Tag: Fully | Page 2

A zero-day iOS attack puts SolarWinds hackers at risk for a fully updated iPhone

August 1, 2021/in Internet Security

According to Google and Microsoft, a Russian national hacker who organized a SolarWinds supply chain attack last year was part of another malicious email campaign aimed at stealing web credentials from the Western European government. Exploited a zero-day attack on iOS.

so Position Google announced Wednesday, and researchers Maddy Stone and Clement Lesigne said at the time that “actors who may be backed by the Russian government” sent a message to government officials via LinkedIn. He said he exploited an unknown vulnerability.

Moscow, Western Europe, USAID

An attack targeting CVE-2021-1879 redirected the user to a domain that had a malicious payload installed on a fully updated iPhone due to zero-day tracking. According to researchers, the attack was consistent with a campaign by the same hacker who delivered malware to Windows users.

Campaigns are closely tracked to one Microsoft disclosed in May.. In that case, Microsoft has an account under USAID, the name Nobelium used by the company to identify the hackers behind SolarWinds supply chain attacks, which is the U.S. government agency that manages private foreign and development assistance. He said he had infringed first. By managing the account of the agency of the online marketing company Constant Contact, hackers can send emails that appear to be using an address that is known to belong to a US agency.

The federal government attributed last year’s supply chain attack to hackers working at Russia’s Foreign Intelligence Service (SVR for short).for 10 years or more, SVR has conducted malware campaigns targeting governments, political think tanks, and other organizations in countries such as Germany, Uzbekistan, South Korea, and the United States.target It contains 2014 US State Department and White House. Other names used to identify the group include APT29, Dukes, and Cozy Bear.

In an email, Shane Huntley, head of Google’s threat analysis group, confirmed the link between USAID-related attacks and iOS zero-day attacks on the WebKit browser engine.

“These are two different campaigns, but based on our visibility, we believe that the actors behind WebKit’s zero-day and USAID campaigns are the same group of…

Source…

Computer hacking may never fully go away even with the best new technology — and we may not want it to

July 20, 2021/in Computer Security

This wasn’t the first, nor it will be the last, such attack. However, certain details made cybersecurity experts worried: First, hackers used a zero-day exploit, i.e. a yet unknown flaw in the code, to execute their attack. Second, they targeted a company that isn’t as valuable a target as a bank, for example, but has a strategic significance due to its connection with the companies it serves.

According to experts, independent hackers are upping their game, employing advanced tools and strategies, acting like elite government-backed hackers, rather than mere criminals.

While I don’t necessarily disagree with this assessment, I can’t help but wonder if these experts have underestimated the global hacker community? Also, it is as if they’re not aware of the state and rapid growth of global data infrastructure.

Globalization and unification

We live in the era where digital globalization and unification have reached the highest levels in history. In addition to some benefits, this also brought multiple risks to the table.

One is centralization. Instead of having a decentralized structure that is fragmented across multiple nodes, the data is often stored in a unified system, which means there is a singular point of failure. When that system gets breached eventually, the attacker can gain access to more information and power than he would’ve had if he had accessed a walled-off segment of the same system.

This is especially the case with cloud-based services. The monopoly power of tech giants and service providers growing across the developed world is another pain point as it ensures that a handful of companies provides services to the vast majority of enterprises that share a unified infrastructure and software backbone.

While it may not be obvious to those less tech-savvy, it’s quite easy even for a newbie hacker to discern what operating system (OS), content management system (CMS), marketing technology (martech) platform or other point of entry his victims use, and what kind of vulnerabilities — if any — exist for the version the victim is currently using.

All that’s left is to execute the attack and cover his tracks.

Social engineering

Finally, one must…

Source…

iOS zero-day let SolarWinds hackers compromise fully updated iPhones

July 14, 2021/in Internet Security

The word ZERO-DAY is hidden amidst a screen filled with ones and zeroes.

The Russian state hackers who orchestrated the SolarWinds supply chain attack last year exploited an iOS zero-day as part of a separate malicious email campaign aimed at stealing Web authentication credentials from Western European governments, according to Google and Microsoft.

In a post Google published on Wednesday, researchers Maddie Stone and Clement Lecigne said a “likely Russian government-backed actor” exploited the then-unknown vulnerability by sending messages to government officials over LinkedIn.

Moscow, Western Europe, and USAID

Attacks targeting CVE-2021-1879, as the zero-day is tracked, redirected users to domains that installed malicious payloads on fully updated iPhones. The attacks coincided with a campaign by the same hackers who delivered malware to Windows users, the researchers said.

The campaign closely tracks to one Microsoft disclosed in May. In that instance, Microsoft said that Nobelium—the name the company uses to identify the hackers behind the SolarWinds supply chain attack—first managed to compromise an account belonging to USAID, a US government agency that administers civilian foreign aid and development assistance. With control of the agency’s account for online marketing company Constant Contact, the hackers could send emails that appeared to use addresses known to belong to the US agency.

The federal government has attributed last year’s supply chain attack to hackers working for Russia’s Foreign Intelligence Service (abbreviated as SVR). For more than a decade, the SVR has conducted malware campaigns targeting governments, political think tanks, and other organizations in countries like Germany, Uzbekistan, South Korea, and the US. Targets have included the US State Department and the White House in 2014. Other names used to identify the group include APT29, the Dukes, and Cozy Bear.

In an email, Shane Huntley, the head of Google’s Threat Analysis Group, confirmed the connection between the attacks involving USAID and the iOS zero-day, which resided in the WebKit browser engine.

“These are two different campaigns, but based on our visibility, we consider the actors behind the…

Source…

Transmit Security Introduces Fully Passwordless Authentication Solution

February 25, 2021/in Mobile Security

Transmit Security is looking to accelerate the end of passwords with the release of a completely passwordless security solution. BindID offers support for face and fingerprint recognition, taking advantage of the sensors and cameras that come embedded in modern IoT devices.

Transmit Security Introduces Fully Passwordless Authentication Solution

Unlike other solutions, BindID does not require the use of a dedicated app. Instead, organizations can integrate BindID into their existing infrastructure through the use of open standards and APIs, allowing customers to authenticate themselves and gain access to personal accounts and corporate materials with secure device biometrics.

The solution is compatible with virtually any connected device, and can also be used to protect channels and devices that do not have their own biometric scanners. In those cases, customers can use the biometric authentication features on their own mobile devices to verify their identities. As a result, BindID can be used to secure call centers and web channels in addition to individual devices and workstations.

Transmit is hoping that BindID will motivate companies to drop passwords as an authentication option, noting that most access control solutions still allow users to sign in with passwords should they choose to do so. BindID is intended as a full replacement, to the point that organizations would be able to delete all of the passwords in their database, and eliminate the security threat that they represent, once they decide to implement it.

Transmit went on to argue that businesses that adopt BindID will generate more revenue and garner more goodwill with a better customer experience. In that regard, the company cited a recent FIDO Alliance survey that found that roughly 60 percent of consumers have abandoned an online purchase as a direct result of the hassle associated with passwords.

“BindID marks the end of the password era,” explained Transmit Co-Founder and CEO Mickey Boodaei. “Users can authenticate through their mobile or any biometrics-enabled device without the need for an authentication app.”

BindID arrives several years after the 2017 debut of the Transmit Security Platform, which was Transmit’s previous mobile authentication offering. Trasmit is one of the…

Source…

Tag Archive for: Fully

Moscow, Western Europe, and USAID