Перейти к содержимому


Фото
- - - - -

CyberSecurity Industry News


  • Please log in to reply
25 ответов в этой теме

#21 Mr.Pr

Mr.Pr

    Member

  • Posters
  • 237 Сообщений:

Отправлено Вчера, 16:14

Russian Hacker Pleads Guilty to Ebury Botnet Role

 

 

A Russian hacker has pleaded guilty to playing a major role in building the infamous Ebury botnet, which helped to fraudulently generate millions of dollars.

 

Maxim Senakh, 41, of Velikii Novgorod, pleaded guilty on Tuesday to conspiracy to violate the Computer Fraud and Abuse Act and to commit wire fraud.

 

Along with co-conspirators, Senakh is said to have helped develop the Ebury malware, which targeted the log-ins of servers running Solaris, Linux and similar Unix-like operating systems.

It’s a rootkit/backdoor Trojan designed to steal SSH log-in credentials from incoming and outgoing SSH connections.

 

They then combined these remotely controlled servers into a botnet, monetizing it via click fraud and spam campaigns, according to the Department of Justice.

 

The scams apparently compromised tens of thousands of servers around the world and earned Senakh and his co-conspirators millions of dollars in the process.

 

“As part of the plea, Senakh admitted that he supported the criminal enterprise by creating accounts with domain registrars which helped build the Ebury botnet infrastructure and personally profited from traffic generated by the Ebury botnet,” noted the DoJ.

 

The Ebury malware leaped to notoriety in 2011 when it was used to hack the Linux Kernel...

 

 

Read the Full Article: https://www.infosecurity-magazine.com/news/russian-hacker-pleads-guilty-to/

 

------------------------------

 

FBI Warns on FTP Attacks to Access Medical, Dental Info

 

 

The FBI is warning of an concerted effort on the part of cyber-criminals to target medical and dental facilities via their File Transfer Protocol (FTP) servers.

 

Criminals are accessing protected health information (PHI) and personally identifiable information (PII) in order to intimidate, harass and blackmail business owners. The Feds said that the Bureau is aware of criminal actors who are actively targeting such facilities via insecure FTPs that are operating in “anonymous” mode.

 

“Research conducted by the University of Michigan in 2015 titled, ‘FTP: The Forgotten Cloud,’ indicated over 1 million FTP servers were configured to allow anonymous access, potentially exposing sensitive data stored on the servers,” the FBI said in its alert. “The anonymous extension of FTP allows a user to authenticate to the FTP server with a common username such as ‘anonymous’ or ‘ftp’ without submitting a password or by submitting a generic password or email address.”

 

While computer security researchers are actively seeking FTP servers in anonymous mode to conduct legitimate research, cyber-criminals could also use an FTP server in anonymous mode and configured to allow “write” access to store malicious tools or launch targeted cyberattacks.

 

“In general, any misconfigured or unsecured server operating on a business network on which sensitive data is stored or processed exposes the business to data theft...

 

 

Read the Full Article: https://www.infosecurity-magazine.com/news/fbi-warns-on-ftp-attacks/


Сообщение было изменено Mr.Pr: Вчера, 16:14

“The security industry in that case becomes bullshit, because people believe in those products and use them in their corporate environments without understanding that those products are just following others,”  - Boris Sharov

 

DrWeb Gallery for your Avatars: Click

My Telegram ID: @MrlPr

 

Best Regards,

Parham


#22 Mr.Pr

Mr.Pr

    Member

  • Posters
  • 237 Сообщений:

Отправлено Вчера, 16:16

Hong Kong’s 3.7 Million Voters Exposed in Massive Breach

 

 

Hong Kong might just have experienced its biggest ever data breach after the personal details of the Special Administrative Region (SAR)’s 3.7 million voters were stolen on two laptops.

The details are said to have included ID card numbers, addresses and mobile phone numbers.

 

They were stored on two laptops in a locked room at the AsiaWorld-Expo conference center near the airport.

 

The center is said to be the “back-up venue” for the region’s chief executive elections, which took place over the weekend.

 

The Registration and Electoral Office has reported the theft to police and told the South China Morning Post that the details of voters were encrypted – although it’s unclear how strong that encryption is.

 

It’s also unclear why the details of 3.7m voters were stored on the laptops when only an Election Committee of 1194 specially chosen business and political leaders is allowed to pick Hong Kong’s CEO.

 

The SAR’s privacy watchdog said in a statement that it is launching an investigation into the matter.

 

Over a three-year period from 2013 to 2016, the privacy commissioner’s office is said to have received 253 data breach notifications.

Eduard Meelhuysen, EMEA boss at Bitglass, argued that public sector breaches stand out as particularly concerning.

"Whether it’s the NHS or the Hong Kong Registration and Electoral Office, these organizations...

 

 

Read the Full Article: https://www.infosecurity-magazine.com/news/hong-kongs-37-million-voters/


“The security industry in that case becomes bullshit, because people believe in those products and use them in their corporate environments without understanding that those products are just following others,”  - Boris Sharov

 

DrWeb Gallery for your Avatars: Click

My Telegram ID: @MrlPr

 

Best Regards,

Parham


#23 Mr.Pr

Mr.Pr

    Member

  • Posters
  • 237 Сообщений:

Отправлено Вчера, 16:19

IoT & Liability: How Organizations Can Hold Themselves Accountable

 

 

To avoid a lawsuit, your company needs to better understand the state of your infrastructure and the devices and applications within it. Here are five areas on which to focus.

 

The number of devices with IP connectivity continues to grow at a breakneck pace. In the next few years, it's expected that we'll see tens of billions of devices with some sort of networking ability.

 

The problem is that the number of skilled security professionals available for organizations to monitor and manage these devices will not scale to match. There just aren't enough people in the world to actively monitor all the bits flowing through networks.

 

It's not a hopeless battle, but organizations need to take steps to better understand the state of their infrastructure and the devices and applications within it. When the next Mirai-style attack occurs, you can bet there will be a team of lawyers ready to hold somebody responsible for their company's resulting loss of revenue, data, and reputation.

 

Take e-commerce as an example: When a retailer's website goes down for a couple of hours, it loses millions of dollars in sales and take a hit in customer trust. If the company discovers hundreds of hijacked Internet of Things (IoT) devices on your organization's network were partially responsible for its loss, a lawsuit will follow....

 

 

Read the Full Article: http://www.darkreading.com/iot/iot-and-liability-how-organizations-can-hold-themselves-accountable-/a/d-id/1328324?


“The security industry in that case becomes bullshit, because people believe in those products and use them in their corporate environments without understanding that those products are just following others,”  - Boris Sharov

 

DrWeb Gallery for your Avatars: Click

My Telegram ID: @MrlPr

 

Best Regards,

Parham


#24 Mr.Pr

Mr.Pr

    Member

  • Posters
  • 237 Сообщений:

Отправлено Вчера, 16:21

New Metasploit Extension Available for Testing IoT Device Security

 

 

RFTransceiver extension for the Metasploit Hardware Bridge API will let organizations detect and scan wireless devices operating outside 802.11 spec.

 

Enterprise security teams and penetration testers now have a new tool for evaluating the risks posed to their networks from Internet of Things (IoT) devices that are operating on radio frequencies outside the standard 802.11 specification.

 

Rapid7, the owner of the Metasplot Project, has released an extension to its recently introduced Hardware Bridge API for conducting pen tests on network-connected hardware.

The new RFTransceiver extension for the Metasploit Hardware Bridge is designed to let organizations identify and assess the security state of multi-frequency wireless devices operating on their networks more effectively than current tools permit.

 

The RFTransceiver gives security pros the ability to craft and monitor different RF packets for identifying and accessing a company’s wireless systems beyond Ethernet-accessible technologies, said Craig Smith, a research lead at Rapid7 in a blog post.

 

It allows pen testers to create and direct “short bursts of interference” at such devices to see how they respond from a security standpoint.

 

Many organizations already have devices and systems operating on radio frequencies outside 802.11 on their networks. Examples include RFID readers, smart lighting systems using the Zigbee communication protocol and network-enabled alarm, surveillance, and door control systems.

 

The RFTransceiver extension is designed to help organizations with such devices answer vital questions, such as the operating range of the devices, whether they are encrypted, how they respond to outside interference, and how they fail.

 

“The most obvious threat is the unauthorized access to...

 

 

Read the Full Article: http://www.darkreading.com/threat-intelligence/new-metasploit-extension-available-for-testing-iot-device-security/d/d-id/1328452?


“The security industry in that case becomes bullshit, because people believe in those products and use them in their corporate environments without understanding that those products are just following others,”  - Boris Sharov

 

DrWeb Gallery for your Avatars: Click

My Telegram ID: @MrlPr

 

Best Regards,

Parham


#25 Mr.Pr

Mr.Pr

    Member

  • Posters
  • 237 Сообщений:

Отправлено Вчера, 16:22

Kaspersky: Criminals Make 95% Profit on DDoS

 

Ordering a DDoS attack has become as easy as ordering the latest bestseller from Amazon—and can offer incredible return on investment for the attacker.

 

According to Kaspersky Lab, DDoS-for-hire services are generally self-service, eliminating the need for direct contact between the organizer and the customer. Customers can make payments, get reports on work done and so on, all online. In fact, Kaspersky said that the order page “looks more like the web page of an IT startup than a cybercriminal operation.”

 

“These web services are fully functional web applications that allow registered customers to manage their balance and plan their DDoS attack budget,” the firm said in a blog posting. “Some developers even offer bonus points for each attack conducted using their service. In other words, cybercriminals have their own loyalty and customer service programs.”

 

But lowering the barrier to entry doesn’t stop there—it’s also incredibly cheap to carry attacks out these days. One DDoS service advertised on a Russian public forum offers attacks from $50 per day, for instance.

 

Kaspersky did a review of the Dark Web to find out the going rate for DDoS as-a-service, and found the average to be slightly higher than the example above—attacks typically cost $25 per hour, with the cyber-criminals making a profit of about $18 for every hour of an attack.

 

The security specialist also found that organizers of DDoS services generally offer customers a tariff plan in which the buyer pays a per-second rental price for botnet capacity. For example, a DDoS attack of 300 seconds using a botnet with a total bandwidth of 125Gbps will cost about between $5 and $6.

 

As for profitability, it should be noted that DDoS attacks and, in particular, ransomware DDoS have already turned into a high-margin business. “The profitability of one attack can exceed 95%,” the firm noted. “And the fact that the owners of online sites are often willing to pay a ransom without even checking whether the attackers can actually carry out an attack (something that other fraudsters have already picked up on) adds even more fuel to the fire. All the above suggests that the average cost of DDoS attacks in the near future will only fall, while their frequency will increase.”...

 

 

Read the Full Article: https://www.infosecurity-magazine.com/news/kaspersky-criminals-profit-ddos/


“The security industry in that case becomes bullshit, because people believe in those products and use them in their corporate environments without understanding that those products are just following others,”  - Boris Sharov

 

DrWeb Gallery for your Avatars: Click

My Telegram ID: @MrlPr

 

Best Regards,

Parham


#26 Mr.Pr

Mr.Pr

    Member

  • Posters
  • 237 Сообщений:

Отправлено Вчера, 16:23

RIP: Antivirus veteran Raimund Genes, 54

 

 

Trend Micro CTO suffered fatal heart attack

 

Colleagues and friends are mourning the sudden death of distinguished antivirus industry veteran Raimund Genes last Friday.

 

Genes, 54, chief technology officer at Trend Micro, began as a distributor before joining the antivirus firm in the early days of the industry back in 1996. He served with distinction in a variety of senior business development and technology roles for the last 30 years.

 

I interviewed Genes for El Reg several times and found him to be technically knowledgable and a clear communicator, an antidote to the FUD and hyperbole sometimes found elsewhere. He'll be missed, especially by his family.

 

Genes died unexpectedly of a heart attack at his family home in Germany last Friday. He is survived by his wife Martina and two sons.

A tribute to Genes from Eva Chen, chief executive officer at Trend Micro, can be found here.

 

 

Read the Full Article: https://www.theregister.co.uk/2017/03/28/raimund_genes_obit/


“The security industry in that case becomes bullshit, because people believe in those products and use them in their corporate environments without understanding that those products are just following others,”  - Boris Sharov

 

DrWeb Gallery for your Avatars: Click

My Telegram ID: @MrlPr

 

Best Regards,

Parham





Читают тему: 3

0 пользователей, 3 гостей, 0 скрытых