Tag Archive for: media

Zero-day exploitation spikes | SC Media

/in


Threat actors actively exploited 97 zero-day vulnerabilities last year, which is more than 50% higher than in 2022 but lower than in 2021, reports BleepingComputer.

Most of the abused zero-days impacted operating systems, mobile devices, and other end-user platforms, according to a joint Google Threat Analysis Group and Mandiant report. While most state-sponsored attacks leveraging the security bugs were attributed to China, nearly half of all identified zero-days were exploited by commercial spyware vendors.

Among the notable spyware actors involved in zero-day exploits were the Intellexa Consortium behind the Predator spyware, the NSO Group behind the Pegasus spyware, and Variston associated with the Heliconia framework.

“Private sector firms have been involved in discovering and selling exploits for many years, but we have observed a notable increase in exploitation driven by these actors over the past several years,” said researchers.

Such a report comes weeks after sanctions have been imposed by the Treasury Department’s Office of Foreign Assets Control against Intellexa founder Tal Jonathan Dilian.

Source…

S.E.C. Social Media Hack That Sent Bitcoin Soaring Prompts Investigation

/in


The hack of a social media account used by the Securities and Exchange Commission is prompting both internal and external investigations into how the security breach occurred and whether anyone tried to profit from it, said the commission and several legal experts.

The S.E.C. said in a statement on Wednesday that it was coordinating an investigation into the hack that occurred the prior day “with appropriate law enforcement entities, including the S.E.C.’s Office of the Inspector General and the F.B.I.”

John Reed Stark, a former S.E.C. enforcement lawyer and regulatory consultant on cybersecurity, said the commission’s inspector general would need to investigate how a hacker was able to access the S.E.C.’s official account on X — formerly Twitter — to post a false message that the commission had approved several Bitcoin investment products.

“This is, unfortunately, a glaring failure of basic cyber-hygiene,” Mr. Stark said.

He also said federal prosecutors would very likely open a separate investigation into whether the hack was part of an attempt to profit from changes in Bitcoin’s price spiking. Mr. Stark added that it did not matter whether the hackers made any money from trading during the 15 minutes or so the post was online, but whether they had the criminal intent to do so.

Daniel Hawke, a partner at the law firm Arnold & Porter and a former director of the S.E.C.’s market abuse unit, said the fake post had all the hallmarks of an attempt to “manipulate the crypto markets.”

Some in Congress also want to learn more about the hack and the S.E.C.’s diligence. The House Financial Services Committee on Wednesday afternoon sent a letter to Gary Gensler, the S.E.C.’s chair, asking for a “briefing” on the incident no later than Jan. 17.

A spokesman for the Justice Department declined to comment. A spokesman for the S.E.C.’s inspector general said, “We are currently evaluating the circumstances and reviewing the S.E.C.’s statements.”

In a post on Tuesday night, X said that the hacker had used a phone number associated with the S.E.C. account, and that the government agency did not have the two-factor authentication security feature in place to…

Source…

SEC social media hack highlights value of MFA

/in


Cryptocurrency markets fluctuated wildly on the evening of Monday 9 January after the US financial regulator, the Securities and Exchange Commission (SEC), briefly appeared to claim it had approved spot bitcoin exchange-traded funds (ETFs) for the first time.

The fake announcement was made via X, the service formerly known as Twitter, at around 9pm GMT on 9 January, and was widely reported at the time. It stated that the SEC had granted approval for bitcoin ETFs on all registered national securities exchanges, which it may yet do later this week, and will be a landmark moment for crypto assets should it happen.

The statement, which was swiftly retracted, was in fact the result of a compromise of the SEC’s X account, which was confirmed by chair Gary Gensler moments later.

“The @SECGov Twitter account was compromised, and an unauthorised tweet was posted,” said Gensler via X. “The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.”

Computer Weekly understands the SEC was able to regain control of the account within an hour.

Following an investigation overnight, a spokesperson for X, which has been beset with problems since its takeover by erratic billionaire Elon Musk, said: “We can confirm that the account @SECGov was compromised and we have completed a preliminary investigation.

“Based on our investigation, the compromise was not due to any breach of X’s systems, but rather due to an unidentified individual obtaining control over a phone number associated with the @SECGov account through a third party.

“We can also confirm that the account did not have two-factor authentication [2FA, MFA] enabled at the time the account was compromised. We encourage all users to enable this extra layer of security,” they said.

ESET global cyber security adviser Jake Moore said: “This proves that accounts on X continue to be targeted, and if an official account is compromised, then serious consequences can follow. Cryptocurrency scams remain the focal point, and with social pressure on X, they can still reap huge gains.

“Legitimate third-party access compromise or targeted social engineering are still the most common ways to…

Source…

Novel technique bolsters Remcos RAT stealth | SC Media – SC Media

/in



Novel technique bolsters Remcos RAT stealth | SC Media  SC Media

Source…