Sat.May 04, 2019 - Fri.May 10, 2019

How Encryption Became the Board’s New Best Friend

Thales eSecurity

Originally published in TEISS on May 1, 2019. For many years, encryption has been viewed as a burden on businesses – expensive, complex and of questionable value. How things have changed.

Malware Knocks Out Accounting Software Giant Wolters Kluwer

Data Breach Today

Outage Leaves Firm's Cloud-Based Tax and Accounting Software Customers Scrambling Accounting software giant Wolters Kluwer is continuing to attempt to recover from a malware attack that has disrupted access to its cloud-based tax and accountancy software, which the company says is used by most major U.S. accounting firms and global banks. Some users say they've been left unable to do their jobs.

Cloud 259

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The CIA Sets Up Shop on Tor, the Anonymous Internet

WIRED Threat Level

Even the Central Intelligence Agency has a so-called onion service now. Security Security / Security News

Nine Charged in Alleged SIM Swapping Ring

Krebs on Security

Eight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target’s phone number and diverting all texts and phone calls to the attacker’s mobile device. From there, the attackers simply start requesting password reset links via text message for a variety of accounts tied to the hijacked phone number. All told, the government said this gang — allegedly known to its members as “ The Community ” — made more than $2.4 million stealing cryptocurrencies and extorting people for restoring access to social media accounts that were hijacked after a successful SIM-swap. Six of those charged this week in Michigan federal court were alleged to have been members of The Community of serial SIM swappers. They face a fifteen count indictment, including charges of wire fraud, conspiracy and aggravated identity theft (a charge that carries a mandatory two-year sentence). A separate criminal complaint unsealed this week charges three former employees of mobile phone providers accused of collaborating with The Community’s members. Several of those charged have been mentioned by this blog previously. In August 2018, KrebsOnSecurity broke the news that police in Florida arrested 25-year-old Pasco County, Fla. city employee Ricky Joseph Handschumacher , charging him with grand theft and money laundering. As I reported in that story, “ investigators allege Handschumacher was part of a group of at least nine individuals scattered across multiple states who for the past two years have drained bank accounts via an increasingly common scheme involving mobile phone “’SIM swaps.’”. This blog also has featured several stories about the escapades of Ryan Stevenson , a 26-year-old West Haven, Conn. man who goes by the hacker name “Phobia.” Most recently, I wrote about how Mr. Stevenson earned a decent number of bug bounty rewards and public recognition from top telecom companies for finding and reporting security holes in their Web sites — all the while secretly operating a service that leveraged these same flaws to sell their customers’ personal data to people who were active in the SIM swapping community. One of the six men charged in the conspiracy — Colton Jurisic , 20 of, Dubuque, Iowa — has been more well known under his hacker alias “ Forza ,” and “ ForazaTheGod.” In December 2016, KrebsOnSecurity heard from a woman who had her Gmail, Instagram, Facebook and LinkedIn accounts hijacked after a group of individuals led by Forza taunted her on Twitter as they took over her phone account. “They failed to get [her three-letter Twitter account name, redacted] because I had two-factor authentication turned on for twitter, combined with a new phone number of which they were unaware,” the source said in an email to KrebsOnSecurity in 2016. “@forzathegod had the audacity to even tweet me to say I was about to be hacked.” Also part of the alleged Community of SIM swappers is Conor Freeman , 20, of Dublin, Ireland; Reyad Gafar Abbas , 19, of Rochester, New York; Garrett Endicott , 21, of Warrensburg, Missouri. The three men criminally accused of working with the six through their employment at mobile phone stores are Fendley Joseph , 28, of Murrietta, Calif.; Jarratt White , 22, and Robert Jack , 22, both from Tucson, Ariz. If convicted on the charge of conspiracy to commit wire fraud, each defendant faces a statutory maximum penalty of 20 years in prison. The charges of wire fraud each carry a statutory maximum penalty of 20 years in prison. Last month, 20-year-old college student and valedictorian Joel Ortiz became the first person ever to be sentenced for SIM swapping — pleading guilty to a ten year stint in prison for stealing more than $5 million in cryptocurrencies from victims and then spending it lavishly at elaborate club parties in Las Vegas and Los Angeles. A copy of the indictment against the six men is here (PDF). Ne'er-Do-Well News

How to Solve 4 Common Challenges of Legacy Information Management

Speaker: Chris McLaughlin, Chief Marketing Officer and Chief Product Officer, Nuxeo

After 20 years of Enterprise Content Management (ECM), businesses still face many of the same challenges with finding and managing information. Join Chris McLaughlin, CMO and CPO of Nuxeo, as he examines four common business challenges that these legacy ECM systems pose and how they can be addressed with a more modern approach.

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

No matter how reliant we ultimately become on cloud storage and streaming media, it’s hard to image consumers ever fully abandoning removable storage devices. There’s just something about putting your own two hands on a physical device, whether it’s magnetic tape, or a floppy disk, or a CD.

More Trending

Securing Sensitive Data in Pivotal Cloud Foundry

Thales eSecurity

The Cloud Security Challenge. It’s no secret that cloud technology usage is pervasive among enterprises. According to the 2019 Thales Data Threat Report -Global Edition, some 90 percent of 1,200 responding data security professionals worldwide report their organizations are using the cloud.

Cloud 118

What’s Behind the Wolters Kluwer Tax Outage?

Krebs on Security

Early in the afternoon on Friday, May, 3, I asked a friend to relay a message to his security contact at CCH , the cloud-based tax division of the global information services firm Wolters Kluwer in the Netherlands.

Cloud 280

Q&A: Here’s why Android users must remain vigilant about malicious apps, more so than ever

The Last Watchdog

Android users – and I’m one – are well-advised to be constantly vigilant about the types of cyberthreats directed, at any given time, at the world’s most popular mobile device operating system. Related: Vanquishing BYOD risks Attacks won’t relent anytime soon, and awareness will help you avoid becoming a victim. It’s well worth it to stay abreast of news about defensive actions Google is forced to take to protect Android users.

FBI Shutters DeepDotWeb Portal; Suspected Admins Arrested

Data Breach Today

Suspects Accused of Receiving Bitcoins Worth Millions for Referral Fees The DeepDotWeb portal, which provided a guide to darknet marketplaces, has been shut down and its alleged administrators arrested.

IT 281

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

LulZSec and Anonymous Ita hackers published sensitive data from 30,000 Roman lawyers

Security Affairs

A group of hackers has stolen and published online sensitive data of 30,000 Roman lawyers, including the Mayor of Rome. The announcement was made on Twitter by Lulzsec and Anonymous Ita.

Sales 114

Amazon Is Losing the War on Fraudulent Sellers

Schneier on Security

Excellent article on fraudulent seller tactics on Amazon. The most prominent black hat companies for US Amazon sellers offer ways to manipulate Amazon's ranking system to promote products, protect accounts from disciplinary actions, and crush competitors.

Sales 114

GUEST ESSAY: How stealth, persistence allowed Wipro attacker to plunder supply chain

The Last Watchdog

The recent network breach of Wipro , a prominent outsourcing company based in India, serves as a stunning reminder that digital transformation cuts two ways. Our rising dependence on business systems that leverage cloud services and the gig economy to accomplish high-velocity innovation has led to a rise in productivity. However, the flip side is that we’ve also created fresh attack vectors at a rapid rate – exposures that are not being adequately addressed.

Chinese Men Charged With Hacking Health Insurer Anthem

Data Breach Today

Data of 78.8 Million Individuals Was Encrypted, Sent to China, US Alleges Two Chinese men have been indicted on charges related to the breach of health insurer Anthem, which saw the personal information of 78.8 million individuals stolen, as well as attacks against three other large U.S. companies

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Top-Tier Russian Hacking group Fxmsp claims hack of major AntiVirus Companies

Security Affairs

A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software.

Protecting Yourself from Identity Theft

Schneier on Security

I don't have a lot of good news for you. The truth is there's nothing we can do to protect our data from being stolen by cybercriminals and others.

NEW TECH: SlashNext dynamically inspects web page contents to detect latest phishing attacks

The Last Watchdog

Humans are fallible. Cyber criminals get this. Human fallibility is the reason social engineering has proven to be so effective – and why phishing persists. Consider these metrics from messaging security firm Proofpoint : •Email-based corporate credential phishing attacks quadrupled in Q3 2018 vs. the previous quarter. Web-based social engineering attacks jumped 233% vs. the previous quarter. •99%

Feds Warn of 'Electricfish' Malware Linked to North Korea

Data Breach Today

CERT Says Hidden Cobra APT Group Developed Malware The FBI and the Department of Homeland Security have issued a joint warning about new malware called "Electricfish." Investigators suspect it was developed by the advanced persistent threat group Hidden Cobra, which has been linked to North Korea

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

Most of the servers at City of Baltimore shut down after ransomware attack

Security Affairs

For the second time in a year, systems of the city of Baltimore has been hit by a ransomware attack, forcing officials to shut down a majority of them. The city of Baltimore shut down most of its servers in response to a ransomware attack that hit its network. Baltimore Mayor Bernard C.

Cryptanalyzing a Pair of Russian Encryption Algorithms

Schneier on Security

A pair of Russia-designed cryptographic algorithms -- the Kuznyechik block cipher and the Streebog hash function -- have the same flawed S-box that is almost certainly an intentional backdoor. It's just not the kind of mistake you make by accident, not in 2014.

Q&A: The drivers behind the stark rise — and security implications — of ‘memory attacks’

The Last Watchdog

A distinctive class of hacking is rising to the fore and is being leveraged by threat actors to carry out deep, highly resilient intrusions of well-defended company networks. Related: Memory hacking becomes a go-to tactic These attacks are referred to in the security community as “fileless attacks” or “memory attacks.”

Despite Doxing, OilRig APT Group Remains a Threat

Data Breach Today

Researchers Describe What They've Learned From Data Dump Despite a doxing of its targets and tools in March, the advanced persistent threat group known as OilRig remains a significant threat to governments and businesses, researchers at Palo Alto Network's Unit 42 report

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

A hacker has taken over at least 29 IoT botnets

Security Affairs

Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few week s with brute-force attacks.

IoT 114

First Physical Retaliation for a Cyberattack

Schneier on Security

Israel has acknowledged that its recent airstrikes against Hamas were a real-time response to an ongoing cyberattack. From Twitter : CLEARED FOR RELEASE: We thwarted an attempted Hamas cyber offensive against Israeli targets.

IT 114

Password Reuse, Misconfiguration Blamed for Repository Compromises

Dark Reading

Armed with stolen credentials from another breach or from a misconfigured file, attackers delete developers' repositories on GitHub, Bitbucket, and GitLab, leaving behind ransom notes

New Skimmer Attack Steals Data From Over 100 Ecommerce Sites

Data Breach Today

Malicious JavaScript Steals Credit Card Data A new skimmer attack that has injected malicious JavaScript into the payment sections of 105 ecommerce websites is stealing credit card and other customer data, security researchers warn.

A bug in Mirai code allows crashing C2 servers

Security Affairs

Ankit Anubhav, a principal researcher at NewSky Security, explained how to exploit a vulnerability in the Mirai bot to crash it.

IoT 114