Shannon Vavra – Page 28 – WindowsTechs.com

Leave the pandemic out of your phishing simulations, Cofense says to industry

Posted on March 26, 2020 by Shannon Vavra

At least one anti-phishing company says it won’t be testing its customers with coronavirus-themed emails, out of concerns that it’s not socially responsible to play into fears around the current pandemic. Cofense says it has removed all COVID-19-themed spearphishing templates from its repository of attacks, and the Virginia-based company is recommending other organizations join it in a pledge to avoid using the global health crisis as fodder. Like other anti-phishing companies, Cofense sends fake emails to its customers to see if employees click on corrupted links or file attachments. “During a time when fears are justifiably running high, we believe it is wrong to confuse employees and exacerbate concerns further. We call upon the industry and organizations to join us in practicing socially responsible awareness training through thoughtful communication and education – not phish ‘testing,’” the company’s pledge, posted on LinkedIn Thursday, reads. Cybercriminals and suspected nation-state actors have been leveraging coronavirus-related lures in spearphishing […]

The post Leave the pandemic out of your phishing simulations, Cofense says to industry appeared first on CyberScoop.

Continue reading Leave the pandemic out of your phishing simulations, Cofense says to industry→

Hackers are messing with routers’ DNS settings as telework surges around the world

Posted on March 25, 2020 by Shannon Vavra

Personal Wi-Fi routers have long been a cybersecurity weak point, which is a growing concern as the COVID-19 pandemic forces people to work from home. According to new BitDefender research, criminals have moved quickly to manipulate these routers in a wide swath of countries in Europe, as well as in the United States. Attackers have begun changing Domain Name System (DNS) settings in Linksys routers, pointing users to what they believe is a legitimate website that also includes a pop-up message with information about the pandemic. However, once a user clicks through, a fake coronavirus-related app may be downloaded containing malware that can perform a host of nefarious activities, according to Liviu Arsene, a global cybersecurity researcher at BitDefender. ”It is a big problem, especially now that everybody’s working from home,” Arsene told CyberScoop. “Having your router’s DNS compromised can spell disaster because if attackers can redirect you to any page they want […]

The post Hackers are messing with routers’ DNS settings as telework surges around the world appeared first on CyberScoop.

Continue reading Hackers are messing with routers’ DNS settings as telework surges around the world→

Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign

Posted on March 25, 2020 by Shannon Vavra

Earlier this year, state-backed Chinese hackers embarked on one of the most sweeping Chinese espionage campaigns FireEye has seen in years, according to new research the security firm published Wednesday. The campaign, which lasted between January 20 and March 11, targeted 75 organizations ranging in nearly every economic sector: telecommunications, healthcare, government, defense, finance, petrochemical, manufacturing, and transportation. The campaign, believed to be run by APT41, targeted nonprofit, legal, real estate, travel, education, and media organizations as well. “This activity is one of the most widespread campaigns we have seen from China-nexus espionage actors in recent years,” researchers Christopher Glyer, Dan Perez, Sarah Jones, and Steve Miller said. “While APT41 has previously conducted activity with an extensive initial entry … this scanning and exploitation has focused on a subset of our customers, and seems to reveal a high operational tempo and wide collection requirements for APT41.” APT41 zeroed in on victims […]

The post Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign appeared first on CyberScoop.

Continue reading Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign→

This team wants to teach your kids cybersecurity while they’re home from school

Posted on March 24, 2020 by Shannon Vavra

Coronavirus-related school closures are skyrocketing, leaving parents scrambling to educate their children while still juggling their jobs. It’s a challenging and confusing time — and Jonathan Slater and Lorna Armitage think they have something that might hold kids’ interest: a free online learning platform that teaches them about cybersecurity. The virtual “Cyber School,” slated to launch next Monday, plans to host daily 45-minute livestreams focused on topics including an introduction to coding and algorithms, online safety, ethical hacking and social engineering. Armitage and Slater are part of a growing cohort of cybersecurity professionals who, in addition to their day jobs, are volunteering to share their cybersecurity expertise during the coronavirus pandemic. “What can we do to help and care? Kids are going to be out of school, why don’t we try to put something together and get them interested in computer science and cybersecurity and tech in general?” Armitage, a […]

The post This team wants to teach your kids cybersecurity while they’re home from school appeared first on CyberScoop.

Continue reading This team wants to teach your kids cybersecurity while they’re home from school→

China borrowing Russian tactics to spread coronavirus disinformation

Posted on March 23, 2020 by Shannon Vavra

Amidst the COVID-19 pandemic, China’s state-backed information operations have been following Russia’s playbook for spreading disinformation, an expert on the subject told a panel on Monday. The Chinese Communist Party, typically thought to run disinformation operations aimed at controlling the narrative, is mirroring behavior that is historically associated with Russian disinformation — spreading chaos and confusion. In this case, it’s about whether the coronavirus actually originated in China, Laura Rosenberger, the director of the Alliance for Securing Democracy, said during a disinformation event hosted by the CyberPeace Institute (CPI), a nonprofit founded last year to call out malicious cyber activities. “Russia’s focused on sowing confusion,” Rosenberger said during a panel. “We see China’s propaganda apparatus evolving and taking lessons from Russia in this moment … China was much more focused on narrative creation and control [before].” With Chinese ambassadors and state-backed media as mouthpieces, China has offered multiple possible explanations for where the virus […]

The post China borrowing Russian tactics to spread coronavirus disinformation appeared first on CyberScoop.

Continue reading China borrowing Russian tactics to spread coronavirus disinformation→

Russian hackers using stolen corporate email accounts to mask their phishing attempts

Posted on March 19, 2020 by Shannon Vavra

Hackers working for Russian military intelligence have long relied on zero-days and malware to target their victims, but in the last year they’ve kept it simple — using previously hacked email accounts to send a wide array of phishing attempts, according to new research from security firm Trend Micro. Since at least May of last year, the group known as Fancy Bear, APT28, or Pawn Storm, has used hacked email accounts belonging to high-profile personnel working at defense firms in the Middle East to carry out the operation, according to Feike Hacquebord, a senior threat researcher at Trend Micro. “The actor connects to a dedicated server using the OpenVPN option of a commercial VPN provider and then uses compromised email credentials to send out credential spam via a commercial email service provider,” Hacquebord writes in the research. The group, which the U.S. Department of Justice linked with Russia’s Main Intelligence Directorate […]

The post Russian hackers using stolen corporate email accounts to mask their phishing attempts appeared first on CyberScoop.

Continue reading Russian hackers using stolen corporate email accounts to mask their phishing attempts→

New TrickBot tool targets telecommunications in U.S., Hong Kong

Posted on March 18, 2020 by Shannon Vavra

The criminals behind the TrickBot banking trojan have retooled it for targeting telecommunications organizations in the U.S. and Hong Kong, according to new research from BitDefender. The new module, a malicious .dll file “rdpScanDll” allow attackers to run brute-forcing operations against Remote Desktop Protocols (RDPs). It’s just the latest update to TrickBot, which by design is built to be enhanced over time. The developers behind the banking trojan have not rested since it first sprouted up in 2016, and just earlier this year started using a new backdoor, according to SentinelOne research. BitDefender first saw a version of the module being developed in August of last year, Liviu Arsene, a global cybersecurity researcher at BitDefender, told CyberScoop. The multiple configurations TrickBot can take on will likely continue to be attractive for criminals’ and nation-states’ interests as they perpetually try to retool and maintain anonymity, according to Arsene. “That’s the beauty of everything you […]

The post New TrickBot tool targets telecommunications in U.S., Hong Kong appeared first on CyberScoop.

Continue reading New TrickBot tool targets telecommunications in U.S., Hong Kong→

‘Rare’ stalkerware emerges with targets around the world

Posted on March 17, 2020 by Shannon Vavra

An app that’s marketed as a solution to keep children safe online includes such aggressive functionality that cybersecurity researchers warn it’s possible for stalkers to monitor victims in a way that is “almost impossible to detect.” Researchers from Kaspersky Lab on Monday explained that the “MonitorMinor” app bypasses so many controls meant to protect user information that it qualifies as stalkerware. The term “Stalkerware” refers to a malicious class of software that quietly runs in the background on users’ phones, transmitting their location, messaging, and other data to outsiders. MonitorMinor, for instance, makes it possible for abusers to access victims’ social media information, SMS messages, and location. MonitorMinor essentially bypasses normal controls, such as Discretionary Access Control, meant to keep outsiders from accessing messaging app data by gaining root access to a mobile system, according to Victor Chebyshev, a researcher at Kaspersky. As a result, attackers can escalate their privileges to […]

The post ‘Rare’ stalkerware emerges with targets around the world appeared first on CyberScoop.

Continue reading ‘Rare’ stalkerware emerges with targets around the world→

Attorney General Barr urges DOJ to prioritize prosecuting coronavirus scammers

Posted on March 17, 2020 by Shannon Vavra

Scammers who have been taking advantage of the coronavirus pandemic by spreading COVID-19-themed spearphishing emails have caught the attention of the Department of Justice. In a memo sent to all U.S. attorneys Monday, Attorney General William Barr prioritized prosecuting cybercriminals seeking to exploit fears about the coronavirus. “The pandemic is dangerous enough without wrongdoers seeking to profit from public panic and this sort of conduct cannot be tolerated,” Barr said in the memo, which CyberScoop has obtained. For months, scammers have been impersonating health authorities such as the World Health Organization or the Centers for Disease Control and Prevention in order to send malware in coronavirus-themed spearphishing emails to victims worried about infection or community spread of the virus. Some campaigns have targeted populations especially affected by the virus, including Italy and Iran, according to security researchers. Iran’s own ministry of health has been urging citizens to download an app […]

The post Attorney General Barr urges DOJ to prioritize prosecuting coronavirus scammers appeared first on CyberScoop.

Continue reading Attorney General Barr urges DOJ to prioritize prosecuting coronavirus scammers→

Uzbekistan surveillance campaign leverages new spyware against human rights activists

Posted on March 13, 2020 by Shannon Vavra

Human rights activists and journalists in Uzbekistan, whom researchers have long claimed are victims of intrusive surveillance, are facing an increasingly sophisticated campaign in Uzbekistan, according to new findings from Amnesty International. Last year, a Canadian non-profit, eQualitie, revealed that a group of unidentified attackers has targeted journalists and human rights defenders in Uzbekistan with spearphishing emails since 2016. In June, the attackers escalated their activity, and are now trying to leverage spyware against hundreds of targets, Amnesty said in research published Friday. The advanced espionage efforts highlight how the surveillance threat to vulnerable groups in Uzbekistan is “more sophisticated than previously documented, and able to bypass some security tools [human rights defenders] use to protect themselves[,]” according to the Amnesty International blog detailing the analysis. Human rights activists have been fighting against forced labor and torture in Uzbekistan’s criminal justice system, according to Human Rights Watch. Watchdog groups also have cited unfair criminal trials, and politically-motivated imprisonment in the country. Authorities typically claim they […]

The post Uzbekistan surveillance campaign leverages new spyware against human rights activists appeared first on CyberScoop.

Continue reading Uzbekistan surveillance campaign leverages new spyware against human rights activists→