behind Woolworths duplicate payment bungle
Woolworths has apologised to customers on Monday following reports that some experienced a second batch of payments withdrawn from their bank accounts. A Woolworths spokesperson told ZDNet it received confirmation from Cuscal, one of its payment processors that services financial institutions, that due to an error at its datacentre, Woolworths customers may have received incorrect transactions on accounts processed by Cuscal. "We are working closely with Cuscal and can confirm any payment errors will be corrected as soon as possible," the spokesperson added, offering its 1300 767 969 call centre number for customers to call if they have experienced the error
http://www.itsecurityguru.org/2017/08/07/cuscal-behind-woolworths-duplicate-payment-bungle/
Wednesday 30 August 2017
Ariana Grande’s Instagram Account Hacked
Amber Rudd falls for hoax email prankster who also fooled Trump administration officials
Thursday 10th August 2017
We collect the news so that you don't have to!
Amber Rudd falls for hoax email prankster who also fooled Trump administration officials
The email hoaxer who previously duped Trump administration officials, as well as the governor of Bank of England, has tricked yet another high profile individual into engaging in an email exchange. UK home secretary Amber Rudd is reportedly the latest victim of the email prankster who goes by the pseudonym Sinon Reborn. The prankster reportedly posed as a senior Downing Street official to trick Rudd into responding to emails. Rudd reportedly disclosed that she was working on a series of upcoming announcements with her special adviser Mohammed Hussein, before realising that she was communicating with a hoaxer. The prankster reportedly used the free email service GMX to pose as newly appointed communications chief Robbie Gibb.
http://www.itsecurityguru.org/2017/08/10/amber-rudd-falls-hoax-email-prankster-also-fooled-trump-administration-officials/
One in every 359 emails are carrying a malicious payload says report
The number of emails carrying malware increased to a new high in July with one in every 359 emails carrying a malicious payload, according to Symantec's July Intelligence Report. July also saw increases in the number of phishing attempts and spam, but the increasing use by cybercriminals of email to spread malware took center stage reaching a level not seen since December 2016. The rate of infected emails in July was one in 359, up from one in 451 in June and significantly higher than the one in 784 emails that was reported in January. However, even July's rate is much lower than what was happening in late 2016 when the number of emails carrying malware ranged between one and 111 and one and 170.
http://www.itsecurityguru.org/2017/08/10/one-every-359-emails-carrying-malicious-payload-says-report/
Locky Ransomware Returns with Spam Campaign Pushing Diablo6 Variant
Through a large malspam campaign, Locky is back and currently being heavily distributed worldwide. While Locky was at one point considered the largest distributed ransomware, over time it became much more common to see other ransomware such as Cerber, Spora, and now even GlobeImposter. While it is too soon to tell if this is just another brief surge or an attempt to become a large player again, what we do know is that this particular campaign is strong with a wide distribution.
http://www.itsecurityguru.org/2017/08/10/locky-ransomware-returns-spam-campaign-pushing-diablo6-variant/
Microsoft bins unloved Chinese cert shops
Microsoft's decided not to support digital certificates issued by Chinese outfits WoSign and StartCom, but the first-mentioned CA disputes the decision. Google, Apple and Mozilla binned WoSign certs in 2016. Microsoft says it has now "... concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program."
http://www.itsecurityguru.org/2017/08/10/microsoft-bins-unloved-chinese-cert-shops/
Salesforce fires red team staffers who gave Defcon talk
Salesforce has fired its director of offensive security and another senior staff member after they gave talk at the Defcon security conference talk in Las Vegas last month. Josh Schwartz, director of offensive security based in San Francisco, and John Cramb, senior offensive security engineer in Sydney, Australia, worked on the cloud giant's security "red team," which launches offensive attacks against the company from within to test its cyber posture and defenses.
http://www.itsecurityguru.org/2017/08/10/salesforce-fires-red-team-staffers-gave-defcon-talk/
TalkTalk fined £100k for exposing personal sensitive info
Friday 11th August 2017
We collect the news so that you don't have to!
TalkTalk fined £100k for exposing personal sensitive info
Blighty's Information Commissioner's Office has whacked TalkTalk with a £100,000 fine after the data of the records of 21,000 people were exposed to fraudsters in an Indian call centre. The breach came to light in September 2014 when TalkTalk started getting complaints from customers that they were receiving scam calls. Typically, the scammers pretended they were providing support for technical problems. They quoted customers' addresses and TalkTalk account numbers.
http://www.itsecurityguru.org/2017/08/11/talktalk-fined-100k-exposing-personal-sensitive-info/
Kaspersky Lab patches up relationship with Microsoft as antitrust complaint dropped
Russian cybersecurity firm Kaspersky Lab has dropped an antitrust legal complaint against Microsoft after the US technology giant agreed to give anti-virus vendors greater control over how their software will be compatible with future versions of its Windows OS. In June 2017, Kaspersky Lab filed legal cases against Microsoft in both the European Commission and the German Federal Cartel Office, alleging that it was taking advantage of its own "dominant position in the computer operating system market to promote its own software".
http://www.itsecurityguru.org/2017/08/11/kaspersky-lab-patches-relationship-microsoft-antitrust-complaint-dropped/
Biological malware: Scientists use DNA to hack a computer
Scientists at the University of Washington in Seattle, have successfully been able to code a malware program into a DNA sample and use it to hack into a computer that was studying it. By doing this, they have exposed a weakness in systems that could lead to hackers taking control of computers in research centres, universities and laboratories, reports MIT technology review. Researchers are calling this the first "DNA-based exploit of a computer system."
http://www.itsecurityguru.org/2017/08/11/biological-malware-scientists-use-dna-hack-computer/
Recently Patched Flash Bug Can Leak Windows Credentials
Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials. The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 23.0.0.162 up to 26.0.0.137, running on Windows XP, Vista, 7, 8.x, and 10.
http://www.itsecurityguru.org/2017/08/11/recently-patched-flash-bug-can-leak-windows-credentials/
Android app stores flooded with 1,000 spyware apps
Hackers have flooded Android app stores, including the official Google Play store, with over 1,000 spyware apps, which have the capability to monitor almost every action on an infected device. Dubbed SonicSpy, the malware can silently record calls and audio, take photos, make calls, send text messages to numbers specified by the attackers, and monitor calls logs, contacts, and information about wi-fi access points.
http://www.itsecurityguru.org/2017/08/11/android-app-stores-flooded-1000-spyware-apps/
Cyber attacks on online retailers double in a year as hackers try to steal shoppers' details
Monday 14th August 2017
We collect the news so that you don't have to!
Cyber attacks on online retailers double in a year as hackers try to steal shoppers' details
The numbers of online shops hit by serious losses of customer data has doubled in the past year as hackers try to plunder retails sites for valuable personal details, a law firm has warned. Customers are increasingly at risk as retailers amass ever growing collections of their shoppers' personal information. Online shopping, digital marketing and loyalty schemes mean shoppers submit more and more information to retailers that is of value to cyber criminals.
http://www.itsecurityguru.org/2017/08/14/cyber-attacks-online-retailers-double-year-hackers-try-steal-shoppers-details/
#OpDomesticTerrorism: Anonymous shuts down Charlottesville city website with DDoS attack
The hacktivist collective Anonymous has reportedly claimed responsibility for shutting down the Charlottesville city website. The hacker group reportedly launched a distributed denial-of-service (DDoS) attack, shortly after a hit and run incident in the city, that claimed the life of 32-year-old Heather Heyer and injured at least 19 others. The DDoS attack, launched under a new banner, dubbed #OpDomesticTerrorism, was allegedly launched to protest the hit and run incident, which involved a group of activists protesting a white supremacist rally. Police have since arrested the driver of the car, 20-year-old James Fields, who has been "charged with second-degree murder, three counts of malicious wounding and failing to stop at an accident that resulted in a death."
http://www.itsecurityguru.org/2017/08/14/opdomesticterrorism-anonymous-shuts-charlottesville-city-website-ddos-attack/
Daily Stormer Hacked
Anonymous have taken over the world's most notorious Nazi website, following clashes with white nationalists over the weekend that left one anti-fascist protestor dead. A post on the site attributed to the hacking group said that the site was now under its control and that it would stop it posting "putrid hate". It also suggested that it will release data that had been taken as part of the attack, as well as suggesting it could conduct attacks on its leader.
http://www.itsecurityguru.org/2017/08/14/daily-stormer-hacked/
How DNA became the new hacking tool
In what could possibly be a sci-fi plot in a movie is now a reality, as researchers hack a computer using synthetic DNA. A research team at the University of Washington revealed hackers were able to encode malware into a short strand of DNA. They programmed the virus to launch on its own when run through the DNA sequencing system, which it enabled it to take control of the computer, where it can read future DNA sequences or even alter generic data. The results, therefore, indicate that it is technically possible to use DNA as a way to transfer malware and attack vulnerabilities in the sequencing computer program. Past research has already shown that it is possible to transfer data using DNA. In 2016, Microsoft and the University of Washington demonstrated a technique for storing and retrieving digital images using DNA. However, many fear of potential problems in the future with new possible ways to hack.
http://www.itsecurityguru.org/2017/08/14/dna-became-new-hacking-tool/
A local securities firm has been hit by a cyberattack
TAIPEI, Taiwan — Taipei-based securities firm Taishin had some unhappy customers this morning as its services were temporarily downed by a cyberattack — the second one this year. The DDoS attack targeted the electronic trading systems of Taishin as well as its subsidiary Ta Chong Securities, also putting the firm's telephone trading service out of commission in the process. Taishin's system went down at 8:54 a.m., Apple Daily quoted a reader as saying, while Ta Chong's service went down at 8:50 a.m. Both services were restored within an hour, with Taishin's back up at 9:32 a.m. and Ta Chong's back online at 9:35 a.m.
http://www.itsecurityguru.org/2017/08/14/local-securities-firm-hit-cyberattack/
UK businesses “unprepared for a cyber shock”
Tuesday 15th August 2017
We collect the news so that you don't have to!
UK businesses "unprepared for a cyber shock"
Lockton report shows half of UK businesses expect to be entirely operational 48 hours after a large-scale cyber security breach. A report by Lockton has revealed that UK businesses are severely "unprepared for a cyber shock". The broker found – in the study that polled 200 chief financial officers, chief risk officers and chief information officers as well as directors of risk and general legal counsel – that 50% expect to be entirely operational 48 hours after a large-scale cyber security breach. Just 2% of UK businesses think a breach will affect them for more than 10 days.
http://www.itsecurityguru.org/2017/08/15/uk-businesses-unprepared-cyber-shock/
US military spies: We'll capture enemy malware, tweak it, lob it right back at our adversaries
The US Defense Intelligence Agency has vowed to capture enemy malware, study and customize it, and then turn the software nasties on their creators. Speaking at the US Department of Defense Intelligence Information Systems (DoDIIS) conference in Missouri on Monday, the head of the agency Lieutenant General Vincent Stewart told attendees that the US was tired of just taking hits from outside players, can so it was planning to strike back.
http://www.itsecurityguru.org/2017/08/15/us-military-spies-well-capture-enemy-malware-tweak-lob-right-back-adversaries/
If Anonymous 'pwnd' the Daily Stormer, they did a spectacularly awful job
Doubts have been cast over claims that hacktivists have taken control of neo-Nazi website the Daily Stormer. Elements of the loose hacker collective Anonymous supposedly took control of the site as a reprisal for the death of anti-racist protestor Heather Heyer after she was struck by a car during protests by white supremacists in Charlottesville, Virginia. According to the most recent "post" on the site, the hackers were ostensibly threatening to dox the Daily Stormer's Andrew Anglin and users of the controversial site. In short, the hack is likely a hoax.
http://www.itsecurityguru.org/2017/08/15/anonymous-pwnd-daily-stormer-spectacularly-awful-job/
Cloudflare is helping defend a neo-Nazi website from hackers, even as Google and GoDaddy are distancing themselves from it
Even as several tech companies moved to disassociate themselves from the Daily Stormer on Monday, one tech firm refused to cancel its dealings with the neo-Nazi website — Cloudflare. A content delivery network that helps to protect sites from denial of service attacks, Cloudflare continues to support both DailyStormer.com and AltRight.com, another white supremacist site, through its service.
http://www.itsecurityguru.org/2017/08/15/cloudflare-helping-defend-neo-nazi-website-hackers-even-google-godaddy-distancing/
How Just Opening A Malicious PowerPoint File Could Compromise Your PC
A few months back we reported how opening a simple MS Word file could compromise your computer using a critical vulnerability in Microsoft Office. The Microsoft Office remote code execution vulnerability (CVE-2017-0199) resided in the Windows Object Linking and Embedding (OLE) interface for which a patch was issued in April this year, but threat actors are still abusing the flaw through the different mediums. Security researchers have spotted a new malware campaign that is leveraging the same exploit, but for the first time, hidden behind a specially crafted PowerPoint (PPSX) Presentation file. According to the researchers at Trend Micro, who spotted the malware campaign, the targeted attack starts with a convincing spear-phishing email attachment, purportedly from a cable manufacturing provider and mainly targets companies involved in the electronics manufacturing industry.
http://www.itsecurityguru.org/2017/08/15/just-opening-malicious-powerpoint-file-compromise-pc/
Scottish parliament hit by cyber-attack similar to Westminster assault
Wednesday 16th August 2017
We collect the news so that you don't have to!
Scottish parliament hit by cyber-attack similar to Westminster assault
Hackers have mounted a "brute force" cyber-attack on the Scottish parliament's computer systems, weeks after a similar attack on email accounts at Westminster. MSPs and Holyrood staff were warned on Tuesday that hackers were attempting to access numerous email accounts by systematically and repeatedly trying to crack their passwords. Holyrood officials said they were not aware of any compromised email accounts, but staff and MSPs were warned the attack could mean some people were locked out of their accounts.
http://www.itsecurityguru.org/2017/08/16/scottish-parliament-hit-cyber-attack-similar-westminster-assault/
Venezuela's public telcos collapse under cyber-attack
Fibre-based and mobile services delivered by Cantv and Movilnet in Venezuela have been switched off as a result of a continued and concerted cyber-attack. The attack, directed at Venezuela's public infrastructure, has been assumed by a group called The Binary Guardians and has not only affected telecom services, but has blocked many .ve-domain websites, including all the Government platforms and the Supreme Court's site.
http://www.itsecurityguru.org/2017/08/16/venezuelas-public-telcos-collapse-cyber-attack/
AP Moller-Maersk counts cost of cyber attack but swings to profit
AP Moller-Maersk said the Petya cyber attack had cost it $200m-$300m as the world's biggest container shipping line returned to profit, buoyed by relatively strong global trade. The Danish conglomerate said the majority of the impact from the cyber attack would be felt in the third quarter, due to lost revenues in July, after its entire IT system including booking applications was brought down by malware hidden in a document used to file tax returns in Ukraine.
https://www.ft.com/content/3e6828e7-e9b8-3785-9b95-45b45c3a2e3b
U.S. Worried North Korea Will Unleash Cyberattacks
As tensions rise over North Korea's potential nuclear missile threat, U.S. officials and outside experts are increasingly concerned the rogue regime will respond to international pressure by lashing out with a weapon it has already mastered: cyberattacks that can disable corporate networks, steal money from banks and potentially disrupt critical infrastructure. American intelligence officials have long ranked North Korea as one of the world's more dangerous cyber actors, trailing only Russia, China and Iran among U.S. adversaries in its ability to inflict damage via computer networks.
http://www.itsecurityguru.org/2017/08/16/ap-moller-maersk-counts-cost-cyber-attack-swings-profit/
Web application attacks accounted for 73% of all incidents says report
Web application attacks accounted for 73 percent of all incidents flagged in an 18-month evaluation period according to a new report from Alert Logic which also says that web application attacks affected 85 percent of all its customers, with injection-style attacks such as SQL injection the main culprit. The company's 2017 Cloud Security Report is based on customer data from more than 3,800 Alert Logic cloud, on-premises and hybrid cloud customers over an 18 month period, from August 1, 2015 to January 31, 2017.
http://www.itsecurityguru.org/2017/08/16/web-application-attacks-accounted-73-incidents-says-report/
Germany: Microsoft Agrees to Stop Forcibly Downloading Windows Upgrades
Thursday 24th August 2017
We collect the news so that you don't have to!
Germany: Microsoft Agrees to Stop Forcibly Downloading Windows Upgrades
After an 18-month legal battle with Germany's Baden-Würtenberg consumer rights center, Microsoft admitted to wrongdoing when it downloaded over 6GBs of data on user devices during its Windows 10 push in mid and late 2015.
http://www.itsecurityguru.org/2017/08/24/germany-microsoft-agrees-stop-forcibly-downloading-windows-upgrades/
Pssst... wanna participate in a Google DeepMind AI pilot? Be careful
Imagine you're in charge of technology and data for part of the UK's chronically cash-squeezed National Health Service. A world-famous technology firm offers you a cool new service, either free or for very little money. All it wants in return is access to the patient data that will make the service work. What are you going to do?
http://www.itsecurityguru.org/2017/08/24/pssst-wanna-participate-google-deepmind-ai-pilot-careful/
Justice agrees to narrow DreamHost warrant for disruptj20.org data
After web hosting provider DreamHost pressed the U.S. government in superior court over a warrant to access more than 1.3 million IP records of a website, the Justice Department backed off its request and modified the warrant to narrow its scope.
http://www.itsecurityguru.org/2017/08/24/justice-agrees-narrow-dreamhost-warrant-disruptj20-org-data/
Vietnam Lands in Chinese Hackers' Sights Again
A hacking campaign is targeting large Vietnamese organizations—and is connected to the same party that previously targeted Vietnam Airlines back in 2016.
http://www.itsecurityguru.org/2017/08/24/vietnam-lands-chinese-hackers-sights/
Raiffeisen Bank malware is phishing for your login credentials
You better stay on your toes when logging in to your account should you happen to be a client of Raiffeisen Bank – someone might be out to snatch your credentials.
https://thenextweb.com/security/2017/08/23/raiffeisen-bank-malware-phish-campaign/#.tnw_fNf1Gy0B
LinkedIn exploit exposes millions; PC sales to suffer slump
TOP STORY
SHARE THIS STORY:
LinkedIn exploit 'left millions exposed' to malware Check Point research highlights now patched vulnerabilities in LinkedIn's messaging service READ MORE ▸
PC sales expected to suffer as users shift to detachables
SHARE:
GCHQ knew about US plan to arrest WannaCry hero
SHARE:
Sadiq Khan appoints London's first ever CDO
SHARE:
Semi-autonomous lorries coming to UK motorways
SHARE:
The ransomware threat in numbers
DreamHost comes under attack as FBI granted access to files
SHARE:
Google aims to up cloud security game with Titan chip Security chip details to be revealed today - report READ MORE ▸
SHARE:
Mark Shuttleworth: No strategic change for Canonical
SHARE:
UK gov seeks EU data-sharing agreement before Brexit
SHARE:
The top 5 ransomware trends in 2017
SHARE:
Subscribe to:
Posts (Atom)