In an effort to secure more computing power to solve mathematical puzzles to win cryptocurrencies, hackers and some website owners have planted crypto code on popular sites to use machines from those that visit the site without their knowledge, to generate virtual currency. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “As cryptocurrencies have grown in popularity and value, cryptocurrency mining has turned into a lucrative business. As ad-blocking adoption continues, some ad-supported websites are turning to cyptomining to boost revenue. However, the cryptomining activity is not transparent, and users typically only…
ISBuzz Team
News broken that Anonymous has claimed responsibility for a series of DDoS attacks on a number of Spanish government websites as part of a pro-Catalonia protest campaign. Rob Bolton, Director and M, Western Europe at Infoblox provides an insight below. Rob Bolton, Director and GM, Western Europe at Infoblox: “DDoS attacks are increasingly being used as a weapon against established authorities to disrupt both political processes and organisations. Cyber criminals and protesters are wise to the amount of disruption a DDoS attack can cause, as taking a site offline can massively discredit an organisation’s credentials, and highlights the weaknesses in authoritative structures. “Many…
The US Dept. of Homeland Security’s Computer Emergency Readiness Team (CERT) issued the Alert (TA17-293A) Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors on Friday 10/20/17, warning CNI firms (esp. nuclear power and other energy providers, water, aviation, and critical manufacturing sectors) that they are at increased risk of “highly targeted” staged attacks by the Dragonfly APT group, which may attempt to gain operational control for data exfiltration. Two senior Virsec Systems experts offer perspective on the threat and CERT response. IT security experts commented below. Satya Gupta, Founder and CTO at Virsec Systems: “While the DHS warnings are warranted, their specific security recommendations are inadequate. The security mindset…
As reported today by CNBC and others, the US Department of Homeland Security and the FBI issued a warning to critical infrastructure (CNI) firms — specifically, nuclear power and other energy providers, water, aviation, and other critical manufacturing sectors — to be on the look-out for “highly targeted” long-term staged attacks by the Dragonfly APT group. These attacks often penetrate through trusted third parties and establish operational control for data exfiltration. Brad Keller, Sr. Director, 3rd Party Strategy at Prevalent, Inc. (Warren, NJ) commented below. Brad Keller, Sr. Director, 3rd Party Strategy at Prevalent, Inc. (Warren, NJ): “US-CERT alert TA17-293A outlines the strategy used by criminals to gain access to companies…
News broke earlier today that the Czech statistical office has been hit by DDoS attacks on its websites related to the recent parliamentary elections during the vote count. The websites related to the parliamentary elections — volbyK.cz and volbyhned.cz — have temporary failed to function during the vote count on Saturday. These attacks have not affected the overall progress of the election. Sean Newman, Director at Corero Network Security commented below. Sean Newman, Director at Corero Network Security: “Reports of disruption to government websites during the recent Czech parliamentary elections, demonstrate how easy it is for malicious actors use DDoS attacks to disrupt or potentially influence…
It has been reported that up to a million organisations around the world have already been infected by a new computer bot network that has the potential to “take down the internet”, researchers warn. According to cybersecurity company Check Point, a new botnet has been spotted, which is enslaving internet-of-things (IoT) devices – mainly internet routers and remote cameras. IT security experts commented below. Stephanie Weagle, VP at Corero Network Security: “Despite its advantages, IoT comes with a host of security disadvantages. IoT devices are most often poorly managed, patched and secured; they are prime targets for hacker infiltration and takeover. Aside…
Users of the popular cryptocurrency exchange Poloniex have been the target of two credential stealing apps, discovered on Google Play disguised as legitimate mobile apps of the exchange. Apart from harvesting Poloniex login credentials, the crooks behind the fake apps have also tried to trick victims into granting them access to their Gmail accounts. Poloniex is one of the world’s leading cryptocurrency exchanges with more than 100 cryptocurrencies to buy and trade in. That alone makes it an attractive target for fraudsters of all kinds, but in this case, it was its lack of official mobile app that the criminals…
News has just broken a new wave of ransomware has hit several targets in Russia and Eastern Europe on Tuesday, according to media reports and several security companies. The malware, dubbed Bad Rabbit, has hit three Russian media outlets, including the news agency Interfax, according to Russian security firm Group-IB. Once it infects a computer, Bad Rabbit displays a message in red letters on a black background, an aesthetic used in the massive NotPetya ransomware outbreak. A Group-IB spokesperson said that a “new mass cyberattack” Bad Rabbit has targeted Russian media companies Interfax and Fontanka, as well as targets in Ukraine such as the airport of Odessa, the Kiev subway,…
WSJ reports: Hacking Is a Risk for Pacemakers. So Is the Fix Some doctors are wary of software patch that prevents unauthorized access to Internet-connected devices, worried about risk of malfunction. The story follows Abbot Laboratories’ release of a new software update that is supposed to reduce hacking risks to pacemakers, but which may carry its own risk of causing a pacemaker malfunction although firmware updates are conducted in a physician’s office or medical facility. Rubicon Labs, a leader in secure identity services for IoT devices in industrial, automotive, smart buildings, medical and payments sectors, offers perspective. Rod Schultz, Chief Product Officer at Rubicon…
Following news today that businesses in the UK have cut their spend on cybersecurity despite the growing threat of attacks (budgets are a third of what they were this time last year, down to £3.9m on average, compared to £6.2m last year according to research from PwC), David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “If a drop in spending on cybersecurity means that security is less of a priority, this is certainly worrying. Our dependence on technology and connectivity means that we offer a much bigger attack surface than ever before –…
