Tag Archive for: institutions

Ensuring Basic Cybersecurity Presumptions in BiH Institutions

/in


The Audit Office of BiH Institutions conducted an audit of the performance of “Activities of BiH Institutions on ensuring the basic assumptions for cybersecurity”, which indicates that BiH institutions were not efficient in undertaking activities aimed at ensuring basic cybersecurity presumptions.

There is a lack of a strategic and legal framework for cyber security, and the Computer Security Incident Response Team for BiH institutions has not been established either.

The purpose of the performance audit was to determine whether the institutions of BiH are efficient in undertaking activities to ensure the basic assumptions for cyber security.

Only 14 out of 68 institutions of Bosnia and Herzegovina adopted information security management acts by the Information Security Management Policy. The consequences of the lack of basic assumptions for cybersecurity endanger the operations of public administration and can lead to the alienation of data and financial resources necessary for the functioning of the country and the daily life of citizens.

The recommendations were addressed to the Council of Ministers of BiH, the Ministry of Communications and Transport of BiH, the Ministry of Security of BiH and the institutions of BiH. The implementation of the recommendations should contribute to the provision of basic assumptions for cybersecurity and the improvement of cyber protection in the institutions of Bosnia and Herzegovina, announced the Audit Office of Institutions of Bosnia and Herzegovina.

Source…

New Android Trojan Targets Financial Institutions, Customers

/in


Blockchain & Cryptocurrency
,
Cryptocurrency Fraud
,
Cybercrime

MaliBot Steals Credentials, Cryptocurrency from Italian, Spanish Victims

Prajeet Nair (@prajeetspeaks) •
June 18, 2022    

New Android Trojan Targets Financial Institutions, Customers

A new strain of Android malware is targeting online banking customers and financial institutions, cybersecurity researchers at F5 Labs say.

See Also: Fireside Chat | Zero Tolerance: Controlling The Landscape Where You’ll Meet Your Adversaries

Dubbed MaliBot, the banking Trojan steals financial information, credentials, crypto wallets, personal data and cookies; bypasses multi-factor authentication codes; and remotely controls infected devices.

The malware disguises itself as a cryptocurrency mining app and so far has mainly targeted victims in Spain and Italy, a geographic range that’s likely to grow.

It likewise can be used for a wider range of attacks than just stealing credentials and cryptocurrency, says F5 Labs researcher Dor Nizar. “In fact, any application which makes use of WebView is liable to having the users’ credentials and cookies stolen.”

WebView allows Android users to view web search results inside unrelated active applications.

F5 Labs say it discovered MaliBot during a separate investigation into a different malware strain, FluBot.

Campaign Details

MaliBot’s command-and-control server, which…

Source…

Hackers claim to target Russian institutions in barrage of cyberattacks and leaks

/in


The hacking operation comes as the Ukrainian government
appears to have begun a parallel effort to punish Russia by publishing the
names of purported Russian soldiers who operated in Bucha, Ukraine, the site of
a massacre of civilians, and agents of the FSB, a major Russian intelligence
agency, along with identifying information like dates of birth and passport
numbers. It is unclear how the Ukrainian government obtained those names or
whether they were part of the hacks.

Much of the data released by the hackers and the Ukrainian
government is by its nature impossible to verify. As an intelligence agency,
the FSB would never confirm a list of its officers. Even the groups
distributing the data have warned that the files swiped from Russian
institutions could contain malware, manipulated or faked information, and other
tripwires.

Some of the data may also be recycled from previous leaks
and presented as new, researchers have said, in an attempt to artificially
increase the hackers’ credibility. Or some of it could be manufactured —
something that has happened before in the ongoing cyberconflict between Russia
and Ukraine, which dates back more than a decade.

But the hacking effort appears to be part of a campaign by
those opposing the Kremlin to help in the war effort by making it difficult for
Russian spies to operate abroad and by planting a seed of fear in the minds of
soldiers that they could be held to account for human rights abuses.

Dmitri Alperovitch, a founder of the Silverado Policy
Accelerator, a Washington think tank, and the former chief technology officer
at cybersecurity firm CrowdStrike, said there was reason to maintain a healthy
scepticism about the reliability of some of the leaks.

But he added that the hacking campaign “once again may prove
that in the age of pervasive cyberintrusions and the generation of vast amounts
of digital exhaust by nearly every person in a connected society, no one is
able to hide and avoid identification for egregious war crimes for long.”

The leaks also demonstrate Ukraine’s willingness to join
forces with amateur hackers in its cyberwar against Russia. In early March,
Ukrainian officials rallied volunteers for hacking projects,…

Source…

Social Security Institutions Launch Digitalisation Programme to Rev Up Delivery Of Frontline Services in the Philippines – OpenGov Asia

/in



Social Security Institutions Launch Digitalisation Programme to Rev Up Delivery Of Frontline Services in the Philippines  OpenGov Asia

Source…