Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label data stealing. Show all posts
Malware attacks
Credential stealing Cyber Attacks Cyber Criminals Cyber Security Data data stealing Data stealing malware Kaspersky Malware attacks

Data-Stealing Malware Infections Surge by 600% in Three Years, Kaspersky Reports

 

The digital landscape has become increasingly treacherous, with a startling surge in data-stealing malware compromising millions of devices worldwide. According to cybersecurity firm Kaspersky, the number of devices infected with data-stealing malware has skyrocketed by over 600% in the past three years alone. This alarming trend underscores the urgent need for heightened vigilance and robust cybersecurity measures to safeguard personal and corporate data in an era plagued by relentless cyber threats. 

Kaspersky's Digital Footprint Intelligence data paints a grim picture, revealing that the number of compromised devices reached a staggering 10 million in 2023, marking a 643% increase since 2020. The threat posed by data-stealers has escalated exponentially, posing a significant risk to both consumers and businesses alike. What's particularly concerning is the sheer volume of log-in credentials pilfered by cybercriminals from infected devices. 

On average, each compromised device surrenders a staggering 50.9 log-in credentials, encompassing a wide array of sensitive accounts ranging from social media and online banking services to cryptocurrency wallets and email accounts. This abundance of stolen credentials fuels the illicit underground economy, where cybercriminals peddle stolen data for profit. The actual scope of the problem may be even more extensive than reported, as Kaspersky's data draws insights from infostealer malware log files traded on underground markets. 

The clandestine nature of these transactions makes it challenging to quantify the full extent of the threat landscape accurately. According to Sergey Shcherbel, a cybersecurity expert at Kaspersky Digital Footprint Intelligence, the dark-web value of log files containing login credentials varies depending on their appeal and the method of sale. These credentials may be sold through subscription services, aggregators catering to specific requests, or exclusive shops offering freshly acquired login credentials to select buyers. 

Prices typically start at $10 per log file, highlighting the lucrative nature of stolen data in the cyber underground. The impact of data-stealing malware extends beyond individual devices, with a staggering 443,000 websites worldwide falling victim to compromised credentials in the past five years alone. In the .in domain associated with India, compromised accounts surged to over 8 million in 2023, underscoring the global reach and pervasive nature of the threat. 

As the threat landscape continues to evolve, organizations and individuals must prioritize cybersecurity as a fundamental aspect of their digital hygiene practices. Proactive measures such as robust antivirus software, regular software updates, and user education can help mitigate the risk of data breaches and protect sensitive information from falling into the wrong hands. 

The exponential rise in data-stealing malware serves as a stark wake-up call for individuals and organizations worldwide. By staying vigilant, informed, and proactive in combating cyber threats, we can collectively fortify our defenses and safeguard against the perils of the digital age.
Read more »
technology related issues
cyber attack data stealing Data Theft Mobile Security Robo-calls technology related issues

Robo-Calls and Texts Are Stealing Money Every Day, What You Should Do?

 

The Future of Jobs Report 2020 from the World Economic Forum highlights a growing trend among businesses. Organizations are accelerating their adoption of AI and automation in the wake of the pandemic. Alongside this progress, there is a concurrent rise in cybersecurity challenges and advancements occurring on a daily basis. 

While the notion of AI domination has been a recurring theme in countless narratives, my apprehensions lie more with the impact of simpler, less advanced technologies, rather than highly sophisticated generative artificial intelligence. Every day, unsuspecting individuals fall victim to robocalls and text scams, losing hard-earned money. 

According to Robokiller, this year alone, Americans have suffered losses of $14 billion from robotexts and $34 billion from robocalls. The report warns that scammers are relentlessly honing their tactics to pilfer money. Their projection suggests that by year-end, the total losses to phone scams could escalate to a staggering $90 billion for Americans. 

What are Robocalls? 

Robocalls refer to automated phone calls made by a computerized system, typically using a pre-recorded message. These calls are often sent out in large volumes to reach a wide audience. They can be used for various purposes, including telemarketing, political campaigning, and scamming. 

Robocalls can be intrusive and annoying for recipients, especially when they are unsolicited or used for fraudulent activities. Many countries have implemented regulations and measures to combat unwanted robocalls and protect consumers from scams. 

According to Robokiller's estimates, an astounding 78 billion robotexts and 31 billion robocalls inundated phone lines between January and June. This marks an 18% surge compared to the corresponding period last year. 

Identifying a scam robocall or text can be tricky. Protecting oneself from robocalls involves a combination of awareness and proactive measures. 

Here are steps that individuals can take to identify and protect themselves from robocalls: 

1. Screening Calls: Give priority to known contacts and let unfamiliar numbers go to voicemail. Legitimate callers will often leave a message. 

2. Policy of Non-Engagement: Steer clear of interactions with suspicious calls. Refrain from pressing any buttons or engaging with automated systems, as this could validate the activity of your number. 

3. Make Use of Call-Blocking Features: Most modern smartphones come equipped with call-blocking capabilities designed to sift through potential spam calls. Ensure you activate this feature and routinely refresh your block list. 

4. Install Robocall-Blocking Applications: Explore trusted apps such as Robokiller, Nomorobo, or Hiya. These applications leverage sophisticated algorithms to detect and screen out robocalls effectively. 

5. Stay Informed: Stay in the loop with the latest news and updates regarding emerging robocall scams. Familiarity with their common tactics equips you to recognize and steer clear of potential threats. 

6. Verify Caller Identity: If you receive a call from an organization or government agency that raises suspicion, disconnect the call and independently confirm their contact information through official and reliable channels. 

By implementing these steps, individuals can significantly reduce their exposure to robocalls and safeguard themselves from potential scams.
Read more »
Vulnerabilities and Exploits
Atlassian Critical Flaw data stealing Data Theft Exploits Vulnerabilities and Exploits

CVE-2021-26084: Critical Atlassian Confluence Flaw Exploited in the Wild

Atlassian has confirmed that malicious actors are actively exploiting a new Atlassian Confluence zero-day vulnerability tracked as CVE-2022-26134, designed to install web shells with no fix available at this time. 

Atlassian released a security advisory in which it has stated that CVE-2022-26134 is a critical unauthenticated, remote code execution vulnerability that is compromising Confluence Server (7.18.0 ) and Data Center(7.4.0). 

It said that all versions of Atlassian's corporate Wiki system, Confluence are hit by a serious bug under active exploitation. Experts indicate a possibility of Chinese threat actors being behind the attack. 

“Atlassian has been made aware of current active exploitation of a critical severity unauthenticated remote code execution vulnerability in Confluence Data Center and Server. Further details about the vulnerability are being withheld until a fix is available.” reads the advisory published by the company. 

As of now, there are no patches available for this vulnerability, thus Atlassian suggested its customers make their servers inaccessible by following these steps  restricting Confluence Server and Data Center instances from the internet and Disabling Confluence Server and Data Center instances.

The attack was reported by security firm Volexity, the company announced the availability of the security fixes for supported versions of Confluence within 24 hours (estimated time, by EOD June 3 PDT). It has been further noted that organizations that are using Atlassian Cloud (accessible via atlassian.net) are safe from this vulnerability. 

“After successfully exploiting the Confluence Server systems, the attacker immediately deployed an in-memory copy of the BEHINDER implant. This is an ever-popular web server implant with source code available on GitHub. BEHINDER provides very powerful capabilities to attackers, including memory-only webshells and built-in support for interaction with Meterpreter and Cobalt Strike…” reads the analysis published by Volexity.

“… As previously noted, this method of deployment has significant advantages by not writing files to disk. At the same time, it does not allow persistence, which means a reboot or service restart will wipe it out. Once BEHINDER was deployed, the attacker used the in-memory webshell to deploy two additional webshells to disk: CHINA CHOPPER and a custom file upload shell.”
Read more »
Subscribe to: Posts (Atom)