Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Bitcoins worth $80 million stolen from NiceHash

The cryptocurrency mining market NiceHash has revealed that hackers have stolen their entire Bitcoin wallet worth about  $78 million dollars from their servers by an unknown hacker.

 NiceHash is a Slovenian mining marketplace where you can sell your computers’ processing power to miners and get paid in bitcoins or you can buy hashing power from other miners.

About  4,700 bitcoins have been lifted up from the wallet, and as a result of the company immediately halted their operations and released an update on Facebook Live.

“A hacker or group of hackers were able to infiltrate our internal systems through a compromised company computer,” said Marko Kobal, CEO of NiceHash, on Facebook live. “We’re still conducting a forensic analysis on how the affected computer was actually compromised.”

“Unfortunately, there has been a security breach involving NiceHash website. We are currently investigating the nature of the incident and, as a result, we are stopping all operations for the next 24 hours. Importantly, our payment system was compromised and the contents of the NiceHash Bitcoin wallet have been stolen. We are working to verify the precise number of BTC taken.”

The theft comes as the price of Bitcoin continues to surge, and enforces security researchers to find a possible solution for securing the cyber world. 
Read more »

Over 25,000 ransomware infected Windows daily in Q3: Report

The ‘Quarterly Threat Report’ from IT security solutions provider Quick Heal Security Labs states that during Q3 2017, Microsoft Windows recorded over 25,000 ransomware infections daily while suffering 199 million malware detections. In the third quarter, malware detections continued to decline compared to the last quarter- a drop of 11 percent.

The researchers warned that newer and advanced variants of "Locky" ransomware families are expected to rise with attackers increasingly using ransomware-as-a-service due to its user-friendliness and high return on investments.

"Our threat reports are an attempt to provide insights on the threat landscape with the objective of facilitating a safe and secure digital journey of our customers," Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal, said on Thursday.
In the third quarter, malware detections continued to decline compared to the last quarter. “However, this should not be taken lightly by any means as cybercriminals are increasingly working on attacks that have higher returns through ransomware campaigns and well-planned systematic targeted attacks,” Katkar added. The report also predicted an upsurge in targeted attacks where invaders work with the motive of keeping their identity hidden while stealing as much data as possible which goes unnoticed for several months and sometimes even for years.

According to the report, nine new families of ransomware emerged on Windows in the third quarter.

Trojans continued to lead with the highest detection count, followed by infectors, worms and adware. “Email attachments will be used largely to deliver malware to targeted users. These emails might use new file types for their attachments to avoid detection by security software,” the report noted. Malware authors can access a user’s device to gain almost anything they want by misusing critical vulnerabilities that are unpatched, it added.
Read more »
Hackers Arrested
Cyber Crime Report Hackers Arrested

Hacker from Samara city sentenced for Creating and Selling Malware


Sergei Materov, a 42-year old hacker from Samara, the sixth largest city in Russia, has been sentenced at the Prikubansky District Court of Krasnodar for creating and distributing malicious computer programs , under part 2 of article 273 of the Criminal Code of Russian Federation.

According to the local news report, the malware created by him were capable of neutralizing security solutions installed and steal, modify, block and destroy information on the infected computer.

The convict came to Kuban to earn money. He started to do freelance software development from home. He also posted advertisements on the Internet in which he offered software development for computers.

An unnamed person responded to his ads and paid him 6800 Rubles for developing two malicious programs.

Materov was detained by the FSB officers and later sentenced to one year and three months imprisonment.

- Christina
 
Read more »
Server breached
Anonymous Hacker Bitcoin Security Breach Server breached

Larceny of $70 million from the largest crypto-mining marketplace

The notice announcing "service unavailable" as well as an official press release was displayed on the website of the Slovenian digital currency mining firm NiceHash, which it said endured a hack of its Bitcoin wallet on the seventh of December.

 In a video update that streamed live on Facebook, the CEO and co-founder Marko Kobal provided an update to a rather startling declaration that the organization, established in 2014, had been subjected to a hack and ensuing theft which additionally compromised its payment system also.

 The news was accompanied by the increasing reports of vacant wallets as well as an additionally expanded downtime period for the service's website; every one of the operations for the website in question has been halted for the following 24 hours.

As per Kobal, the attack began in the early hours of December 6 after a worker's PC had been compromised , he further added that their team is working with law enforcement and clarified that " we're still conducting a forensic analysis” to determine how it all happened and to discover the exact amount of bitcoin that was stolen.

Kobal went ahead to state that he couldn't give extra points of interest, however, he added that the attack seems, by all accounts, to be “an incredibly coordinated and highly sophisticated one.”

However the Wall Street Journal reported that, Andrej P. Å kraba, the head of the marketing at NiceHash, affirmed to the outlet that roughly 4,700 bitcoins, worth up to $70 million disappeared from NiceHash's bitcoin wallet, Å kraba also told the Journal that he too like Kobal trusted that "it was a professional attack", but would not give any more information on the matter, taking note of that the further improvements would be released at a later date.

NiceHash, which exhorted its clients to change their online passwords after it stopped operations on Wednesday, has given a couple of other insights about the attack on its payment system also.

"We ask for patience and understanding while we investigate the causes and find the appropriate solutions for the future of the service", it said on its website.

The Slovenian police said that were investigating the hack, but however, declined to further comment.
Read more »

Political unrest in SE Asia fertile ground for cyber hackers

An escalating strife and skirmish in the south-east Asian political landscape have given an unabetted passage for the cyber hacking forces to operate without any hindrance which will not die down in near future if the cybersecurity agencies are to be believed.

The imminent target for this global gang of cybercriminals is India and Hong Kong apart from South Korea, Japan, Vietnam and the Philipines, said FireEye, a cybersecurity agency which has called it a huge threat to Chinese hegemony in the market economy.

Since there is no specific standard of measurement at hand to get wind of the cybersecurity threats and the mode of operation, the experts talk of the different nature of the business, data, and relationships one holds. The cyber agencies, mostly, has little knowledge or inputs about the impending attacks since they are not fully secured.

Some experts talk of the threats just in the run-up to the elections if one goes by what took place in the US and the same threat echoes in democratic systems. They are of the view that only alertness on even a simple threat would be of a huge help to get rid of it.More threats await India in 2018 I view of an increased activity of the non-Russian and non-Chinese gang of cyber hackers in 2017.

The mechanism devised to counter the threat in 2018 is believed to have been slow to discover capable system in the form of ravaging wipers and worms. This is also expected to boost up the Cloud technology in 2018. These schemes of things have resulted in a soaring value and popularity in cryptocurrency. Malware will have a slice of benefit which is going to increase in 2018.
                                                                                                                                      Prashant Baruah
Read more »

Ransomware slows North Carolina County, officials refuse to pay hackers

Hackers were able to lock down several servers of North Carolina’s Mecklenburg County, which includes the city of Charlotte and surrounding areas, with ransomware on Wednesday, locking local officials out of computer systems that manage inmate populations, child support, and other social services. But despite the outages, the officials aren’t planning to pay the $23,000 ransom demanded by the hackers, believed to be in Ukraine or Iran, for the return of government files.

“I am confident that our backup data is secure and we have the resources to fix this situation ourselves,” Mecklenburg County manager Dena R. Diorio said in a statement on Wednesday. “It will take time, but with patience and hard work, all of our systems will be back up and running as soon as possible.”

Diorio said it would have taken days to restore the county's computer system even if officials paid off the person controlling the ransomware, so the decision won't significantly lengthen the timeframe.
Diorio said that officials made the decision after consulting with cybersecurity experts, who warned against negotiating with the hackers.

Data was frozen on dozens of servers after one of its employees opened an email attachment carrying malicious software. The cyber attack had forced county officials to revert to paper systems like deputies to process jail inmates by hand, the tax office turned away electronic payments and building code inspectors switched to paper records.

Hackers on Thursday tried to attack the county's computer systems again through fake email attachments but Diorio said there was no additional damage, The Associated Press reported. She added that the county was disabling employees' ability to open attachments made by third-party sites.

Population numbers for Mecklenburg County jails are expected to rise, the county said on its website because the inmate releases have to be handled manually and the entire process is significantly slowed down. Calls to a domestic violence hotline are only able to go to voicemail, the AP reported, so counsellors have resorted to regularly checking the messages and trying to get back in contact with callers. The local tax office is also struggling to process payments.
Read more »

Troublesome cyber security breach

Beware corporate heavyweights. Trouble could brew the executives if they fail to disclose an incident of a cybersecurity breach within a specific period of time. They might be jailed even if they try to deliberately cover up it.

Days are not far. But a new set of a bill has to be passed by the lawmakers. Cleared by democratic senators, the new Bill would make these corporate bosses bound to apprise the authorities of an incident of cyber attack within a period of 30 days. A smart and willful attempt to keep mum would send these top guns to jails for a minimum period of 5 years.

In this context, mention may be made of another legislation moved by Sen three years back. Under the purview of the Bill Nelson (D-Fla.), the entire process of disclosure was put under scanner after Equifax (EFX) claimed to have spotted a huge violation towards July-end.

The rattling breach the privilege of quite personal information in the store of 145 million Americans forcing the customers to keep waiting until mid-September at least for a notification. It was only in the last month, Uber came out with the shocking revelations that the personally identifiable information of 57 million customers was compromised in the breach of 2016 putting the ride-sharing company in a tight spot. The experts dealing with the cybersecurity hearings on Capitol Hill frowned at the executives alleging lack of sincerity to safeguard the interest of the consumers.

US Securities and Exchange Commission Jay Clayton Chairman is of the view that the process to make these disturbing disclose needs some updates. The experts, of late, have suggested the legislators a unified standard which would be a huge help the mechanism and updated and transparent one.
Read more »

Mobile apps: External Threat!

A recent intelligence report in India seems to have rattled most of the foreign mobile apps enjoying huge markets in the country. Stunned by a slew of advisories to the armed forces to delete as many as a half a dozen of apps apprehending the external security threat, these companies have started coming out with clarifications one after another. All of them have been desperately trying to restore confidence among the millions of Indian customers.

SHAREit is neither a malicious nor a spyware application. It is purely a promising content sharing mechanism. This was more or less of what the file sharing app cleared amid a rattling controversy on the security breach.

The clarification has come up a couple of days after the Indian troops received instruction from the top brass to delete around 40 Chinese mobile apps which includes SHAREit. The company which claimed to have received worldwide fame made it plain and simple that it takes utmost care of the users' security.

In a statement, SHAREit said it has huge respect for high security, respect, and privacy of the users and there is no zero chance of any security breach. Since India has been a comfortable user base the company said it sticks to the commitment of a safe, secure and better product of technological advancement.

A section of reports, of late, suggested an unspecified attempt by intelligence agencies from China and Pakistan deploying mobile apps to hack the smartphones forcing the Indian authorities to step in care and caution.
SHAREit is probing the fiasco even after interaction with the government and media representatives to counter the rumor. The iterated that As it has struck deal with Amazon AWS [Amazon Web Services] to strengthen its service which has fetched fast and secure service to the global users.

Notably, in its recent advisory, the Intelligence Bureau (IB) suggested the troops to strike off the apps namely Xiaomi, Weibo, UC Browser WeChat, Truecaller and UC News from the smartphones apprehending incidents of a security breach.

Initially, Truecaller refused to read it and came up with sharp contradiction making it simple that the Sweden-based company and the. Truecaller is a permission-based one.

Same sentiment echoes in Xiaomi which strongly denied any possibility of a breach in safety, security, and privacy.
Read more »

Russian Central Bank warned of possible Cyber Attack before New Year


The Central Bank of Russia warns of new hacker attacks on financial institutions in the eve of New Year holidays.

The Deputy Head of Cyber security Department of the Central Bank Artem Sychev said that hacker attacks using a virus Cobalt Strike decreased. In his opinion, hackers are preparing something nasty by the end of the year, when costumers of Bank will make a lot of payments.

The expert also noted that in 2017 the number of attempts to steal money from the Bank accounts increased, but their effectiveness decreased.

Sychev said the cyber attacks affects not only banks but also their partners.  So, they have decided to offer all public companies to introduce to the Boards of Directors people skilled in cyber security.

It is interesting to note that last cyber attack occurred one week ago, on November 29.  Hackers created fake app "Sberbank Online" for Android devices.  Cybercriminals had access to all data of Bank customers and also to the real account in "Sberbank Online".  Sberbank urged its customers to download the app only from Google play store. 

- Christina

 
Read more »

U.S. Banks Prepare For Doomsday Cyber Attack With New Sheltered Harbor System

Earlier this year, over 100 industry experts from 34 financial institutions, banks, clearinghouses, and other members of the financial industry in the U.S. quietly collaborated on an initiative to enhance the security of the retail financial industry against potential significant cyber risk. Sheltered Harbor, a not-for-profit organization, was the result.


Over 70 percent of U.S. retail accounts and 60 percent of U.S. brokerage accounts are represented in this initiative — a total of over 400 million accounts.
The goal was to add an extra layer of protection for client data in case one of the participating banks went down due to a cyber attack so that people would still be able to access their assets. Or, “to extend the industry’s capabilities to securely save and restore account data in the event of a loss of operational capability,” as their website states.
Sheltered Harbor makes this possible by storing customer data from each participating institution in a private, encrypted data vault — safe from alteration and deletion — that can be accessed in case of a cyber attack. If an attack occurs, the customer’s of the affected bank will still be able to access their data through another participating financial institution.
To make sure that data is properly protected, they establish standards and monitor adherence to these standards. The stored data remains intact and available if needed, exactly how it was when it was archived.

The initiative was created after the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the U.S. Treasury Department conducted cybersecurity simulation exercises, called the “Hamilton Series”, which proved how data breaches hurt customer confidence in the financial system.

Kshitija Agrawal
Read more »

Mailsploit Vulnerabilities Allow Attackers to Send Spoofed Emails and Run Malicious Code

A German security researcher has discovered a set of vulnerabilities dubbed "Mailsploit" that allow an attacker to send spoofed email identities on over 33 email clients to run malicious code.

Malicious scripts, such as cross-site scripting and other injection codes, can be encoded with RFC-1342. When the client mail server decodes the script, the malicious code will execute due to poor sanitization. More than 33 email clients are vulnerable to this attack method, at the time of this writing.

An attacker can create an email address with a username that is actually a RFC-1342 encoded string that, when decoded inside and the email client, contains a null-byte or two or more email addresses. The email client will only read the email address before the null-byte or the first valid email it sees.

Vulnerable email clients will stop parsing the string at xyz[@]abc[.]com because it is first email address it sees and because of the null-byte (\0) after the first email address, therefore ignoring the real domain of [@]mailxxxsploit[.]com.

Furthermore, because the encoded username will not appear suspicious to email servers, anti-spoofing protocols such as Domain-based Message Authentication, Reporting and Conformance (DMARC) is bypassed, and the DomainKeys Identified Mail (DKIM) signature of the original domain will be validated instead of the spoofed one.

There could be wider attacks and misuse of the vulnerability.
Read more »
Subscribe to: Comments (Atom)