“Gone are the days of cruddy old phone lines and useless coax cable running to every building.” Mr. Sprague stated going on to say “It makes no sense to run those things in a new home when cable and satellite TV will be dead in 5 years and no one uses an analog phone service anymore.”
Throughout 2018 and 2019, malicious cyber actors used desktop sharing software to facilitate a range of network intrusion activities, using both authorized and unauthorized installations to gain control of victim systems and access to otherwise inaccessible files. Desktop sharing software has multiple legitimate uses, enabling telework, tech support, and file transfers, but can also be exploited through malicious actors’ use of social engineering tactics and other illicit measures. Specifically, cyber actors typically convince victims to voluntarily download and install the desktop sharing software, often through the guise of providing technical support or with the assistance of corrupt insiders. Cyber actors also use stolen credentials to access victim systems through existing desktop sharing software installations. This gives cyber actors complete control over an affected system, enabling them to perform a range of malicious activities.
“They contacted me to become a "shipping clerk" where I received packages to my address, inspected them, and rerouted them to their international customer. The compensation was said to be 2500/month before taxes. I was contacted by HR, had two supervisors I reported to, signed a DOCUSIGN document from HR confirming my employment. I had a phone interview with 3 "levels" from the business. I even got offered a "promotion" 3 weeks in because I was a promising new hire. My pay day came and went, and when I talked to HR about it they suddenly didn't know who I was…” —a military spouse from North Carolina
Cyber security is complicated. Cyber security tips are not. To be an expert, it takes years of training and experience to ensure that all aspects of what can go wrong are accounted for and understood. But for the Average Joe, that amount of time and commitment is an unrealistic expectation. That’s why these six sexy, simple cyber security tips should be studied seriously by anyone who uses the internet (that’s you!).
An organization's culture highlights the beliefs and behaviors of employees and management. Recently, new trends of creating a security culture have grown in importance; one in which all individuals are alert for cyber threats, follow company policies and procedures and report all security incidents.
Texas law allows anyone to buy voter registration records. Driver's license records can be purchased by a wide range of people and companies for uses including "the normal course of business."
After acknowledging June 28 that portions of its network were affected, Nuance, based in Burlington, Massachusetts, is still picking up the pieces. In addition to transcription, Nuance named about 10 other affected products, including those used for radiology, billing and software that tracks quality of care.
The cover, GUCCIFER2, is not a particularly good one. The GUCCIFER2 website has only a single entry, the one claiming responsibility for the DNC hack. There is no history of this entity existing before the operation began (the oldest Google result is the GUCCIFER2 website.) In future I expect that services will develop “cover” entities for use in times of crisis, just like they prepare safe houses before they need them. Note to agencies: preparing and maintaining cover hacker identities should now be considered standard tradecraft, part of “putting the plumbing in place.”
Since Shamoon incidents feature the infiltration and escalation stages of targeted attacks, X-Force IRIS responders sought out the attackers’ entry point. Their findings pointed to what appears to be the initial point of compromise the attackers used: a document containing a malicious macro that, when approved to execute, enabled C2 communications to the attacker’s server and remote shell via PowerShell.
Online merchants are not supposed to store CVV2 codes, but hackers can steal the codes by placing malicious software on a company’s e-commerce site, so that the data is copied and recorded by the intruders before it is encrypted and transmitted to be processed.
FireEye recently detected malicious Microsoft Office RTF documents that leverage a previously undisclosed vulnerability. This vulnerability allows a malicious actor to execute a Visual Basic script when the user opens a document containing an embedded exploit. FireEye has observed several Office documents exploiting the vulnerability that download and execute malware payloads from different well-known malware families.
FireEye shared the details of the vulnerability with Microsoft and has been coordinating for several weeks public disclosure timed with the release of a patch by Microsoft to address the vulnerability. After recent public disclosure by another company, this blog serves to acknowledge FireEye’s awareness and coverage of these attacks.
FireEye email and network products detect the malicious documents as: Malware.Binary.Rtf.
The attack involves a threat actor emailing a Microsoft Word document to a targeted user with an embedded OLE2link object. When the user opens the document, winword.exe issues a HTTP request to a remote server to retrieve a malicious .hta file, which appears as a fake RTF file. The Microsoft HTA application loads and executes the malicious script. In both observed documents the malicious script terminated the winword.exe process, downloaded additional payload(s), and loaded a decoy document for the user to see. The original winword.exe process is terminated in order to hide a user prompt generated by the OLE2link.
The vulnerability is bypassing most mitigations; however, as noted above, FireEye email and network products detect the malicious documents. Microsoft Office users are recommended to apply the patch as soon as it is available.
FLARE Team, FireEye Labs Team, FireEye iSIGHT Intelligence, and Microsoft Security Response Center (MSRC).
Microsoft just landed another major government customer: the United States Army.
In an contract awarded to Microsoft partner Dell, the U.S. Army agreed to purchase 50,000 licenses of Microsoft Office 365, Microsoft announced in a blog post today. Office 365’s cloud-based work and collaboration apps include secure email, Microsoft’s Lync messaging app, SharePoint collaboration tools, and other Office web apps.
1. Cybercrime damage costs to hit $6 trillion annually by 2021. It all begins and ends with cybercrime. Without it, there's nothing to cyber-defend. The cybersecurity community and major media have largely concurred on the prediction that cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion just a year ago. "Cyber theft is the fastest growing crime in the United States by far" according to incoming U.S. President Donald Trump.
2. Cybersecurity spending to exceed $1 trillion from 2017 to 2021. The rising tide of cybercrime has pushed cybersecurity spending on products and services to more than $80 billion in 2016, according to Gartner. It's not clear if that includes an accounting of internet of things (IoT) device protection and total consumer spending on security. Global spending on cybersecurity products and services are predicted to exceed $1 trillion over the next five years, from 2017 to 2021.
3. Unfilled cybersecurity jobs will reach 1.5 million by 2019. This year, analysts and the media concluded there is a severe shortage of cybersecurity talent globally. There were 1 million cybersecurity job openings in 2016, and that is expected to reach 1.5 million by 2019. As a result, the cybersecurity unemployment rate has dropped to zero percent.
4. Human attack surface to reach 4 billion people by 2020. As the world goes digital, humans have moved ahead of machines as the top target for cybercriminals. Microsoft estimates that by 2020 4 billion people will be online — twice the number that are online now. The hackers smell blood now, not silicon.
5. Up to 200 billion IoT devices will need securing by 2020. Intel claims that the number of connected devices could surge to 200 billion by 2020, up from 15 billion in 2015. Cisco and Microsoft have both predicted 50 billion devices will be connected to the Internet by 2020. Regardless of which estimate proves right, the bottom line is that the digital attack surface will grow massively over the next five years. Microsoft adds that by 2020 data volumes online will be 50 times greater than today.