Tag Archive for: Cybercriminals

Get Ahead of Cybercriminals With Extended Security Posture Management

/in


The COVID-19 pandemic may have started in 2020 but we are still reeling from its effects in 2021. While businesses and various organizations have struggled to stay afloat as it gets pummeled by the negative effects of the pandemic, cybersecurity teams are also facing their own significant challenges.

For one, the shift to work-at-home or remote work arrangements for many businesses has put a lot of strain on the IT department as it tries to configure and maintain the office network for remote access by employees working from many different locations. But another significant challenge for the IT team—which in itself may also be brought about by the pandemic—is the significant increase in the activity of malicious actors and cybercriminals.

A recent report published online revealed that in 2021, ransomware attacks surged by an alarming 148 percent. This dramatic increase in attacks has been attributed directly to the pandemic as more people are now working from home. Attackers know that there are now more exposed vulnerabilities and potential points of entry into networks because of the large number of users who access office networks remotely.

Another reason for the dramatic increase in attacks is the fact that hacking tools are now so readily available and easily accessible. There is even a growing industry of tools that take advantage of zero-day exploits to access the It infrastructure of organizations. It’s a lucrative business—given that zero-day exploits can have a value that could reach 1 million USD or even more in the open market.

With the alarming increase of malicious actors now operating with the sole purpose of taking advantage of networks in order to steal data, one thing is for certain. Cybersecurity needs to be beefed up.

Fortunately, while hackers are hard at work with their malicious intent, the good guys are also hard at work to try and thwart them. This is why it’s wonderful news for security experts all over the world that Extended Security Posture Management (XSPM) services are now available. This is a huge benefit to IT professionals.

 

Extended Security Posture Management to the rescue

Hackers will always try to be a step ahead of security teams because…

Source…

Men Sentenced for Providing ‘Bulletproof Hosting’ Services to Cybercriminals

/in


Two Eastern European men have been sentenced for providing “bulletproof hosting” services, which were used by cybercriminals between 2009 to 2015 to distribute malware and attack financial institutions and victims throughout the United States.

On June 28 and Oct. 20, Chief Judge Denise Page Hood of the U.S. District Court for the Eastern District of Michigan sentenced Pavel Stassi, 30, of Estonia, to 24 months in prison; and Aleksandr Skorodumov, 33, of Lithuania, to 48 months in prison, for their roles in the scheme.

According to court documents, Stassi and Skorodumov were members of a bulletproof hosting organization founded and led by two co-defendants, Aleksandr Grichishkin and Andrei Skvortsov, both 34 and of Russia. The group rented IP addresses, servers, and domains to cybercriminal clients who employed this technical infrastructure to disseminate malware used to gain access to victims’ computers, form botnets, and steal banking credentials for use in frauds. Malware hosted by the organization included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, which attacked U.S. companies and financial institutions between 2009 and 2015 and caused or attempted to cause millions of dollars in losses to U.S. victims. The defendants also helped their clients evade detection by law enforcement and continue their crimes uninterrupted by monitoring sites used to blocklist technical infrastructure used for crime, moving “flagged” content to new infrastructure, and registering all such infrastructure under false or stolen identities.

“Over the course of many years, the defendants facilitated the transnational criminal activity of a vast network of cybercriminals throughout the world by providing them a safe-haven to anonymize their criminal activity,” said Special Agent in Charge Timothy Waters of the FBI’s Detroit Field Office. “This resulted in millions of dollars of losses to U.S. victims. Cybercriminals may believe they are beyond the reach of the FBI and our international partners, but today’s proceeding proves that anyone who facilitates or profits from criminal cyber activity will be brought to justice.”

According to court filings and statements made in…

Source…

Cybercriminals hacking into vehicles pose major concerns

/in


COLORADO SPRINGS — We face cybersecurity threats every day on our devices and online accounts, but the hackers have now set their sites on something that could be even more dangerous, our cars.

Researchers at the University of Colorado Colorado Springs are working to better understand these threats and are sharing some of what they know.

“They can control all the major functions of the vehicle. So, they can control your door locks, they can control your acceleration, your breaks, your turning,” UCCS Assistant Professor of Computer Science Dr. Gedare Bloom said.

With funding from the National Science Foundation and the State of Colorado, Dr. Bloom and his team are on a mission to better understand these cyberattacks.

“So this is absolutely a national security issue. We rely on vehicles for everything. They are a critical infrastructure,” Dr. Bloom said. And these hacks are already happening. A Global Automotive Cybersecurity report by Upstream Security analyzed more than 200 cyber incidents in 2020.

The report found in one case a hacker took control of an entire connected vehicle fleet by exploiting a vulnerability. According to the research, there has been a 99% increase in cyber incidents in 2019 and a 94% increase year-over-year from 2016.

“So we saw the Colonial Pipeline where the attackers took down infrastructure,” Dr. Bloom said. “So if an attacker can take down one model of vehicle across the country simultaneously all of a sudden they have a huge lever to extort money out of the manufacturer of that particular model.”

Also, a hack on a trucking company would be a disaster when combined with a labor shortage and supply chain issues. “One semi-truck carrying a load of freight is probably as valuable as anything else that a cybercriminal can capture,” Dr. Bloom said.

The experts say any vehicle with connectivity could be subject to a hack, but newer vehicles with modern technology are the ones researchers are working to improve security measures.

“Modern vehicles that connect through 5G, cellular connections, or even through internet infrastructure,” Dr. Bloom said.

So, if you’re looking to buy a new car, researchers say it’s important to prioritize cybersecurity when making your…

Source…

Can Android phones be hacked by cybercriminals?

/in


Malware allows technothieves to spy on phone’s owner, steal financial info.

Android phone users in Canada and the United States should be wary of a new cybercrime technique that can steal personal information, control interaction with apps and steal account information from phone financial activities.

That’s the warning coming from California-based global online security firm Proofpoint whose threat analysts say short messaging services (SMS) are being targeted through malware attacks.

“Harvesting of personal information and credentials in this manner is extremely troublesome for mobile users because there is a growing market on the dark web for detailed personal and account data,” a Proofpoint report released Sept. 21 said.

Indeed, the technocrooks can even use an Android’s camera and microphone to spy on the phone’s owner.

The technique is called smishing, a phishing cybersecurity attack done over mobile text messaging.

“Mobile users should be on the lookout for this extremely advanced smishing lure that relies on multiple layers of obfuscation and entangled functions to cleverly hide its download as a software update that can take control of your phone and share personal information with the attacker,” said Jacinta Tobin, Proofpoint’s vice-president of Cloudmark Operations.

Those entangled functions have led to the malware being dubbed Tanglebot.

“TangleBot uses SMS text message lures with content about COVID regulations and the third dose of COVID vaccines to trick mobile subscribers into downloading malware, which then takes over their phone,” the Proofpoint report said.

If users click on the link about a third dose, a website appears notifying the user that the Adobe Flash player on the device is out of date and must be updated. If subsequent dialog boxes are clicked on, the TangleBot malware is installed on the Android.

Once that malware is installed, TangleBot is granted privileges to access and control many device functions, including contacts, SMS and phone capabilities, call logs, internet, camera and microphone, and GPS, Proofpoint found.

“The attacker can now make and block phone calls; send, obtain, and process text messages;…

Source…