The surprising threat lurking even in your ‘secure’ work environment

source: fastcompany.com  |  image: pexels.com

 

When Netflix released The Most Hated Man on the Internet, we got an up-close glimpse of the harm that nefarious people can do by exposing the personal information of others online. The series illustrated how Hunter Moore used stolen or hacked images to populate a pornographic website, targeting women who did not consent for their images to be used—and introducing many people to the concept of “doxing.” 

Derived from 1990s hacker culture, doxing is a play on the word document or dossier, referring to compiling data on a person or company. It gained greater visibility in 2014 when a group released the private information of women who they perceived as receiving favoritism in the gaming journalism industry. The incident, titled GamerGate, exposed the dangers of being targeted by bad actors and the potential for negative psychological outcomes. Continue reading “The surprising threat lurking even in your ‘secure’ work environment”

This Cryptomining Tool Is Stealing Secrets

 

source: wired.com  |  image: pexels.com

 

As the Israel-Hamas war raged on this week and Israel expanded its ground invasion of the Gaza Strip, the territory’s compromised internet infrastructure and access to connectivity went fully dark on Friday, leaving Palestinians without access to ground or mobile data connections. Meanwhile, researchers are bracing for the fallout if Hamas makes good on its threats to distribute hostage execution videos online. And TikTokkers are using a niche livestreaming feature and exploiting the Israeli-Hamas conflict to collect virtual gifts from viewers, a portion of which goes to the social media company as a fee.

As the worst mass shooting in Maine’s history unfolded this week and the gunman remained at large, disinformation about the situation and the suspect flooded social media, adding to the already chaotic and horrific situation. Elon Musk, the owner of X (formerly Twitter) posted remarks earlier this month mocking Ukrainian president Vlodymr Zelensky that were met with a flood of support and enthusiasm from Russian trolls and accounts distributing pro-Russia propaganda.

Continue reading “This Cryptomining Tool Is Stealing Secrets”

Casino Breaches Expose Why Identity Management Is at a Crossroads

 

source: technewsworld.com  |  image: pexels.com

 

As cyberthreats become more prevalent, the tangible losses from identity access management-related breaches underline the critical need to reform this cornerstone of digital security.

By now, many have heard about the massive cyberattacks that affected casino giants MGM Resorts and Caesars, leaving everything from room keys to slot machines on the fritz. Like many recent breaches, it’s a warning to improve security around digital identities — because that’s where it all started.

The origin story of this breach is similar to many we have seen lately: social engineering and impersonation attacks.

Hackers called MGM’s IT department and tricked the help desk into resetting legitimate logins, which they then used to launch a ransomware attack. The same group allegedly staged a rash of similar attacks across various other sectors, including a breach at casino rival Caesars Entertainment, which reportedly paid $15 million to get its data back days before the MGM attack.

Continue reading “Casino Breaches Expose Why Identity Management Is at a Crossroads”

Fingerprint Theft Just a Shutter Click Away

source: technewsworld.com  |  image: pixabay.com

 

Ever since smartphone makers started incorporating fingerprint scanners as a means of unlocking mobile phones, the Chaos Computer Club has attacked the technology with vigor. 

Not long after Apple added Touch ID to its iPhones, the German hackers demonstrated how to lift prints from a surface and create a flexible pad containing the print that could be used to break into a phone.

Now the CCC hacker known as “Starbug” has used digital photography to perform the same trick without lifting any prints at all. At a recent cybersecurity conference, Starbug demonstrated how he created the thumb print of German Minister of Defense Ursula von der Leyen from several news photos.

“After this talk, politicians will presumably wear gloves when talking in public,” Starbug said.

Continue reading “Fingerprint Theft Just a Shutter Click Away”

Data of 2.6 Million Duolingo Users Leaked on Hacking Forum

 

source: infosecurity-magazine.com  |  image: pixabay.com

 

Data from 2.6 million users of Duolingo, a language learning platform with over 74 million monthly users, has been leaked on a hacking forum.

The compromised data, which includes real names, login names, email addresses and internal service-related details, was initially offered for sale on the now defunct Breached hacking forum in January 2023 for $1500. 

Despite Duolingo’s confirmation to The Record that the data was sourced from publicly available profiles, the leaked email addresses are particularly alarming as they are not public information and can facilitate targeted phishing attempts.

“We’re aware of this report. These records were obtained by data scraping public profile information. We have no indication that our systems were compromised. We take data privacy and security seriously and are continuing to investigate this matter to determine if any further action is needed to protect our learners,” a spokesperson from the company confirmed to Infosecurity in an email. 

Continue reading “Data of 2.6 Million Duolingo Users Leaked on Hacking Forum”

Officials found suspected Chinese malware hidden in various US military systems. Its intended use is disruption rather than surveillance, a ‘disturbing’ change in intent, experts say.

 

source: businessinsider.com  |  image: pexels.com

 

  • Suspected Chinese malware has been identified in several US military systems. 
  • Unlike other surveillance malware from China, this malware seems intended to disrupt operations.
  • The malware could also have the ability to disrupt normal civilian life and businesses.

US officials found suspected Chinese malware across several military systems — and unlike previous attacks, experts say the intent is more likely to disrupt rather than to surveil, The New York Times reports.

The attacks first came into the public eye in May after Microsoft identified malicious code in telecommunications software in Guam, where the US houses the Andersen Air Force Base.

Continue reading “Officials found suspected Chinese malware hidden…”

New report details China’s presence in U.S. systems

 

source: axios.com (contributed by FAN, Bill Amshey)  |  image: pexels.com

 

U.S. officials are reportedly concerned about the possibility that China-backed hackers have snuck malware onto networks underpinning military and critical infrastructure operations.

Driving the news: That’s according to a New York Times report that ran Saturday, which raises the question of whether China is already laying the groundwork for a potential Taiwan invasion.

Why it matters: U.S. officials and cybersecurity experts have long anticipated that cyber warfare would play a major role in a potential Chinese invasion of Taiwan.

  • In that scenario, experts anticipate that China would use a destructive cyberattack to disrupt communications between the U.S. and Asian countries.

The big picture: In recent years, China state-backed hackers have become stealthier and more difficult to detect on networks — targeting internet-facing security tools to evade traditional detection and stealing obscure encryption keys to hack government email accounts.

  • The Times’ report is the latest warning that China-backed hackers are getting savvier.

Details: The new concerns build on a Microsoft report released in May that identified a new piece of China-linked malware on telecommunications systems in Guam and elsewhere in the U.S.

  • Now, the Times reports the malware is more widespread and older than initially suggested. The White House has reportedly kicked off a series of Situation Room meetings and started briefing state officials and utility companies.

Yes, but: It’s unclear what the motive for the campaign might be. Countries spy on each other all the time, but a destructive cyberattack is much rarer and would have larger geopolitical consequences.

What they’re saying: “Without weighing in on the specific details of the NYT story, the topic is significant, but threats of this nature, which seek to compromise our critical infrastructure, are not new,” Marc Raimondi, a former national security official, told Axios.

  • “It’s something to be concerned about for sure, but it’s amongst many things that we should be concerned about regarding the [People’s Republic of China] and our other advanced adversaries in the cyber and critical infrastructure realm,” he added.

Russia-Linked RomCom Hackers Targeting NATO Summit Guests

source: securityweek.com  |  image: pixabay.com

 

A recent RomCom cyber operation has been targeting NATO Summit guests and other entities supporting Ukraine.

As part of a recently identified cyber operation, a Russia-linked threat actor known as RomCom has been targeting entities supporting Ukraine, including guests at the 2023 NATO Summit taking place July 11-12, the cybersecurity unit at BlackBerry reports.

Taking place in Vilnius, Lithuania, the NATO Summit has on the agenda talks focusing on the war in Ukraine, as well as new memberships in the organization, including Sweden and Ukraine itself.

Taking advantage of the event, RomCom has created malicious documents likely to be distributed to supporters of Ukraine, and appears to have dry-tested its delivery on June 22 and a few days before the command-and-control (C&C) domain used in the campaign went live,BlackBerry explains.

Continue reading “Russia-Linked RomCom Hackers Targeting NATO Summit Guests”

How Your Real Flight Reservation Can Be Used to Scam You

source: wired.com  |  image: pexels.com

 

Scammers use a booking technicality, traveler confusion, and promises of dirt-cheap tickets to offer hot deals that are anything but.

HOW DO YOU tell that your plane ticket is real? If it checks out on the airline’s website, you’re good to go, right? Don’t be sure. Fraudsters are abusing a little-known but decades-old technicality in how airline reservations work to con people out of their cash.

Mevonnie Ferguson, who lives in Kent in the UK, says she was scammed out of £994 ($1,267) by someone claiming to work at a travel agency called Infinity Global Travel. A single working mother of two daughters, Ferguson says she was sold what appeared to be a valid British Airways ticket from London to Kingston, Jamaica. When she looked up the reservation on BA’s website using the confirmation number and her last name, it showed up valid and fine. But about two weeks after purchasing this ticket from Infinity Global Travel, and just days before her scheduled departure date, the reservation disappeared from BA’s website without a trace.

Ferguson, who also relayed her story to the UK’s Channel 5, contacted the airline and explained her situation, but she was told there were no flights booked in her name. BA would not release information to Ferguson, as she was not the party who had directly booked the reservation with the airline, she says. After some persuasion, the BA representative ultimately told Ferguson that while the reservation code she provided was correct, there was no record of an e-ticket number.

Ferguson has since tried to get a refund from the supposed travel agent, who has neither returned her money nor responded to subsequent calls and emails. A BA spokesperson asked WIRED for additional details so they could investigate but did not otherwise respond to a request for comment.

This problem isn’t unique to British Airways or any one airline in particular. In fact, it’s an intentional part of the air travel industry’s reservation process that scammers can abuse. 

Hold Up

Like many travelers, Ferguson did not understand the difference between a “confirmed” and a “ticketed” reservation, travel industry jargon terms that are not synonymous. The system makes it possible to create what appears to be a valid flight reservation, but which is actually a mere temporary reservation “hold.” 

Continue reading “How Your Real Flight Reservation Can Be Used to Scam You”

Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware

 

source: thehackernews.com  | image:  pixabay.com

 

Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware.

“Both AI services are extremely popular but lack first-party standalone apps (i.e., users interface with ChatGPT via their web interface while Midjourney uses Discord),” eSentire said in an analysis.

“This vacuum has been exploited by threat actors looking to drive AI app-seekers to imposter web pages promoting fake apps.”

Continue reading “Searching for AI Tools? Watch Out…”