Tag: Aimed | Page 2

Conti ransomware attack was aimed at destabilizing government transition, Costa Rican president says

April 22, 2022/in Computer Security

Several systems operated by the government of Costa Rica were hit with a ransomware attack this week, according to the country’s president Carlos Alvarado Quesada.

The Conti ransomware group added systems connected to several government agencies to its list of victims on Tuesday and Wednesday. Government officials confirmed Conti’s involvement.

Quesada said the attack was meant to “threaten the stability of the country in a transition situation.” The country elected a new president – former World Bank official Rodrigo Chaves – on April 4.

Quesada released a video addressing the ransomware attack on Thursday, telling the public that the country will not pay the ransom, which some have said is $10 million.

“It is not just an attack on the institutions affected, the government or importers and exporters. It is a criminal cyberattack on the state and the entire country. It cannot be separated from the complex global geopolitical situation in a digitalized world,” he said.

“There are several institutions that have been attacked, the most notable being the Ministry of Finance. Pension payments have already been deposited and social assistance, such as the Let’s Advance program, will start tomorrow as is scheduled. The same will be done next week with the public forms as well work is being done to standardize import and export processes.”

Quesada said the country was receiving support and assistance from private sector companies as well as the US, Israel and others.

Finance Minister Elian Villegas told Reuters that the group breached the platforms managing customs, which included troves of historical taxpayer information considered “sensitive.”

One exporter union estimated that $200 million was lost on Wednesday due to the bottlenecks caused by a fourth day of outages related to the disruption of the tax and customs platforms.

The Finance Ministry warned the country’s residents to be wary of phishing messages asking to create a new set of passwords.

HACIENDA NO ESTÁ SOLICITANDO LA REGENERACIÓN DE CLAVES

Si usted recibe llamadas o mensajes de dudosa procedencia, comuníquelo al OIJ, por medio de los números 800-8000-645 y 8800-0645.

Source…

Security Researchers Warn Of Massive Malware Campaign Aimed At Google Docs Users

January 6, 2022/in Computer Security

Google Docs pretty much revolutionized online collaboration when it came about. Instead of having to install clunky network software packages, or worse, use awkward remote desktop features, you could simply send your coworker or collaborator a web link and the two of you could work on a document simultaneously in your browsers. Google’s application package certainly wasn’t the first (or last) collaborative-editing software, nor even the first to work this way, but it was by far the most accessible given its price: free!

We’re speaking in the past tense because we’re talking about Google Docs’ public release back in 2012, but it’s not as if the application suite has become less popular. Thousands of businesses and millions of individuals rely on Google Docs. Naturally, that makes it even more of a massive, delicious target for bad actors than it already was, and Avanan (a security company under the Check Point umbrella) is warning of exactly such a danger.

The specific exploit in this case is pretty simple, and it makes use of features built into Google Docs intended to speed collaboration. Hackers open a public Google document and then add a comment, mentioning someone with an @. This automatically sends an e-mail to that person’s inbox that comes from Google itself and contains the full text of the comment, including dangerous phishing or malware links. To make matters worse, the e-mail of the commentor isn’t shown; only the name is included, which makes this feature perfect for impersonation attacks.

googleslidesattack — *An example of an attack e-mail. Image: Avanan (click to enlarge)*

Avanan says it has seen the attack used primarily targeting Outlook users, although it could be used for any e-mail address that is used to login to a Google account. The security firm says that the hackers it observed attempting this exploit used over 100 different G-mail accounts to create the fishy comments, likely knowing that the entire account would be creamed once Google got wind of its misdeeds.

Because the e-mail comes directly from Google and directly to a specific user, and because the e-mail doesn’t contain any e-mail addresses, this specific exploit punches right through most spam filters and content…

Source…

Huawei Suspended From Global Forum Aimed at Combating Cybersecurity Breaches – The Wall Street Journal

September 20, 2019/in Computer Security

Huawei Suspended From Global Forum Aimed at Combating Cybersecurity Breaches The Wall Street Journal

Huawei Technologies has been suspended from membership in a global trade group of companies, governments and experts set up to tackle computer security …

“computer security news” – read more

Alarming Increase in Targeted Attacks Aimed at Politically Motivated Sabotage and Subversion – Business Wire (press release)

April 26, 2017/in Internet Security

Alarming Increase in Targeted Attacks Aimed at Politically Motivated Sabotage and Subversion
Business Wire (press release)
… marked by extraordinary attacks, including multi-million dollar virtual bank heists and overt attempts to disrupt the U.S. electoral process by state-sponsored groups, according to Symantec's (Nasdaq: SYMC) Internet Security Threat Report (ISTR …

and more »

internet security news – read more

Tag Archive for: Aimed