Threat Intel – Page 2 – WindowsTechs.com

Hackers linked to Lebanese government caught in global cyber-espionage operation

Posted on January 18, 2018 by Chris Bing

The General Directorate of General Security, a Lebanese intelligence agency, has been tied to a mobile hacking operation discovered by researchers with cybersecurity firm Lookout Mobile Security and digital rights group Electronic Frontier Foundation (EFF). Lookout and EFF are calling the hacking campaign “Dark Caracal,” in reference to a wild cat native to Africa and the Middle East. The operation was revealed today by the organizations, in which they discovered that hackers are using malicious smartphone applications and websites to steal passwords and eavesdrop on conversations. The organizations shared their discoveries in a 49-page report. The Dark Caracal hackers reportedly used several different email phishing strategies to lace familiar applications and websites, like Twitter, Facebook and WhatsApp, with malware. They also used fake login pages to acquire personal information. Some victims could have even been hacked by clicking on booby- trapped messages and lures that led them to fake social media […]

The post Hackers linked to Lebanese government caught in global cyber-espionage operation appeared first on Cyberscoop.

Continue reading Hackers linked to Lebanese government caught in global cyber-espionage operation→

Bitcoin hype pushes hackers to stash their money in lesser-known cryptocurrencies

Posted on December 29, 2017 by Chris Bing

Cybercriminals are increasingly moving away from bitcoin as their preferred digital currency in favor of lesser-known cryptocurrencies because of prolonged transaction delays, surging transaction costs and general market volatility, experts tell CyberScoop. Although cybercriminals have been slowly moving away from bitcoin for months, researchers say a noticeable shift towards alternative coins — such as Monero, Dash and ZCash — occurred when bitcoin’s value skyrocketed over $19,000 for one bitcoin in mid-December. The price has drastically fluctuated between $12,000 and roughly $19,000 since then. “Many cybercriminals emulate the operational best practices of legitimate businesses in order to minimize their overhead costs and maximize returns, and in the case of high transaction costs with bitcoin, it makes perfect sense to look at other coins with smaller overheads,” said Richard Henderson, a global security strategist with endpoint cybersecurity firm Absolute. Experts say this shift does not necessarily mean that criminals’ attention is fading from bitcoin, […]

The post Bitcoin hype pushes hackers to stash their money in lesser-known cryptocurrencies appeared first on Cyberscoop.

Continue reading Bitcoin hype pushes hackers to stash their money in lesser-known cryptocurrencies→

North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season

Posted on December 21, 2017 by Chris Bing

Cybercriminals linked to North Korea appear to be simultaneously targeting point-of-sale (POS) systems as well as cryptocurrency platforms as the annual holiday spike continues in retail stores and the hype surrounding bitcoin surges, according to research by cybersecurity firms Proofpoint and RiskIQ. Reports by the two companies published late Tuesday shine a light on the ways in which hackers are increasingly developing different types of custom attacks to either steal cryptocurrency or infect computers with so-called “cryptojacking” software. The latter involves the covert installation of malicious computer code into compromised web browsers in order to siphon off processing power, which can in turn be used to mine cryptocurrencies. The researchers say the hacks in question are connected to the Lazarus Group, the cybersecurity community’s name for North Korea’s premier cybercrime and cyber-espionage organization. Attacks on the financial system are one of the communist regime’s chief sources of funding as it faces global sanctions […]

The post North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season appeared first on Cyberscoop.

Continue reading North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season→

North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season

Posted on December 21, 2017 by Chris Bing

The post North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season appeared first on Cyberscoop.

Continue reading North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season→

Newly uncovered Iranian hacking group targeted energy, aerospace firms to steal secrets

Posted on September 20, 2017 by Chris Bing

A Iranian hacking group has been targeting aerospace and energy companies in Saudi Arabia, South Korea and the U.S. since at least 2013 as part of an expansive cyber espionage operation to both gather intelligence and steal trade secrets, according to new research published Wednesday by U.S. cybersecurity firm FireEye. This advanced persistent threat group (APT) is labeled APT33 by FireEye. Wednesday’s report by FireEye offers a distinct view of the group’s activity. APT33 is likely related to hacking campaign dubbed StoneDrill by Kaspersky Lab, researchers say. Based on information that appears to have been accidentally left behind in past attacks, analysts believe APT33 is linked to the Iranian government. Most of the group’s operations to date have largely focused on sending targeted phishing emails with malware-laden HTML links to infect specific computers with a custom backdoor implant known as “TURNEDUP.” But there’s also some evidence to suggest they’re capable of launching data […]

The post Newly uncovered Iranian hacking group targeted energy, aerospace firms to steal secrets appeared first on Cyberscoop.

Continue reading Newly uncovered Iranian hacking group targeted energy, aerospace firms to steal secrets→

Tech support scams: what are other people doing?

Posted on June 7, 2017 by William Tsing

We’ve talked a lot about tech support scams over the past few years, typically focused on what we see ourselves, and the scammers who like to pose as Malwarebytes. But tech support scams are much bigger than that, targeting every tech company under the sun. So what are other people doing about it? Let’s take a look at some of the other players working to keep you safe.

Categories:

Tags: Fatsecurity.com IT Advocate microsoft scam symantec tech support scam Threat Intel TSS

(Read more…)

The post Tech support scams: what are other people doing? appeared first on Malwarebytes Labs.

Continue reading Tech support scams: what are other people doing?→

OWASP Top Ten – Boring security that pays off

Posted on May 4, 2017 by William Tsing

OWASP recently published a draft list of the top 10 security vulnerabilities of 2017. While intended for developers seeking to code more secure applications, the top 10 list is based on actual survey data of threats seen in the wild and serves as a great starting point for organizations struggling with security priorities. Let’s take a look and see how long they’ve been around prior to publication.

Categories:

Tags: enterprise OWASP Threat Intel zero day

(Read more…)

The post OWASP Top Ten – Boring security that pays off appeared first on Malwarebytes Labs.

Continue reading OWASP Top Ten – Boring security that pays off→

Why do I care about someone else’s data breach?

Posted on February 1, 2017 by William Tsing

As the size of your organization increases, the probability that an individual employee’s company email is in that breach rises to 1. So how do you go about plugging leaks? A three-point strategy can get you started.

Categories:

101
How-tos

Tags: data breach privacy Threat Intel threatintel

How do I get my employees to stop clicking on everything?

Posted on January 30, 2017 by William Tsing

If you’ve been given responsibility for network security in a non-technical area of the business, there’s one eternal question that has been bedeviling. How do you get your employees to stop clicking on everything?

Categories:

101
Business

Tags: Business Email Compromise business security CISO phishing scam Threat Intel workforce

How do I get my employees to stop clicking on everything?

Posted on January 30, 2017 by William Tsing

Categories:

101
Business

Tags: Business Email Compromise business security CISO phishing scam Threat Intel workforce