Category: Infosec
source: tomshardware.com (contributed by Steve Page) | image: pexels.com
As reported last week, Chinese hackers infiltrated the U.S. Department of Treasury and gained access to several users’ workstations. However, according to Bloomberg, the infiltration was more severe than initially reported, as hackers managed to access systems belonging to Secretary Janet Yellen and other top officials.
source: fastcompany.com | image: pixabay.com
It’s been a couple of years since Apple, Google, and Microsoft started trying to kill the password, and its demise seems more likely than ever.
In 2022, all three companies embraced an alternative called passkeys, which sync securely between your devices and are protected by face recognition, a fingerprint, or a PIN. The thinking goes that if you don’t have to remember a password—or even create one in a password manager—you’re less likely to fall prey to phishing scams. And if websites don’t have to store their customers’ passwords anymore, security breaches won’t be as disastrous. Continue reading “Say Goodbye to Passwords”
source: technewsworld.com | image: pexels.com
Ransomware attacks have shown signs of decreasing in recent months. Yet they still pose enough threat for organizations to rethink whether a successful breach of their computers justifies paying a ransom demand in hopes attackers will not divulge their stolen content.
According to the NCC Group Threat Pulse Report released in May, the ransomware landscape remains turbulent despite fewer reported incidents since April. Industrials (34%) and Consumer Cyclicals (18%) remained the first and second-most targeted sectors.
There has been a significant shake-up among the top 10 ransomware actors since April. Hunters, one of the leading bad actors, moved from eighth to the second most active threat actor. It launched 61% more ransomware attacks in April than in March. RansomHub replaced RA Group in third place and saw a 42% increase in attacks over March.
The policy of not paying ransom, often called a “no concessions” policy, is a widely debated strategy in counterterrorism and hostage situations. Its effectiveness continues to be argued from multiple perspectives. Cybersecurity experts apply the same reasoning when deciding whether to make or not make ransomware payments. Continue reading “Experts Weigh In on Refusing or Paying After a Ransomware Attack”
source: darkreading.com | image: pexels.com
Cyber-threat actors have ramped up their targeting of the 2024 US electionswith a flood of malicious activity expected to peak over the next month, aimed at causing disruption to voters and the election process and requiring increased vigilance on the part of stakeholders.
Specifically, attackers have bolstered election-related threat activity since the beginning of the year with an increase in the sale of phishing kits targeting US voters and campaign donors; the registration of more than 1,000 domains aimed at exploiting election-related content for malicious purposes; and increased ransomware activity targeting government entities, according to research from FortiGuard Labs Threat Research released today.
Since the inception of Internet-related threats, cyber-threat actors have typically increased malicious activity ahead of elections, notes Derek Manky, chief security strategist and vice president of global threat intelligence at Fortinet. However, they aim to be especially disruptive during the current election cycle, requiring that all stakeholders be prepared to fend off malicious actors in the upcoming weeks to protect election outcomes. Continue reading “Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity”
source: thecyberwire.com | image: pixabay.com
This week we are joined by Chester Wisniewski, Global Field CTO from SophosX-Ops team, to discuss their work on “Crimson Palace returns: New Tools, Tactics, and Targets.” Sophos X-Ops has observed a resurgence in cyberespionage activity, tracked as Operation Crimson Palace, targeting Southeast Asian government organizations.
After a brief lull, Cluster Charlie resumed operations in September 2023, using new tactics such as web shells and open-source tools to bypass detection, re-establish access, and map target network infrastructure, demonstrating ongoing efforts to exfiltrate data and expand their foothold.
The research can be found here:
source: cnet.com (contributed by FAN, Steve Page) | image: pexels.com
If your Social Security number or other personal information was stolen in the December 2023 National Public Data breach, you can take steps to protect yourself. Here’s how. A reported 2.7 millionto 2.9 billion records from 170 million people were stolen, including full names and phone numbers along with Social Security numbers.
According to an August statement from National Public Data — a data broker that sells personal information to private investigators, consumer public record sites, human resources and staffing agencies — “a third-party bad actor” hacked into the data and leaked the stolen information on the dark web. National Public Data obtained the information by scraping nonpublic sources without consent, according to a proposed class action lawsuit. A House of Representatives committee has opened an investigation in response.
Here are steps you can take to see if your information was stolen and then what to do if your Social Security number and other personal data were leaked in the massive data hack. For more information, here are the best identity theft protection services and how to freeze your credit. For more on Social Security, here’s when to expect your Social Security check to arrive this month and four ways you can lose your Social Security benefits.
National Public Data said it obtains personal information from public record databases, court records, state and national databases and other repositories nationwide.
According to a National Public Data statement in August, “The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024.” Continue reading “Was YOUR SSN Included In This Hack?”
source: axios.com (contributed by FAN, Bill Amshey) | image: pexels.com
The National Institute of Standards and Technology has released its highly anticipated standards for protecting encrypted data from future quantum technologies.
Why it matters: China and other foreign foes are likely already collecting encrypted U.S. secrets with the hopes of breaking into them once quantum computing technology catches up.
What’s happening: NIST this week formally approved three post-quantum cryptography standards, marking an important first step in protecting government and critical services from encryption-breaking quantum.
What’s next: These standards will serve as a blueprint for governments and private-sector organizations around the world.
source: axios.com (contributed by FAN, Bill Amshey) | image: pexels.com
Telegram has long been a hotbed for cybercriminal gangs boasting about their attacks and looking to recruit new members.
Why it matters: Billionaire Telegram CEO Pavel Durov’s arrest over the weekend has put a spotlight on what policies Telegram does — and doesn’t — have to deter cybercriminals and extremist groups who use its platform.
The big picture: Telegram’s relaxed content moderation policies and encrypted service offerings have made it an attractive destination for cybercriminals, terrorism organizations and drug dealers.
Experts say Telegram has unique features that — taken in combination — hackers have been able to abuse in an effort to hide their activities.
Continue reading “How Telegram Became a Destination for Criminals”
source: wired.com | image: pixabay.com
If you have a crypto wallet containing a fortune but forgot the password, all may not be lost. This week, a pair of researchers revealed how they cracked an 11-year-old password to a crypto wallet containing roughly $3 million in bitcoins. With a lot of skill and a bit of luck, the researchers uncovered a flaw in how a previous version of the RoboForm password manager generates passwords that allowed them to accurately figure out the missing login and access the buried treasure.
Police in Western countries are using a new tactic to go after cybercriminals who remain physically out of reach of US law enforcement: trolling. The recent takedowns of ransomware groups like LockBit go beyond the traditional disruption of online infrastructure to include messages on seized websites meant to mess with the minds of criminal hackers. Experts say these trollish tactics help sow distrust between cybercriminals—who already have ample reason to distrust one another.
Continue reading “Mysterious Hack Destroyed 600,000 Internet Routers”
source: Forbes.com (contributed by FAN, Steve Page) | image: pixabay.com
Updated Saturday, June 1: This article has been updated to include clarifcation around the safety of using public Wi-Fi networks and additional advice from the NCSC and FCC.
Although some people might worry about the National Security Agency itself spying on their phones, the NSA has some sage advice for iPhone and android users concerned about zero-click exploits and the like: turn it off and on again once per week.
How often do you turn off your iPhone or android device? Completely turn it off and then reboot it, rather than just going into standby mode, that is. I suspect that the answer for many people is only when a security or operating system update requires it. That, according to the NSA, could be a big mistake.
Users can mitigate the threat of spear-phishing, which can lead to the installation of yet more malware and spyware, by the same simple action. However, the NSA document does warn that the turn it off and on again advice will only sometimes prevent these attacks from being successful. Continue reading “NSA Warns iPhone And Android Users To Turn It Off And On Again”