Tag Archive for: ‘Bad

How bad can they get and how do you fight a cyberwar?

/in


On the morning of June 27, 2017, it seemed as if Ukraine had slipped back in time and into the wrong century – almost nothing worked. Not the ATMs, the trains, the airports, the television stations. Even the radiation monitors at the old Chernobyl nuclear plant were down.

Ukraine, in the midst of a long and undeclared war with Russia, had been hit by mysterious blackouts before but this was eating through computer networks at a terrifying pace, turning screens dark across the country. And it seemed to be spreading further than intended, out through Europe and around the globe, paralysing hospitals and companies from London to Denver, even the Cadbury chocolate factory in Tasmania, and bringing swathes of the world’s shipping to a halt. By the time the culprit – a wild variant of malicious computer code (or worm) known as NotPetya – was stopped hours later, it had looped back into Russia, where it originated, and racked up about $US10 billion ($12.9 billion) in damage worldwide, making it the most expensive cyber attack to date.

No one died but the world had been given a glimpse of a new reality, beyond cyber espionage or sabotage. This was cyberwar. With modern life more connected than ever, you could unplug a nation before you’d even fired a shot.

Today, cyber weapons feature in the opening moments of most countries’ war plans, but they are deployed in peacetime, too, and the line between espionage, vandalism and outright attack is far from clear.

In 2016, the Australian government broke its relative silence on the cyber threat, revealing for the first time that Australia was actively engaged in cyberwarfare (against the terrorist group Islamic State in Syria and Iraq) and warning of a coming “cyber storm”. The army’s newest head of Information Warfare, Major General Susan Coyle, says it is now seeing an “exponential growth” in the range and sophistication of cyber weapons. Top companies and universities have been mined for personal data or found their networks suddenly paralysed; even Parliament itself has been infiltrated. But Coyle says Australia’s cyber forces are being rapidly trained to meet the…

Source…

Bad Bot Report 2021: The Pandemic of the Internet

/in


The 8th Annual Bad Bot Report is now available from Imperva. Created using data from Imperva’s Threat Research Lab, it provides a comprehensive look at the bad bot landscape and the impact that this malicious traffic has across multiple industries.

Bad bot traffic amounted to 25.6 percent of all website traffic in 2020. This means that a record-breaking quarter of all internet traffic originated from bad bots last year.

Bad Bod Report Fig 1

Key findings from the 2021 Bad Bot Report:

Bad bot traffic now accounts for a quarter of all internet traffic. Increasing by 6.2 percent from the previous year, bad bot traffic now represents no less than a quarter of all internet traffic. Good bot traffic has risen 16 percent from last year, amounting to 15.2 percent of all traffic. Astoundingly, regardless of the increase in human traffic due to the global pandemic, human traffic decreased by 5.7 percent from last year to 59.2 of all traffic.

Telecom and ISPs were hit the hardest by bad bots. The bad bot problem is a cross industry one. Due to the wide variety of nefarious activities bad bots are capable of, such as account takeover using credential stuffing, to scraping of proprietary data, Grinchbots and more, their targets are varied, too. The top 5 industries with the most bad bot traffic include Telecom & ISPs (45.7%), Computing & IT (41.1%), Sports (33.7%), News (33%), and Business Services (29.7%).

Moderate and sophisticated bad bots still constitute the majority of bad bot traffic. Categorized as Advanced Persistent Bots or APBs, these accounted for 57.1 percent of bad bot traffic in 2020. These are plaguing websites and often avoid detection by cycling through random IP addresses, entering through anonymous proxies, changing their identities, and mimicking human behavior.

Bad bots have taken a liking to mobile identities. While Chrome remains a favorite identity for bad bots to impersonate, its overall share significantly dropped in 2020. Mobile clients like Mobile Safari, Mobile Chrome and others accounted for 28.1 percent of all bad bot requests in 2020. This is a significant increase compared to last year’s 12.9 percent.

Bad bots often originate from the same country they…

Source…

Security Researchers Find Zoom Vulnerabilities That Would Have Let Bad Actors Take Over Your Computer

/in


A pair of security researchers revealed several zero-day vulnerabilities in Zoom in recent days that would have let hackers take over someone’s computer even if the victim hadn’t clicked anything. Zoom confirmed to Gizmodo that it released a server-side update to address the vulnerabilities on Friday and that users did not need to take additional action.

The vulnerabilities were identified by Dutch researchers Daan Keuper and Thijs Alkemade from Computest Security, a cybersecurity and risk management company, as part of the Pwn2Own 2021 hacking competition hosted by the Zero Day Initiative. Although not many specifics are known about the vulnerabilities because of the competition’s disclosure policy, in essence, the researchers used a three-bug chain in the Zoom desktop app to carry out a remote code execution exploit on the target system. 

The user did not need to click anything for the attack to successfully hijack their computer. You can see the bug in action below.

According to MalwareBytes Labs, which cited a response from Zoom, the attack needed to originate from an accepted external contact or be part of the target’s same organizational account. It also specifically affected Zoom Chat, the company’s messaging platform, but did not affect in-session chat in Zoom meetings and Zoom video webinars.

Keuper and Alkemade won $US200,000 ($262,380) for their discovery. This was the first time the competition featured the “Enterprise Communications” category — given how acquainted all of us are with our screens because of covid-19, it’s no wonder why — and Zoom was a participant and sponsor of the event.

In a statement on Keuper and Alkemade’s win, Computest said that the researchers were able to almost completely take over the targeted systems, performing actions such as turning on the camera, turning on the microphone, reading emails, checking the screen, and downloading browser history.

“Zoom took the headlines last year because of…

Source…

Bad password practices. Data scraping and data dumps. Sidestepping privacy protections. No honor among thieves.

/in


At a glance.

  • Password users behaving badly.
  • Implications of the Facebook data dump.
  • Sidestepping Apple privacy policies.
  • Crooks mistreating other crooks.
  • Comment on the LinkedIn data scraping incident.

Passwords: out of sight, out of mind. (And out of control.)

There’s a battle raging between two conflicting forces: the need for secure passwords, and the frailty of human memory. The LastPass Blog explores the results of a recent survey they conducted on two thousand Americans and their password habits. While 70% feel they have too many passwords to remember, on average they use the same password over six sites. And with the surge in remote work meaning most individuals need to access various accounts on multiple devices, 65% experience anxiety when they realize they’re using a device that doesn’t have the password they need. SiliconANGLE notes that, according to the Workplace Password Malpractice Report, 62% of US employees write their passwords down on a piece of paper. TechRadar adds that while a whopping 81% store that piece of paper right next to the device the password is meant to protect, and 67% admit they don’t even know where that paper is. Nearly half store their passwords in an unprotected document in the cloud, and troublingly, nearly two-thirds have shared their password with someone via text or email. 

What does the Facebook data leak mean for Facebook users?

Now that the Facebook data leak is front-page news, the big question has become, what can users do if they fear they’re among the half-billion individuals exposed? Forbes explores the difficulty of trying to protect oneself in this type of situation. If it were just passwords that were exposed, changing login info would be an easy fix. But these hackers leaked data like names, birthdates, and addresses — things that are difficult to change on a whim — and all for free. 

CyberNews shares the views of several industry experts. “Putting it out for free also provides some cover should anyone try to trace the stolen data back to its source. Yet another explanation could be that a competing criminal element or other entity put the data out there to demonetize it and take value away from the criminals,” said…

Source…