Tag Archives: spam

Security Never Sleeps- AI, Navy Vulnerability

How to Hack a Robot

“Forget the Sci-Fi killer AI, there’s a very real threat”

While many of us think of AI dangers as the terminator-style, world destroying super bots, researchers have come up with a very different idea on what could constitute the greater dangers of autonomous robots. Collaborative robots, dubbed ‘cobots’, have now been provably hacked and very dangerous. Dozens of global AI vendor executives have been lobbying the United Nations to take measures to ban ‘lethal autonomous weapons’, also known as killer robots.

Tuesday: Spammers’ Favorite Day of the Week

“Get in the know to protect yourself”

Take a look at your work schedule, then get into the mind of the spammer. When would you be most likely to fall victim to it? Researchers at IBM X-Force Kassal looking into spam honeypot monitoring has done a six month dig into into spam trends, and had some interesting finds. Over 83% of spam is sent on weekdays, common workdays for most people who use email often for work. Specifically, Tuesday, Wednesday, and Thursday have the highest levels of activity. The research team had access to billions of unsolicited emails sent per year, and provides a good outline on what behaviors and trends to avoid to skip the harms that often come from spam email.

The 5 cyber attacks you’re most likely to face

“Perception of threats critical to prevention”

Cyber security consultants often notice that the perceptive nature of the defensive systems firms and other organizations implement. Many times the threats that these institutions believe they will face are far different than what they are actually likely to create the greatest risk of breach or data theft for them.

Check out the full article for more insights into the risk of different threats and how firms deal with them.

Analysis: there is both Means and Motive for Cyber Attacks on Navy Vessels

“Could cyber attacks play a larger role on ships in the future?”

It seems that cyber defenses are becoming increasingly more important to United States Navy ships. A recent collision demonstrates the necessity of upgraded systems. A collision between a Liberian oil tanker Alnic NC and the USS John McCain over the weekend is the fourth collision involving a vessel in the U.S. Navy’s 7th Fleet since January. This is a tragedy that, according to published reports, resulted in extensive damage to the ship and left five sailors injured and 10 unaccounted for.

Enjoy your read? Check out our other content here.

10Fold – Security Never Sleeps – 71

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: The British government will now allow immigration officials to hack refugees phones. A botnet took control of 4,000 Linux computers and forced them to blast spam for over a year before the whole operation was shut down.  An analysis of Dridex infrastructure shows dangerous changes, potentially new operators.

Immigration officials allowed to hack phones of refugees and asylum seekers – Publication: BetaNews – Reporter name: Mark Wilson

The British government secretly rolled out powers that permitted the immigration officials to hack the mobile phones of asylum seekers and refugees, the Observer reveals. The Home Office has confirmed the hacking powers which have sparked outrage from privacy and human rights groups. In a statement about the powers afforded immigration officials, immigration minister James Brokenshire said: “They may only use the power to investigate and prevent serious crime which relates to an immigration or nationality offence, and have done so since 2013”.


Researchers help shut down spam botnet that enslaved 4,000 Linux machines – Publication: Ars Technica – Reporter name: Dan Goodin

A botnet that enslaved about 4,000 Linux computers and caused them to blast the Internet with spam for more than a year has finally been shut down. Known as Mumblehard, the botnet was the product of highly skilled developers. It used a custom “packer” to conceal the Perl-based source code that made it run, a backdoor that gave attackers persistent access, and a mail daemon that was able to send large volumes of spam. Command servers that coordinated the compromised machines’ operations could also send messages to Spamhaus requesting the delisting of any Mumblehard-based IP addresses that sneaked into the real-time composite blocking list, or CBL, maintained by the anti-spam service.


FBI Cyber Warning: Ignore Your CEO’s E-Mail And Phone Her Back — Or Your Company May Pay For It – Publication: Forbes – Reporter name: Steve Morgan

The FBI is warning people about a business email scheme which has resulted in huge losses to companies in Phoenix and other U.S. cities. A CEO seemingly emails an employee — typically in a finance or administrative role — instructing them to perform a wire transfer. The employee follows directions and executes the wire. Money is successfully transferred from the CEO’s company to another party. Turns out the CEO didn’t send the email. The CEO’s email identity was spoofed by a cybercriminal who sent the email. E-Mail spoofing is a widespread hacker practice involving the forgery of an e-mail header.


Dridex Malware Now Used For Stealing Payment Card Data– Publication: Dark Reading – Reporter name: Jai Vijayan

New analysis of the command and control panel and attack mechanisms of the Dridex banking Trojan shows the malware is being used in a wider range of malicious campaigns — and likely by a different set of threat actors than before. Spain-based security vendor buguroo says it recently was able to leverage a surprisingly easy-to-exploit weakness in the C&C infrastructure of Dridex to gain unprecedented visibility into how exactly the malware is being used. The analysis shows that Dridex is no longer being used just to hijack online banking sessions in order to transfer money from a victim’s account to fraudulent accounts, says Pablo de la Riva Ferrezuelo, chief technology officer and co-founder of buguroo.