Tag Archives: Black Hat

10Fold Security Never Sleeps- Fancy Bear, IoT Security

RUSSIA’S ‘FANCY BEAR’ HACKERS USED LEAKED NSA TOOL TO TARGET HOTEL GUESTS

“Russian espionage campaign used WiFi networks to spy on guests”

High profile customers have been targeted by Russia’s ‘Fancy Bear’malware, now with upgraded NSA hacking tool EternalBlue leaked out to the public on the internet. According to FireEye, the attacks are are hitting victims through minimal security hotel WiFi routers. The security firm has also stated that they suspect the group is working with Russian Intelligence agency GRU.

8 Critical IoT Security Technologies

“Necessary as prevalence grows”

Gartner has recently reported a prediction of nearly 20.4 billion connected IoT devices in just the next three years. That’s a rate of about 5.5 million new ‘Things’ per day! These metrics suggest that standard security practices will be insufficient in the very near future to counter the cyber threats that face IoT devices.

Report: SMBs Better Prepared For IoT Security Threats Than Large Enterprises

“SMB prioritize cyber threats more effectively”

IoT security firm Pwine Express has found that SMB’s are far more equipped to handle and identify threats to their workplace networks than larger competitive businesses. About 41% of IT security pro’s at large firms did not know what types of attacks had actually occurred on their devices last year, compared to 25% at SMB-based companies.

Hackers Say Humans Most Responsible for Security Breaches

“Hackers asked about methods and practices”

About 250 hackers at Black Hat 2017 were polled on the processes they use in hacking systems. Thycotic surveyed many of these individuals, finding that 51% identify as ‘white hats,’ 34% as ‘grey hats,’ and 15% as ‘black hats.’ Defenders can use this data to understand better how to safeguard their own systems.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 181

IoT Devices Plagued by Lesser-Known Security Hole

“Massive exposure for IoT devices”

IoT device security is often challenged on the public internet. Most recently, MQTT communications have been found by researchers at Black Hat that the 90’s era protocol can be easily manipulated to access many sensitive machines. In the past, these processes have been used to sabotage or snoop on power plants, ATM’s, and other devices.

Cyber security training must reflect real risks, warns the IISP

“False sense of security likely”

The IISP is warning businesses that in the rush to ‘skill-up’ on cyber security processes could lead to firms resting at ease under false pretenses. The Institute of Information Security Professionals advises firms to invest wisely in training and consider the quality and applicable benefits.

Malware scam zeroes in on ANZ customers

“Fake email plaguing ANZ customers”

Clients of the ANZ bank are receiving fake emails loaded with malware intending to steal their sensitive data. Email filtering company MailGuard has stated that a type of ‘highly convincing’ fraudulent ANZ bank invoices have begun to circulate in the morning of July 11th.

How a data breach can negatively impact your company’s stock price

“Lasting effects not typically discussed”

We all know that company data breaches can lead to lost records, IP theft, and much more. However what is not discussed as often is the focus of the Comparitech report released Tuesday. The report detailed the lasting impact of a data breach, including effects on stock price, that can last for years after the fact.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 177

More than half of major malware attack’s victims are industrial targets

“Petya intended effects examined”

Kaspersky Labs has released a new report with some grand insights in the Petya malware attack. First appearing as a widespread ransomware attack, it became clear later into the ordeal that the spread was more intended for destruction rather than financial gain. Kaspersky reported specifically that financial sectors were the most affected, as well as manufacturing or oil mechanisms.

Hacking Factory Robot Arms for Sabotage, Fun & Profit

“Could open a new world of ‘Subtle Blackmail'”

Black Hat talk will discuss how cybercriminals could manipulate robotic arms and create defects in vital products. Security researchers have been accumulating cache’s of big discoveries about IIoT vulnerabilities, and Black Hat is planning on continuing their release to raise awareness of critical flaws in infrastructure, power grids, and gas pipeline controls.

General Data Protection Regulation (GDPR) requirements, deadlines and facts

“EU legislation lowdown” 

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states, and non-compliance could cost companies dearly. This article details what every company that does business in Europe needs to know about GDPR.

Online fraud costs public billions but is still not a police priority, says watchdog

“Policing institutions not enforcing rules effectively”

The National Audit Office has claimed that various policing and regulatory agencies were insufficiently addressing the issue of online fraud. The NAO says that for most police forces the incidents are: “not yet a priority” and the problem had been overlooked by government, law enforcement and industry.