News

Phishing attacks have seen an impressive 250% increase between January and December 2018, with attackers moving to multiple points of attacks during the same campaign, switching between URLs, domains, and servers when sending e-mails and hosting phishing forms.

Threat actors have also begun to diversify the infrastructure they use to run phishing campaigns, with Microsoft observing as part of its Security Intelligence Report (SIR) Volume 24 that hosted servers and public cloud tools were adopted to make it easier to camouflage as legitimate services or products.

Read more here: bleepingcomputer.com

Quick and easy attack methods like formjacking gained popularity among cybercriminals last year, while more tried and true approaches like ransomware fell to the wayside in 2018, according to a new report.

The reasoning behind this switch, according to Symantec’s just-released Internet Security Threat Report, is quite straight-forward. Formjacking, which entails placing malware on a victim’s system to steal payment card information, is simple to perform and offers an incredibly high yield.

Read more here: scmagazine.com

Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer’s keyboard. 

When plugged into a Linux, Mac, or Windows computer, this cable is detected by the operating system as a HID or human interface device. As HID devices are considered input devices by an operating system, they can be used to input commands as if they are being typed on a keyboard.

Read more here: bleepingcomputer.com

New Offensive USB Cable Allows Remote Attacks over WiFi

Cyber-criminal groups are using Google Translate to hide the real domain of their phishing sites, security researchers have discovered. Phishing emails that use this technique have already been spotted in the wild.

The trick isn’t complex at all. The idea is that phishing groups send their normal phishing emails, but instead of linking directly to their phishing page’s domain, they pass the phishing page URL through Google Translate and use the newly generated Google Translate URL instead.

This Google Translate URL for the phishing page is then used inside the email instead of a direct link to the phishing site.

Read more here: zdnet.com

A new year means a fresh start, but it doesn’t mean that old threats will go away. In fact, in the world of cybersecurity things could get far worse before they get better. Cybercrime continues to increase, as it allows nefarious actors to operate at a safe distance from victims — and more importantly, law enforcement.

Because it rarely is violent in nature, cybercrime often doesn’t get the same response from international law enforcement as other types of crimes. It is far from victimless, however. It is a threat of enormous magnitude, with the potential to affect nearly every company in the world. It even ranks as one of the biggest problems plaguing mankind.

On a global basis, cybercrime will cost US$6 trillion annually by 2021, double the toll of 2015, according to the Official 2019 Annual Cybercrime Report from Cybersecurity Ventures.

Read more here: technewsworld.com

A new study has revealed that 60 percent of respondents reported their organizations have experienced container security incidents in the past year.

The Tripwire study also found that of the 269 respondents who currently have containers in production, 47 percent said they deployed containers known to have vulnerabilities, while 46 percent admitted they deployed containers without knowing whether or not they had vulnerabilities.

“It’s concerning, but not surprising, that nearly half of the respondents said they knowingly deploy vulnerable containers,” said Tim Erlin, vice president of product management and strategy at Tripwire. “With the increased growth and adoption of containers, organizations are feeling the pressure to speed their deployment. To keep up with the demand, teams are accepting risks by not securing containers. Based on what this study found, we can see that the result is a majority of organizations experiencing container security incidents.”

Read more here: securitymagazine.com

There have been several predictions as to where adversary hacking is headed in the foreseeable future. Virtually all credible predictions have one thing in common: emerging attacks will be intelligent. In simple terms that means that these attacks will have the ability to make decisions and, to some extent, control their own actions without the support of a bot herder or other human control entity. Some analysts believe that, because this new generation of malcode operates at machine speed, it will be virtually impossible for humans to react fast enough to have any impact on the attack.

 

Read more here: scmagazine.com

 

 

For the second time in less than three weeks, a hacker has forced thousands of internet-connected printers to spit out messages in support of Swedish video game commentator and YouTube star PewDiePie. The initial attack, which occurred in late November, reportedly caused roughly 50,000 printers to churn out a message urging readers to follow PewDiePie in order to ensure that his channel remains number one in total subscriptions.

The perpetrator, who refers to himself as TheHackerGiraffe, struck again in the last several days, this time possibly doubling the number of affected printers to 100,000 machines.

 

Read more here: scmagazine.com

 

 

Carbon credits are a common mechanism used to help cut carbon dioxide emissions that fuel climate change, and now there’s a blockchain technology project to try to improve the idea. Veridium Labs, with assistance from IBM, has launched a blockchain network designed to track how companies or other entities buy and sell carbon credits. Carbon credit systems cap allowed carbon dioxide releases but let companies that don’t reach the cap sell credits to those who go over. Carbon credit systems also let companies pay others that do things like plant forests to offset their carbon emissions.

 

Read more here: cnet.com

 

 

Blockchain alliance aims to track carbon credits to fight climate change

A critical privilege-escalation vulnerability (CVE-2018-1002105) has been uncovered in the Kubernetes open-source container software, which is a fixture in much of today’s cloud infrastructure. It could allow an attacker unfettered, remote access for stealing data or crashing production applications.

The issue is particularly concerning thanks to the sheer scale of the vulnerable surface. An attacker can gain deep access to cloud infrastructure, to carry out any number of nefarious actions, including data heists, installing malware, espionage and recon, or changing up production workloads for sabotage purposes.

 

Read more here: threatpost.com

 

 

 

 

Ransomware is expected to attack a business every 11 seconds by the end of 2021

Ransomware — a malware that infects computers (and mobile devices) and restricts their access to files, often threatening permanent data destruction unless a ransom is paid — has reached epidemic proportions globally and is the “go-to method of attack” for cybercriminals.

A 2017 report from Cybersecurity Ventures predicted ransomware damages would cost the world $5 billion in 2017, up from $325 million in 2015 — a 15X increase in just two years. The damages for 2018 were predicted to reach $8 billion, and for 2019 the figure is $11.5 billion.

The latest prediction is that global ransomware damage costs will reach $20 billion by 2021 – which is 57X more than it was in 2015. This makes ransomware the fastest growing type of cybercrime.

Read more here: cybersecurityventures.com

 

A small subset of professional criminal actors is responsible for the bulk of cybercrime-related damage, employing tools and techniques as sophisticated, targeted and insidious as most nation-state actors, says the State of Cybercrime Report 2018.

“Cybercrime is a lucrative industry, and it’s not surprising it’s become the arm of powerful, organized groups,” says Don Smith, Senior Director, Cyber Intelligence Cell, Secureworks Counter Threat Unit, sponsor of the report. “To understand the complete picture of the cybercriminal world, we developed insights based on a combination of dark web monitoring and client brand surveillance with automated technical tracking of cybercriminal toolsets.”

 

Read more here: Security Magazine

 

It may not be a nice topic to talk about, but it is essential that the world is aware of the terrifying cyber crime statistics in 2018.

Unfortunately, with technology on the rise, there’s more room for cyber crime in 2018. According to the Cyber Security Breaches Survey 2018, 43% of businesses were a victim of a cyber security breach in the last 12 months. In the U.S., the state of California lost more than $214 million through cyber crime alone.

Read more here: vpngeeks.com

 

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store. Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file deletion vulnerability in the popular WooCommerce plugin that could allow a malicious or compromised privileged user to gain full control over the unpatched websites. WooCommerce is one the most popular eCommerce plugins for WordPress that helps websites to upgrade their standard blog to a powerful online store. WooCommerce powers nearly 35% of e-stores on the internet, with more than 4 million installations. The attack takes advantage of the way WordPress handles user privileges and WooCommerce file deletion vulnerability, allowing an account with “Shop Manager” role to eventually reset administrator accounts’ password and take complete control over the website.

 

In WordPress, an account with “edit_users” capability by default allowed to edit an administrator account and reset its password. But to draw a permission-based line between an administrator and a shop manager account, the WooCommerce plugin adds some extra limitations on the shop managers. However, the researcher discovered that if WordPress admin, for some reason, disables the WooCommerce plugin, its configuration that mandated the limitation goes away, allowing Shop Manager accounts to edit and reset the password for administrator accounts. Now, according to Simon, a malicious Shop Manager can forcefully disable the WooCommerce plugin by exploiting a file deletion vulnerability that resides in the logging feature of WooCommerce.

 

Read more here: thehackersnews.com

 

.

 

Our homes and cities are getting “smarter” – thermostats, video doorbells, sprinkler systems, street lights, traffic cameras, cars. all connected to the internet, collecting and transmitting useful data. And 5G superfast mobile is seen as a catalyst that will light up this massive network.But experts are queuing up to issue stark warnings about security.

“Security around IoT devices hasn’t been very good, so if they’re opened up to better connectivity they’re opened up to more hackers, too,” says Cody Brocious, education lead at security consultancy HackerOne.

The danger is that insecure devices will provide rich pickings for hackers

Read more here: bbc.com

 

 

 

Our homes and cities are getting “smarter” – thermostats, video doorbells, sprinkler systems, street lights, traffic cameras, cars. all connected to the internet, collecting and transmitting useful data. And 5G superfast mobile is seen as a catalyst that will light up this massive network.But experts are queuing up to issue stark warnings about security.

“Security around IoT devices hasn’t been very good, so if they’re opened up to better connectivity they’re opened up to more hackers, too,” says Cody Brocious, education lead at security consultancy HackerOne.

The danger is that insecure devices will provide rich pickings for hackers

Read more here: bbc.com

 

 

Our homes and cities are getting “smarter” – thermostats, video doorbells, sprinkler systems, street lights, traffic cameras, cars. all connected to the internet, collecting and transmitting useful data. And 5G superfast mobile is seen as a catalyst that will light up this massive network.But experts are queuing up to issue stark warnings about security.

“Security around IoT devices hasn’t been very good, so if they’re opened up to better connectivity they’re opened up to more hackers, too,” says Cody Brocious, education lead at security consultancy HackerOne.

The danger is that insecure devices will provide rich pickings for hackers

Read more here: bbc.com

 

 

 

Researchers have spotted the first stage of a new advanced persistent threat (APT) campaign targeting mainly South Korean victims and borrowing code from the notorious Chinese hacking group Comment Crew.

Operation Oceansalt is the first time white hats have seen code associated with the group, also known as APT1, since it was outed in 2013. Crucially, that code was never made public, according to McAfee.

Read more here: infosecurity-magazine.com

Microsoft pulled the Windows 10 October 2018 Update as some users were reporting that they were missing files after the update had finished.

Later in the day, the head of the Windows Insider program, Dona Sarkar,  announced that Microsoft tech support has the tools to recover the missing files. She further suggested that those users who were missing the files call Microsoft support at +1-800-MICROSOFT for assistance.

Read more here: bleepingcomputer.com