Managing Threats & Attacks – Page 10

Ransomware, get your ransomware here, and you too can share in the profits!

Nov 01 2018

By Cameron Abbott and Colette Légeret

The expansion of the “service industry” into malware-as-as-service (MaaS), is not the only cyber-attack available online, Bleeping Computer found ransomware-as-a-service (RaaS), that not only uses FilesLocker malware and targets Chinese and American victims, it also offers users a sliding commission pay-scale that rises the more ransomware victims infected.

Bleeping Computer was put on the trail of this RaaS by security researcher, Neutral8✗9eR, who saw it being marketed through a Chinese malware forum on TOR.

Step right up and get your malware – no skill required, prices start at $20!

Oct 31 2018

By Cameron Abbott and Colette Légeret

It seems that the “service industry” has expanded into cyber-crime without us knowing about it as the Fortinet research team recently discovered. They came across malware-as-a-service schemes available on several Dark Web forums, with one designed as an easy-to-use point of entry for beginner Distributed Denial of Service (DDoS) attackers.

The DDoS kit disguises itself as a legitimate “booter” or “stresser” service and as it is relatively easy to set-up, almost anyone can go into the “DDoS a website for a fee” business. Some of the offerings are incredibly customisable. The research team found one such service that went operational on 17 October 2018 called “Ox-booter” which uses the Bushido botnet for its attacks. Bushido itself is relatively new, having only been identified in September 2018.

Sony Smart TV’s ….clearly not smart enough, or secure!

Oct 14 2018

By Cameron Abbott and Jessica McIntosh

Security researchers at Fortinet have found flaws in eight Sony Bravia Smart TV models and consequently have got us all thinking…… just how vulnerable does having a smart TV make us?

According to Fortinet the flaws found can facilitate complete ‘remote code execution with root privilege’, in other words – those with a Sony Smart TV are left totally exposed to an attack!

Move over Mirai – Torii is tipped to be the new botnet boss

Oct 05 2018

By Cameron Abbott and Jessica McIntosh

It’s been hailed a true example of the evolution of IoT malware with researchers from security vendor Avast last week explaining in detail just how persistent and powerful this “new” strain of botnet can be. According to Avast, Torii is a “level of sophistication above anything they have seen before”.

For us, it’s newly found cutting-edge techniques and features mean it is a threat to EVERY type of computer and device… it’s a threat to all of us.

Tesco Bank fined £16.4 million for failing to protect account holders against an avoidable cyber-attack in 2016

Oct 04 2018

By Cameron Abbott and Colette Légeret

The UK’s banking watchdog, the Financial Conduct Authority (FCA), has fined Tesco Bank, the banking arm of UK supermarket chain Tesco, £16.4 million (approximately AU$29.5 million) for failing to exercise due skill, care and diligence in protecting its personal current account holders against a cyber-attack that occurred in 2016.

This cyber-attack affected thousands of account holders and netted the cyber-criminals £2.26 million (approximately AU$4.07 million) in 48 hours. It was described, at the time, as an unprecedented assault against a UK regulated bank.

2018 Trends in Cyber-crimes so far…

Sep 23 2018

By Cameron Abbott and Colette Légeret

The first half of 2018 has been busy for cyber-criminals and cyber-security alike. According to Trend Micro, cryptocurrency mining detections have jumped 96% in this six month period compared to the total number detected in 2017.

In that same time, over 20 billion threats were blocked by Trend Micro’s Infrastructure, a few billion threats less than in the first half of 2017. Of these threats, less were “spray and pay” ransomware attacks and breaches, as cyber-criminals are flying under the radar with crypto-jacking, along with fileless, macro and small file malware techniques.

Cyber-attack on Bristol Airport – Ransomware leaving travellers in the dark about their flights!

Sep 20 2018

By Cameron Abbott and Colette Légeret

In response to a cyber-attack on the administrative systems of Bristol airport, believed to be ransomware, the airport took a number of applications down as a precautionary measure, including the application that provides flight data for flight information screens.

Cyber-criminals outspend organisations more than 10 times in bid to find cybersecurity weaknesses – who says cyber-crime doesn’t pay?

Sep 17 2018

By Cameron Abbott, Rob Pulham and Colette Légeret

Cyber attackers are able to search for that one weak link in corporations defences whereas corporates have to create a completely strong chain of defence against every possible scenario. This asymmetrical fight would you think mean organisations would have to outspend attackers by many multiples.

However, according to software company, Carbon Black, the situation is worse than that because it appears that cyber criminals are outspending corporation! Cyber-crime is big business, and as such, cyber-criminals are spending an estimated $1 trillion each year on finding weaknesses in the cyber defences of organisations and developing new ways of attacking them, in comparison to the $96 billion spent by organisations in an attempt to secure themselves from these cyber-attacks.

IoT devices, they’re smart, stylish but not secure! Now they can melt down the power grid.

Aug 30 2018

By Cameron Abbott and Jessica McIntosh

Internet-of–things (IoT) devices are considered part and parcel of modern day living, however it can no longer be overlooked, this so called ‘smart technology’ continues to spark serious security concerns. Until recently concerns centred on individual security and privacy, now Princeton University has widen the scope and found (if compromised) IoT devices have the potential to disrupt the power grid. It’s worth repeating, researchers at Princeton University last week presented at the 27th USENIX Security Symposium in Baltimore (US) and stated high – wattage IoT devices, dubbed BlackIoT, pose a significant risk to power grids. As a result, local power outages and large-scale blackouts could be a likely consequence of compromised IoT devices.

This new type of attack, labelled the ‘manipulation of demand via IoT’ (MadIoT) involves attackers leveraging a botnet, powered by Wi-Fi enabled high- wattage devices such as air conditioners and heaters to manipulate the power demand in the grid. This allows an attacker to hijack the devices in totality and simultaneously switch them on or off.

The scenario played out was ‘if the sudden increase in demand is greater than the threshold, it can cause the system’s frequency to drop considerably before primary controllers can react’. This instability can result in the activation of the generators’ protective relays, loss of generators and finally a blackout. Whilst it is estimated an attacker would need a botnet of approximately 90,000 air conditioners and 18,000 heaters within a specified geographical area, experts say this is by no means an impossible task.

The newly discovered vulnerability reinforces how important it is that consumers and companies alike perform their own due diligence with respect to integrating IoT devices, time and time again we are seeing these devices being stylish and trendy but not well secure. Therefore, assumptions can no longer be made regarding the adequacy of in built security – instead manufactures must recognise the importance of secure coding practices so this new type of abuse can be easily detected and dealt with. Government sponsored attacks would find these forms of vulnerability very attractive.

FAKE APPS FIND A WAY TO GOOGLE PLAY!

Aug 05 2018

By Cameron Abbott and Jessica McIntosh

Over the last two months a string of fake banking apps have hit the Google Play store, leaving many customers wondering whether they have been affected by the scam. A report by security firm ESET found users of three Indian banks were targeted by the apps which all claimed to increase credit card limits, only to convince customers to divulge their personal data, including credit card and internet banking details. The impact of this scam was heightened as the data stolen from unsuspecting customers was then leaked online by way of an exposed server.

Catagory:Managing Threats & Attacks