Cybersecurity & Espionage Articles
Original Article at Fortune.com
Iran has followed in Russia’s footsteps by banning Telegram, the app many people there use for public groups and encrypted personal messaging. The move came just weeks after Iran’s rulers started telling people to instead use locally-developed communications platforms. “Considering various complaints against the Telegram social networking app by Iranian citizens, and based on the demand of security organizations to confront the illegal activities of Telegram, the judiciary has banned its usage in Iran,” Reuters quoted state TV as saying.
0 Comments
Original Article at SecurityMagazine.com
Cyber, cyber, everywhere. Not a day goes by without some discussion, news item, or update about cybersecurity. Strong passwords, encryption, network patches, data breaches and more. The severe effects of data breaches have forced Boards of Directors and enterprise security to devote significant time and resources to mitigating the issue. Original article at SecurityIntelligence.com
The mean cost of a cybersecurity breach involving employees or others within an organization is $8.7 million, according to a global study of insider threats. Based on interviews with IT security professionals across more than 700 organizations, the “2018 Cost of Insider Threats: Global Organizations” report, conducted by the Ponemon Institute, benchmarked the common causes of insider incidents over a 12-month period. While the mean cost of an insider threat is $8.7 million, the survey tallied the maximum cost at nearly $26.5 million. The minimum cost, meanwhile, is still significant at $489,100. Original article at Bloomberg.com
We've witnessed enough cyberattacks in recent years to understand that the digital domain is humanity's new battlefield. And while the West is ramping up its defenses, its efforts aren't guided by an overall doctrine. That's right: There is no master plan. Original Article at DarkReading.com
If your website has a login page, chances are good that it's targeted in account takeover attacks. Nearly all (96%) websites with login pages have bad bots and are hit with account takeover attempts, report researchers from the Distil Networks Research Lab. Login pages are among the most abused Web pages, a finding from the 2017 Bad Bot report that prompted the research team to analyze the anatomy of account takeover attacks in greater depth. They studied data from 600 domains with login pages and pulled a smaller subset of 100 Web pages, which had the largest data sets of bad bot traffic, to study them further. Account takeover attempts are intended to test credentials for validity. If they're legitimate, attackers sell the usernames and passwords on the Dark Web or gain account access to pilfer personal or financial information and sell that instead. Alternatively, they could use the account to transfer money, purchase goods or services, or spread disinformation campaigns. There are two types of account takeover attempts and they occur at about the same frequency, researchers report. Half are volumetric, meaning the bot floods the login page with credentials in an attempt to verify them as soon as possible. These "credential-stuffing" attacks are easy to identify because they're accompanied by a spike in activity: the average credential stuffing attack will involve 35,000 to 50,000 requests and between 500% and 5,000% increase in login page traffic. Original Article at TheHackerNews.com
The British teenager who managed to hack into the online accounts of several high-profile US government employees sentenced to two years in prison on Friday. Kane Gamble, now 18, hacked into email accounts of former CIA director John Brennan, former Director of National Intelligence James Clapper, former FBI Deputy Director Mark Giuliano, and other senior FBI officials—all from his parent's home in Leicestershire. Gamble, who went by the online alias Cracka, was just 15 at the time of carrying out those attacks and was the alleged founder of a hacking group calling themselves Crackas With Attitude (CWA). Original article at TechCrunch.com
This week more than 40,000 security professionals will attend RSA in San Francisco to see the latest cyber technologies on display and discuss key issues. No topic will be higher on the agenda than the Russian-sponsored hack of the American 2016 election, with debate about why the country has done so little to respond and what measures should be taken to deter future attempts at subverting our democracy. Hackers once stole a casino's high-roller database through a thermometer in the lobby fish tank4/14/2018 Original post on BusinessInsider.com
Original Article at NYTimes.com
A Moscow court cleared the way on Friday for the government to ban Telegram, the messaging app, over its failure to give Russian security services the ability to read users’ encrypted messages. Roskomnadzor, the Russian communications and technology watchdog, had asked the court for the authority to block the app, and for the ban to take immediate effect. It took the court all of 18 minutes to grant the request, after scheduling the hearing just one day before. Telegram had ordered its lawyers to skip the hearing in protest of the hurried process. Original article at ThreatPost.com
Ransomware has become the most prevalent malicious software as hackers cash in on locking up expensive business critical systems and demanding a ransom, researchers warn. Verizon’s 2018 Data Breach Investigations Report (DBIR), released Tuesday, said that ransomware attacks have doubled over the past year, and are now the top variety of malware found. “[Ransomware] is now the most prevalent form of malware, and its use has increased significantly over recent years,” said Bryan Sartin, executive director security professional services at Verizon, in a statement. “What is interesting to us is that businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom – the cybercriminal is the only winner here” Original article at NPR
Massachusetts-based American Superconductor seemed to be riding high in early 2011, reaping strong sales and even praise from the White House for successfully cracking the Asian import markets. Then, one day that April, employees were called to a meeting where they heard some very disturbing news. Their largest customer, Beijing-based Sinovel, which provided three-quarters of the company's revenue, had refused to accept a shipment of electronic components for its wind turbines — and wouldn't pay millions of dollars it owed for them. The reasons it gave were ambiguous. Original Article at TheHackerNews.com
Finnish Communications Regulatory Authority (FICORA) is warning users of a large-scale data breach in a website maintained by the New Business Center in Helsinki ("Helsingin Uusyrityskeskus"), a company that provides business advice to entrepreneurs and help them create right business plans. Unknown attackers managed to hack the website (http://liiketoimintasuunnitelma.com) and stole over 130,000 users’ login usernames and passwords, which were stored on the site in plain-text without using any cryptographic hash. Original Article at CNN.com
You might assume that chats sent on Facebook Messenger are completely private. But you'd be wrong. Facebook confirmed Thursday that it uses automated tools to scan Messenger chats for malware links and child porn images. It also allows users to report chats that may violate community standards. The company's moderators can review any messages that are flagged by users or the automated systems. |
Cyber-CyI find interesting articles on the web that are simple, down-to-earth, easy to understand, and (hopefully) informative for non-technical readers. Archives
November 2022
Categories |