Patrick Howell O’Neill – Page 4

Former Microsoft engineer sentenced for role in ransomware scheme

Posted on August 14, 2018 by Patrick Howell O'Neill

Former Microsoft network engineer Raymond Uadiale was sentenced to 18 months in prison on Monday for money laundering in connection with ransomware known as Reveton. Uadial, 41, was charged in April and pleaded guilty in June. Ransomware is household word these days, but Reveton’s history traces back to a time when the concept was still new. The malware was one of the first strains to lock a victim’s screen and demand payment, back before bitcoin was cybercriminals’ preferred method. In 2012, Reveton asked for Green Dot MoneyPak vouchers instead of cryptocurrency. Reveton infected a computer, displayed the logo of a law enforcement agency like the FBI and warned the victim that illegal material was on their machine. The ransom was disguised as a $200 ”fine” required to regain access to the computer and its data. Court documents say Uadiale’s role was to help cash out payments from victims of Reveton, using prepaid debit […]

The post Former Microsoft engineer sentenced for role in ransomware scheme appeared first on Cyberscoop.

Continue reading Former Microsoft engineer sentenced for role in ransomware scheme→

Uber hires former NSA counsel Matt Olsen as top security executive

Posted on August 14, 2018 by Patrick Howell O'Neill

After a tumultuous few months, Uber has a new chief trust and security officer: Matt Olsen, former co-founder off IronNet Cybersecurity and former general counsel of the National Security Agency. Uber CEO Dara Kohsrowshahi tweeted about the new hire after it was initially reported by the New York Times: Thrilled to have Matt Olsen on board as #Uber Chief Trust and Security Officer. He has more than earned the respect of our team at all levels while working with us over the last few months – https://t.co/Xxssp1Wa3r — dara khosrowshahi (@dkhos) August 14, 2018 The search to fill Uber’s CSO position began last November when CSO Joe Sullivan and a slate of security executives left the company following a breach exposing data of 57 million customers at the company and accusations of a $100,000 coverup. Hiring Olsen is one of the most significant steps the ridesharing company has taken in […]

The post Uber hires former NSA counsel Matt Olsen as top security executive appeared first on Cyberscoop.

Continue reading Uber hires former NSA counsel Matt Olsen as top security executive→

‘Man-in-the-disk’ attack took advantage of Android data security flaws

Posted on August 13, 2018 by Patrick Howell O'Neill

Several major mobile app developers including Google, Yandex and Xiaomi left numerous Android apps vulnerable to a so-called “Man-in-the-Disk” intrusion, a potent attack surface for Android apps that can potentially allow silent installation of malicious apps, according to researchers at Israeli cybersecurity firm Check Point. Researchers were able to compromise files and crash Google Translate, Google Voice-to-Text and Yandex Translate because the apps failed to validate the integrity of data used from Android’s External Storage System. Google acknowledged and fixed those applications and are in the process of fixing other vulnerable apps, Check Point said. Google did not respond to a request for comment. The “Man-in-the-Disk” attack surface allows a hacker to interfere with an Android app’s data stored in External Storage, the operating system’s type of storage typically used to share data between applications — for instance, a messenger using a photo from a camera app. The intrusion’s name […]

The post ‘Man-in-the-disk’ attack took advantage of Android data security flaws appeared first on Cyberscoop.

Continue reading ‘Man-in-the-disk’ attack took advantage of Android data security flaws→

Here comes the storm: Fortnite arrives on Android, cybersecurity experts sound alarm

Posted on August 10, 2018 by Patrick Howell O'Neill

The world’s most popular game just arrived on Android in an unusual and potentially dangerous way. Fortnite is a cash cow of a video game. The free-to-play, first-person-shooter contest takes in hundreds of millions of dollars every month across computers, consoles and iPhones as users make a mountain of small purchases like new clothes or dance moves for their characters. Publisher Epic Games will now add the world’s most popular operating system, Android, to that river of revenue — and the company is angling to avoid the large 30 percent cut Google takes from official Play Store purchases by offering the game directly on the company website. The beta version landed on Friday. It has cybersecurity experts warning that the move will make Android users more vulnerable to hackers by pointing them away from the protection of Google Play Store. The main concern in the short term is that hackers will disguise malware as […]

The post Here comes the storm: Fortnite arrives on Android, cybersecurity experts sound alarm appeared first on Cyberscoop.

Continue reading Here comes the storm: Fortnite arrives on Android, cybersecurity experts sound alarm→

How FBI’s global reach took down a cybercrime unicorn

Posted on August 2, 2018 by Patrick Howell O'Neill

If cybercrime syndicates were talked about like they were startups, the Fin7 hacking group would be considered a billion-dollar unicorn. Also known as Carbanak, the group has operated on the scale and sophistication level of nation-states since 2014. It’s responsible for the theft of billions of dollars from banks and businesses around the world, leveraging phishing and social engineering to grab bank account and credit card numbers. “For nearly four years, the Fin7 gang has been the major supplier of stolen payment card data to criminals in the dark web,” said Andrei Barysevich, a director at Boston-based cybersecurity firm Recorded Future. “Such data can then be encoded onto any plastic magstripe card, allowing criminals to make in-person purchases.” The arrest of three high-ranking members, which was announced by the FBI on Wednesday, is devastating to the group. But the organization, which has operated using many of the same tools that […]

The post How FBI’s global reach took down a cybercrime unicorn appeared first on Cyberscoop.

Continue reading How FBI’s global reach took down a cybercrime unicorn→

DOJ arrests three Ukrainians allegedly tied to FIN7 hacking gang

Posted on August 1, 2018 by Patrick Howell O'Neill

Three Ukrainians accused of hacking vast quantities of financial data from U.S. businesses have been indicted, the Department of Justice announced on Wednesday. The individuals arrested are Dmytro Fedorov, 44, Fedir Hladyr, 33, and Andrii Kopakov, 30. The trio are allegedly part of a hacking group called “FIN7” by the government, but more widely known as Carbanak, a group that allegedly stole billions from worldwide banks and tens of millions of dollars from U.S. companies since the group’s inception in 2014. Carbanak boasts dozens of members and a complex organization which, prosecutors say, the three arrested men helped manage and control. “The three Ukrainian nationals indicted today allegedly were part of a prolific hacking group that targeted American companies and citizens by stealing valuable consumer data, including personal credit card information, that they then sold on the Darknet,” said Assistant Attorney General Brian Benczkowski. The three men are charged with 26 felony counts alleging […]

The post DOJ arrests three Ukrainians allegedly tied to FIN7 hacking gang appeared first on Cyberscoop.

Continue reading DOJ arrests three Ukrainians allegedly tied to FIN7 hacking gang→

Telegram traffic from around the world took a detour through Iran

Posted on July 30, 2018 by Patrick Howell O'Neill

Data from the popular encrypted messenger app Telegram was hijacked by Iran’s state-owned telecommunications giant on Monday, a day before proposed protests over the country’s economic crisis. The move looks to be a BGP hijack, a practice where an intermediary illegitimately takes over groups of IP addresses so data originally destined for one place can be forcefully sent to another. Monday’s attacks were widely detected as they happened by Oracle’s InternetIntelligence and Cisco’s BGPMon. Here’s Oracle tracking the incident: At 06:28 UTC earlier today (30-Jul), an Iranian state telecom network briefly leaked over 100 prefixes. Most were Iranian networks, but the leak also included 10 prefixes of popular messaging app @telegram (8 were more-specifics). pic.twitter.com/MjN2itdpTS — InternetIntelligence (@InternetIntel) July 30, 2018 BGP, or the Border Gateway Protocol, is the technology that exchanges routing data across the various networks that make up the entire global internet. “Once a valid BGP hijack occurs, the hijacker can perform [man-in-the-middle] attacks, […]

The post Telegram traffic from around the world took a detour through Iran appeared first on Cyberscoop.

Continue reading Telegram traffic from around the world took a detour through Iran→

20 new vulnerabilities discovered in the Samsung SmartThings Hub, patches issued

Posted on July 26, 2018 by Patrick Howell O'Neill

If you let it, Samsung’s SmartThings Hub can control virtually your entire home, up to and including locks and cameras. That makes it wildly convenient to use — but also extraordinarily important to secure. It’s not easy. On Thursday, the cybersecurity researchers at Cisco Talos published 20 vulnerabilities in the hub that can be combined to gain complete control of it. Samsung has already released an automatic patch. Users are urged to verify their own hub is updated. As IoT devices rapidly proliferate across the U.S. and around the world — a home can be “smartened” up for a few hundred bucks — hackers are increasingly looking to twist the gadgets to their own ends. Cellebrite, the world famous Israeli firm most known for cracking iPhones, is increasingly targeting IoT devices because of a rise in demand from police and intelligence agencies around the world. “Given that these devices often gather sensitive information, the discovered vulnerabilities could be leveraged to give an attacker the ability […]

The post 20 new vulnerabilities discovered in the Samsung SmartThings Hub, patches issued appeared first on Cyberscoop.

Continue reading 20 new vulnerabilities discovered in the Samsung SmartThings Hub, patches issued→

Security keys have been good to Google, so now it’s promoting one of its own

Posted on July 25, 2018 by Patrick Howell O'Neill

Google says its workforce has been phish-proof for more than a year. The impressive security stat is due to small USB security keys issued to all 85,000 of the company’s employees. Companies that produce these small pieces of hardware, like Yubico, have seen tremendous growth over the last two years thanks to rapidly accelerating adoption — but they will now have fresh competition. Google will soon start widely selling its own Titan Security Key, which includes firmware developed by the omnipresent tech giant itself. The product is available now to Google Cloud customers and will eventually be available to general customers, the company announced Wednesday at its Google Cloud Next conference in San Francisco. Like similar keys from other companies, it will provide a second authentication factor for software use, network access, account management and other services. When the hardware is linked to an account, a password isn’t enough — the user must plug in the […]

The post Security keys have been good to Google, so now it’s promoting one of its own appeared first on Cyberscoop.

Continue reading Security keys have been good to Google, so now it’s promoting one of its own→

LinkedIn hacking suspect refuses to cooperate with his lawyers

Posted on July 25, 2018 by Patrick Howell O'Neill

Yevgeniy Nikulin, the Russian hacker accused of stealing data from three United States-based tech firms, is uncooperative in his own defense, one of his lawyers said Tuesday. Nikulin, 30, is accused of hacking into LinkedIn, Dropbox and Formspring and siphoning data tied to over 100 million individuals. He was arrested in October 2016 and, following a lengthy geopolitical battle, was extradited from the Czech Republic to the U.S. in March. He pleaded not guilty to the charges against him. Nikulin is refusing to speak substantively about his own criminal defense, detainment or mental health, according to Valery Nechay, a lawyer on his defense team. He was placed in solitary confinement after an alleged escape attempt and multiple physical confrontations with U.S. Marshals. He is currently on suicide watch largely due to his non-cooperation, his lawyer explained. The defense is actively exploring a full psychiatric examination. Nechay said she can’t tell if Nikulin’s refusal to cooperate is a […]

The post LinkedIn hacking suspect refuses to cooperate with his lawyers appeared first on Cyberscoop.

Continue reading LinkedIn hacking suspect refuses to cooperate with his lawyers→