The cyber security market is overwhelmed by buzzwords. Artificial intelligence, machine learning, blockchain – all this attacks CISOs from every possible angle, from webinars and conferences to the media. Most vendors fall into the trends, forgetting about customer needs for the sake of a technology race. Unfortunately, the main problems for CISOs still lie within the borders of security basics.
It appears that Olympic Destroyer, an advanced threat actor that was trying to sabotage the 2018 Winter Olympic Games, in South Korea, has returned. Our experts recently found traces of activity similar to Olympic Destroyer, but this time they are targeting financial organizations in Russia, and biological and chemical threat prevention laboratories in the Netherlands, Germany, France, Switzerland, and Ukraine.
Wednesday, June 20, 2018
Wall Street Journal: Cryptocurrency Exchange Bithumb Loses More Than $30 Million in Hack by Eun-Young Jeong
The South Korean cryptocurrency exchange said it had temporarily halted withdrawal and deposit services after the cyber attack. Bitcoin fell about 2% immediately after the disclosure. Read more at Wall Street Journal »
Just weeks after Korean crypto exchange Coinrail lost $40 million through an alleged hack, another in the crypto-mad country — Bithumb — has claimed hackers made off with over $30 million in cryptocurrency.
A Chinese-linked hacking group began targeting at least two different U.S.-based satellite companies, a Defense Department contractor and another private firm that sells geospatial imaging technology in late 2017, according to new research by Symantec.
Uptycs, a Waltham, Mass. cybersecurity startup that leverages open source tools, announced on Tuesday that it raised $10 million in Series A funding led by ForgePoint Capital and Comcast Ventures.
Popular malware aggregation repository VirusTotal has launched its Monitor tool, intended to mitigate the process by which legitimate files as labeled as malicious.
In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinfector of Magento websites in one of our recent Labs Notes.
In this post, we describe one of the methods hackers use to ensure that their malicious code is added back to a website after it has been removed.
Here’s a code we found on /includes/config.php.
This code is a prime candidate for infections once it is included right on the main index.php, loading at every page.
A default config.php file should not be changed by the site owner directly. All the code is added by Magento itself. That is why seeing this code on the file already triggers a warning.
On the first block, we have a function called “patch” that writes content into a file (patching it). This function is then called to write externally obtained content into specific files related to the payment process or user control:
/app/code/core/Mage/Payment/Model/Method/Cc.php /app/code/core/Mage/Payment/Model/Method/Abstract.php /app/code/core/Mage/Customer/controllers/AccountController.php /app/code/core/Mage/Customer/controllers/AddressController.php /app/code/core/Mage/Admin/Model/Session.php /app/code/core/Mage/Admin/Model/Config.php /app/code/core/Mage/Checkout/Model/Type/Onepage.php /app/code/core/Mage/Checkout/Model/Type/Abstract.php
By The Recorded Future Team on June 19, 2018
- Threat intelligence is often perceived as “out of reach,” but in reality has practical applications for organizations of all sizes.
- Operational security teams can save time and improve effectiveness using real-time insights from threat intelligence.
- Making risk-based decisions without external context is functionally impossible. Threat intelligence puts internal data into the context of the wider threat landscape.
- Waiting until “you’re ready” will only make your current problems worse. Threat intelligence informs better decision making at every stage of the security lifecycle.
Threat intelligence is often perceived as being “out of reach” for the typical organization.
Security researchers have been warning about a simple technique that cyber criminals and email scammers are using in the wild to bypass most AI-powered phishing detection mechanisms implemented by widely used email services and web security scanners.
From the earliest moments of boot camp, budding soldiers learn about entrepreneurship. They learn how to operate in unknown terrain, how to listen to signals and, perhaps most importantly, how to make things happen with extremely limited time and resources.
Prosecutors have formally accused Joshua Schulte, a former employee of the US National Security and Central Intelligence Agency, of leaking classified information to WikiLeaks on June 18. Schulte is allegedly behind the Vault 7 releases, the largest leak of classified information from inside the CIA.
Despite advances in cybersecurity technology, the number of days to detect a breach has increased from an average of 201 days in 2016 to an average of 206 days just a year later, according to the 2017 Ponemon Cost of Data Breach Study. While organizations are getting increasingly better at discovering data breaches on their own, 53 percent of breaches were discovered by an external source in 2017, meaning organizations had no idea their data had been compromised. Part of the problem is that there is no easy way for many organizations to automatically correlate and analyze all of the data being collected by the various security solutions that have been deployed across the network. That problem is compounded by the fact that many of these tools operate in isolation. The result is that IT teams have to hand correlate data collected from different sources looking for a needle in the haystack. The opportunity for human error is high and log files simply scroll by too quickly for anyone to be able to gather actionable information from them.
Cyber-criminals are currently using a trick that allows them to bypass Microsoft’s security filters and deliver spam and phishing emails to Office 365 email accounts.
Called ZeroFont, the technique is not new, being known for decades, and relies on interposing zero-width font characters inside normal text.
While a human reader will not see the zero-width characters, the entire text, including the hidden characters, will be visible to email security software.
The goal is to trick the email security system into thinking this is a giant block of rambling text, but show human recipients the “lure” of the phishing emails.
< span style="FONT-SIZE: 0px" >This is how you hide text with the ZeroFont technique < /span >
We finally have a decent number of polls testing support for the Trump administration’s policy of separating parents from their children at the border. As of early Tuesday, four pollsters — CBS News, CNN, Quinnipiac and IPSOS — had released surveys; they found that about two-thirds of the American public oppose the policy, on average.
The cybersecurity landscape is changing, and now one of the most effective ways to counter hacking threats is to employ another hacker against them. Commonly referred to as ethical hackers, these professionals use a cybercriminal’s tools against them, checking networks for vulnerabilities and patching them up before they can be exploited. The Certified Ethical Hacker Bootcamp Bundle can help you join their ranks and make a living by neutralizing hacking threats for $39.
When breaking the law isn’t a barrier, there’s always a way to make a quick buck. We see it every day, and this time from an Indonesian cybercrime campaign infecting vulnerable websites by luring their visitors to a network of scam websites using blockbuster movies.
A wave of sophisticated spear phishing emails captured by Moscow-based Kaspersky Lab suggests that the same Russian-linked hacking group responsible for a historic cyberattack on the 2018 Winter Olympics is now targeting biochemical research and domestic financial organizations.
The motion sickness wearable Reliefband changed my life back in 2016, making me able to comfortably ride in cars, planes, and boats without sleep-inducing motion sickness drugs. There’s no arguing that the wearable works amazingly well for me, someone who is severely susceptible to motion sickness,.