Tag Archives: NSA

10Fold Security Never Sleeps- Fancy Bear, IoT Security

RUSSIA’S ‘FANCY BEAR’ HACKERS USED LEAKED NSA TOOL TO TARGET HOTEL GUESTS

“Russian espionage campaign used WiFi networks to spy on guests”

High profile customers have been targeted by Russia’s ‘Fancy Bear’malware, now with upgraded NSA hacking tool EternalBlue leaked out to the public on the internet. According to FireEye, the attacks are are hitting victims through minimal security hotel WiFi routers. The security firm has also stated that they suspect the group is working with Russian Intelligence agency GRU.

8 Critical IoT Security Technologies

“Necessary as prevalence grows”

Gartner has recently reported a prediction of nearly 20.4 billion connected IoT devices in just the next three years. That’s a rate of about 5.5 million new ‘Things’ per day! These metrics suggest that standard security practices will be insufficient in the very near future to counter the cyber threats that face IoT devices.

Report: SMBs Better Prepared For IoT Security Threats Than Large Enterprises

“SMB prioritize cyber threats more effectively”

IoT security firm Pwine Express has found that SMB’s are far more equipped to handle and identify threats to their workplace networks than larger competitive businesses. About 41% of IT security pro’s at large firms did not know what types of attacks had actually occurred on their devices last year, compared to 25% at SMB-based companies.

Hackers Say Humans Most Responsible for Security Breaches

“Hackers asked about methods and practices”

About 250 hackers at Black Hat 2017 were polled on the processes they use in hacking systems. Thycotic surveyed many of these individuals, finding that 51% identify as ‘white hats,’ 34% as ‘grey hats,’ and 15% as ‘black hats.’ Defenders can use this data to understand better how to safeguard their own systems.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 157

Hackers Are Using NSA’s DoublePulsar Backdoor in Attacks

“‘Equation Group’ threat actor exposed”

 Alleged NSA hacking tool has been used on public users over the past week. ‘DoublePulsar,’ a backdoor program constructed by ‘Shadow Brokers’ hacking group on Friday, contains a password protected archive of even further exploit kits to be used by cybercriminals. Microsoft has commented on the release of this program, announcing that up to date systems are unlikely to be exposed to any risk.

Webroot deletes Windows files and causes serious problems for users

“Manual fix released to address issue”

Webroot consumers had an unfortunate surprise Monday morning when their product began flagging Windows files as harmful. Over 14 pages concerning the issue appeared as comments on the Webroot community forum, prompting a manual fix to be developed by Webroot that has yet to remedy the situation for many affected.

Hipchat resets user passwords 

“Security issues prompt concerns”

HipChat has automatically reset its users passwords after a possible breach may have exposed names, email addresses, and hashed password information. Particular cases may have gained access to message content, although this happened in less than 0.05% of cases.

Hackers uncork experimental Linux-targeting malware

“Four different protocols used”

Cybercriminals are now using a new malware program that attacks Linux systems, dubbed Linux/Shishiga. It uses SSH, Telnet, HTTP, and BitTorrent according to online security researcheres at ESET.

Hard Target: Fileless Malware

“The future of online threat is fileless”

Fileless malware attacks are on the rise. Malware that is either fileless or in-memory pose threats to businesses that are both difficult to recognize and destroy.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 155

Cerber Dominates Ransomware Charts

“Ransomware market share up to 87%”

Malwarebytes Labs has reported that one of the most active ransomware families, Cerber, has taken over vast swathes of the market in 2017. The malicious software has grown its presence by over 15%  from January of this year.

NSA-leaking Shadow Brokers just dumped its most damaging release yet

“Over a gigabyte of weaponized software released”

The cybercriminal group ‘Shadow Brokers’ has leaked a massive amount of the NSA malicious exploits on Friday. The contents of the exploits contain hacking tools that are capable of conducting sophisticated attacks on Microsoft Windows and SWIFT banking systems.

Enjoy your read? Check out our other content here.

 

10Fold- Security Never Sleeps- 104

Following Snowden’s Legacy, Booz Allen Contractor Charged with File Theft

“Could face up to 11 years in prison”

Former Booz Allen Hamilton employee Harold Thomas Martin III is accused by the Department of Justice of theft of government property and unauthorized removal of classified documents. Stock of the NSA contractor firm took a dip as the news broke. This further scars the company’s reputation that is already bearing the weight of the Edward Snowden revelations of 2013, bringing to light the mass United States government surveillance program that proved very controversial to the public. Whether the intentions of Martin are political is yet to be seen.

Expose Retaliation Hits BuzzFeed

“Hacking group targets interactive media site”

Hacking group OurMine seems to have targeted BuzzFeed, odd considering the group often sets its sights on digital accounts of CEO’s, venture capitalists, and celebrities. The attack on BuzzFeed focused on manipulating the text or completely deleting certain articles related to the groups reputation, in which the website exposed that OurMine may be a solo hacker teenager from Saudi Arabia.

New Malware Can Monitor Webcam, Microphone

“New piggyback virus can access software”

Malware used for covert surveillance is far from new. The NSA has several programs that can monitor voice or video without the notice of a laptops user. However this is not the case with Apple products, as they have a hardwired indicator that notifies the user when the webcam is on. Now this may no longer be the case. Researcher Patrick Wardle explains that a new piggyback virus is able to access webcam and speaker functions without any notification to the user.

eCommerce Malware Stealing Card Data

“Powerfront, OpenCart among affected”

Researchers are monitoring a cybercriminal campaign that have been plaguing several eCommerce sites since at least March of this year. Dubbed ‘Magecart’ by RiskIQ, the malicious software attacks the payment sources of the internet commerce sites, stealing customer personal information and card data.

10Fold- Security Never Sleeps- 103

Hack Claims from Guccifer 2.0 Denounced by Clinton Foundation

“Widely believed to be political in motivation”

Guccifer 2.0, the hacker who claims responsibility for the Democratic National Committee leaks that aimed to expose corruption within its ranks, claims to have breached the servers of the Clinton Foundation and attained documents that could be damaging to Hillary Clinton’s presidential campaign, despite denial from the Clinton Foundation itself. The hacker posted screenshots of spreadsheets online, claiming that they were documents from the institution and that: ‘… her staff don’t even bother about the information security.”

The political motivations of the cyber-attack remain obvious, as the hacker made clear favorable reference to Julian Assange, founder of WikiLeaks and outspoken opponent of Hillary Clinton.

Report Claims that Email Provider Yahoo Assisted in Spying on U.S. Citizens

“Raises questions of why Yahoo did not fight the order”

A program developed by Yahoo Inc. last year reportedly allows the U.S. Federal government to search through email databases for certain phrases. Anonymous former employees narrowed government agencies involved to either or both the National Security Agency or the Federal Bureau of Intelligence.

The news is surprising, given the typical resistance to government mandates to enter customer accounts that tech firms generally uphold. However, Yahoo not only complied with the order, but dedicated its own resources and staff to assist with the operation.

TalkTalk fined £400K for mistakes that led to 2015 hack

“Actions first taken to clear its reputation of highly hacked service”

After the personal data theft of over 155,000 customers Telecom firm TalkTalk has been fined £400,000 for its security vulnerabilities in 2015. Well over 15,000 of those affected had bank information stolen and suffered serious ramifications for what Information Commissioner Elizabeth Dunham reported that even the most basic of security measures failed to be acted upon and “…(the company) could have done more to safeguard its customer information.”

Malware Infested-Ads Plaguing Spotify

“Free version of service seems to open malicious sites”

Malware seems to have worked its way into the Spotify servers and is continuously serving itself to the users who use the Spotify free product to stream music. The ads have been reported to open infected sites, causing potential harm to those that travel to them.