SecuitNEWS

Hackers Applying HTML Smuggling To Distribute Malware – E Hacking News   Another latest spam E-mail operation, which abused a technique named “HTML smuggling” to circumvent E-mail security measures and transmit malware on users’ devices, was identified by Microsoft’s security team. This campaign has been going on for weeks.  Microsoft Corporation is an international American technology firm that develops computer software, consumer devices, computers, and associated services.  HTML smuggling is a method used to overcome security systems by malicious HTML generation behind the firewall – in the browser at the targeted endpoint.  Sandboxes, proxies, and sandboxes leveraging HTML5 and JavaScript characteristics bypass the conventional network security methods such as E-mail scanners. This is by producing the destructive HTML code on the target device in the browser that is already located within the network security perimeter.  Typically network security s...

Former Goldman Sachs CIO, joins fintech start-up Advisory Board illumr removes bias in AI for financial services organisations Damian Sutcliffe, the former EMEA CIO for Goldman Sachs has joined illumr’s advisory board. Damian Sutcliffe Damian retired from a 20-plus year technology career at Goldman Sachs Group Inc., including the last five years as Chief Information Officer for EMEA. Over the course of his career, Damian held a range of senior management roles in London, Tokyo & New York delivering large-scale digital and data transformation initiatives. He is an external advisor at McKinsey and is currently completing a PhD at Cambridge University. Jason Lee, CEO and Co-Founder of illumr comments: “We are thrilled to have Damian join our Advisory Board. His guidance and input will be invaluable in the development of Rosa, illumr’s AI de-biasing solution. “Algorithms affect our daily lives more and more. However, instead of being an objective arbiter, these algorithms...

Episode 3 of What the Hack Is All About Sextortion Web camera on laptop. A laptop camera, concept for big brother, surveillance or internet computer security. Watching people without knowledge. Monitoring system. Equipment for video chat. Privacy. If there’s one thing that Covid-19 proved, it’s that there’s no end to how low threat actors will go to turn a profit. Unemployment fraud spiked , medical research facilities were hacked , phony vaccination cards were sold on the dark web , the list is virtually limitless and the perpetrators utterly shameless. Among the scams that exploded in popularity this year is email sextortion. Chances are good that you’ve seen one of these scams lurking in your spam folder. The gist is that someone allegedly placed malware on your computer and captured footage of you watching porn.  The footage, according to the hacker, will be deleted if you send along a tidy sum of money to a bitcoin account. If the ransom isn’t paid, the scammer t...

Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees An Iranian cyberespionage group masqueraded as an aerobics instructor on Facebook in an attempt to infect the machine of an employee of an aerospace defense contractor with malware as part of a years-long social engineering and targeted malware campaign. Enterprise security firm Proofpoint attributed the covert operation to a state-aligned threat actor it tracks as TA456, and by the wider cybersecurity community under the monikers Tortoiseshell and Imperial Kitten. “Using the social media persona ‘Marcella Flores,’ TA456 built a relationship across corporate and personal communication platforms with an employee of a small subsidiary of an aerospace defense contractor,” Proofpoint said in a report shared with The Hacker News. “In early June 2021, the threat actor attempted to capitalize on this relationship by sending the target malware via an ongoing email communication chain.” Earlier this month,...

Security breaches where working from home is involved are costlier, claims IBM report • The Register Firms looking to save money by shifting to more flexible ways of working will need to think carefully about IT security and the additional cost of breaches linked to staff working from home. That’s according to the latest annual “Cost of a Data Breach Report” conducted by Ponemon Institute along with IBM Security, which found that the average total cost of a remote-working data breach was more than $1m higher than cyberattacks where remote working wasn’t a factor. The report – based on what it calls “real-world data breaches” from more than 500 organisations across the globe – found that the average cost of a cyber incident is now a record-topping $4.24m. But when analysts looked at organisations where remote working was involved, they found that the average total cost of a data breach was above average – just shy of $5m. Ever since the pandemic took a lead role in 202...

Cyberattacks Zero in Tokyo Olympics as Games Begin – E Hacking News   Malicious malware and websites have targeted both event organizers and regular spectators as the Tokyo Olympics’ opening ceremony approaches.  According to Tokyo-based Mitsui Bussan Secure Directions, this malware was published to the VirusTotal malware-scanning site on 20 July and has been identified by numerous antivirus software companies throughout the world.  A fraudulent PDF file masquerades as a Japanese-language document on cyberattacks associated with the Olympics. When users open it, malware enters their computer and deletes the documents. The dubious PDF was allegedly sent to Japanese event officials by hackers in an effort to erase important Olympics-related data.  Takashi Yoshikawa of MBSD cautioned concerning the “wiper” malware. The so-called Olympic Destroyer virus caused severe system interruptions at the 2018 Winter Games in Pyeongchang, South Korea.  TXT, LOG, and C...

Top 7 Penetration Testing Companies in the USA Top Rated Penetration Testing Companies in the USA: The top-rated list of Penetration Testing Companies is based on companies that offer true penetration testing (pen testing) with remediation planning and does not include the variety of do-it-yourself penetration testing software. Why is Penetration Testing Important Cyber threats have increased dramatically over the last few years, and cybercriminals have easy access tools to breach organizations of any size. Smaller businesses are considered “low hanging fruit” to hackers, but as we’ve seen mid-sized and enterprises are not as equipped as they should be to handle the current threat landscape. One of the most powerful strategies a company of any size can implement is of course penetration testing. Wesecureapp   Wesecureapp is a pioneer service provider in the field of penetration testing companies in the USA, who consistently deliver improved results to their clients, as...

Waging a War on Cybercrime With Big Data and AI Some 95% of today’s compromises are either zero-day exploits or malware-free attacks; that means that signature-based behavioral defenses only work for 5% of attacks, says Joe Head of Intrusion Inc. He discusses how to use massive lists of historical data to train artificial intelligence to spot and stop malicious activity. “We have an embarrassment of riches in terms of our inventory of the internet, and we have identified 5.1 billion things that are safe and 3.4 billion that are unsafe. We add AI on top of that,” he says. In this episode of “Cybersecurity Unplugged,” Head discusses: How robust security can make up for lapses in human behavior; How the Intrusion Shield product satisfies the principles of zero trust; How big data, historical reputation references and AI can help to win the war on cybercrime. Head is co-founder of Intrusion Inc., a cybersecurity company that leverages real-time AI to thwart cyberattacks before...

UBEL is the New Oscorp — Android Credential Stealing Malware Active in the Wild An Android malware that was observed abusing accessibility services in the device to hijack user credentials from European banking applications has morphed into an entirely new botnet as part of a renewed campaign that began in May 2021. Italy’s CERT-AGID, in late January, disclosed details about Oscorp , a mobile malware developed to attack multiple financial targets with the goal of stealing funds from unsuspecting victims. Its features include the ability to intercept SMS messages and make phone calls and perform Overlay Attacks for more than 150 mobile applications by making use of lookalike login screens to siphon valuable data. The malware was distributed through malicious SMS messages, with the attacks often conducted in real-time by posing as bank operators to dupe targets over the phone and surreptitiously gain access to the infected device via WebRTC protocol and ultimately conduct unauth...

Cybersecurity for Small Businesses. Tips you need to know. One might think that threat actors target only big enterprises, so small businesses are left out of sight. This is unfortunately not true. Cybersecurity for small businesses should be a top priority for all organizations. Statistics show that businesses that have less than 100 employees are being affected by 76% of cyberattacks. Why? As threat actors know that these are easy to get to, due to a lack of proper security system protection and expertise. These organizations work on a budget. Small businesses do not afford to invest in experts and tools to keep them well protected and do not have the time to be informed on cybersecurity. Disregarding cybersecurity for small businesses could lead to real damage. Thus, they should pay $3,533 per employee in case of a cyberattack. The life of a data breach takes 279 days because risk can be identified in 206 days and contained in 73 days. Recently, cyberattacks have grown, especi...

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan (RAT) on compromised systems. Attributing the intrusions to a threat actor named PKPLUG (aka Mustang Panda and HoneyMyte), Palo Alto Networks’ Unit 42 threat intelligence team said it identified a new version of the modular PlugX malware, called Thor, that was delivered as a post-exploitation tool to one of the breached servers. Dating back to as early as 2008, PlugX is a fully-featured second-stage implant with capabilities such as file upload, download, and modification, keystroke logging, webcam control, and access to a remote command shell. “The variant observed […] is unique in that it contains a change to its core source code: the replacement of its trademark word ‘PLUG’ to ‘T...

Frequently asked questions on Extended Detection and Response This article answers a few of the more common questions from those who are trying to figure out the XDR space. Image: iStock/LeoWolfert As is expected with any new market segment or capability, questions about extended detection and response (XDR) abound. This article answers a few of the more common questions from those that are trying to figure this space out.  What Is XDR?  An incredibly simplified way of thinking about XDR is that it is EDR++.  A more complex (but accurate) way of thinking about XDR is:  There are tools on the market today that take traditional approaches to security operations: ingesting data from across the environment and performing security analytics on top of it. In contrast, there’s a set of tools on the market today that are innovating to provide a different approach: performing detections based on where the data is.  This has been the point of view of endpoin...