Patrick Howell O’Neill – Page 18

Google awards record $112,500 bug bounty for Android exploit chain

Posted on January 19, 2018 by Patrick Howell O'Neill

Google awarded a record $112,500 bug bounty to a Chinese security researcher after he submitted the first working Android remote exploit chain since the company’s Android Security Rewards program raised top payout levels in 2017. Guang Gong, a researcher who works for billion-dollar Chinese security firm Qihoo 360 Technology, submitted the bugs in August. The bugs, CVE-2017-5116 and CVE-2017-14904, were resolved in a December 2017 security update. Google announced the full payout this week. The exploit chain goes after the Pixel, Google’s own flagship mobile device. It’s widely touted as the most secure Android phone on the market. The first vulnerability allows a remote attacker to execute arbitrary code, via crafted HTML, inside the Chrome browser’s sandbox. The second is a bug that allows an escape from Chrome’s sandbox. Combined, the vulnerabilities allow attackers to remotely inject arbitrary code into the Pixel’s system_server process if the phone’s user accesses certain malicious URLs in Chrome. Gong and the Qihoo 360 team know a thing or two […]

The post Google awards record $112,500 bug bounty for Android exploit chain appeared first on Cyberscoop.

Continue reading Google awards record $112,500 bug bounty for Android exploit chain→

Another Indiana hospital hit with ransomware

Posted on January 19, 2018 by Patrick Howell O'Neill

Another Indiana hospital has been the victim of a ransomware attack less than a week after another hospital in the state paid hackers $45,000 to get systems back online. Adams Memorial Hospital in Decatur, Indiana was hit with ransomware on January 11. That marks the second such attack to hit an Indiana hospital this month after another medical center paid a four bitcoin ransom on Friday. Adams Health Network, which runs the hospital, realized it had been hit when an employee showed administrators suspicious files, the network slowed and screens began to display the message “sorry.” The problem impacted Berne Outpatient Clinic and Adams Health Medical Offices, according to local media. The ransomware infection coincided with early closures blamed on weather: NOTICE: The Berne Outpatient Clinic will be closing at Noon today January 12th. Posted by Adams Memorial Hospital on Friday, January 12, 2018 ATTENTION: Due to the weather all Adams Health Medical Offices will be […]

The post Another Indiana hospital hit with ransomware appeared first on Cyberscoop.

Continue reading Another Indiana hospital hit with ransomware→

Less than 10 percent of Google users turn on two-factor authentication

Posted on January 18, 2018 by Patrick Howell O'Neill

Less than 10 percent of active Google account holders utilize two-factor authentication, according to a software engineer who works for the California-based tech giant. At the Enigma security conference in Santa Clara, California on Wednesday, Grzegorz Milka described Google’s efforts to make two-factor authentication an extremely effective security tool in the face of account breaches. Like other tech companies, however, Google hasn’t made two-factor authentication a default feature because of a lack of convenience they fear would drive users away, Milka said. In 2016, Google collected over 4,000 data breach dumps totalling 3.3 billion stolen credentials. The data dumps included 67 million valid Google passwords, a number Milka used to emphasize that password security requires “defense-in-depth” that can work even when passwords are stolen — which happens about 250,000 times per week. Late last year, Google upgraded their two-factor authentication tools for at-risk users. The upgrade, known as the Advanced Protection Program, mandates two-factor authentication and provides free hardware keys […]

The post Less than 10 percent of Google users turn on two-factor authentication appeared first on Cyberscoop.

Continue reading Less than 10 percent of Google users turn on two-factor authentication→

Anomali raises $40 million to expand its threat intelligence platform

Posted on January 17, 2018 by Patrick Howell O'Neill

Threat intelligence firm Anomali raised a $40 million Series D funding round Wednesday, money that CEO Hugh Njemanze hopes will fuel expansion into new markets in 2018. Deutsche Telekom Capital Partners, Telstra and Sozo Ventures also participated in the round. Threat intelligence is a broad term that encompasses a fairly wide range of companies and products, all of which handle information about adversaries that is then used for better defense. While some companies collect or sell the intelligence through feeds, Anomali sells a technology platform to handle those feeds. “What we do is make it possible for organizations to deploy threat intel from a multitude of sources,” Njemanze explained CyberScoop. “But also to use that threat intelligence to achieve better security. It’s the difference between providing a newspaper and the tools that can automatically read the newspaper, figure out what’s in the article and then set up your defenses based on that information.” Anomali, which currently […]

The post Anomali raises $40 million to expand its threat intelligence platform appeared first on Cyberscoop.

Continue reading Anomali raises $40 million to expand its threat intelligence platform→

Coinhive cryptojacker is currently the most prevalent malware online

Posted on January 16, 2018 by Patrick Howell O'Neill

Welcome to the age of cryptojackers. The most prevalent malware online today is Coinhive, the popular software often used to hijack computers and mine cryptocurrency, according to new research from the cybersecurity firm Check Point. The scheme is known as cryptomining or, more commonly, cryptojacking. Cryptocurrency has constantly been in the headlines as prices regularly reach record highs, fueling public interest. High prices and more people involved means the mining process is increasingly difficult, so scammers have turned to cryptojacking in order to make up for lost ground. “The more CPUs participate in the mining process, the more complicated it becomes to successfully mine the currency,” said Lotem Finkelsteen, Check Point threat intelligence researcher said. “In this way the currency inventors control the amount of currencies circulate into the market. Meaning, one should invest more computational resources to keep or improve his mining ratio he had a month ago. Thus […]

The post Coinhive cryptojacker is currently the most prevalent malware online appeared first on Cyberscoop.

Continue reading Coinhive cryptojacker is currently the most prevalent malware online→

Indiana hospital shuts down systems after ransomware attack

Posted on January 15, 2018 by Patrick Howell O'Neill

An Indiana hospital suffered the first ransomware attack aimed at a health care provider this year when part of Hancock Regional Hospital’s computer system was compromised by a hacker demanding bitcoins in ransom. Local media reported that when the attack began on Jan. 10, the hospital shut down its computer systems and email in order to prevent any further issues. The compromise impacted email, health records and internal operating systems but did not touch patient information, Rob Matt, the hospital’s chief strategy officer, told reporters. Hancock Regional Hospital, located in Greenfield, Ind., confirmed the issue publicly on Friday. It’s not clear how much bitcoin was demanded, but the hospital told The Indianapolis Star that the ransom has not been paid as of Friday. The FBI is investigating. After shutting down the computers, hospital staff used a pen and paper while the administration worked with an unspecified cybersecurity firm and law enforcement, according to the Greenfield Reporter. The […]

The post Indiana hospital shuts down systems after ransomware attack appeared first on Cyberscoop.

Continue reading Indiana hospital shuts down systems after ransomware attack→

Fourth man pleads guilty in ‘Celebgate’ photo leak

Posted on January 12, 2018 by Patrick Howell O'Neill

A Connecticut man pleaded guilty to charges of hacking into over 250 iCloud accounts as part of a phishing campaign that resulted in nude photographs of female celebrities being posted on the public internet. George Garofano, 26, faces a maximum sentence of five years in prison. Garofano was involved in an expansive phishing campaign from April 2013 to October 2014 that stole iCloud account information from victims, according to the plea agreement he signed on Thursday. The phishing emails pretended to be from Apple and asked victims to enter usernames and passwords which he then stole to illegally access their accounts. “Garofano used the usernames and passwords to illegally access his victims’ iCloud accounts, which allowed him to steal personal information, including sensitive and private photographs and videos, according to his plea agreement,” according to a Department of Justice statement. “In some instances, Garofano traded the usernames and passwords, as well as […]

The post Fourth man pleads guilty in ‘Celebgate’ photo leak appeared first on Cyberscoop.

Continue reading Fourth man pleads guilty in ‘Celebgate’ photo leak→

Microsoft adopts Signal’s encryption protocol for new private conversation mode

Posted on January 11, 2018 by Patrick Howell O'Neill

It seems like the term “encrypted chat” is becoming more and more synonymous with Signal. The encrypted messaging app, built by Open Whisper Systems, has now partnered with Microsoft to encrypt messages on Skype. The Microsoft-backed messaging software will launch a feature called “Private Conversations” that uses Signal’s encryption protocol to encrypt chat, file exchange and recorded audio messages from one user’s machine to the other. Audio and video calls are not covered. The feature is now available in beta to “Skype Insiders.” What makes the encrypted chat mode interesting is that Skype, which was created by a European team in 2003 and then purchased by Microsoft in 2011, was at the center of surveillance efforts as revealed by Edward Snowden’s 2013 NSA leaks. Through the PRISM surveillance program, the NSA claimed to have direct access to Skype’s system for the purpose of interception. Signal’s cryptographic protocol has been put into at least some parts of […]

The post Microsoft adopts Signal’s encryption protocol for new private conversation mode appeared first on Cyberscoop.

Continue reading Microsoft adopts Signal’s encryption protocol for new private conversation mode→

New hacking campaign targets North Korean defectors in South Korea

Posted on January 11, 2018 by Patrick Howell O'Neill

A group of hackers is targeting defectors and journalists in South Korea with malware sent via popular chat apps and social networks, according to the cybersecurity firm McAfee. The “highly targeted” campaign beginning in 2017 used Facebook and KakaoTalk, one of South Korea’s most popular chat apps, to spread malware-laced phishing links to targets. The attacks show that “attackers are always looking for different ways to deliver malware,” McAfee’s Jaewon Min wrote. This particular group does not appear to have links to any existing cybercrime groups, the post says. Although McAfee offered no definitive answers on who is behind the campaign, the firm’s report did show links to North Korea in the form of an IP address in test log files on some Android devices connected to accounts used to spread the malware. Additionally, some words used in the code are almost exclusively used in North Korea, and the targets are all of great interest to the […]

The post New hacking campaign targets North Korean defectors in South Korea appeared first on Cyberscoop.

Continue reading New hacking campaign targets North Korean defectors in South Korea→