ZDNet is reporting that the notoriously well-known threat group Fin7, also known as Carbanak, is back with a new set of administrator tools and never-before-seen forms of malware. Fin7 has been active since at least 2015 and since the group’s inception has been connected to attacks against hundreds of companies worldwide. Byron Rashed, Vice President of Marketing at Centripetal: “Fin7 demonstrates how highly organized cyber gangs have become. The group has successfully infiltrated a number of business sectors where they can monetize their malicious activity. Many of these gangs are structured like Fortune 500 companies, with a CEO, CFO and members that…
ISBuzz Team
Cybersecurity researchers at RiskIQ discovered the two newly identified Magecart attacks targeting the bedding retailers MyPillow and Amerisleep. Magecart is a term used to describe different hacking groups specialised in implanting malicious code on the e-commerce websites. The Magecart injected the digital card skimmer on their websites to steal payment information at the checkout page. https://twitter.com/CNETNews/status/1108354824221921284 Expert Comments Below: Rusty Carter, VP Product Management at Arxan Technologies: “The MyPillow and Amerisleep breaches are another two to add to the long list of businesses continuing to fall victim to Magecart and web vulnerabilities that turn eCommerce sites into delivery mechanisms for data stealing malware. In these particular cases, the Magecart hackers were on their websites for several months, with MyPillow first being hacked…
It has been reported that a vulnerability in the web version of Google Photos allowed websites to learn a user’s location history based on the images they stored in the account. The flaw affected the Google Photos search endpoint that allows users to quickly find pictures based on aggregated metadata, such as geo-location and date of creation, an artificial intelligence algorithm that can recognize objects and people’s faces after they’ve been tagged. For the attack to work, victims need to be lured to load a malicious website while they are logged into Google Photos. This is hardly an obstacle, considering how many…
Cyber security becomes more complex, more expensive and more frustrating year on year. The threat landscape is changing too fast. The data management and privacy compliance demands are onerous and expensive. The business risks are too high. Companies can simply no longer place the burden of cyber security and cyber resilience on an IT Manager; yet few can afford the high level and high cost of skills associated with a Chief Information Security Officer (CISO). Indeed, how many CISOs can truly offer the depth and breadth of skills and expertise required, from technical and management system qualifications to practical cyber…
A strain of the botnet malware Mirai has emerged focused on a wider set of embedded internet-connected devices. Researchers at Palo Alto this week stated that a variant of the notorious Internet-of-Things infector is now looking to hijack TVs and projectors designed to display information and adverts, as well as the usual broadband routers, network-attached storage boxes, and IP-enabled cameras and digital video recorders. Tim Mackey, Senior Technical Evangelist at Synopsys: “When deploying an IoT device of any type, the three most important questions need to be: Have we configured strong credential access? What is our update strategy for firmware changes? What URLs and IP address…
It has been reported that according to the National Audit Office (NAO), the UK government has “failings” in the way it is planning to protect the UK’s critical infrastructure from cyber-attacks.The warning came in a National Audit Office (NAO) assessment of the UK’s national cyber-defence plan. The government is increasingly worried that these essential sectors will be targeted by foreign states seeking to disrupt UK life. Modern life was now “totally dependent” on cyber-security, said one expert. Andrea Carcano, Co-Founder and Chief Product Office at Nozomi Networks: “These findings are representative of the challenges organisations are facing with regards to protecting operational technology, not just within CNI. The…
The Payment Services Directive (PSD2) will go into effect with some new rules in September of 2019 and could have some unexpected consequences according to a report from iovation and Aite Group. The report says the new, stricter requirements for fraud prevention, could push more fraud towards the US. Ryan Wilk, VP of Customer Success at NuData Security: “Regardless of PSD2 regulations, every financial organization around the globe should be reassessing their processes and security layers as fraud becomes more sophisticated and more successful. Consumer privacy is also a top priority with more organizations caring about consumer data, protection, and data sharing.…
Following the news that London’s top tourist attractions, such as Kew Gardens and the Natural History Museum, have been hit by over 100 million cyber attacks in the past few years, please see a comment below from Jake Moore, cyber security specialist at ESET. Jake Moore, Cyber Security Specialist at ESET: “Hackers may assume that popular tourist attractions will have weaker cyber security, with less money spent on keeping their data safe than other institutions such as banks or large technology businesses. The tourism industry hosts a huge amount of personally identifiable information, and if there is potentially less security, it makes for…
It has been reported that SSH client PuTTY has received numerous security patches. The fixes implemented on PuTTY over the weekend include new features plugging a plethora of vulns in the Telnet and SSH client, most of which were uncovered as part of an EU-sponsored HackerOne bug bounty. https://twitter.com/Zanket_com/status/1108009759851069442 Gavin Millard, VP of Intelligence at Tenable: “Initiatives, such as the EU’s sponsored bug hunt on a ubiquitous piece of software like PuTTY, are so important. While the bugs discovered appear to be relatively tame or restricted to unreleased versions of the software, the value from the code having been reviewed cannot be underestimated. “Often open…
In response to the news that the hacking group Gnosticplayers has just dropped a 4th round of stolen records on the dark web market DreamMarket, experts with OneSpan, Centripetal Networks and CyberSaint offer perspective. Byron Rashed, VP of Marketing at Centripetal Networks: “This is a classic example of a highly skilled and motivated threat actor that has successfully infiltrated networks and exfiltrated high value data for sale in the underground economy. There are actually two issues. The first is organizations that fail to block or identify malicious IPs and domains. Network infiltration can be greatly mitigated by blocking these malicious sources. The second is the failure to protect…