Young Adults, Seniors Over 75 Most Susceptible to Cyber Fraud: Report

source: technewsworld.com

The most vulnerable cybercrime victims are young adults and adults over 75, according to the latest research revealed in the LexisNexis Risk Solutions biannual Cybercrime Report.

Released Feb. 23, the report tracks global cybercrime activity from July 2020 through December 2020. The report reveals how unprecedented global change in 2020 created new opportunities for cybercriminals around the world, particularly as they targeted new users of online channels.

LexisNexis’ research found a 29 percent growth in global transaction volume compared to the second half of 2019. This growth came in the financial services (29 percent), e-commerce (38 percent) and media (9 percent) sectors. The number of human-initiated attacks dropped in 2020 by roughly 184 million, while the number of bot attacks grew by 100 million.

Continue reading “Young Adults, Seniors Over 75 Most Susceptible to Cyber Fraud: Report”

source: securityweek.com

Five Months After Takedown Attempt, CISA and FBI Warn of Ongoing TrickBot Attacks

Attacks employing the TrickBot malware continue, leveraging phishing emails as the initial infection vector, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) warn.

In a joint advisory published on Wednesday, the two agencies revealed that a sophisticated group of cybercrime actors is leveraging a traffic infringement phishing scheme to lure victims into downloading the TrickBot malware.

Continue reading “Five Months After Takedown Attempt, CISA and FBI Warn of Ongoing TrickBot Attacks”

Swiss Hacker Indicted After Claiming Credit for Breaching Nissan, Intel

image - hacking

source: reuters.com

A Swiss computer hacker who has claimed credit for helping steal or distribute proprietary data from Nissan Motor Co, Intel Corp and most recently security camera startup Verkada was indicted on Thursday, U.S. prosecutors announced.

Till Kottmann, 21, remains in Lucerne and has been notified about the pending charges, the U.S. attorney’s office in Seattle said in a statement.

Kottmann did not immediately respond to a request for comment following the announcement of the indictment, which came after midnight in Lucerne.

Continue reading “Swiss Hacker Indicted After Claiming Credit for Breaching Nissan, Intel”

 

Why ‘Thinking Small’ Is the Way to Stop Ransomware and Other Cyber Attacks

source: cyberdefensemagazine.com

 

Yuval Baron, CEO at AlgoSec, explains why micro-segmentation is one of the most effective methods to limit the damage of attacks on a network

On August 15, 2020, the cruise line Carnival Corporation fell victim to a cyber-attack that may have resulted in the loss of personal data of millions of passengers and crew members.

Carnival is the world’s largest travel and leisure company with approximately 13 million passengers per year. The company has not revealed how many customers or which of their individual brands were affected but what we do know is that law enforcement agencies were been notified because one of the brands reported a ransomware attack that broke through an encrypted part of their network.

Continue reading “Why ‘Thinking Small’ Is the Way to Stop Ransomware and Other Cyber Attacks”

Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations 

source: thehackernews.com


“In recent campaigns identified in February 2021, browser extension delivery domains have prompted users to ‘Switch to the Firefox Browser’….”

Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems.

“Threat actors aligned with the Chinese Communist Party’s state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users’ Gmail accounts,” Proofpoint said in an analysis.

Continue reading “Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations”

Maza Russian Cybercriminal Forum Suffers Data Breach

source: zdnet.com


The Maza cybercriminal forum has reportedly suffered a data breach leading to the leak of user information. 

On March 3, Flashpoint researchers detected the breach on Maza — once known as Mazafaka — which has been online since at least 2003. 

Maza is a closed and heavily-restricted forum for Russian-speaking threat actors. The community has been connected to carding — the trafficking of stolen financial data and payment card information — and the discussion of topics including malware, exploits, spam, money laundering, and more. 

Once the forum was compromised, the attackers who took the forum over posted a warning message claiming “Your data has been leaked / This forum has been hacked.”

Continue reading “Maza Russian Cybercriminal Forum Suffers Data Breach”

LastPass vs. 1Password: Two top password managers, compared

source: cnet.com


It wasn’t long ago that I raised an editorial toast to the reigning champion of password managers, LastPass, recommending it not only for its broad suite of premium features but — most crucially — for its refusal to let down its veteran fanbase of free users, even as it faced sweeping scrutiny over an ownership change. 

The move tragically undermines a key security principle that’s made LastPass’s free version so effective at core security — its seamless multiplatform integration. Using a password manager to boost security, perhaps more so than many other privacy products, pivots on a fulcrum of maximum user convenience. If not immediately and consistently visible during all browsing, a password manager can quickly be forgotten, and your ever-increasing number of passwords become more readily stored in a browser itself (a much less secure option). 

With more types of internet-connected devices in users’ hands — and with a digital divide contributing to a broader shift toward accessing the internet via phone — internet use is becoming more fluid. So a free password manager that can’t adroitly pivot between a user’s devices just isn’t going to cut it. 

Read the full article here

 

Roughly 200 million people using Microsoft services already have made the jump past passwords

Microsoft Promises to Ease the Pains of Going Passwordless

source: cnet.com

Microsoft is updating its widely used cloud computing technology to make it easier for millions of us to dump our passwords.

The tech giant is making passwordless login a standard feature for Azure Active Directory, a cloud-based service customers can use to handle their employees’ login chores, the company said at its Ignite conference on Tuesday. The three-day conference, held online this year because of the COVID-19 pandemic, is geared for IT and other tech staff who use Microsoft’s products. Continue reading “Microsoft Promises to Ease the Pains of Going Passwordless”

Singapore’s Navy Tests a New Layer of Surveillance: Unmanned Vessels

MELBOURNE, Australia – Singapore is testing unmanned surface vessels with a locally developed, AI-driven navigation algorithm that could be used for maritime security operations in the congested but strategically important waters around the southeast Asian island nation.

Upon completion, the Republic of Singapore Navy is expected to then field four USVs in the role. The country’s defense ministry said this will add another layer of surveillance and operational response for its maritime borders.

 

The ministry added that the vessels will be able to conduct round-the-clock patrols, providing persistence at sea. This means the navy’s larger, manned warships can be freed up and deployed more strategically for other missions. Continue reading “Singapore’s Navy Tests a New Layer of Surveillance: Unmanned Vessels”