Cyber security aggregate rss news

Cyber security aggregator - feeds history

image for Transatlantic Cable  ...

 News

For a second-straight week, we have a short-handed booth for the Kaspersky Transatlantic Cable podcast. With Ahmed and Dave off, Jag and I share the mic for the first time as a duo. To kick things off, we discuss how the Lazarus group turned a fake job offer into a $600M hack into Axie Infinity. From there, we head   show more ...

into a partial code share from Vice on the Anom app. For those who may have forgotten, this was a secure phone system that was orchestrated by the FBI to draw in criminals doing illicit activities. Our third story is quite the head-scratcher as a CEO has been arrested for selling counterfeit CISCO equipment to companies and government entities. The curious part was not just that it was fake equipment, but it was something that was sold on eBay and Amazon. We then head to India where a flood control system has been hit with ransomware. What makes this worse is that the region is in monsoon season. To close out the podcast, we head to San Francisco where Cruise has seen some issues with its autonomous cars stopping and causing traffic havoc. If you liked what you heard, please consider subscribing and sharing with your friends. For more information on the stories we covered, see the links below: A Fake Job Offer Reportedly Led to Axie Infinitys $600M Hack This Is the Code the FBI Used to Wiretap the World CEO Arrested for Selling $1 Billion in Fake Cisco Hardware on Amazon, eBay Ransomware attack hits Goas flood monitoring system; demand crypto as payment Cruises Robot Car Outages Are Jamming Up San Francisco

image for Bitcoin scam giveawa ...

 Threats

Online fraudsters are continuing to use the names of famous people and companies to scam cryptocurrency users. This time the scammers are exploiting the brand name Nvidia, the US developer of GPUs that are particularly popular among crypto enthusiasts. Many devices for cryptocurrency mining were created on the basis   show more ...

of their GPUs. Next year Nvidia turns 30, and its common practice for companies to celebrate round-number anniversaries. The scammers took advantage of this by arranging fake cryptocurrency giveaways. Unheard-of generosity The fraudsters created a fake website supposedly dedicated to Nvidias 30th anniversary, and announced a large bitcoin giveaway there. On the splash screen of the fake website visitors see the company logo (albeit purple, not the usual green) and the name of its CEO, Jensen Huang. Visitors are asked here to select a category to take part in the event. In fact, theres nothing to choose from: under the invitation theres only a single big button with the words Bitcoin giveaway. Splash screen of the fake Nvidia website After clicking the button, the user is taken to a page with detailed information about the mythical giveaway. At first glance the page looks convincing: theres a photo of the CEO and additional menu sections, all nicely designed. But instead of the Nvidia logo theres a Bitcoin icon, plus numerous grammatical errors in the text — something a serious company wouldnt permit. Here, purportedly on behalf of Mr. Huang and Nvidia, the cybercriminals announce a giveaway of 50,000 BTC (worth more than a billion US dollars at the time of writing). One of the main conditions for taking part is that users themselves must first make a contribution, like buying a lottery ticket. The scammers promise that the participant will immediately get double their money back, not to mention the prospect of winning the 50,000 BTC. The address of the cryptowallet to which they should make a transfer is given in the instructions for participants. And at the very bottom of the page is an online broadcast of the winnings paid out by the organizers. Fake website page with information about the giveaway To reinforce the impression of a legitimate website, the scammers set up a fake Nvidia support chat. Its not clear who responds to users messages — the criminals themselves or a robot. Fake support chat on the website Curiously, if you enter the address of the scammers cryptowallet on blockchain.com, it turns out that some money has actually been transferred thereto — a total of 0.42 BTC (worth more than $8000 at the time of writing). Its unknown who sent the funds: it could be victims or the scammers themselves, for example, to check if the wallet is working or to pretend to be lottery participants. In any case, theres no trace of the reported 50,000 BTC, and no hint of double-your-money paybacks. The scammers cryptowallet If its good enough for Elon! Cryptocurrency scams in which fraudsters use the names of celebrities or well-known brands are quite common and embody varying degrees of sophistication. For example, scammers have tried to lure Twitter users to fake cryptocurrency handouts masquerading as Elon Musk, Bill Gates or Pavel Durov. More complex schemes involve fake-news websites with stories of famous people who supposedly got even richer than they already are by investing in cryptocurrency in a certain way. Those wishing to emulate their success followed links to fake websites about cryptocurrency investments. There, victims were persuaded to deposit a certain amount of money into the cybercriminals account, and when they did they had their personal data stolen. How to protect yourself? It can be really hard to resist a tempting offer. To avoid unpleasant situations, we recommend you keep some simple safety rules in mind: Do not blindly trust information just because it appears to come from a celebrity or well-known brand. Double-check all information from secondary sources on official websites. Do not click on links of unknown origin, such as in e-mails. Its better to look for important information yourself using a search engine. Keep your cool at the sight of contests, giveaways or lotteries offering a fortune; also be very wary when urged to act urgently or youll lose money — this is another common cybercriminal trick. Learn to spot online scammers; this post will help you recognize the most common signs of fraud. Use a reliable security solution that warns you about suspicious websites.

 Identity Theft, Fraud, Scams

A callback phishing campaign is impersonating renowned cybersecurity organizations, revealed CrowdStrike. Adversaries then inform their clients about a fake network breach in their system and urge the recipients to call a particular number. Organizations are advised to always stay vigilant and contact cybersecurity firms via their official website.

 Malware and Vulnerabilities

The Smoke Bot software contains a large number of features that make it easy for the attacker to install and maintain persistent processes, perform DDoS attacks on various resources, and mine for Monero (XMR).

 Mobile Security

The Irish Data Protection Commission (DPC), TikTok’s lead privacy regulator for the European Union’s General Data Protection Regulation (GDPR), said the “pause” follows “engagement” between the oversight office and the tech giant yesterday.

 Security Products & Services

Windows 7 went out of support in 2020, but Microsoft recognized that many enterprises were quite happy where they were. For a fee, it made Extended Security Updates (ESU) available, which would at least deal with security patches.

 Malware and Vulnerabilities

The company released the technical details for the security issue, tracked as CVE-2022-26706, and explained how the macOS App Sandbox rules could be avoided to allow malicious macro code in Word documents to execute commands on the machine.

 Malware and Vulnerabilities

X.org has released a bunch of updates, including fixes for two security holes, which affects Wayland users too. A batch of updates to X.org's suite of X11 servers and components just appeared.

 Govt., Critical Infrastructure

The new measures involve promoting cyber resilience among small- and medium-sized enterprises. That would apply to "critical infrastructure," businesses involved in transport, food, health, energy, and water supply.

 Identity Theft, Fraud, Scams

The phishing kit leads users through a set of pages aimed at collecting information that can later be used to steal the victims’ identity and perform money laundering, open cryptocurrency accounts, make fraudulent tax return claims, and much more.

 Trends, Reports, Analysis

Most critical services companies are struggling to secure their industrial internet of things (IIoT)/operational technology (OT) systems and acknowledge the need to invest more heavily in these areas, said a report from Barracuda Networks.

 Malware and Vulnerabilities

Despite being only a year old, Hive ransomware has grown into a prominent ransomware-as-a-service operation. The latest decryptor tackles Hive's newer, better-encrypted version.

 Companies to Watch

The Series B funding brings the total raised by the Phoenix, Arizona-based Bishop Fox to $100 million and underscores a surge in big bets by venture capital investors on the fast-growing continuous attack surface management category.

 Threat Actors

The gang has launched several high-profile attacks, including OilTanking GmbH in January and Swissport in February. Most recently, BlackCat targeted Florida International University and the University of North Carolina A&T. 

 Threat Actors

Russia-based Killnet group has been bombarding Latvia with a series of cyberattacks, including a 12-hour attack on one of its broadcasting centers. Hackers made a demand that Lithuania must allow transit of goods to Kaliningrad if they wanted to avoid more attacks on their government institutions and private businesses.

 Breaches and Incidents

Malicious actors are leveraging GitHub Actions (GHA) and Azure virtual machines (VMs) for cloud-based cryptocurrency mining. Over 1,000 repositories and 550 code samples were spotted abusing GitHub Actions to mine cryptocurrency. Due to this, the cost of electricity to the target organization increased from $20 up to   show more ...

$130 per month. Early detection of possible exploits in a cloud environment is very important to stop such attacks before they cause any major damage.

 Feed

Ubuntu Security Notice 5520-1 - It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.

 Feed

Ubuntu Security Notice 5518-1 - It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPF_BTF_LOAD commands. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Marvell   show more ...

NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.

 Feed

Ubuntu Security Notice 5517-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was   show more ...

discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service.

 Feed

Ubuntu Security Notice 5516-1 - It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution.

 Feed

Ubuntu Security Notice 5515-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Jann Horn discovered that the FUSE file system in   show more ...

the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Ubuntu Security Notice 5514-1 - It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service. Duoming Zhou   show more ...

discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.

 Feed

Ubuntu Security Notice 5513-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth   show more ...

subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Ubuntu Security Notice 5473-2 - USN-5473-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 16.04 ESM. The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla certificate authority bundle.

 Feed

Ubuntu Security Notice 5511-1 - Carlo Marcelo Arenas Belon discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator.

 Feed

The advanced persistent threat (APT) group known as Transparent Tribe has been attributed to a new ongoing phishing campaign targeting students at various educational institutions in India at least since December 2021. "This new campaign also suggests that the APT is actively expanding its network of victims to include civilian users," Cisco Talos said in a report shared with The Hacker News.

 Feed

Nation-state hacking groups aligned with China, Iran, North Korea, and Turkey have been targeting journalists to conduct espionage and spread malware as part of a series of campaigns since early 2021. "Most commonly, phishing attacks targeting journalists are used for espionage or to gain key insights into the inner workings of another government, company, or other area of state-designated

 Feed

Although there is a greater awareness of cybersecurity threats than ever before, it is becoming increasingly difficult for IT departments to get their security budgets approved. Security budgets seem to shrink each year and IT pros are constantly being asked to do more with less. Even so, the situation may not be hopeless. There are some things that IT pros can do to improve the chances of

 Feed

Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple's operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. "An attacker could take advantage of this sandbox escape vulnerability to gain elevated privileges on the affected device or execute malicious commands like installing additional

 Feed

Joshua Schulte, a former programmer with the U.S. Central Intelligence Agency (CIA), has been found guilty of leaking a trove of classified hacking tools and exploits dubbed Vault 7 to WikiLeaks. The 33-year-old engineer had been charged in June 2018 with unauthorized disclosure of classified information and theft of classified material. Schulte also faces a separate trial on charges related to

 Encryption

A self-proclaimed "super hacker" causes problems in the Magic Kingdom, criminals regret trusting Anom phones, and lawsuits are filed against TikTok. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and   show more ...

Carole Theriault, joined this week by Anna Brading. Plus don't miss our featured interview with Scott McCrady, the CEO of SolCyber Managed Security Services.

 Feed only

Graham Cluley Security News is sponsored this week by the folks at Keeper Security. Thanks to the great team there for their support! IT and DevOps teams were presented with new challenges with the mass-migration to home working, and found themselves forced to perform infrastructure monitoring and management remotely.   show more ...

What is clearly needed is a … Continue reading "Keeper Connection Manager : Privileged access to remote infrastructure with zero-trust and zero-knowledge security"

2022-07
Aggregator history
Thursday, July 14
FRI
SAT
SUN
MON
TUE
WED
THU
JulyAugustSeptember