It has been reported that Australia is currently the target of a “sophisticated” cyber attack – and an unnamed foreign government is behind it. Scott Morrison, the country’s prime minister, says the attacks have targeted all levels of the government – as well as political organisations, essential service providers and operators of other critical infrastructure. “We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting,” he said at a news conference.
ISBuzz Team
It has been reported that a newly discovered spyware effort attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, highlighting the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions. Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools. Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date. Google declined to discuss how the latest spyware…
Researchers at Awake Security have discovered a new spyware effort, which has attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser, according to Reuters. This highlights the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions. Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools. Based on the number of downloads, it was the most far-reaching malicious Chrome store…
Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot (also known as Qakbot, Pinkslipbot, and Quakbot) is a banking trojan with worm features used to steal banking credentials and financial data, as well as to log user keystrokes, deploy backdoors, and drop additional malware on compromised machines. Among the banks whose customers have been targeted in this Qbot campaign, the researchers found JP Morgan, Citibank, Bank of America, Citizens, Capital One, Wells Fargo, and FirstMerit Ban.
Cybersecurity researchers took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money. The campaign, dubbed “Operation In(ter)ception” because of a reference to “Inception” in the malware sample, took place between September to December 2019.
Infosec pros and hackers regularly abuse cloud service providers to conduct reconnaissance and attacks, despite efforts by cloud providers to limit such activity. In a recent research paper titled “Cloud as an Attack Platform”, five boffins from Texas Tech University – Moitrayee Chatterjee, Prerit Datta, Faranak Abri, Akbar Siami-Namin, and Keith Jones – describe a series of interviews they conducted with computer security pros attending the Black Hat and DEF CON conferences. Of the 75 security professionals and hackers they spoke with as a part of a larger examination of attacker psychology, more than 93 per cent admitted to abusing cloud services…
It goes without saying that the outbreak of COVID-19 has posed significant challenges to our workplace productivity. Replacing face-to-face meetings with video calls, getting access to files saved on one central server and finding the best spot in the house for a reliable WiFi connection – we’ve all faced our own unique, but important challenges. As firms grapple with the best ways to enhance productivity for remote workers, those that have quickly (or had already) adopted more digital ways of working are being held up as glimmers of hope, showcasing how it is possible to find new and more productive…
Facebook boss Mark Zuckerberg says users will be able to turn off political adverts on the social network in the run-up to the 2020 US election, according to BBC News. This comes in the wake of heavy criticism for allowing adverts from politicians that contain false information, and rival social platform Twitter banning political advertising last October. Facebook and its subsidiary Instagram will give users the option to turn off political adverts when they appear or block them using the settings features, and will be able to report them if they continue to appear. The feature, which will start rolling out…
Postbank, the banking division of South Africa’s Pat Office, recently reported that a rogue employee stole 36-digit master keys used to protect the bank’s systems. The result: 25,000 fraudulent charges valued at 56 million Rand (3.2 million US dollars) and 1 billion Rand (58 million US dollars) to replace all credit and ATM cards issued by the bank.
In response to reports that an unpatched vulnerability in software that redirects local USB devices to a remote system could help attackers elevate privileges on a target machine by adding fake devices, a cybersecurity expert offers perspective.