Week in review: Dyre gang takedown, and the most popular hacking methods
Here’s an overview of some of last week’s most interesting news and articles:
Know your enemy: The most popular hacking methods
Outsiders want to become insiders with the least possible effort, and insiders help them do so – mostly accidentally, according to Balabit.
Russian hackers used malware to manipulate the Dollar/Ruble exchange rate
Russian-language hackers have managed to break into Russian regional bank Energobank, infect its systems, and gain unsanctioned access to its trading system terminals, which allowed them to manipulate the Dollar/Ruble exchange rate.
Netflix-themed phishing, malware supply black market with stolen credentials
As the Netflix movie streaming service spreads all over the world, the number of users rises, as well as the number of those who wish to use it but don’t want to pay for it or want to pay less than the set price. With such a wide (and widening) pool of potential targets, it’s no wonder that some cyber crooks are opting to concentrate on them.
Dyre gang taken down by Russian authorities
Dyre (aka Dyreza), one of the most widespread and effective financial Trojans to crop up in the last few years, is currently not an active threat. In fact, spam campaigns distributing the Trojan stopped on November 18, and haven’t been resumed.
Cloud Security Alliance hackathon offers $10,000 prize
The Cloud Security Alliance (CSA) will hold its fourth hackathon at the RSA Conference 2016 in San Francisco, to continue to test the CSA Software Defined Perimeter (SDP) Specification V.1. A top prize of $10,000 is available to the first participant to either access or disrupt a cloud-based mission critical application.
What’s the real cost of a security breach?
The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million, according to NTT Com Security.
Twitter suspended 125,000 terrorism-related accounts
The company has been cooperating with law enforcement around the world when it comes to discovering who is behind accounts publishing terrorist content and shutting them down. They have also partnered with organizations working to counter extremist content online.
The return of Carbanak: Banks face new attacks
A year after Kaspersky Lab warned that cyber-criminals would start to adopt the tools and tactics of nation-state backed APTs in order to rob banks, the company has confirmed the return of Carbanak as Carbanak 2.0 and uncovered two more groups working in the same style: Metel and GCMAN. They attack financial organizations using covert APT-style reconnaissance and customized malware along with legitimate software and new, innovative schemes to cash out.
Most IT pros have seen potentially embarrassing information about their colleagues
More than three-quarters of IT professionals have seen and kept secret potentially embarrassing information about their colleagues, according to new research conducted by AlienVault.
T9000 backdoor steals documents, records Skype conversations, victims’ actions
A new backdoor Trojan with spyware capabilities is being used in targeted attacks against organizations based in the United States. It has been dubbed T9000, since it’s a newer, improved version of the T5000 backdoor.
Info on 20,000 FBI and 9,000 DHS employees leaked following alleged DoJ hack
Links to the data dumps were published via a Twitter account sporting a pro-Palestinian message.
Critical bug found in Cisco ASA products, attackers are scanning for affected devices
The vulnerability (CVE-2016-1287) is critical, as it can be exploited by an unauthenticated, remote attacker by sending crafted UDP packets to the affected system.
5 ways to protect your company data from internal attacks
While Hollywood may love the image of the hacker lurking in the shadows, stealthily pillaging from across cyberspace, the reality is that threats from inside your network, whether intentionally malicious or unintentionally hazardous, are by far the greater problem in online security.
Government-mandated crypto backdoors are pointless, says report
If you needed another confirmation that government-mandated backdoors in US encryption products would only serve to damage US companies’ competitiveness without actually bringing much benefit to the country’s security, you only need to look at a recent report by security researchers Bruce Schneier, Kathleen Seidel, and Saranya Vijayakumar.
Flaw in Sparkle Updater for Mac opens users of popular apps to system compromise
A security engineer has recently discovered a serious vulnerability in Sparkle, the widely used open source software update framework for Mac applications, that could be exploited by attackers to mount a man-in-the-middle attack and ultimately take control of the computer if they are located on the same network.
IoT security guidelines for providers, vendors, and network operators
The GSMA Association has published new guidelines designed to promote the secure development and deployment of services in the growing Internet of Things (IoT) market.
When it comes to cyber attack detection, IT pros are overconfident
A new study conducted by Dimensional Research evaluated the confidence of IT professionals regarding the efficacy of seven key security controls that must be in place to quickly detect a cyber attack in progress.
Exposing the Adwind RAT: One of the biggest malware platforms in existence today
At the end of 2015, Kaspersky Lab researchers became aware of an unusual malware program that had been discovered during an attempted targeted attack against a bank in Singapore. A malicious JAR file was attached to a spear-phishing email received by a targeted employee at the bank. The malware’s rich capabilities, including its ability to run on multiple platforms as well as the fact that it was not detected by any antivirus solution, immediately captured the attention of the researchers.
Rooting malware lurking in third party Android app stores
Downloading Android apps from Google Play might not always be a safe proposition, but downloading them from third party app stores is definitely less safer.
Beware of Airbnb-themed phishing schemes
If you’re wondering what scammers can do with your Airbnb account, the answer is a lot.