Brian Krebs recently broke the news that there was an intrusion at PCM Inc., a major U.S.-based cloud solution provider. The hackers were able to access email and file sharing systems for some of the company’s more than 2,000 clients. Sources say PCM discovered the intrusion in mid-May 2019. Those sources say the attackers stole administrative credentials that PCM uses to manage client accounts within Office 365. One security expert at a PCM customer who was recently notified about the incident said the intruders appeared primarily interested in stealing information that could be used to conduct gift card fraud at…
ISBuzz Team
Sectigo (formerly Comodo CA) today issued a report, Secure Impressions: Online Banking Study, revealing how well the world’s largest banks in North America and Europe ensure and demonstrate security of customer information on their online banking websites. The study found that a notable percentage of banks left customers vulnerable to phishing scams. They rated websites based on the presence of SSL certificates – verifications provided by a Certificate Authority (CA), which confirm that a website is authentic and legitimate. In North America, 40% of banks studied did not receive the highest rating, exemplified by the use of Extended Validation (EV) certificates to demonstrate the website’s true, authenticated identity.…
Report Outlines Inherited and New Threats in the Network as 5G Launches Worldwide Positive Technologies has released its report 5G Network Security: Vulnerabilities Old and New, which outlines some of the greatest risks facing 5G as networks as they begin to launch around the world. 5G promises superfast connection speeds, ultra-low latency, and greater capacity represent huge opportunities for operators to transform their businesses, allowing them to offer new services and generate revenue through previously unavailable means of monetisation. However, these opportunities will be accompanied by risks. Positive Technologies experts pioneered research into telecom security. They were the first to discover the security issues…
On 27 June 2017, the Russian military launched nation-state destroyer attack NotPetya. Causing an estimated $10 billion in damages, the White House described it as “the most destructive and costly cyber-attack in history”. https://twitter.com/WIRED/status/1135009388295544832 Experts Comments: Marina Kidron, Director of Threat Intelligence at Skybox Research Lab: “NotPetya was the most devastating cyberattack in history. Without enforcing proper cybersecurity hygiene and network visibility, organisations are paving the way for another, equally devastating, attack. Many ransomware variants use common exploits, such as how NotPetya leveraged EternalBlue. Where fixes for known exploits are already available, it’s common sense that they should be applied; but many organisations currently have no clear definition of their…
Report by Reuters highlighting the Chinese ‘Cloud Hopper’ attacks (seemingly linked to ATP 10) that have affected a host of companies, from HPE to Ericsson and IBM as well as various customers such as Nuclear submarine constructor Huntington Ingalls. https://twitter.com/jc_stubbs/status/1143842261182091265 Expert Comments: Piers Wilson, Head of Product Management at Huntsman Security: “Today’s report highlighting the depth and complexity of the ‘Cloud Hopper’ hackers shows that sophisticated and potentially state sponsored attacks can have huge ramifications for businesses, whilst being hugely difficult to defend against. The attacks have clearly penetrated western technology and defence organisations and caused huge amounts of sensitive information to be stolen. “However, as…
Study findings from the University of Sydney and CSIRO’s Data61 examined the prevalence of counterfeit Android applications on Google Play used AI to identify probable fraudulent apps prior to testing them, and discovered 2,040 potential fraudulent apps mimicking popular apps within a reviewed group of 49,608 apps. The study A Multi-modal Neural Embeddings Approach for Detecting Mobile Counterfeit Apps cites “1,565 potential counterfeits asking for at least five additional dangerous permissions than the original app and 1,407 potential counterfeits having at least five extra third-party advertisement libraries.” The study states that its researchers’ use of AI to evaluate apps to identify clear mimicry of popular apps “outperforms many baseline image…
A flaw was found in EA Origin that could have exposed 300 million players to account takeovers. The flaw would have allowed hackers to hijack people’s accounts without stealing their login or passwords. That’s because it would steal a Single Sign-On authorization token instead, which could give complete control for hackers. The security researchers that discovered the flaw were able to take control of an EA subdomain, under the URL “eaplayinvite.ea.com,” which was an inactive domain hosted on Microsoft’s Azure cloud service. They could send the malicious page to players, and since it was an EA domain, victims would be more likely to…
A new strain of malware is wiping the firmware of IoT devices in attacks reminiscent of the old BrickerBot malware that destroyed millions of devices back in 2017. In the last 24 hours, thousands of IoT devices have been bricked by a new malware strain. Named Silex, the malware is wiping the firmware of IoT devices with more than 2,000 reported incidences in the first few hours of its existence. It is thought Silex destroys the device by killing its storage, which allows it to ignore firewall rules and network configurations. Finally, the device stops operating completely. Attacks are still ongoing, and according to an interview with…
Microsoft’s Security Intelligence team warns of a new malware campaign that infects and compromises fully patched Windows PCs, and which spreads via malicious macro functions in an Excel attachment to activate “a complex infection chain to download and run the notorious FlawedAmmyy remote access trojan directly in memory.” Microsoft recommends disabling macros. A Virsec expert offers thoughts. https://twitter.com/Ttschersich/status/1143537775943270401 Expert Comments: Satya Gupta, CTO and Co-founder at Virsec: Excel macros have been associated with malware for a long time, but it’s still alarming for Microsoft to recommend disabling all macros – functions used routinely by millions of businesses. Microsoft needs to rethink its macro strategy as it has become an…
CyberArk Report Shows 70 Percent of UK Organisations Rely Primarily on Cloud Providers to Protect Their Workloads According to a new CyberArk (NASDAQ: CYBR) survey, as organisations increasingly move critical applications, regulated customer data and development work into public cloud environments, 32 percent of UK organisations say the number one benefit for moving workloads to the cloud is to offload security risk. This is despite many public cloud providers providing straightforward guidance on their shared responsibility models for security and compliance in cloud environments. The results are part of the newly-released CyberArk Global Advanced Threat Landscape Report 2019: Focus on Cloud. “The risks caused by a lack of clarity about who…