Sean Lyngaas – Page 44 – WindowsTechs.com

Attackers are using a Brazilian hacking tool against Spanish banks

Posted on April 14, 2020 by Sean Lyngaas

An easy-to-use hacking tool has made its way from Brazil’s criminal underworld to Spain, where it’s being used to try to steal from the customers of major banks, researchers said this week. The attackers have targeted customers of at least 10 large Spanish banks as part of an ongoing campaign, said Limor Kessem, IBM Security’s executive security advisor. “We have seen this sort of migration in the past, and this one is likely tied to local criminals [in Spain] using malware from counterparts in Brazil.” The malware, known as Grandoreiro, uses a remote-access feature which overlays images on a victim’s web browser, tricking them into keeping a banking session alive. That gives a hacker the opportunity to steal money from the victim’s account or swipe other account information, Kessem and her colleague, Dani Abramov said in a blog post. It remains unclear how many Spanish banking customers were targeted. The Spanish Banking […]

The post Attackers are using a Brazilian hacking tool against Spanish banks appeared first on CyberScoop.

Continue reading Attackers are using a Brazilian hacking tool against Spanish banks→

Hackers file fake tax returns in scheme to steal IRS refunds

Posted on April 13, 2020 by Sean Lyngaas

It may be open season for coronavirus scammers, but tax frauds aren’t letting up, either. Attackers tried obtaining large tax refunds by posing as clients of Weber and Company, the California-based accounting firm revealed last week. The scammers apparently accessed clients’ personal data — including, perhaps, Social Security numbers and bank account information — and used that to file fraudulent returns, Weber and Company said in a notification to California’s attorney general. The IRS and the FBI are investigating the matter, the company said. The number of attempted IRS scams tends to increase every year in March and April in the U.S., as legions of crooks try to steal Americans’ refunds. Earlier this month, the IRS said attackers exploiting the COVID-19 crisis could use stolen data to commit tax fraud. In 2016, the IRS said attackers had attempted to breach its online filing portal and steal Social Security numbers. For years, lawmakers have debated the proper response to incidents of this kind. It was not immediately clear […]

The post Hackers file fake tax returns in scheme to steal IRS refunds appeared first on CyberScoop.

Continue reading Hackers file fake tax returns in scheme to steal IRS refunds→

Everything must go: Cybercriminal forums offer discounts during pandemic

Posted on April 9, 2020 by Sean Lyngaas

Countless legitimate businesses are offering discounts or altering their services to turn a profit during the coronavirus pandemic. Cybercriminal forums are no different. More than 500 posts on forums tracked by cybersecurity company Group-IB have advertised promotional codes and discounts during the pandemic on distributed denial of service (DDoS) attack tools, spamming, and other services. It’s an example of how the economy for cybercriminal services — worth, according to one estimate, $1.6 billion annually — is adapting to a health crisis that has changed spending habits around the world. “Due to the current situation in the world, we provide a 20% discount on all our services with a promotional code: COVID-2019 until the end of April,” read one criminal forum posting found by Group-IB, which was originally in Russian. Another post offered customer service around the clock. “The prices are very favorable during the coronavirus epidemic.” The Group-IB data fits a larger picture. Multiple threat intelligence […]

The post Everything must go: Cybercriminal forums offer discounts during pandemic appeared first on CyberScoop.

Continue reading Everything must go: Cybercriminal forums offer discounts during pandemic→

U.S., U.K. authorities warn of state-linked and criminal hacking exploiting coronavirus pandemic

Posted on April 8, 2020 by Sean Lyngaas

American and British cybersecurity authorities on Wednesday issued a fresh warning that “a growing number of cyber criminals and other malicious groups” are exploiting the coronavirus pandemic, adding to a chorus of public and private-sector advisories intended to blunt COVID-19-related hacking. Criminals have been scanning for vulnerabilities in remote access software as people around the world stay home, while state-linked hackers, known as Advanced Persistent Threats (APTs), are impersonating trusted organizations to further their cyber-operations, U.S. and U.K. officials said. “Both APT groups and cybercriminals are likely to continue to exploit the COVID-19 pandemic over the coming weeks and months,” says the advisory from the U.S. Department of Homeland Security’s cybersecurity division and the U.K.’s National Cyber Security Centre (NCSC). Overall levels of cybercrime haven’t increased, the agencies said, but the use of COVID-19-related hacking lures has grown. The NCSC pointed to a text-message-based phishing scam purporting to offer Britons financial relief […]

The post U.S., U.K. authorities warn of state-linked and criminal hacking exploiting coronavirus pandemic appeared first on CyberScoop.

Continue reading U.S., U.K. authorities warn of state-linked and criminal hacking exploiting coronavirus pandemic→

Researchers use 3D-printed fingerprints to unlock an iPhone8, laptops

Posted on April 8, 2020 by Sean Lyngaas

At a given moment, countless people around the world are using their fingerprint to unlock their smartphones. For some, it grants instant access to family photos or grocery lists. For others, like diplomats or corporate executives, more sensitive information is at stake. Now, findings released Wednesday provide the latest reminder that, even as mobile security tightens, outsiders are finding new ways to access user devices. Researchers at Talos, Cisco’s threat intelligence arm, demonstrated how to use 3D printing and other methods to forge fingerprints and unlock eight models of devices ranging from the iPhone 8 and Samsung S10 smartphones to laptops and padlocks. The research project was inspired by real-world breaches of fingerprint data. The results proved that, while biometric authentication is an effective way for most technology users to secure their data, determined attackers are capable of using the same security mechanism as an entry point, if they have the time, access and resources. (Talos did not point to any […]

The post Researchers use 3D-printed fingerprints to unlock an iPhone8, laptops appeared first on CyberScoop.

Continue reading Researchers use 3D-printed fingerprints to unlock an iPhone8, laptops→

Australian government says it is hacking criminals who are exploiting the pandemic

Posted on April 7, 2020 by Sean Lyngaas

As governments around the world consider their options for cracking down on scammers exploiting the coronavirus pandemic, Australia is touting a muscular approach in cyberspace. The Australian Signals Directorate (ASD) “has mobilized its offensive cyber capabilities to disrupt foreign cyber criminals responsible for a spate of malicious activities during COVID-19,” the Australian defense ministry said in a statement Tuesday. The ASD, the country’s lead agency for hacking operations, has “already successfully disrupted activities from foreign criminals by disabling their infrastructure and blocking their access to stolen information,” Australian Minister of Defense Linda Reynolds said. “Some of these cybercriminals have even posed as health officials in an attempt to exploit vulnerable Australians, by infecting their computers with malware and stealing their private information.” COVID-19-related scams and phishing attempts targeting people around the world have surged in recent weeks as criminals and spies prey on people’s health fears. In Australia, a consumer […]

The post Australian government says it is hacking criminals who are exploiting the pandemic appeared first on CyberScoop.

Continue reading Australian government says it is hacking criminals who are exploiting the pandemic→

Small business owners applying for COVID-19 relief may have had PII exposed, agency says

Posted on April 5, 2020 by Sean Lyngaas

As the federal agency overseeing relief to small businesses during the coronavirus pandemic was preparing to ramp up its lending, some of the Small Business Administration’s loan applicants may have had their personally identifiable information exposed to others, an agency spokeswoman tells CyberScoop. “Personal identifiable information of a limited number of Economic Injury Disaster Loan applicants was potentially exposed to other applicants on [Small Business Administration’s] loan application site,” SBA spokeswoman Carol Wilkerson said in a statement Saturday. “We immediately disabled the impacted portion of the website, addressed the issue, and relaunched the application portal,” the statement continued. “SBA continues to process applications submitted via email, paper, and online.” The cause of the data exposure at SBA, and for how long it occurred, was not immediately clear. Wilkerson did not respond to questions on why the PII may have been exposed and what types of data were affected. An industry […]

The post Small business owners applying for COVID-19 relief may have had PII exposed, agency says appeared first on CyberScoop.

Continue reading Small business owners applying for COVID-19 relief may have had PII exposed, agency says→

Researcher claims $75K payout from Apple for iPhone camera hack

Posted on April 3, 2020 by Sean Lyngaas

Apple has paid a cybersecurity researcher $75,000 for a software exploit chain used to access an iPhone camera and microphone, the researcher said this week. They are the kind of invasive capabilities that a spyware vendor would drool over. But Ryan Pickren, an Atlanta-based white-hat hacker, worked with Apple’s bug bounty program to get them fixed. “I had some experience looking for bugs in [Apple’s web browser] Safari before they launched their bug bounty program,” Pickren told CyberScoop in an email, describing why he took on what he called “two weeks of intense research.” Pickren figured out how to trick a Safari browser into serving up malicious code to infiltrate the iPhone camera and steal browser passwords. He did it by abusing the trust the iPhone was placing in Safari websites — trust that the device didn’t place in non-native applications. The malicious Safari website offered Pickren and his chain of exploits direct access […]

The post Researcher claims $75K payout from Apple for iPhone camera hack appeared first on CyberScoop.

Continue reading Researcher claims $75K payout from Apple for iPhone camera hack→

A researcher found zero-days in one city’s software. Then he realized the problem could be bigger.

Posted on April 3, 2020 by Sean Lyngaas

For Quentin Rhoads-Herrera, this was not a typical security test. A big municipal government in the U.S. had just handed him the source code for software the city uses to manage contracts and track infrastructure projects. He unpacked the code, sifted through it, and found more than a dozen previously undisclosed vulnerabilities, or zero-days, that a hacker could exploit to manipulate data or dump user passwords. But it was more than just a catalog of bugs: Poring over the code, Rhoads-Herrera found the names of two other city governments that have used the software. The product, known as CIPAce, has been used by public and private sector organizations to collect invoices and manage contracts and budgets, according to CIPPlanner Corp., the company that makes it. “If one attacker happens to exploit this city, then they can look and see, easily, every other city that’s using this … and attack them using the same methods,” said […]

The post A researcher found zero-days in one city’s software. Then he realized the problem could be bigger. appeared first on CyberScoop.

Continue reading A researcher found zero-days in one city’s software. Then he realized the problem could be bigger.→

North American utilities drill ‘GridEx’ brings record turnout — except from supply chain vendors

Posted on April 1, 2020 by Sean Lyngaas

A November drill involving electric utilities across North America mimicked the disruptive malware used to cut power in Ukraine in 2016, testing operators’ ability to expunge the malicious code from their systems. The fictional scenario, revealed Tuesday in a press briefing on the exercise, saw the malware compromise the industrial control systems that utilities use to manage their operations. An electric equipment vendor helped the utilities replace some of the industrial computers that had been “bricked,” or rendered useless, by the malware. (The code was not actually executed on live systems; it was all simulated.) The intense scenario forced participants to “start implementing their incident response plans” and “really upped the training value for many utilities,” said Matt Duncan, an official at the North American Electric Reliability Corp., the regulator that runs the biennial drill, known as GridEx. It is an example of the greater lengths that many utilities go […]

The post North American utilities drill ‘GridEx’ brings record turnout — except from supply chain vendors appeared first on CyberScoop.

Continue reading North American utilities drill ‘GridEx’ brings record turnout — except from supply chain vendors→