Advertisements

CEOs Are Feeling Better About Data Security–but Hackers Aren’t Far Behind

No matter what you do to protect your business from hackers, cybersecurity will always be a moving target.

Increasingly sophisticated hacking techniques mean CEOs always have to stay one step ahead of the latest ploys. A November Inc. survey of CEOs and other senior executives from more than 150 Inc. 5000 companies asked respondents about their level of confidence in the security of both their company and personal data. The results: 53 percent of respondents said they feel more confident about the security of their company’s data now compared to five years ago, while just 28 percent said the same about their personal data.

Matt Singley, founder of Chicago real estate firm Pinnacle Furnished Suites, is concerned about new methods being used by hackers, but feels confident in his company’s defenses against them. One way the company minimizes the potential impact of a breach is by storing customer information only when necessary. Pinnacle also performs regular audits to purge its system of data it doesn’t need. “The only way to be completely secure with your data,” he says, “is to not store it.”

John Kailunas II, CEO of wealth management firm Regal Financial Group, says that the external threats his company faces have increased in both quantity and complexity. The company has countered this by adding required security awareness training for every employee and hiring cybersecurity consultants to recommend changes. Kailunas says cybersecurity is an issue that requires constant examination. “Still,” he adds, “we have seen a significant improvement in our ability to identify potential threats.”

Advances in hacking practices aren’t the only factor that have made security more challenging. “More and more, people are working from different devices that companies own,” says Shana Cosgrove, CEO of cloud software firm Nyla Technology Solutions, which provides software and cybersecurity services to the Department of Defense. “It’s a lot harder to handle security when you don’t own the entire platform.”

Jack Wight, CEO of device rebate company Buyback Boss, says his company is under near-constant attack from hackers trying to access bank account information. Scammers will spoof the company’s vendors over email and ask for wire payments, so Buyback Boss has implemented a policy of always calling vendors before sending payments. “Five years ago there just wasn’t as much of this going on,” he says. “Now we’re dealing with scammers almost on a daily basis.”

Claude Burns used to work in data security for the U.S. Navy before founding corporate beverage service Office Libations. He says his knowledge of the cybersecurity field has led him to be constantly on guard. “I don’t think any information is safe or secure,” he says. “Your personal information is out there. Companies whose whole job is to protect it, like Equifax, are getting breached and hacked repeatedly.”

Burns compares being hacked to getting in a car accident: Drive enough miles, and it’s going to happen eventually. For him, the key is making sure that if something does look weird, his team can detect it quickly. “That way,” he says, “when something does happen, you’re able to mitigate the damage from it. In other words, wear your seat belt.”

Source: CEOs Are Feeling Better About Data Security–but Hackers Aren’t Far Behind

Thanks Bitdefender for sponsoring this video! Try Bitdefender Total Security 2019 FREE for 90 days at https://lmg.gg/tqbitdefender There have been plenty of headlines about data breaches lately…but where does all that data go once it’s been stolen? Techquickie Merch Store: https://www.lttstore.com Follow: http://twitter.com/linustech Join the community: http://linustechtips.com Leave a reply with your requests for future episodes, or tweet them here: http://twitter.com/jmart604

Advertisements

Microsoft Issues Excel Security Alert As $100 Million ‘Evil Corp’ Campaign Evolves

Russian cybercriminal group Evil Corp is using Microsoft Excel to infect victims

Evil Corp may well be best known to millions of viewers of the Mr. Robot TV drama as the multi-national corporation that Elliot and FSociety hack. However, back in the real world, Evil Corp not only exists but is weaponizing Microsoft Excel to spread a malware payload. Researchers from Microsoft Security Intelligence have this week taken to Twitter to warn users to be alert to the ongoing campaign being run by Evil Corp, also known as TA505. Like most successful cybercriminals, Evil Corp is constantly evolving in terms of techniques and tools. The latest twist in this felonious tale involves Microsoft Excel as a payload delivery vehicle.

Who or what is Evil Corp?

Evil Corp, or TA505, is a Russia-based hacking group that has been credited with being the mastermind behind a $100 million (£76 million) global bank fraud. Two alleged members of Evil Corp were charged by U.S. prosecutors with bank fraud in December 2019, although both remain at large. One of them, Moscow-based Maksim Yakubets, is thought to be the Evil Corp leader and currently carries a $5 million (£3.8 million) bounty issued by the U.S. Justice Department. Meanwhile, the U.S. Department of the Treasury has stated that Yakubets is believed to provide “direct assistance to the Russian government’s malicious cyber efforts.”

Thought to have been active since at least 2014, Evil Corp shows little sign of reigning back on the cybercrime activities it is renowned for: the distribution of banking Trojans and ransomware malware. New research from cyber-intelligence outfit Prevailon suggests that TA505 has compromised more than 1,000 organizations. Organizations that include two U.S. state government networks, two U.S. airlines and one of the world’s top 25 banks.

What is the Excel alert that Microsoft Security Intelligence researchers have tweeted?

In something of a tweetstorm on January 30, the Microsoft Security Intelligence team alerted users to a new and active malware campaign from the Evil Corp actors. After what the Microsoft researchers referred to as “a short hiatus” by Evil Corp, they warned that a new “Dudear” phishing campaign was up and running, still deploying an information-stealing Trojan known as GraceWire but doing so using tweaked tactics.

The use of HTML redirectors, to avoid having to use malicious links in emails or infected attachments, means that the threat actors can directly download a malicious Excel file on the victim to drop the Trojan payload. Not that there is no interaction from the user required, of course. The victim still needs to open the Excel file that is automatically downloaded, and they will still have to enable editing and enable content in order to be infected.

How can you mitigate against the Evil Corp Excel threat?

Microsoft is proving to be more than just reactive to malware threats, adopting a proactive position as far as these kinds of phishing campaigns are concerned. When the Microsoft Digital Crimes Unit and the Microsoft Threat Intelligence Center discovered an advanced persistent threat (APT) hacking group, thought to be operating out of North Korea, using carefully constructed fake domains to spoof victims into thinking they were dealing with Microsoft, a powerful legal counterpunch soon closed them down.

As far as this latest Evil Corp campaign is concerned, however, the biggest mitigation clue has already been given in my last paragraph: don’t enable editing of that Excel file you didn’t ask for, and certainly don’t enable content. Microsoft Security Intelligence has confirmed that Microsoft Threat Protection will stop this latest attack threat, Office 365 also detects malicious attachments and URLs used in such phishing emails. Finally, Microsoft Defender ATP will detect and block the Evil Corp threat trinity of malicious HTML, Excel file and payload.

Follow me on Twitter or LinkedIn. Check out my website.

I’m a three-decade veteran technology journalist and have been a contributing editor at PC Pro magazine since the first issue in 1994….

Source: Microsoft Issues Excel Security Alert As $100 Million ‘Evil Corp’ Campaign Evolves

Exclusive: A ‘Magic’ iPhone Hacking Startup Bites Back At Apple Lawyers — And Demands $300,000

In mid-August, Amanda Gorton and Chris Wade sat dumbfounded in their Boynton Beach, Florida, offices. They had just been sent a lawsuit that might yet kill their startup.

Within Gorton’s inbox was an email sent by a reporter containing a complaint filed by tech titan Apple against the married couple’s company, Corellium. The suit’s unceremonious appearance belied the gravity of the allegations they were facing: that they’d illegally copied the world’s most famous tech device, the iPhone.

Dubbed “magic” by some users, Corellium “virtualizes” iPhones, turning Apple phones into something you can play with on a PC. For Corellium customers, it lets them tinker with the iOS operating system to find functional problems or security vulnerabilities, all without risking breaking the iPhone, a famously locked-down device that doesn’t welcome anything not approved Apple. Unlike testing with the real thing, if the phone suddenly dies, you can just load up another one, making it useful for security researchers, developers and hobbyists, known as jailbreakers, who want to wrest back control of their iPhone. For Apple, though, this amounted to a copyright infringement of its product by “replicating” it without permission.

Today In: Innovation

To Wade, a curly-haired, bespectacled Australian with the wide, intense eyes of a wired tech guy, and the more composed Yale-educated partner Gorton, the news that Apple was suing landed like a “gut punch.” Via exclusive interviews with the founders and documents they provided ahead of their legal response to Apple filed late Monday night, Forbes has learned the iPhone maker was considering buying Gorton and Wade’s first startup, a Corellium predecessor called Virtual. And it appears subsequent years-long relations between the parties were ostensibly amicable before the big bust up in August.

When Wade first heard about the suit he thought it was a joke. It’s no joke. Onlookers who spy a Goliath flexing its muscles against a plucky David are hoping, for the sake of iPhone security, an agreement is found. “As I understand it, many security researchers have used Corellium and submitted bugs to Apple,” said Kurt Opsahl, deputy executive director and general counsel of the Electronic Frontier Foundation.

Apple declined to comment on the claims made in this article. It pointed Forbes to the original complaint against Corellium, in which it said the suit was not trying to “encumber good-faith security research, but to bring an end to Corellium’s unlawful commercialization of Apple’s valuable copyrighted works.” Summing up Apple’s withering opinion of Corellium, the Cupertino company wrote: “Corellium’s true goal is profiting off its blatant infringement. Far from assisting in fixing vulnerabilities, Corellium encourages its users to sell any discovered information on the open market to the highest bidder.”

Cutting to the Apple core

Gorton and Wade’s long relationship with Apple can be dated back to at least the early 2010s. At the time the couple were working at OpenPeak, an enterprise mobile management company that had caught the attention of Mark Templeton, then Citrix CEO, who was considering an acquisition. Not long after Templeton met Wade, saying he was impressed by the Australian’s ability to do things considered “impossible,” Citrix bought Virtual, a startup founded by the married couple in 2014.

But in selling to Templeton, Virtual had to snub another suitor: Apple. A document outlining an agreement between Apple and Virtual, seen by Forbes, prevented the latter from talking to any other company about an acquisition for 45 days as the Cupertino company considered whether it wanted to splurge.

Did that upset the Apple cart? Is this a revenge story? Wade and Gorton aren’t sure. Gorton says she and her husband were excited such a formidable company was interested in their embryonic business.

The pair paints a picture of friendly Apple relations. Wade says he’s consistently handed details of security weaknesses to Apple. In 2016, after Apple announced it was launching a so-called Bug Bounty, where researchers are given monetary reward for disclosing vulnerabilities in iOS (now up to $1.5 million), Wade planned on partly funding Corellium with those bounties. He wanted to do it transparently, he says, and in one email dated September 27 2017, Wade explicitly told Apple’s manager for security and privacy programs, Jason Shirk, that he would start submitting bugs to fund his iPhone virtualizing startup.

The filing also suggests Apple encouraged Corellium’s early business. Emails provided to Forbes indicate Apple was at least impressed. Just as Corellium was getting started, in August 2017, Apple hosted a dinner in China for the Tencent Security Conference. Wade and Shirk dined together on Apple’s dime and later exchanged messages, according to the email threads. In one Wade boasted that he could virtualize the latest iPhone. Shirk’s response? “Wow! You got iOS 10.3 running virtually?” Wade cheekily messaged back: “Actually, we’re running iOS 11 :).”

At some point in the last year, something soured. In its filing on Monday, Corellium said that it hasn’t been paid for any of the vulnerabilities it submitted. In a counterclaim, the startup said that rather than it owing Apple anything, the Cupertino company owed it more than $300,000. And Corellium claimed Apple had launched a rival product in handing out custom iPhones for security researchers, letting them dive deeper into iOS.

Right now, Gorton says the bootstrapped Corellium is profitable, with a handful of customers across government and private industry paying thousands for its products: up to $62,500 for an on-site appliance and $575 a month for a cloud-based, single-user license for a month. But with legal fees mounting and the threat of being forced to kill the killer feature of its product, that profit could dwindle and leave Corellium facing collapse.

Apple, meanwhile, might be facing a backlash from the cybersecurity community. It’s already faced criticism this year. When Google released research in September regarding attacks on iPhone users from the persecuted Uighur community in China, Apple’s response was controversial. In a rare public post, it sought to downplay what happened. To some onlookers, including former Facebook chief security officer Alex Stamos, Apple was suggesting that attacks on Uighurs weren’t “as big a deal as Google makes it out to be.” “Apple’s response to the worst known iOS attack in history should be graded somewhere between ‘disappointing’ and disgusting,’” Stamos tweeted.

There’s the sense that after having opened up in the post-Steve Jobs years—with its industry-leading bug bounty and Tim Cook’s ostensibly aggressive stance on protecting user privacy—Apple is taking a few steps back. And one of those steps might squish one of the more intriguing startups to enter the often mundane cybersecurity market.

Follow me on Twitter. Check out my website. Send me a secure tip.

I’m associate editor for Forbes, covering security, surveillance and privacy. I’ve been breaking news and writing features on these topics for major publications since 2010. As a freelancer, I worked for The Guardian, Vice Motherboard, Wired and BBC.com, amongst many others. I was named BT Security Journalist of the year in 2012 and 2013 for a range of exclusive articles, and in 2014 was handed Best News Story for a feature on US government harassment of security professionals. I like to hear from hackers who are breaking things for either fun or profit and researchers who’ve uncovered nasty things on the web. Tip me on Signal at 447837496820. I use WhatsApp and Treema too. Or you can email me at TBrewster@forbes.com, or tbthomasbrewster@gmail.com

Source: Exclusive: A ‘Magic’ iPhone Hacking Startup Bites Back At Apple Lawyers — And Demands $300,000

500K subscribers
A 16-year-old hacked Apple and stole 90GB of data over the period of one year. You know the best part is that he stored it all in a folder called “hacky hack hack.” It would make my day if you could also follow me on: Instagram: https://www.instagram.com/mrtechtalktv/ Twitter: https://twitter.com/Mr_TechTalkTV Music used: ‘beatsbyNeVs-Ridin’ https://youtu.be/bbtzvwKwql8 Thanks for watching and have a blessed day. Be sure to like, comment, share, and subscribe! Subscribe to TechTalkTV: https://goo.gl/9j4P1c IMPORTANT: Don’t forget to click the “bell” next to the subscribe button and select “Send me all notifications for this channel”. Otherwise, you may not receive notification when I upload.

New Android Warning: These 15 Malicious Apps May Be Hiding On Your Phone—Uninstall Now

As the stories keep coming about malicious apps finding their way onto Google’s Play Store, one serious concern is the increasingly sophisticated efforts made by those apps to hide their intent from users. Well, the latest report from the team at Sophos has found 15 harmful apps that have gone a stage further—literally “hiding their app icons in the launcher… or disguising themselves in the phone’s App settings page.”

Put simply, apps have been found that trick users into installing them to perform a trivial service. The app disappears from view, but it is actually running, disguised under a system name, making it impossible to detect and stop without effort. Users are urged to specifically root these apps out, stop them, then delete them completely.

If the apps aren’t seen, then they won’t trigger user concerns and they become much more difficult to casually delete without making the effort to find them. That’s the theory. But now those apps have been exposed. Users have been warned.

Today In: Innovation

Yet again, these latest apps join the countless others delivering adware—generating fraudulent revenue for their operators. Let’s be clear, free apps that deliver ads in their unpaid versions might be irritating, but they’re not necessarily fraudulent. But here we are talking about apps designed to deliver ads—it’s their sole purpose. It is the direct opposite of free apps, the ads are the focus, the app itself a wraparound.

The 15 apps discovered and disclosed by Sophos have been installed on more than 1.3 million devices—that’s a lot of ads, a lot of fraudulent revenue. And this is likely the tip of the iceberg for this new “icon hiding” threat category. “If history is any indication,” Sophos warns, “there are likely many more waiting to be found.”

The “dirty tricks” pulled off by these apps include various ruses to hide away—either on install or shortly afterward, and installing two apps at once—a benign app that is visible as per normal, and a malicious app that remains hidden. Most phones these days have a wide range of legacy and unused apps—we don’t notice what’s there and how many of us ever purge our devices? That’s the social engineering taking place here—if the app can hide initially, it will likely hang around for some time.

“Nine of the 15 apps used deceptive application icons and names, most of which appeared to have been chosen because they might plausibly resemble an innocuous system app,” Sophos explained. But they cannot hide completely if you know what you’re looking for—and Android users are urged to check their phones for these apps—and if you find them, delete them. “The app icon is still visible in the phone’s ‘gear’ Settings menu, under Apps.”

Here are the 15 apps exposed by Sophos—you’ll notice the poor reviews, often a sign that an app of this kind is best avoided.

As so often with adware apps, most are designed around trivial utilities—QR readers and image editors, for example. “Most ironically,” Sophos reports, one of the malicious apps is designed “to scrub your phone of private data.” You couldn’t make this up. The mindset to download an app of unknown provenance for such a delicate purpose we won’t get into—the warnings here basically go without saying.

Once installed, the apps use innocuous names to ensure they don’t trigger suspicions. And, arguably, the most worrying finding is that all 15 apps appeared this year—that means there are still gaping holes in Play Store security and there are adware factories churning out such apps and pushing them into the public domain. Sophos believes that similarities in coding structure and user interfaces suggests this batch of apps might all be related, despite appearing to come from different publishers.

Sophos says that Google was notified about the apps and they seem to have been removed—the underlying threat and coding techniques will remain in other as yet unidentified apps in the store and the myriad apps likely still to come.

The package names of the 15 apps are here:

Andrew Brandt, a principal researcher at Sophos, warns that “while these apps have been removed from the Google Play Store, there may be others we haven’t yet discovered that do the same thing.”

Brandt also explains that if uses suspect an app might be hiding, or to check against the published list, “tap Settings, then Apps & Notifications. The most recently opened apps appear in a list at the top of this page. If any of those apps use the generic Android icon (which looks like a little greenish-blue Android silhouette) and have generic-sounding names (‘Back Up,’ ‘Update,’ ‘Time Zone Service’) tap the generic icon and then tap ‘Force Stop’ followed by ‘Uninstall’.” Real system apps won’t offer an ‘uninstall’ option but will have a ‘disable’ option instead.

Ultimately, the usual advice applies here. Don’t download trivial utility apps because they seem nifty and free—they’re free for a reason. Even if the downside is simply unwanted ads, the fact is that malicious apps can often be hiding more dangers than that. Given how much private information we carry on our devices, don’t casually leave the backdoor open to anyone with a shiny app and a free install.

Follow me on Twitter or LinkedIn.

I am the Founder/CEO of Digital Barriers, supplying AI surveillance tech to defence, national security, counter-terrorism and critical infrastructure entities in the U.S., EMEA and Asia. I write about the intersection of geopolitics and cybersecurity, as well as breaking security and surveillance stories. I also focus on the balance of privacy and public safety. Contact me at zakd@me.com.

Source: New Android Warning: These 15 Malicious Apps May Be Hiding On Your Phone—Uninstall Now

714K subscribers
These are 20 dangerous Android Apps that trap users of Android smartphones to mine the various cryptocurrencies using their devices computing power. The security solutions company Sophos has identified malicious apps on the Google Play store and on a Russian download site called “Coandroid” that tap into a smartphones CPU to mine for cryptocurrency that can cause your device to overheat and become slow, which could also lead to permanent damage to your smartphone. Some of these apps are very popular. If you have them installed on your phone, you should uninstall them immediately. If you’re new, Subscribe! ▶ https://www.youtube.com/techgumbo Share This Video ▶ https://youtu.be/WfTaXq_mbvM “Android Apps” Series https://www.youtube.com/playlist?list… Those listed below with “Coandroid” next to their name are safe to download from the Google Play store. Do not download from the “Coandroid” website. 0:41 AIMP (Coandroid) 1:23 Block Strike (Coandroid) 1:45 Parkour Simulator 3D (Coandroid) 1:54 Skanvord 2:08 NeoNeonMiner 2:24 Others 2:46 Wrestling Apps CoinMiner and other malicious cryptominers targeting Android https://www.sophos.com/en-us/medialib… TechGumbo is a leading source for the technology that we use each day. Whether it’s discussing computer operating system tricks, the latest tips for your mobile phone, finding out about the newest gadgets, or letting you know about the best Android Apps for your smartphone, TechGumbo has boundless topics on technology for the astute YouTube viewer.

$3.2 Million From Cryptopia Hack Liquidated on Major Crypto Exchanges

The infamous Cryptopia hack of January 14, which led to over $16 million in stolen Ethereum (ETH) and ERC20 tokens, has been under close investigation by New Zealand police and specialists worldwide.Thanks to the open nature of cryptocurrencies on the blockchain, analysts and investigators have been successful in tracking the stolen crypto funds, leading major cryptocurrency exchanges to liquidate $3.2 million in stolen tokens on February 4…………

Source: $3.2 Million From Cryptopia Hack Liquidated on Major Crypto Exchanges

Blockchain Security Experts Claims That $2.5 Million is Stolen From Crypto Exchanges Daily

https://www.pivot.one/share/post/5c496d72016de70bb6160d37?uid=5bd49f297d5fe7538e6111b6&invite_code=JTOJYV

Iceland: Figurehead in Bitcoin Miner Heist Jailed for More Than Four Years

An Icelandic man has received a four-and-a-half-year prison sentence for stealing Bitcoin mining equipment, local English-language news outlet Iceland Monitor reported Jan. 17. Sindri Þór Stefánsson, who in April 2018 boarded a flight to Stockholm from Reykjavik reportedly with a stolen passport, was subsequently arrested in Amsterdam and returned home. Stefánsson claimed he legally fled custody to Sweden. In court, Stefánsson, along with six accomplices, received a lengthy jail term.

Source: Iceland: Figurehead in Bitcoin Miner Heist Jailed for More Than Four Years

Malware Found on a Movie Downloaded via Torrent Steals your Crypto and Poisons your Search Results – Ethereum World News

The plans of the security researcher under with the twitter username 0xffff0800 to spend a relaxing movie night at home did not turn out as he expected since after downloading a movie from a torrent uploaded to The Pirate Bay, he found a new (and interesting) type of malware that almost infects his computer………

Source: Malware Found on a Movie Downloaded via Torrent Steals your Crypto and Poisons your Search Results – Ethereum World News

%d bloggers like this:
Skip to toolbar