Tag Archive for: Dropping

Planes dropping out of the sky. Your mobile rendered useless, just like your car. As a Netflix film portrays a nightmare that security experts insist is a very real prospect… How will YOU survive on the day an enemy state switches off the internet?

/in




An oil tanker ploughs into a tourist beach. Planes fall from the sky. Driverless cars run amok. The internet fails and the mobile network dies. Feral instincts take over as people fight for food, water and medicine amid the ruins of civilisation.

That is the nightmare vision depicted in Leave The World Behind, Netflix‘s recent hit film starring Julia Roberts and Ethan Hawke as a couple battling societal breakdown when the technology that underpins civilisation collapses.

It’s fictional, but it touches on deep-seated, real-life fears.

The film is produced by Michelle and Barack Obama‘s company, Higher Ground. The ex-president was closely involved in shaping the plot, which dramatises many of the cyber-security issues on which he was briefed during his eight years in the White House.

For our 21st-century lives are almost entirely dependent on complex technologies that many do not understand — and that can so easily be exploited by our enemies.

Maintaining a car, for example, was previously a job for any competent motorist and their local mechanic. Now our vehicles are computers on wheels, their inner workings a mystery.

A scene from Leave The World Behind. The film is produced by Michelle and Barack Obama’s company, Higher Ground
A nightmare vision of the future is depicted in Leave The World Behind, Netflix’s recent hit film starring Julia Roberts and Ethan Hawke as a couple battling societal breakdown when the technology that underpins civilisation collapses

We used to navigate with paper maps and landmarks. But with his car’s satnav out of action, Ethan Hawke’s character Clay Sandford is unable even to find his way to the nearby town.

Our telephone system used to run on sturdy copper wires, with handsets you could fix with a screwdriver. Now it is a branch of cyberspace.

So, too, is finance. Remember when a credit card’s embossed number left an imprint on a paper slip? Not any more. Our payment system depends wholly on electronic encryption.

What use is cash in the modern world? In the film, with the internet gone, it becomes a prized asset.

If the technologies we rely on break down, many of us will be as helpless as Hawke’s Clay Sandford. ‘I am a useless man,’…

Source…

Cyber Security Today, Jan. 11, 2023 – Debate on ransomware attacks dropping continues, beware of long-hidden backdoors and lots of patches released

/in


The debate on ransomware attacks dropping continues, beware of long-hidden backdoors and lots of patches released.

Welcome to Cyber Security Today. It’s Wednesday, January 11th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Another entry in the debate on whether ransomware attacks are going up or down has been issued. Last week researchers at Emsisoft said the truth in the U.S. is hard to figure out because so many attacks aren’t publicly reported. This week researchers at Delinea released a report saying a survey it paid for suggests ransomware last year was down significantly over 2021. Of the 300 American IT decision-makers surveyed, 25 per said they were victims of ransomware in 2022. By comparison, 64 per cent of respondents said their firm was hit in 2021. Respondents also said budgets for ransomware defence dropped last year, although that could be because IT leaders are folding defences against ransomware with defences against all types of cyber attacks. More worrisome, the number of companies with incident response plans dropped to 71 per cent last year from 94 per cent in 2022. There’s a link to the full report in the text version of this podcast.

Threat actors are known for installing back doors on victims’ IT infrastructure to enable their attacks. That’s why scouring an entire IT environment is vital after a successful breach of security controls to make sure back doors aren’t left around. The latest example comes in a report from researchers at U.K.-based S-RM Intelligence. It looked into an attack by the Lorenz ransomware gang. The gang exploited a vulnerability in an organization using Mitel’s VoIP phone system. However, it was able to do that by using a backdoor that had been installed five months before the ransomware was launched. One theory is an initial access broker compromised the victim’s IT infrastructure and installed the backdoor, then notified the Lorenz group. Whatever the explanation, it’s another example of why continuously searching for backdoors as well as patching vulnerabilities is essential.

Ransom demands linked to denial of service attacks aren’t talked about a lot. However,…

Source…

Hackers caught dropping malware into Microsoft Teams chats

/in


Microsoft Teams users have been told to be on alert after hackers were spotted slipping malicious .exe executable files into conversations on the app.

The files in question are capable of self-administration and can write data to the Windows registry, install DLL programs, and create shortcut links, according to Check Point firm Avanan.

Hackers are likely to be using email spoofing to first gain access to Teams, before attaching malicious .exe files labelled “User Centric” to conversations, according to the researchers.

Upon clicking, the file will automatically take control of the user’s computer.

Avanan cyber security researcher and analyst Jeremy Fuchs said hackers “can steal Microsoft 365 credentials from a previous phishing campaign, giving them carte blanche access to Teams and the rest of the Office suite”.

After gaining access to Teams, circumventing any existing security measures is remarkably easy, Fuchs noted. Teams’ default protections are lacking, with limited scans for malicious files and links. Most email security solutions do not provide robust protection for Teams, adding to the problem.

Teams is particularly vulnerable given that end users implicitly, and freely share sensitive information through the service.

“Medical staff generally know the security rules and risk of sharing information via email, but ignore those when it comes to Teams. Further, nearly every user can invite people from other departments and there is often minimal oversight when invitations are sent or received from other companies,” explained Fuchs.

Several steps can be taken to mitigate the attack potential, including installing a sandbox that downloads and inspects all for malicious content, implementing multiple layers of security across all forms of communication, including Teams, and encouraging end users to flag suspicious files.

Featured Resources

Oracle analytics for dummies

Freedom from data overload

Download now

Why smart businesses view a data fabric as an inevitable approach to becoming data driven

Adopting a data-driven strategy for success

Free Download

Putting the insurance industry back in safe hands

The role of payments in digital transformation

Free Download

The top three IT pains…

Source…

A security researcher with a grudge is dropping Web 0days on innocent users

/in
Image of ones and zeros with the word

(credit: Pixabay)

Over the past three weeks, a trio of critical zeroday vulnerabilities in WordPress plugins has exposed 160,000 websites to attacks that allow criminal hackers to redirect unwitting visitors to malicious destinations. A self-proclaimed security provider who publicly disclosed the flaws before patches were available played a key role in the debacle, although delays by plugin developers and site administrators in publishing and installing patches have also contributed.

Over the past week, zeroday vulnerabilities in both the Yuzo Related Posts and Yellow Pencil Visual Theme Customizer WordPress plugins—used by 60,000 and 30,000 websites respectively—have come under attack. Both plugins were removed from the WordPress plugin repository around the time the zeroday posts were published, leaving websites little choice than to remove the plugins. On Friday (three days after the vulnerability was disclosed), Yellow Pencil issued a patch. At the time this post was being reported, Yuzo Related Posts remained closed with no patch available.

In-the-wild exploits against Social Warfare, a plugin used by 70,000 sites, started three weeks ago. Developers for that plugin quickly patched the flaw but not before sites that used it were hacked.

Read 14 remaining paragraphs | Comments

Biz & IT – Ars Technica