Read the original article: DForce hacker returns $25m in ‘stolen’ crypto-currencies A mystery hacker allegedly stole $25m (£20m) in crypto-currencies – and then returned the funds two days later. Records show that funds in a variety of crypto-currencies were withdrawn…
Category: Cyber Security Review
Prague Airport says thwarted several cyber attacks; hospitals also targeted
Read the original article: Prague Airport says thwarted several cyber attacks; hospitals also targeted Prague Airport and a regional Czech hospital said on Saturday they had thwarted cyber attacks on their IT networks, reinforcing warnings by the national cyber security…
Cognizant hit by ‘Maze’ ransomware attack
Read the original article: Cognizant hit by ‘Maze’ ransomware attack Cognizant Technology Solutions Corp on Saturday said it was hit by a “Maze” ransomware cyber attack, resulting in service disruptions for some of its clients. The information technology services provider…
Many problems with cyber security of Schipihol’s border control: Court of Audit
Read the original article: Many problems with cyber security of Schipihol’s border control: Court of Audit Schiphol is very vulnerable to cyber attacks, the Court of Audit concluded after investigating the cyber security of the border control systems the Koninklijke…
Threat Spotlight: Gootkit Banking Trojan
Read the original article: Threat Spotlight: Gootkit Banking Trojan Gootkit is a sophisticated banking Trojan which can perform various malicious activities such as: web injection, taking screenshots, video recording, email parsing, and so on. Gootkit emerged during the summer of…
Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns
Read the original article: Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns Despite prior reporting by various sources indicating that some cyber threat attacker activity may subside in some respects during the COVID-19 pandemic, Unit 42…
RagnarLocker ransomware hits EDP energy giant, asks for €10M
Read the original article: RagnarLocker ransomware hits EDP energy giant, asks for €10M Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC…
Analysis: Suspicious “Very Hidden” Formula on Excel 4.0 Macro Sheet
A malicious Microsoft Excel 4.0 Macro sheet with a suspicious formula that is set as “Very Hidden” was submitted by a customer and further analyzed by Trend Micro researchers. The sheet is not readily accessible via the Microsoft Excel User…
Zoom concedes custom encryption is substandard as Citizen Lab pokes holes in it
Citizen Lab, a research group within the University of Toronto, has been able to drive a proverbial truck through the encryption used by video conferencing app Zoom. In a report where the group said the video platform was not suitable for sharing…
Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill — Intelligence for Vulnerability Management, Part One
FireEye Mandiant Threat Intelligence documented more zero-days exploited in 2019 than any of the previous three years. While not every instance of zero-day exploitation can be attributed to a tracked group, we noted that a wider range of tracked actors…
DarkHotel hackers use VPN zero-day to breach Chinese government agencies
Foreign state-sponsored hackers have launched a massive hacking operation aimed at Chinese government agencies and their employees. Attacks began last month, in March, and are believed to be related to the current coronavirus (COVID-19) outbreak. Chinese security-firm Qihoo 360, which…
Analysis: Suspicious “Very Hidden” Formula on Excel 4.0 Macro Sheet
A malicious Microsoft Excel 4.0 Macro sheet with a suspicious formula that is set as “Very Hidden” was submitted by a customer and further analyzed by Trend Micro researchers. The sheet is not readily accessible via the Microsoft Excel User…
Holy water: ongoing targeted water-holing attack in Asia
On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign has been active since at least May 2019, and targets an Asian religious…
Russian Investigators Bust Credit Card Fraud Ring
Russian federal investigators have arrested at least 25 people accused of operating a credit card fraud ring, according to a statement released by the Russian Federal Security Service (FSB), as reported by Brian Krebs of Krebs on Security. Those charged allegedly included a card…
Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats
There has only been a small number of broadly documented cyber attacks targeting operational technologies (OT) / industrial control systems (ICS) over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size…
Nefilim Ransomware Threatens to Expose Stolen Data
A new ransomware named Nefilim has been discovered, threatening to release its victims’ data to the public if they fail to pay the ransom. It is most likely distributed through exposed Remote Desktop Protocol (RDP), as shared by SentinelLabs’ Vitali Krimez and ID…
Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats
There has only been a small number of broadly documented cyber attacks targeting operational technologies (OT) / industrial control systems (ICS) over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size…
Nefilim Ransomware Threatens to Expose Stolen Data
A new ransomware named Nefilim has been discovered, threatening to release its victims’ data to the public if they fail to pay the ransom. It is most likely distributed through exposed Remote Desktop Protocol (RDP), as shared by SentinelLabs’ Vitali Krimez and ID…
UK Department for Business, Energy and Industrial Strategy is looking for organisations who can support in the supply of ventilators and ventilator components
The Department for Business, Energy and Industrial Strategy (BEIS) is looking for organisations who can support in the supply of ventilators and ventilator components across the United Kingdom as part of the Government’s response to COVID-19. These questions aim to…
Oxford University infectious disease experts provide evidence for a coronavirus mobile app for instant contact tracing
For Immediate Release Oxford University – 17 March 2020: A team of medical research and bioethics experts at Oxford University are supporting several European governments to explore the feasibility of a coronavirus mobile app for instant contact tracing. If rapidly and…
APT36 Taps Coronavirus as ‘Golden Opportunity’ to Spread Crimson RAT
A Pakistani-linked threat actor, APT36, has been using a decoy health advisory that taps into global panic around the coronavirus pandemic to spread the Crimson RAT. The functionalities of the Crimson RAT include stealing credentials from victims’ browsers, capturing screenshots,…
Hackers attacked a US health agency’s computer system in an attempt to slow down its COVID-19 response
As the US ramps up its response to the spread of COVID-19, the Health and Human Services Department was hit with a cyberattack, according to a new report from Bloomberg. Citing three unnamed sources familiar with the matter, Bloomberg reported…
Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks
According to new research published today, modern RAM cards are still vulnerable to Rowhammer attacks despite extensive mitigations that have been deployed by manufacturers over the past six years. These mitigations, collectively referred to as Target Row Refresh (TRR), are…
Virgin Media admits breach exposed 900,000 customers’ personal information after database was left unsecured for ten months
The personal information of 900,000 Virgin Media customers was left exposed online for 10 months enabling a third-party to access the data, it has emerged. The company said the breach did not happen due to a hack but occurred because…
irgin Media admits breach exposed 900,000 customers’ personal information after database was left unsecured for ten months
The personal information of 900,000 Virgin Media customers was left exposed online for 10 months enabling a third-party to access the data, it has emerged. The company said the breach did not happen due to a hack but occurred because…
What to know about cyberattacks targeting energy pipelines
The Department of Homeland Security (DHS) this past month disclosed a disruptive cyberattack on a U.S. energy facility, raising new concerns about protections for energy providers. The Cybersecurity and Infrastructure Security Agency (CISA), a division of DHS, said a ransomware attack hit…
Data Breach Occurs at Agency in Charge of Secure White House Communications
Hackers have compromised the Department of Defense (DoD) agency in charge of securing and managing communications for the White House, leaking personally identifiable information (PII) of employees and leading to concerns over the safety of the communications of top-level U.S.…
Israeli soldiers tricked into installing malware by Hamas agents posing as women
Members of the Hamas Palestinian militant group have posed as young teenage girls to lure Israeli soldiers into installing malware-infected apps on their phones, a spokesperson for the Israeli Defence Force (IDF) said today. Some soldiers fell for the scam,…
Update your security strategy at IFSEC International
19–21 May 2020, ExCeL London IFSEC International 2020 is Europe’s largest and most comprehensive event for the global integrated security industry. It connects over 34,000 visitors from 113 countries with 450+ exhibitors showcasing some of the most innovative products and solutions on the…
Update your security strategy at IFSEC International
Read more… Source: Advertise on IT Security News. Read the complete article: Update your security strategy at IFSEC International
Facebook’s Instagram and Twitter accounts hijacked
Facebook has had several of its Instagram and Twitter accounts hijacked by a group who previously took credit for hacking the social media profiles of more than a dozen NFL teams. OurMine published the same message via @Facebook and @Messenger…
Bouygues Construction falls victim to ransomware
Bouygues Construction has confirmed falling victim to ransomware that it detected across its network on January 30. “As a precautionary measure, information systems have been shut down to prevent any propagation,” the company said in a brief statement. “Our teams are…
SORA and UNSTABLE: 2 Mirai Variants Target Video Surveillance Storage Systems
Trend Micro researchers encountered two variants of the notorious internet of things (IoT) malware, Mirai, employing a new propagation method. The two variants, namely SORA (detected as IoT.Linux.MIRAI.DLEU) and UNSTABLE (detected as IoT.Linux.MIRAI.DLEV), gain entry through Rasilient PixelStor5000 video surveillance storage systems by exploiting CVE-2020-6756.…
UK’s HMRC tax authority seeks tools to track down cryptocurrency criminals
The UK’s Her Majesty’s Revenue and Customs (HMRC) tax collection agency is asking for a blockchain analytics tool useful in the hunt for cybercriminals — and perhaps asset tax avoiders. In a project request posted last week, HMRC asked bidders to…
Jeff Bezos hack: Amazon boss’s phone ‘hacked by Saudi crown prince’
The Amazon billionaire Jeff Bezos had his mobile phone “hacked” in 2018 after receiving a WhatsApp message that had apparently been sent from the personal account of the crown prince of Saudi Arabia, sources have told the Guardian. The encrypted message…
Jeff Bezos hack: Amazon boss’s phone ‘hacked by Saudi crown prince’
The Amazon billionaire Jeff Bezos had his mobile phone “hacked” in 2018 after receiving a WhatsApp message that had apparently been sent from the personal account of the crown prince of Saudi Arabia, sources have told the Guardian. The encrypted message…
MP Says Austria Unprepared After Cyberattack on Foreign Ministry
The Austrian State Department’s IT systems were under a ‘serious attack’ suspected to be carried out by a state-backed threat group according to a joint statement from the Foreign Ministry (BMEIA) and the Ministry of the Interior (BMI). “A coordination committee…
MP Says Austria Unprepared After Cyberattack on Foreign Ministry
The Austrian State Department’s IT systems were under a ‘serious attack’ suspected to be carried out by a state-backed threat group according to a joint statement from the Foreign Ministry (BMEIA) and the Ministry of the Interior (BMI). “A coordination committee…