Zaid Shoorbajee – Page 24 – WindowsTechs.com

Telegram zero day used to spread cryptomining malware

Posted on February 13, 2018 by Zaid Shoorbajee

A zero-day vulnerability in the popular encrypted messaging app Telegram has subjected affected users to remote cryptomining for months, according to research released Tuesday by Kaspersky Lab. The vulnerability is in the chat app’s Windows client, Kaspersky researcher Alexey Firsh writes. The weakness specifically is in the way Telegram deals with a Unicode character that reverses the direction of text in the app. A hacker sends a victim what appears to be a .png image attachment. As a result of trickery with the Unicode character, it is actually a JavaScript file that installs malware on their system. Kaspersky found that the vulnerability has been exploited to mine cryptocurrency such as Monero, Zcash and Fantomcoin on a victim’s computer. In some cases, the zero day was used to deploy spyware or remote control malware. Firsh writes that Kaspersky doesn’t know exactly which versions of Telegram have been affected in the past, […]

The post Telegram zero day used to spread cryptomining malware appeared first on Cyberscoop.

Continue reading Telegram zero day used to spread cryptomining malware→

Equifax names Home Depot infosec lead as new CISO

Posted on February 13, 2018 by Zaid Shoorbajee

Home Depot Chief Information Security Officer Jamil Farshchi has been hired for the same position at Equifax, the credit monitoring company announced in a press release on Monday. Farschi was hired in 2015 as Home Depot’s CISO, a new position at the time, months after the home improvement retailer suffered its own data breach of 56 million credit cards. He also previously served as CISO for Time Warner and global vice president for information security at Visa. Equifax suffered a massive data breach in 2017 that exposed the personal data of 145.5 million people. The company’s chief information officer and chief security officer retired a few days after Equifax publicly disclosed the breach in September 2017. The CEO followed suit shortly after. At Equifax, Farschi “will assume company-wide leadership of work already underway to transform the company’s information security program, and collaborate with the industry to share best practices on information security,” the […]

The post Equifax names Home Depot infosec lead as new CISO appeared first on Cyberscoop.

Continue reading Equifax names Home Depot infosec lead as new CISO→

Department of Energy would get new cybersecurity office under White House proposal

Posted on February 12, 2018 by Zaid Shoorbajee

A new office would be created in the Department of Energy to monitor and improve energy sector cybersecurity under the president’s proposed budget for fiscal 2019. Named the the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), the office would “focus on energy infrastructure security and support the expanded national security responsibilities assigned to the Department of Energy.” CESER would take over responsibilities covered elsewhere in the Energy Department budget: the Cybersecurity for Energy Delivery System (CEDS) and the Infrastructure Security and Energy Restoration (ISER) programs. Those programs would see their expected spending go up by about 42 percent collectively and would be folded into CESER. CEDS and ISER have about $45 million and $10 million, respectively, in expected spending in fiscal 2018. Under CESER, spending on those accounts would increase to $70 million and $18 million, respectively. An additional $8 million would go toward “program direction,” which describes efforts to manage the […]

The post Department of Energy would get new cybersecurity office under White House proposal appeared first on Cyberscoop.

Continue reading Department of Energy would get new cybersecurity office under White House proposal→

Watchdog: Despite progress, IRS needs to improve electronic fraud detection

Posted on February 9, 2018 by Zaid Shoorbajee

A Treasury Department watchdog says the Internal Revenue Service has made progress in improving its identity management controls for people filing their taxes online, but still has some work to do when it comes to identifying fraudulent profiles and activity. The Treasury Inspector General for Tax Administration (TIGTA), which audits the IRS, released a report Thursday appraising the agency’s implementation and improvement of authentication controls. TIGTA credited the IRS for requiring taxpayers to use two-factor authentication to log on to use the IRS’s online services. The auditor also said the IRS improved its ability to automatically to monitor activity across different systems and detect any anomalies. “Using this tool, the Cyber Fraud Analytics group identified fraudulent activity in which fraudsters improperly used data stolen from sources outside of the IRS to successfully perpetrate a small number of targeted attacks,” TIGTA said. However, the auditor added that those monitoring tools need […]

The post Watchdog: Despite progress, IRS needs to improve electronic fraud detection appeared first on Cyberscoop.

Continue reading Watchdog: Despite progress, IRS needs to improve electronic fraud detection→

Newly uncovered malware uses DNS requests to siphon credit card data

Posted on February 8, 2018 by Zaid Shoorbajee

Researchers have discovered new malware that relies on a unique way to steal credit card information from point-of-sale systems. In a blog post published on Thursday, Forepoint says its found malware that uses Domain Name System (DNS) requests in order to extract credit card information. That sets it apart from most other POS malware, which would normally use HTTP requests to exfiltrate data. Luke Somerville, head of special investigations for Forcepoint Labs, says companies would normally look for unusual activity in their HTTP requests in order to detect data theft. Somerville says the malware, which it is dubbing “UDPoS”, hasn’t affected any of Forcepoint’s customers, but that “there may well be people out there who we’re not protecting who may have been affected by this.” He added that Forcepoint was able to prove that the malware could successfully steal credit card data. “They’re kind of just sneaking the data out […]

The post Newly uncovered malware uses DNS requests to siphon credit card data appeared first on Cyberscoop.

Continue reading Newly uncovered malware uses DNS requests to siphon credit card data→

Senators push bill banning Chinese tech firms Huawei and ZTE from being used in government

Posted on February 7, 2018 by Zaid Shoorbajee

Two senators have introduced a bill that would prohibit the U.S. government from contracting with companies that use equipment or services from Chinese telecommunications companies Huawei and ZTE. Sens. Marco Rubio, R-Fla., and Tom Cotton, R-Ark., who are both on the Senate Intelligence Committee, said they are proposing the bill because of concerns that the companies enable Chinese espionage. The legislation is a companion to a bill proposed in the House by Rep. Mike Conaway, R-Texas, last month. “Huawei is effectively an arm of the Chinese government, and it’s more than capable of stealing information from U.S. officials by hacking its devices,” Cotton said in a press release. “There are plenty of other companies that can meet our technology needs, and we shouldn’t make it any easier for China to spy on us.” In 2012, the House Intelligence Committee released an investigative report that alleged that Huawei and ZTE have ties to […]

The post Senators push bill banning Chinese tech firms Huawei and ZTE from being used in government appeared first on Cyberscoop.

Continue reading Senators push bill banning Chinese tech firms Huawei and ZTE from being used in government→

Senators push bill banning Chinese tech firms Huawei and ZTE from being used in government

Posted on February 7, 2018 by Zaid Shoorbajee

The post Senators push bill banning Chinese tech firms Huawei and ZTE from being used in government appeared first on Cyberscoop.

Continue reading Senators push bill banning Chinese tech firms Huawei and ZTE from being used in government→

Senators grill Uber CISO over 2016 breach, extortion incident

Posted on February 7, 2018 by Zaid Shoorbajee

Senators rebuked Uber on Tuesday during a Senate Commerce subcommittee hearing over the company’s handling of the data breach it disclosed in November 2017, with one lawmaker calling the company’s decision to wait a year before publicly disclosing it “morally wrong and legally reprehensible.” Uber’s actions “violated not only the law but the norm of what should be expected,” said Sen. Richard Blumenthal, D-Conn., the subcommittee’s ranking member said. Uber revealed in November 2017 it paid $100,000 to delete data of 57 million users worldwide that was maliciously obtained by Florida-based hackers. The data included names, email addresses and phone numbers, and in some cases, encrypted passwords and driver’s license numbers. While Uber says that the hackers acted maliciously, the company paid them through HackerOne, which hosts Uber’s bug bounty program – a way for ethical hackers to receive payouts for informing companies about vulnerabilities. During the hearing, the lawmakers questioned Uber’s chief […]

The post Senators grill Uber CISO over 2016 breach, extortion incident appeared first on Cyberscoop.

Continue reading Senators grill Uber CISO over 2016 breach, extortion incident→

Rep. Mike McCaul: It’s taken too long to reauthorize NPPD

Posted on February 5, 2018 by Zaid Shoorbajee

Representatives on the House Committee on Homeland Security stressed the need for attention to cybersecurity issues at an event addressing the state of national security on Monday at George Washington University. Committee Chairman Rep. Michael McCaul, R-Texas, painted a bleak picture when it comes to the cybersecurity threats the U.S. faces from foreign adversaries. He also promoted ongoing Congressional efforts to reorganize the office inside the Department of Homeland Security that oversees national cybersecurity infrastructure. “Our adversaries, both nation-state and non-state actors, threaten us around the clock in cyberspace,” McCaul said. “Whether it’s North Korea launching a global cyberattack crippling infrastructure, to China stealing our nation’s valuable intellectual property, to Russia conducting disinformation warfare campaigns to sow discord among our people, to Iran attacking our financial institutions, to terrorists spreading evil propaganda over the internet, to criminals taking our financial and personal information, we are all exposed to harm.” McCaul touted […]

The post Rep. Mike McCaul: It’s taken too long to reauthorize NPPD appeared first on Cyberscoop.

Continue reading Rep. Mike McCaul: It’s taken too long to reauthorize NPPD→

McAfee uncovers new malware in Olympics hacking campaign

Posted on February 5, 2018 by Zaid Shoorbajee

McAfee has discovered malware that serves as the second stage payload in a phishing campaigntargeting organizations surrounding the 2018 Winter Olympics. In a post published Friday, McAfee’s Advanced Threat Research team details the discovery and analysis of implants that surface on phishing targets’ systems once an initial PowerShell backdoor is installed. The report is an update on the phishing campaign they previously discovered that aimed to establish backdoors when a phishing victim opens a Microsoft Word document attachment. McAfee is calling the implants GoldDragon, Brave Prince, Ghost419 and RunningRat. The company says that once the initial backdoor is installed, these new implants establish a permanent presence that siphon information from the victim’s computer. The Gold Dragon implant allows for the downloading of subsequent malware payloads. Brave Prince and Ghost419 can collect content from the victim’s hard drive as well as detailed information about the computer. RunningRat is a remote access […]

The post McAfee uncovers new malware in Olympics hacking campaign appeared first on Cyberscoop.

Continue reading McAfee uncovers new malware in Olympics hacking campaign→