Google gave warnings about potential government-backed attacks against numerous journalists, academics and activists. Twitter postings regarding it seem to be authentic. Numbers estimate up to a million may have seen state-sponsored probing. The article offers suggestions for password security and encryption of files.
Source: http://www.securityweek.com/google-warns-users-recent-state-sponsored-attacks
Monday, November 28, 2016
Wednesday, November 16, 2016
Backdoor in Some Android Phones Sends Data to Server in China
Recently multiple Android mobile device models sold in the United States have been found to include a backdoor in their firmware and to send personally identifiable information (PII) to third-party servers. Furthermore the question was raised why the users were not informed. Not only is there a backdoor in the firmware however devices sold via Amazon, BestBuy, and other major US-based online retailers, could also install applications remotely, without user consent.
Source: http://www.securityweek.com/backdoor-some-android-phones-sends-data-server-china
Source: http://www.securityweek.com/backdoor-some-android-phones-sends-data-server-china
Monday, October 31, 2016
China-Linked Cyberspies Lure Victims With Security Conference Invites
A China-linked cyber espionage group known as Lotus Blossom has used fake invitations to an upcoming Cybersecurity Summit to trick users into installing a piece of malware on their systems. This is the latest in a string of cyber attacks where hacker groups use educational cybersecurity presentations and events to lure unsuspecting users into downloading malware. The security firm respponsible for the event in question had spotted attacks against government and military organizations in Southeast Asia, including Vietnam, Philippines, Taiwan, Hong Kong and Indonesia.
Source: http://www.securityweek.com/china-linked-cyberspies-lure-victims-security-conference-invites
Source: http://www.securityweek.com/china-linked-cyberspies-lure-victims-security-conference-invites
Wednesday, October 26, 2016
VMware Flaws Allow Security Bypass on Mac OS X
This article describes a security vulnerability on VMware running Mac OS X. To most users this presents as a surprise given Mac OS's reputation for security. VMware tools has been patched for several of these vulnerabilities.
Source: http://www.securityweek.com/vmware-flaws-allow-security-bypass-mac-os-x
Source: http://www.securityweek.com/vmware-flaws-allow-security-bypass-mac-os-x
Wednesday, October 19, 2016
Researchers Build Configuration Extractor for Locky Ransomware
There is a new open source utility called LockyDump. This utility was created by researchers working on the problem of the ransom ware Locky. The utility allows users to extract the config and various information. Ransom ware researchers can then track information used in developing trends shown by criminals and the ransom ware.
Source: http://www.securityweek.com/researchers-build-configuration-extractor-locky-ransomware
Source: http://www.securityweek.com/researchers-build-configuration-extractor-locky-ransomware
Wednesday, October 12, 2016
Newsweek Joins Growing Club of Possible Russian Cyberattack Targets
After some comments made by a Newsweek article their site was under DDoS attack. It is suspected that the attack was politically motivated. Most of the IP addresses were originating from Russia. This would not be the first DDoS attack that has been politically motivated.
Source: http://www.technewsworld.com/story/83968.html
Source: http://www.technewsworld.com/story/83968.html
Monday, October 3, 2016
Hacking Elections Is Easy, Study Finds
This article discusses hacking in relation to the U.S. democratic process. I found it rather interesting that educated security personnel had a few comments on the subject. "It might be possible to change some votes, but to change the outcome of an election and do so in a way that could not be detected is not practical at this point." Apparently the current system(s) used by each state makes it rather difficult to influence the elections in any major or undetectable manner. The question is raised if suggested systems by the media recently are actually safer and what would be realistically required for a standardized IT solution to voting.
Source: http://www.technewsworld.com/story/83947.html
Source: http://www.technewsworld.com/story/83947.html
Wednesday, September 28, 2016
What's Needed: More HHS Guidance, or New HIPAA Security Rule?
A recent Watchdog report calls for expanded security guidance, but some experts want new rules under HIPAA Security Rules. The article states: "The HIPAA Security Rule should be replaced or rewritten to reflect the NIST Cybersecurity Framework as the standard to apply when developing a security program and selecting controls to protect protected health information." Many health organizations and security experts are watching this issue closely due to increasing cyber attack concerns according to this report.
Source: http://www.databreachtoday.com/whats-needed-more-hhs-guidance-or-new-hipaa-security-rule-a-9426
Source: http://www.databreachtoday.com/whats-needed-more-hhs-guidance-or-new-hipaa-security-rule-a-9426
Wednesday, September 21, 2016
How Malware is Downloaded Every 81 Seconds
This article highlights research done on enterprise organization's security. Specifically the claim is that new malware is downloaded every 81 seconds within an enterprise organization. It is suggested that mobile devices are the cause for every one in five people in an organization through malware or malicious wifi connections causing security breaches.
Source: http://www.securitymagazine.com/articles/87446-how-malware-is-downloaded-every-81-seconds
Source: http://www.securitymagazine.com/articles/87446-how-malware-is-downloaded-every-81-seconds
Wednesday, September 14, 2016
Apple Mac virus can take screenshots and see everything you type
A malware called Mokes. A can take screenshots from a computer every
30 seconds. It also can access photos, videos and documents on the computer. The article suggests that malware for Mac computers is becoming slightly more prominent, especially after the release of ransom ware earlier this year on Mac computers.
Source: http://www.telegraph.co.uk/technology/2016/09/09/apple-mac-virus-can-take-screenshots-and-see-everything-you-type/
Source: http://www.telegraph.co.uk/technology/2016/09/09/apple-mac-virus-can-take-screenshots-and-see-everything-you-type/
Wednesday, September 7, 2016
Cry Ransomware Uses UDP, Imgur, Google Maps
Ransomware has been infecting computers by using UDP, Imgur and Google Maps. Approximately 8,000 have been hit in the last few weeks with this malware. Imgur and Google Maps are being used by this malware to send notifications to over 4,000 IP addresses (to confuse authorities of it's destination) to report new machines being infected along with their locations. A ransom of approximately one bitcoin or $625 is demanded for unlocking infected content.
Source: https://threatpost.com/cry-ransomware-uses-udp-imgur-google-maps/120383/
Source: https://threatpost.com/cry-ransomware-uses-udp-imgur-google-maps/120383/
Wednesday, August 31, 2016
Ransomware Poses as critical Windows Enterprise Update
Businesses are being targeted by hackers using a malware disguised as a critical Windows update. This Ransomware has been named 'Fantom'. After posing as a legitimate update to Windows Enterprise the screen would lock, not allowing any other applications to be used as Windows is supposedly updating. In reality what it is doing is encrypting various files and blocking access after which the user is presented with a file consisting of a unique key identifier and a notification that they must pay to get their access back.
Source: http://www.darkreading.com/attacks-breaches/new-fantom-ransomware-poses-as-windows-update/d/d-id/1326774?
Source: http://www.darkreading.com/attacks-breaches/new-fantom-ransomware-poses-as-windows-update/d/d-id/1326774?
Subscribe to:
Posts (Atom)