Mandiant Incident Response and Intelligence teams have identified a wave of DNS hijacking that has affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. Initial research suggests the actor or actors responsible have a nexus to Iran. This campaign has targeted victims across the globe on an almost unprecedented scale, with a high degree of success. Experts comments below: Craig Young, Computer Security Researcher at Tripwire: “From what I know of this wave of attacks, most of the hijackings have involved compromised credentials being used to directly manipulate DNS…
ISBuzz Team
Bluehost, a popular web hosting platform, has been found to be riddled with vulnerabilities including one that would allow complete account takeover according to independent security researcher Paulos Yibelo. Expert Comments below: Mike Bittner, Digital Security and Operations Manager at The Media Trust: “By paying scant attention to security and privacy, web-hosting platform providers unknowingly enable bad actors to steal consumer information and commit fraud. This lax approach puts platform providers, their customers, and consumers at grave risk as consumer data privacy regulations around the world tighten on the one hand and attacks by malicious actors intensify on the other.…
Experts comments below: Francis Dinha, CEO at OpenVPN: “With the government shutdown, our country’s cybersecurity is at risk — both in the short term and the long term. The immediate risk is, of course, a higher vulnerability to attack. Without a full support staff, those essential employees still working hard to maintain cybersecurity simply don’t have the resources they need. And while they’re no doubt incredibly skilled at their jobs — and passionate about their work — they’re still human, and expecting them to do the same, or more, work without the support they need is setting us all up for…
Security experts from Juniper Networks issued comments this afternoon about the impact of the US government shutdown, specifically citing how it may affect government IT recruiting and hiring: Nick Bilogorskiy, Cybersecurity Strategist at Juniper Networks: “The biggest impact of the shutdown, in my opinion, is that furloughing cybersecurity analysts creates a vulnerability for government networks. As we all know, the top problem in security today is the shortage of trained cybersecurity professionals, and the cybersecurity skills shortage was already getting worse in 2018 with millions of unfilled cybersecurity jobs. Now, with the shutdown and some staff furloughed, this problem is exacerbated. Attackers…
“What I did 50 years ago is 4,000 times easier to do today because of technology,” says Frank Abagnale, 70-year-old FBI security consultant and former con man. His exploits as a check forger and impostor in the 1960s were showcased in the 2002 film Catch Me If You Can. Back then, it took a lot of preparation to complete a mission-based, malicious, and catastrophic attack. Today, while we may be better equipped to defend against attacks such as Abagnale’s that were far ahead of their time, we’re now worse off because of the number of vulnerable points a cybercriminal can…
In an evolution of the usual infection, a new ransomware has beendiscoveredthat not only encrypts your files, but also tries to steal your PayPal credentials with an included phishing page. The ransomware itself is nothing special, but the ransom note is clever as it not only tries to steal your money through a normal bitcoin ransom payment, but also offers a choice to pay via PayPal. If a user choosesto pay using PayPal, they will be brought to a phishing site that will then attempt to steal the victim’s PayPal credentials. Expert Comments below: Corin Imai, Senior Security Advisor at DomainTools:…
Following the news that Reddit has locked user accounts whilst it investigates a potential security incident, Raj Samani, Chief Scientist and McAfee Fellow commented below. Raj Samani, Chief Scientist and McAfee: “Again, 330 million users find themselves grappling with the fact that hackers might have had the potential to access a treasure trove of their data, putting their privacy at risk. Whilst I command Reddit’s honesty and the precautions they are taking to lock accounts, I cannot stress enough that users themselves need to take steps to secure their personal security immediately. It is time for people to wake up to the real threat…
An investigative report by Motherboard has uncovered how geo-location data frommobile carriers such as T-Mobile, Sprint and AT&T have been shared with third-party partners who sell the information to unauthorized entities not licensed to possess it. The story focused on a company known as Microbilt, that was found to sell geolocation information without regard to the buyers. Alex Calic, Strategic Technology Partnerships Officer at the Media Trust: “The Microbuilt approach is risky at best and these types of actions could lead to significant fines under new data privacy laws, not to mention puttingT-Mobile, Sprint and AT&T’s reputation at stake.Data scandals…
The “knowledge panel” on Google’s search engine lets threat actors alter search results in a way that could be used to push political propaganda, oppressive views, or promote fake news. The “knowledge panel” is a box that usually appears at the right side of the search results, usually highlighting the main search result for a very specific query. Wietze Beukema, a member of PwC’s Cyber Threat Detection & Response team, has discovered that you can hijack these knowledge panels and add them to any search query, sometimes in a way that pushes legitimate search results way down the page, highlighting…
It has been reported that following a partial U.S. government shutdown caused by a deadlock on the issue of the Mexican border wall between the Democratic Party and Donald Trump, tens of government websites can no longer be accessed or have been marked as using insecure connections because their TLS certificates have not been renewed. The websites of the U.S. Department of Justice, NASA, and the Court of Appeals are some of the ones hit by the government’s failure to extend around 80 TLS certificates used on .gov domains. Expired TLS Certificates can make individuals more susceptible to fraud and Identity theft.…