The region is a hotspot for malware-based spying campaign thanks largely to the conflict between the Kiev government and rebels in the East who identify with Russia.The majority of such campaigns feature booby-trapped content themed around the current Ukrainian geopolitical situation and the war in Donbass in order to trick marks into opening malicious attachments.Whether these secondary targets are been deliberately selected or represent collateral damage remains unclear.ESET detects the malware associated with the attacks, which may have been going on since as long ago as 2008, as Prikormka.The attacks seem to have slipped under the radar for eight years but now that one anti-virus vendor has caught onto the campaign, widespread detection by other vendors can be expected to follows within days or weeks.The security community in general is playing particularly close attention to malware-slinging in the Ukraine after the BlackEnergy malware was linked to attacks that results in power outages last December.
Graphic: SymantecA professional hacking group called Suckfly is targeting India's infrastructure and economic base by zeroing in on individuals and installing tools to access their work networks.Symantec also managed to uncover the group's attack method: they found an employee at each organization that had a significant online footprint and installed their malware on their system – Symantec reckons a phishing attack was the most likely approach.The malware then uses known security holes – in this case unpatched Windows flaws – to escalate privileges before posing as that individual to enter their work network.Several of the domains were registered through a Yandex email address, for example.The targeting of India's economic and governmental centers could benefit both foreign governments and those looking to make money from commercially sensitive material, so motive is also hard to divine.Symantec only uncovered the attacks two years after most of them had taken place and only then after it knew what to look for.
This falls broadly into two categories: crimes committed that relate to computers themselves or traditional crimes conducted over the internet.The law also covers the creation of malware or anything that can be used to violate the other sections of the law.It could also include offences such as hate crime.Phishing attacks, for example, which involve sending out fraudulent communications with the aim of harvesting the victims' data, are punishable under fraud laws after amendments to the existing law were made in 2005.Identity theft, which simply means impersonating another person using their credentials, can also take place online.This personal information could include passport numbers, bank details or even information as mundane and seemingly innocuous as a name or date of birth.
Ransomware is used by cybercriminals to encrypt sensitive computer files to extort victimsThe developers of the notorious TeslaCrypt ransomware have claimed to be shutting down their operation – not only releasing a master decryption key but even apologising for causing years of mayhem.According to Lawrence Abrams, from Bleeping Computer, security experts noticed a decline in use of TeslaCrypt in recent weeks – with ransomware distributors instead moving to a strain called CryptXXX.Additionally, by spreading via email phishing campaigns and malicious adware, it could also infect Word, PDF and JPEG files before holding their contents to ransom.Additionally, both ESET and a long-time ransomware fighter called BloodyDolly have announced fresh fixes that will allow infected users to unlock encrypted files, documents and pictures.It remains unclear if the former TeslaCrypt engineers have abandoned the extortion business altogether or simply moved on to another strain of malicious software.This is particularly true when messages are received from unknown sources or otherwise look suspicious."
On Wednesday, LinkedIn said that a security breach resulted in over 100 million user passwords being compromised.Now the company's taking action.Anyone with a LinkedIn account who hasn't changed their password since 2012 — when the breach happened — is receiving an email asking them to change their password.Several Business Insider staffers received an email on Thursday.A LinkedIn spokesperson confirmed the emails are related to the breach and says the investigation is ongoing.So no, the password reset email you received today from LinkedIn isn't a phishing attempt by hackers.In fact, the email complies with modern security practices: instead of giving users a link to reset their passwords, instead it urges them to go to and reset their passwords from there.In fact, users with older LinkedIn accounts will need to reset their password the next time they log in.Here's the email I received: NOW WATCH: A SpaceX rocket just did something not even its engineers thought was possibleLoading video...
Netcraft security man Paul Mutton says the Bangladesh Government has been used in banking phishing attacks targeting customers of Wells Fargo, Google, and AOL.The domains are restricted Government assets which Mutton says could indicate lax security controls.The popped server is located in the UK hosted by Nibs Solutions and no affected phishing sites are located in Bangladesh, he says."After more than a week since this spate of phishing attacks started appearing on UK-hosted sites, none of the fraudulent content has been removed," Mutton says."The presence of multiple live phishing sites on the affected server, and the fact that the previous compromises have not yet been cleaned up, suggests that whatever security vulnerabilities might have affected the server are yet to be resolved."It makes the ratio of legitimate to phishing sites about one in 100.
Last summer, the San Francisco-based firm raised $21 million in a series B round led by Bessemer Ventures, bringing its total capital raise to about $35 million.Earlier this year the firm released its 2016 Bad Bots Landscape Report.Hackers have long used such bots as Burp to intercept web traffic and automate attacks, and Metasploit to probe webpages for vulnerabilities.Until recently, bad bots commonly targeted companies line of business operations to steal competitive information like pricing and inventories, intellectual property, and, of course, financial information.New York Attorney General Eric Schneiderman s office recently released a report about abuses in the ticketing industry.One incident cited was how a scalper s bad bot purchased 1,012 tickets to a U2 concert within the very first minute of going on sale.With all the excitement around bots, it s not difficult to imagine a consumer being tricked into downloading a bad bot, akin to a phishing scheme or those fraudulent pleas of a Nigerian prince seeking to wire money to you.Just as good bots will become moresophisticated, so will bad bots increase their ability to evade detection, load malicious code, and imitate human behavior.While it s too early to say how much of a problem bad bots will be for consumer-facing bots, there s little doubt of the looming threat, particularly with the pervasiveness of mobile phones.
Sadly, that's what's happened to the Milwaukee Bucks, who have revealed that financial data on all employees of the basketball team, including players, has been compromised.The fraudsters made the request for financial data on April 26th, and it seems the team didn't discover its mistake until May 16th.It's not clear if the phishing attempt was made by a specific group of hackers or if it was just someone acting alone, but the IRS and FBI are said to have been contacted, while the NBA and National Basketball Players Association will carry out an ongoing investigation.A representative for the Milwaukee Bucks says that staff and players will be given three years of credit monitoring as well as identity restoration assistance.Employees will also go through privacy training and be taught preventative measures so a human error of this type doesn't happen again.SOURCE Yahoo
Eric Donys Simeu aka Martell Collins, 32, from Cameroon was at large for three years before finally being caught by French police.According to the US Justice Department, Simeu sent out numerous targeted phishing emails between July 2011 and September 2014 to employees of various air travel firms.The hacker targeted those employees with access to GDS Global Distribution System network, which is generally used by air travel and tourism firms to access airline severs to buy and/or sell flight tickets."With the cooperation of France and our international law enforcement partners, we were able to bring to justice a wanted fugitive who was allegedly committing cyber fraud that affected U.S. companies from the streets of West Africa.The arrest and extradition of Eric Simeu is the result of a multi-national effort led by the FBI, which demonstrates the benefits of global cooperation among international law enforcement and the private sector."Simeu was arrested by the French police in September 2014 when attempting to use one of his own fraudulent air tickets to travel from Casablanca, Morocco, to Paris.
Cybersecurity should be a top priority in any business but it takes on an even greater significance when your organisation needs to protect intellectual property at the cutting edge of research and development -- as in the competitive world of Formula 1 racing.Formula 1 is a hyper-competitive and good use of data can make all the difference between winning or finishing further down the field -- so teams are very sensitive about it.Of course, Williams also has to deal with outsider threats and there are plenty -- in just one month, almost 300 instances of malware were detected by email filters.Williams uses Symantec Endpoint Protection for 1,200 computers, both within their headquarters and remotely at races around the globe, as well as for Advanced Engineering's projects and remote laptops sending live, detailed race telemetry data back to Williams's headquarters.In addition to using protective software, Williams fights threats with education at all levels -- especially given how authentic some phishing emails can look.Nonetheless, for Hackland, the best way to reduce cybersecurity risks would be to make systems so robust that malware, phishing attempts, and hacks don't even reach employees inboxes.
Don't be fooled into this WhatsApp Gold version – it's a malware scamIf you've received a WhatsApp message inviting you to an exclusive upgrade to its premium "WhatsApp Gold" version, don't be fooled as it doesn't exist – instead you'll fall into fraudsters' hands and could install data-stealing malware on your device.The fake message has been hitting the WhatApp inboxes of a number of users claiming a "secret" version of the app is available that's used by celebrities and claims to offer a bevy of enhanced features not available to the rest of us muggles.Finally Secret Whatsapp golden version has been leaked.To be fair, these are all features WhatsApp users actually want so the fraudsters have been rather savvy but, sadly, anyone who falls for it and taps the download link could be in for a world of trouble.Exactly what type of malware lies behind the link is unknown but websites laden with malware could range from keyloggers that can record everything you type into your device to viruses and ransomware that could hold your smartphone to ransom.Apple iPhone users were targeted recently with a scam phishing text that claimed the victim's Apple ID login and password had expired, which led those fooled to click on a link to a fake website and divulge their details directly to hackers.
At first glance, it looks like purely a stunt-attack, except for this: a phishing e-mail purporting to be from tech support could trick a victim into dropping a message into a terminal window and executing it – not realising that what's in the clipboard got changed on the way.In the simple proof-of-concept of Pastjacking here, you think you're copying the command echo not evil into the terminal, but what lands in the clipboard is echo evil \n.The newline appended to what lands in the clipboard means the user doesn't get the chance to review what appears on the terminal command line: as soon as they paste from the clipboard to the terminal, it executes.Dylan Ayrey, who published the exploit at GitHub, explains: If a user attempts to copy the text with keyboard shortcuts, i.e.ctrl c or command c, an 800ms timer gets set that will override the user's clipboard with malicious code .The victim appears to have the command they intended to copy, nicely pasted into the terminal , he writes.
One is a PR person, the other a venture capitalist and today I received a classic Check the attached Google Doc phishing mail from a designer.Not a retired uncle who s just discovering the Interwebs.Can we chastise our friends for being stupid for still falling for these scams in 2016?Or take a course?After all, it is not just themselves that are inconvenienced – their naiveté or ignorance causes the virus, scam or phishing attack to spread.For now I ll stick to politely giving these people a call or sending them a text.
But today there are signs that a less vulnerable and more productive successor could soon displace email as the dominant force in business communication.Individuals can gain immediate access to colleagues, customers and contacts outside the company to help them arrive at decisions faster and achieve better outcomes.Yet fewer than one-in-five companies have policies in place to regulate its use.There really is no need to obsessively check and reply to every email as it comes in.Not to mention the added reassurance that messages sent this way are encrypted, ensuring confidential company information is kept safe from prying eyes.In summary, there are things we can do today to be more secure and more productive in our business communications.
Wonder whose idea that was...Bank customers may be obliged to bear the bill for fraud against their accounts, under proposed changes under consideration between banks, the UK government and GCHQ.UK banks - unlike those in the US - routinely cover the costs of online fraud, at least in cases where customer negligence such as sharing PIN codes or cards with third parties is excluded.Bankers bonuses in the wake of taxpayer-funded bailouts of several banks in 2008 have already caused a huge series of rows and radical changes in liability for online banking fraud through phishing and banking trojans is likely to be even more contentious.The circumstances suggest that ministers are floating an idea they already know is controversial, even politically unpalatable."It s not because of a lack of awareness.Quite simply, security is no longer a consumer s number one priority when operating online.
New wave of phishing attacks on the telecom giant's customers. We have previously reported on suspicious e-mails from people who claimed to represent TeliaSonera. Among other alleged fraudsters when you, for example, purchased movies through the Telia Play or had a refund to approve. As usual, we recommend that you absolutely can not, under any circumstances, touch the link. This method of phishing is notorious and is about to install malicious spyware on your computer. In the example, the text written on shaky Swedish, which is common in these types of attacks.
The attacks employ either the same fake flash player for Android app or a fake Android system update app, using compromised Wordpress and Joomla sites to distribute malware impersonating a "porn player".SpyLocker also monitors the execution of Google and popular apps such as Instagram and eBay to display the Google phishing overlay, which now attempts to get more than just the email and password of the Google account."Castillo explains that exploits necessary to target banks in Russia have also been discovered and plans to target banks in Italy were found, although definite exploits are yet to be implemented within the variant.Intel Security noted that after gaining access to user data, the malware constantly sends encrypted data to a remote server, along with details about the hacked device.The malware is also capable of obtaining administrative controls over the device, which it tricks users into giving up after it has been downloaded.How to protect yourself from Android malwareAndroid banking Trojans such as SpyLocker are constantly evolving, adding new targets and distribution methods, and improving their phishing techniques to obtain even more data that will allow cybercriminals to perform fraudulent electronic transactions.
New wave of phishing attacks on the telecom giant's customers. We have previously reported on suspicious e-mails from people who claimed to represent TeliaSonera. Among other alleged fraudsters when you, for example, purchased movies through the Telia Play or had a refund to approve. As usual, we recommend that you do not under any circumstances touch the link. This method of phishing is notorious and is to install malicious ransomware onto your computer. In the example, the text written on shaky Swedish, which is common in these types of attacks.
She believed she d made a series of legitimate loans to the offshore oil business of a Florida businessman she d met at a dating site - when in truth she had been victimized by an organized crime gang in Africa.Her six-figure losses were nearly 30 times higher than the average loss $8,421 reported last year to IC3, but she never received a follow-up call or any notification from law enforcement indicating that they were investigating - or were even interested in - her claim.My client knocked, and waited, but it seemed nobody was home.In terms of broader analyses, there are serious shortcomings in relying on self-reported complaints to describe the full extent of online crime, because many victims don t realize they have been attacked.Consumer-focused crimes like advance-fee frauds, fake lotteries, and social media scams are rampant.By that basis, IC3 data - with 288,000 total complainants - represent less than 0.2 percent of all incidents and victims.
Hackers have unleashed a new variant of Android malware that poses as a fake banking app to trick users into compliance, after which it locks users out of their smartphones and sets about emptying their accounts, while victims scramble to access their phones again.Security firm Trend Micro identified the threat and noted that the hackers were sending victims emails in efforts to distribute their malware encased app.The mail informs the victim of a new security update recently released on the banking app installed on their phone and urges them to update it.Users who have such banking apps installed are likely to follow instructions and download the fake app onto their phones.In the event administrative privileges are provided, the malware remains inactive until the user launches the fake app, at which point of time a pop-up on the app deploys phishing techniques to obtain the victim's bank credentials, while redirecting it to the legitimate app.The malware then, having detected that the jig is up, proceeds to empty the users' bank accounts.