Six-week investigation delay shrank payment by 13%A $1.2m shipment of livestock feed went awry when "hackers" intercepted and tweaked emails with payment details, eventually costing the cheeky buyers an extra $161,000 after exchange rates moved during the legal fallout.The sunflower meal traders ended up in dispute when the buyers refused to pay a shortfall caused by forex rates moving after unnamed hackers allegedly forged vital payment emails.The amount of time it took to figure out what had happened – less than a month – was enough to leave the sellers with a 13 per cent shortfall on the purchase price, which had been unintentionally converted from dollars to sterling and back again thanks to the email forgery.Although neither firm was named, arguments about payment for the $1,167,900 of meal ended up being dragged through both private arbitration and the public court.Company "K", the buyer, cheekily claimed it had fulfilled its end of the sale contract by sending payment to the buyers' bank – even though it actually landed in the hackers' account.
From 2015 to 2018, a strain of ransomware known as SamSam paralyzed computer networks across North America and the UK It caused more than $30 million in damage to at least 200 entities, including the cities of Atlanta and Newark, New Jersey, the Port of San Diego and Hollywood Presbyterian Medical Center in Los Angeles.It knocked out Atlanta’s online water service requests and billing systems, prompted the Colorado Department of Transportation to call in the National Guard, and delayed medical appointments and treatments for patients nationwide whose electronic records couldn’t be retrieved.“After 7 days we will remove your private keys and it’s impossible to recover your files.”At a press conference last November, then-Deputy Attorney General Rod Rosenstein announced that the US Department of Justice had indicted two Iranian men on fraud charges for allegedly developing the strain and orchestrating the extortion.Although bitcoin transactions are intended to be anonymous and difficult to track, ProPublica was able to trace four of the payments.Both firms have used aliases for their workers, rather than real names, in communicating with victims.
ASUS' update mechanism has once again been abused to install malware that backdoors PCs, researchers from Eset reported earlier this week.The researchers, who continue to investigate the incident, said they believe the attacks are the result of router-level man-in-the-middle attacks that exploit insecure HTTP connections between end users and ASUS servers, along with incomplete code-signing to validate the authenticity of received files before they're executed.Late last month, Eset researchers noticed the BlackTech Group was using a new and unusual method to sneak Plead onto targets’ computers.An analysis showed infections were being created and executed by AsusWSPanel.exe, which is a legitimate Windows process belonging to, and digitally signed by, ASUS WebStorage.The abuse of legitimate AsusWSPanel.exe raised the possibility the computer-maker had fallen to yet another supply-chain attack that was hijacking its update process to install backdoors on end-user computers.Eventually, Eset researchers discounted that theory for three reasons:
Developer knowledge sharing site Stack Overflow has confirmed hackers breached its systems, but said customer data is unaffected.“Over the weekend, there was an attack on Stack Overflow,” wrote Mary Ferguson, vice president of engineering.“We have confirmed that some level of production access was gained on May 11.”“We discovered and investigated the extent of the access and are addressing all known vulnerabilities,” said Ferguson.“We have not identified any breach of customer or user data,” she said.An investigation into the breach is ongoing.
As someone who has worked closely with the developers, I can make you sure that no matter what is the area of computer-related technology these zealous people inhabit, they regularly cope up with new ideas and concept with the existing projects, responsibilities and spontaneous crises which can change from minor to catastrophic change in seconds.Meanwhile, every approach gets the job done in the short span of time, but it is an important thing to not only focus on achieving short-term solutions but the long-lasting essence.To get the most out of limited time and resources, developers need solutions to help them minimize the time wasted and maximize their efforts.Benefiting in various ways, open source also brings new security and compliance challenges, and currently, most developers lack the necessary tools to handle these unique challenges alone.Well, there are some software composition analysis solutions, like WhiteSource, automate the approach of choosing and approving open source components and send alerts in real time on security and compliances issues so that you can use open source freely without having the worries about vulnerabilities.There is a deadline tomorrow.
The White House is scrubbing out Obamacare info, Microsoft found a major flaw, and there's a good alternative to AirPods.Here's the news you need to know, in two minutes or less.The Trump administration is scrubbing Obamacare from government websitesPresident Trump hasn't been subtle about his distaste for the Affordable Care Act.But according to a new report, the Trump administration has been systematically wiping crucial information about the ACA from government websites over the past two years.Unlike previous attempts to undercut it—like changing funding—these modifications often happen with little fanfare or government oversight while making it incredibly difficult for Americans to access their health care resources.
Symantec and Trend Micro are among the list of leading antivirus companies that a group of Russian-speaking hackers allege to have compromised, Gizmodo has learned.Last week, Advanced Intelligence (AdvIntel), a New York-based threat-research firm, reported that a hacking group was attempting to sell internal corporate documents and source code purportedly stolen from three major antivirus companies.Citing an ongoing law enforcement investigation and its own disclosure policies, AdvIntel did not reveal the names of the alleged victims.The hackers, known as “Fxmsp,” are said to be offering to sell the stolen data—around 30 terabytes’ worth—for over $300,000 (£233,000).Gizmodo has not itself reviewed or verified any of allegedly stolen documents.Symantec, maker of Norton Antivirus software, confirmed that it was contacted last week with researchers at AdvIntel, who discovered that Symantec was among the list of alleged victims.
To make money from hacking you don’t need to plug gadgets into bank ATMs like a young John Connor.You can keep it legal and still get well paid as a white hat hacker.Big corporations have your data and their reputations to protect.That’s why companies such as Facebook payout millions of dollars as part of their bug bounty programs.A typical payment for finding one security flaw is around $30,000.To get in on the action, you can get extensive online training as a white hat hacker for only $29.
Cert authority Sectigo funds Lets Encrypt transparency logLet’s Encrypt has wheeled out a new certificate transparency log called Oak, which is funded for a year by the certificates arm of Sectigo (formerly known as Comodo).As well as the obvious corporate social responsibility impact for Sectigo, it helps ease pressure on an increasingly important piece of internet security infrastructure, the firm told El Reg.Certificate transparency logs, or CT logs, at their simplest are records of to whom SSL certificates were issued to.The idea is to minimise the number of “mistakenly issued certificates or certificates that have been issued by a certificate authority (CA) that’s been compromised or gone rogue,” as the Certificate Transparency project explains.In addition, public CT logs allow domain owners and users alike to check whether SSL certs have been issued by mistake.
On Wednesday, Google issued a warning about its Titan Security Key, specifically the Bluetooth edition of the device.The key has a security bug in how it pairs with a device over Bluetooth, and how that pairing is authenticated.A nearby attacker could rename any Bluetooth device with the Titan Security Key's name and trick a user into connecting to that fraudulent device instead.Once connected to the victim's gadget via Bluetooth, the hacker would be able to take actions on the machine, Google warned.Google also noted another attack scenario, where a nearby attacker could connect to a person's Bluetooth security key before the real owner did.In that situation, if the attacker already knew the person's login credentials, the account would be accessible.
A recently fixed vulnerability in WhatsApp allowed attackers to spread spyware to mobile devices with just a phone call.Earlier this week, it was reported that a vulnerability in Facebook's popular WhatsApp messaging service made it possible for attackers to spread spyware to smartphones via phone calls made through the app."A buffer overflow occurs when a programming error allows more data to be written to a given area of memory than can actually be stored there," Rik Ferguson, vice president of security research at security software firm Trend Micro, told Business Insider via email."The extra data flows into adjacent storage, corrupting or overwriting the data previously held there, and can cause crashes, corruptions, or serve as an entry point for further intrusions."The exploit would work even if the victim did not answer the call, the report said.To understand how this is possible, it helps to know how WhatsApp's calling functionality works.
Everyone with WhatsApp on their phone should update to the latest version of the app as soon as possible, the company said on Tuesday.Used by 1.5 billion people around the world, the Facebook-owned messenger app disclosed a vulnerability yesterday that allowed hackers to remotely install spyware on iOS and Android phones by placing voice calls on WhatsApp.“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” a spokesman told CNBC on Tuesday.The WhatsApp vulnerability is a so-called “zero click zero day,” a previously undiscovered vulnerability that can infect a target’s phone with no action from the victim.Most previously discovered vulnerabilities of this kind required the victim to click a link in order to be infected.These kinds of vulnerabilities are particularly valuable – and expensive – and have been heavily marketed by NSO Group for at least the last year.
Google is warning that the Bluetooth Low Energy version of the Titan security key it sells for two-factor authentication can be hijacked by nearby attackers, and the company is advising users to get a free replacement device that fixes the vulnerability.A misconfiguration in the key’s Bluetooth pairing protocols makes it possible for attackers within 30 feet to either communicate with the key or with the device it’s paired with, Google Cloud Product Manager Christiaan Brand wrote in a post published on Wednesday.This low-cost device may be the world’s best hope against account takeoversThe Bluetooth-enabled devices are one variety of low-cost security keys that, as Ars reported in 2016, represent the single most effective way to prevent account takeovers for sites that support the protection.In addition to the account password entered by the user, the key provides secondary “cryptographic assertions” that are just about impossible for attackers to guess or phish.The attack described by Brand involves hijacking the pairing process when an attacker within 30 feet carries out a series of events in close coordination:
Researchers from the security firm Red Balloon have discovered a remote attack method that could allow hackers to take over Cisco's 1001-X series router and compromise all of the data and commands sent through the device.To compromise the company's routers, the researchers exploited two vulnerabilities.The first is a bug in Cisco's IOS operating system which would allow an attacker to gain root access to the devices, though this vulnerability can be fixed through a software patch.The second vulnerability required the researchers to first gain root access to a Cisco router and from there, they were able to bypass the device's security protection known as Trust Anchor.The network hardware maker has implemented this security feature in almost all of its enterprise devices since 2013.Is your router a cybersecurity risk?
A recently discovered security flaw in the popular messaging app WhatsApp has been exploited to secretly install spyware onto users' devices.As the software suffers from a buffer overflow weakness, hackers can take over the application to run malicious code which gives them access to encrypted chats, photos, contacts and other data stored on a smartphone running the app.The attack could even allow a hacker to spy on a user's day to day activities as it turns on their device's microphone and camera and even allows them to eavesdrop on calls.To make matters worse, an attacker can also alter an infected device's call logs to hide the fact that it has been compromised.To launch the attack, a hacker simply needs to manipulate the packets of data sent when beginning a voice call to their victim.When the victim's smartphone receives these packets, an internal buffer within the app is forced to overflow which overwrites other parts of its memory and gives an attacker almost complete control of the messaging app.
You can never really tell if your business is going to be hacked.Hacking a large enterprise needs specialized skills.When employees move around, data move with them.IT person should help you to make sure you have strong data management and connection tools in place and make sure it is monitored.Get IT person to evaluate your risks, install software, monitor activity, and keep things up-to-date is a critical and essential business cost.If you are handling health, financial, or other personal information about your customers, and it gets stolen, you could have a big problem on your hands.
An entire class of vulnerabilities in Intel chips allows attackers to steal data directly from the processor, according to new reports from a group of cybersecurity researchers from around the world.Updating is one of the easiest and surest ways to quickly secure your devices.The exploits don’t impact iPhones, iPads or the Apple Watch, TechCrunch reported.Google and Microsoft cloud customers are currently protected, we’ve reached out to Amazon to ask how they are addressing the issues for their cloud customers and will update when we hear back.The bugs, which impact every Intel chip made since 2011, exploit a flaw in a chip feature called “speculative execution” so that attackers can steal sensitive data directly from a device’s CPU.These new attacks are reminiscent of Meltdown and Spectre, two vulnerabilities in Intel chips that were revealed last year.
A newly discovered security flaw in Intel processors allows attackers to steal any data that’s been recently accessed by the processor.That even holds true on cloud servers, which could allow an attacker to steal information from other virtual machines running on the same PC.The flaw was discovered by researchers from Graz University of Technology and was disclosed to Intel.Intel has issued code to patch the flaw, though it has to be implemented by individual manufacturers and then installed by users before everyone is protected.The flaw affects almost every Intel chip since 2011, according to TechCrunch.Wired reports that Apple and Google have already issued updates, while Microsoft announced the availability of updates today.
Intel chips have another flaw that could let skilled hackers pull sensitive information from microprocessors, Intel and independent security researchers said Tuesday.The researchers say a flaw in the microprocessors is vulnerable to four new attacks, each of which could capture information like encryption keys and passwords -- the building blocks of security for the rest of your computer.The research was reported earlier by Wired, which said the flaw affects millions of PCs.Multiple researchers spread across more than a dozen different organizations released their findings about the flaw on Tuesday.The flaw is in the same family as the the Meltdown and Spectre flaws announced in 2018, and it has some similarities.First, it affects data stored on your chip that the hardware keeps around to perform tasks more quickly.
Facebook is bringing back a version of a privacy feature that it disabled last year after hackers exploited the tool to access the emails, phone numbers and other personal information of 29 million users.The feature, called "view as public," lets you see how your Facebook profile looks to people who aren't friends with you on the social network.The social network said the version of the feature it's restored wasn't impacted by the security incident.Facebook decided not to restore the "view as specific person" feature that lets you see how your profile looks like for a particular friend because it's trying simplify the tool.Facebook declined to say how many people used the "view as" feature, which was located near the top of a user profile, before it was disabled.Facebook is restoring the feature globally over the next couple of days.