Category Archives: Financial

An advanced group specializing in corporate espionage is on a hacking spree

Posted on by

A Russian-speaking hacking group specializing in corporate espionage has targeted 26 commercial organizations since 2018 in attempts to steal vast amounts of data from the private sector, according to new findings. At least 14 of the 26 companies that the group targeted in fact were breached, according to research published Thursday by the security firm Group-IB, which has offices in Moscow in Singapore. The hacking group, dubbed RedCurl, stole confidential corporate documents including contracts, financial documents, employee records and legal records. Victims spanned a range of industries — including construction, finance, retail and law — with headquarters in Russia, Ukraine, the U.K., Canada, Germany and Norway. RedCurl relies on hacking techniques similar to groups known as RedOctober and CloudAtlas, another Russian-speaking group that’s targeted multiple entities and government networks “primarily in Russia,” according to the MITRE Corp.’s database of hacking groups. The Russian security vendor Kaspersky previously published its own […]

The post An advanced group specializing in corporate espionage is on a hacking spree appeared first on CyberScoop.

Continue reading An advanced group specializing in corporate espionage is on a hacking spree

Hackers exploited Tor exit relays to generate bitcoin: research

Posted on by

At one point this spring, a single set of money-hungry hackers controlled nearly a quarter of the endpoint infrastructure through which the anonymizing internet browser Tor routed traffic, a researcher who tracks Tor claimed this week. The unidentified attacker likely used those Tor “exit relays” — the IP addresses through which Tor traffic passes — to manipulate the traffic and mine cryptocurrency, said the researcher, who goes by nusenu. How much bitcoin the attackers were able to generate, if any, remains unclear. It’s the latest example of how malicious hackers can subvert parts of Tor’s infrastructure for their own gain, and follows another set of malicious Tor activity documented by the same researcher last year. Users ranging from human rights workers in repressive countries to U.S. drug dealers rely on Tor to try to maintain their anonymity online. “So far, 2020 is probably the worst year in terms of malicious Tor exit relay activity since I started monitoring it about […]

The post Hackers exploited Tor exit relays to generate bitcoin: research appeared first on CyberScoop.

Continue reading Hackers exploited Tor exit relays to generate bitcoin: research

3 strategies for addressing sensitive legal cybersecurity issues

Posted on by

Three years after enacting one of the most exacting cybersecurity regulations in the United States, the New York State Department of Financial Services (NYDFS) recently filed its first cybersecurity enforcement action. This enforcement action shows the importance of mitigating legal risks when addressing cybersecurity risks. NYDFS alleged that First American Financial, one of the country’s largest providers of title insurance, failed to properly address a known security vulnerability on its website that allowed millions of documents containing consumers’ nonpublic information to be exposed. After the vulnerability surfaced in a penetration test, First American misclassified the vulnerability as “low,” failed to investigate the vulnerability in the timeframe set by the company’s cybersecurity policy, the scope of documents that were exposed, and heed the recommendations of its in-house cybersecurity team. The timing of the NYDFS’s inaugural enforcement action shows that cybersecurity remains a key priority for government agencies, even during the COVID-19 […]

The post 3 strategies for addressing sensitive legal cybersecurity issues appeared first on CyberScoop.

Continue reading 3 strategies for addressing sensitive legal cybersecurity issues

Hackers can still steal wads of cash from ATMs. Here’s the vulnerabilities that could let them in.

Posted on by

Thanks to a pair of zero-day vulnerabilities in a popular ATM, hackers could be pilfering off customers’ sensitive banking information or withdrawing hefty wads of cash, according to research from New York-based Red Balloon Security. If exploited properly, one of the vulnerabilities the researchers found in Nautilus Hyosung America ATMs would allow attackers to essentially empty the machines of cash, the researchers, Brenda So and Trey Keown, told CyberScoop. The root of the vulnerability lies in the way Nautilus implemented eXtensions for Financial Services, the software used to dispense money. The other vulnerability would allow attackers to execute malicious code in the the ATM’s remote administration interface, which normally allows ATM owners to check the amount of cash available in their machines. In experimenting with the flaw, So and Keown wrote shell code and sent a malicious payload to the ATM. Hackers that are able to do the same could point […]

The post Hackers can still steal wads of cash from ATMs. Here’s the vulnerabilities that could let them in. appeared first on CyberScoop.

Continue reading Hackers can still steal wads of cash from ATMs. Here’s the vulnerabilities that could let them in.

US financial regulator fines Capital One $80 million over data breach

Posted on by

A U.S. financial regulator has fined Capital One $80 million in connection with the 2019 data breach that compromised details on approximately 106 million people. The Office of the Comptroller of the Currency, a bureau within the Department of Treasury, announced the penalty over the bank’s failure “to establish effective risk assessment processes” before moving “significant information technology operations” to the cloud. OCC also flagged the bank for not correcting “deficiencies in a timely manner.” The bank also is required to improve its data security practices and update its approach to risk management as part of a consent decree with the OCC. Capital One reported $28.6 billion in total revenue in 2019. The McLean, Va.-based bank announced in July 2019 that a hacker had accessed information about 100 million credit card customers and applicants in the U.S., and another 6 million people in Canada. Customer addresses, income figures, birth dates […]

The post US financial regulator fines Capital One $80 million over data breach appeared first on CyberScoop.

Continue reading US financial regulator fines Capital One $80 million over data breach

A right-wing social network reported a potential breach. Then it went dark. What happened at AllSocial?

Posted on by

It seemed like exactly the tech startup that so many conservatives said they wanted. AllSocial was an emerging social media network that garnered more than a million users, in part by alluding to the unfounded claim that existing sites like Facebook and Twitter censor conservative political thought. AllSocial users could connect with new friends with the understanding the site would never limit how far a user’s posts would spread based on their politics, an apparent reference to allegations that Republicans repeatedly have made against Facebook and Twitter. “Viewpoint censorship is when creative expression is suppressed, removed or banned on the internet,” said a June 13 post from the AllSocial Facebook account. “Unlike other social media platforms we do not ban or shadow-ban users based on personal or political beliefs. Yep, that’s the AllSocial way.” The site and its two mobile apps have been down for more than a month, though, […]

The post A right-wing social network reported a potential breach. Then it went dark. What happened at AllSocial? appeared first on CyberScoop.

Continue reading A right-wing social network reported a potential breach. Then it went dark. What happened at AllSocial?

Another guilty plea in $568 million Infraud crime ring

Posted on by

A Moldovan man on Friday became the second person in as many months to plead guilty to being part of Infraud, a $568 million cybercriminal enterprise that stole payment cards and personal data from around the world, the U.S. Department of Justice said. 30-year-old Valerian Chiochiu, who allegedly trained Infraud members on writing and deploying malware, appeared before a judge in federal court in Nevada, U.S. officials said. Chiochiu’s guilty plea follows that of Sergey Medvedev, a 33-year-old Russian, who is accused of being the group’s co-founder. The pleas are part of the ongoing U.S. effort to prosecute Infraud, which Department of Justice officials say victimized people in all 50 states. At its height, Infraud aspired to be the internet’s top spot for “carding,” or buying things with stolen credit card data. It amassed more than 10,000 members, and claimed to only allow vetted vendors of stolen data to advertise […]

The post Another guilty plea in $568 million Infraud crime ring appeared first on CyberScoop.

Continue reading Another guilty plea in $568 million Infraud crime ring

Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands

Posted on by

The security team at Twilio, a cloud communications company that claimed over $1 billion in revenue last year, could breathe a sigh of relief on Sunday night. Earlier in the day, someone had manipulated the code in a software product that Twilio customers use to route calls and other communications. The breach resembled a Magecart-style attack that skims websites for users’ financial data. Twilio cleaned up the code hours later, and said there was no sign the attackers had accessed customer data. But the damage could have been worse if the attack had been targeted, multiple security experts told CyberScoop. With access to the code, which was sitting in an unsecured Amazon cloud storage service known as an S3 bucket, the attackers could have conducted phishing attacks or distributed malware through the platform, according to Yonathan Klijnsma, head of threat research at security company RiskIQ. Dave Kennedy, founder of cybersecurity […]

The post Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands appeared first on CyberScoop.

Continue reading Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands

Insurer’s huge data exposure draws charges from New York state

Posted on by

New York regulators have charged an insurer with violating state cybersecurity law for allegedly exposing hundreds of millions of documents that included Americans’ personal data, including Social Security numbers and financial information. The New York State Department of Financial Services announced legal action Wednesday against the First American Title Insurance Company, the second-largest real estate title insurer in the U.S. The company is accused of exposing customers’ Social Security numbers, bank account information, driver’s license numbers and mortgage and tax records through a software vulnerability that went undetected between May 2014 and December 2018. Upon discovering the flaw during a routine security test, the insurance company failed to fix it, DFS alleged. “After the data exposure was discovered by an internal penetration test in December 2018, First American failed to conduct a reasonable investigation into the scope and cause of the exposure, reviewing only 10 of the millions of documents exposed and […]

The post Insurer’s huge data exposure draws charges from New York state appeared first on CyberScoop.

Continue reading Insurer’s huge data exposure draws charges from New York state

After hackers nearly stole $1M from soccer team, UK agency warns of sporting sector’s vulnerabilities

Posted on by

As one of the most popular soccer leagues on the planet, the English Premier League rakes in billions of dollars every year, in part by attracting star players through a cutthroat transfer market. The multimillion-dollar negotiations can make or break a season. Suffice to say that sending more than a $1 million to a fake team for a player they don’t have would be a setback. That’s nearly what happened to one of the league’s teams, though, after scammers hacked into the email account of the club’s managing director, according to a report released Thursday by the U.K.’s National Cyber Security Centre. The only thing that stopped the money transfer from going through was a fraud marker on the crooks’ bank account. Government officials did not specify which team was targeted. It is one of a handful of security incidents in a report that U.K. cybersecurity experts are using to highlight how various […]

The post After hackers nearly stole $1M from soccer team, UK agency warns of sporting sector’s vulnerabilities appeared first on CyberScoop.

Continue reading After hackers nearly stole $1M from soccer team, UK agency warns of sporting sector’s vulnerabilities