Tag: notices | SpinSafe

Hackers Spoof Post Office Notices To Spread Notorious Trickbot Malware

January 31, 2022/in Computer Security

Keep an eye on your email for messages from the U.S. Postal Service claiming that you’ve missed an important delivery. Cybercriminals are abusing the public’s trust in the USPS to trick victims into installing the resurgent Trickbot malware.

Images:

getty

Researchers at Cofense have been tracking a new Trickbot phishing campaign which began earlier this month. The “lure” the attackers are using is one that most of us have encountered during the pandemic: a missed parcel delivery.

The messages claim that no one was available to provide a signature and that the recipient will have to reschedule the delivery. The criminals “helpfully” note that you can simply print out the linked shipping invoice and present it at a nearby post office to set up a new time.

It’s easy enough to see why someone would hurriedly click the button to view the purported invoice. No one wants to miss a delivery, and it can be incredibly frustrating when you do miss one.

There have been enough delays to deal with over the past couple of years . To then have to endure yet another one because of a bit of bad timing is just the sort of thing that might make people click first and ask questions later.

Those who do click through to see what this “invoice” is all about are pushed to a .ZIP file that hides a boobytrapped Excel workbook. When it’s opened, a large screen attempts to coax users into turning off Excel’s built-in defenses via the yellow Protected View bar.

If the instructions are followed, a script is triggered that tells the victim’s computer to download the real malicious payload and Trickbot infects the system.

Trickbot has been circulating since 2016. It started out as a banking Trojan, but has since evolved into fully modular malware that can provide remote access to infected systems, steal Active Directory credentials from enterprise environments and distribute ransomware.

Throughout the first year of the pandemic, Trickbot’s controllers used COVID-19 lures to phish for victims. Then, late in 2020, a collaborative effort involving Microsoft’s Digital Crimes Unit, numerous law enforcement agencies, security and hosting providers struck a major…

Source…

UT Tyler proposes new cyber security degree program after FBI notices increase in ransomware attacks

October 18, 2021/in Computer Security

TYLER, Texas (KETK)- Many East Texas businesses and employees were forced to work online from home because of the pandemic and cyber hackers are taking advantage of that right now.

“A ransomware attacks a business every 11 seconds,” said FBI Special Agent, Matthew DeSarno. “We’ve seen an increase in cyber attacks against private sectors, companies, critical infrastructure, government agencies, supply chain attacks, intellectual property theft, and ransomware attacks. I mean, the stakes could not be much higher than they are.”

These cyber criminals are using phishing, extortion, and other internet fraud and profiting from our dependence on technology since the pandemic.

The FBI is currently investigating over 100 types of ransomware in Texas. The global ransomware damage costs are predicted to reach $20 billion by the end of this year, causing the FBI to issue this warning.

“If you are a small business owner and you get hit with what you believe to be ransomware, and you can’t access your data, and all of a sudden there’s some bad guy asking you for a ransom. We recommend you don’t pay the ransom,” said DeSarno.

Two East Texas school districts, Whitehouse and Lufkin ISD, were hit with cyber security attacks earlier this year. Pilgrim’s Pride in Nacogdoches and their parent company, JBS also were victims.

UT Tyler is proposing a new degree program in cyber security and data analytics to help address the shortage of cyber professionals.

“This program is really about giving the opportunity for people all over East Texas and beyond to be able to get some real good grounding information and studies in cybersecurity and data analytics,” said Computer Science Professor Dr. Tom Roberts.

This course offers the opportunity to take up to 27 hours in cyber security and nine hours in data analytics or vice versa. The course will be completely online for anyone who is interested.

Source…

Tax notices to IT cos: Govt decides to set up dispute resolution body

August 22, 2021/in Internet Security

ISLAMABAD: The government has decided to constitute a high-powered dispute resolution committee to resolve the issue of tax notices issued to the IT companies and resolution of outstanding tax-related matters of the IT sector.

Sources told Business Recorder that the decision has been taken during the last meeting of the Ministry of Information Technology, which was attended by the finance minister and federal minister for IT and Telecom for reviewing proposals for increasing IT export remittances in the country.

The meeting reviewed the foreign exchange regime for the IT companies. The meeting decided that the definition of the IT and IT-enabled services would be broadened. The revision and expansion of the definition of the IT/ITES sector would be done after seeking feedback of the IT sector.

The new definition of the IT and IT-enabled services has been drafted by the Pakistan Software Export Board (PSEB) in the light of feedback from the Pakistan Software House Association. The meeting also decided that a high-powered dispute resolution committee would be constituted. The committee would comprise the Federal Board of Revenue (FBR), MOIT, PSEB, and PASHA.

Massive incentives approved for IT, telecom sector: Amin

The proposed definition of the IT and IT-enabled Services: Information Technology Services (IT Services) and Information Technology Services (IT-enabled Services) include but not limited to IT consulting, software consulting, software design, software development, software product licensing, software customization, software implementation, quality assurance & testing, software support and maintenance, IT assessment and roadmap development, system support, system assembly, system integration, system designing and architecture, system analysis, system development, system operation, system maintenance, system up-gradation and modification, data warehousing or management, data storage services, data entry operations. data processing, data mining, data analytics. database management, online database access and retrieval, data migration or transfer, disaster recovery planning and management, business continuity planning and management, system security or protection, cyber…

Source…

Twitch Faces Sudden Stream of DMCA Notices Over Background Music

July 10, 2020/in Internet Security

There is obviously a great deal of action going on currently in the streaming world, spurred on in part by the COVID-19 crises that has many people at home looking for fresh content. Between the attempts to respond to social movements and tamp down “hateful” content to changes to the competitive landscape, streaming services are having themselves a moment. But with the sudden uptick in popularity comes a new spotlight painting a target on streaming platforms for everyone from scammers to intellectual property maximilists.

Twitch has recently found itself a target for the latter, suddenly getting slammed with a wave of DMCA notices that appear to focus mostly on background music.

Copyright strikes are an occupational hazard for many Twitch streamers and content creators, but a recent surge of DMCA takedown requests has overwhelmed the community. Now, Twitch support staff has responded to complaints, stating that the claims are focused on clips with background music from 2017 to 2019, and recommending that streamers remove them. The tweets also state that this is the first time that Twitch has received mass DMCA claims against clips.

Given that Twitch is still most popular as a site for live-streams and let’s-plays of video games, the speculation is that a great deal of this is targeting clips that include video game music. And, as we’ve seen elsewhere, it’s also the case that scammers are currently using game music as a method to try to takedown or monetize the videos of others. Whether or not that’s what is going on here is anyone’s guess, as Twitch is making it fairly clear that the flood of notices is so large that it’s simply taking down content and advising its streamers to proactively take down anything that might include this sort of copyrighted content.

Except that leaves no room for a number of things, including arguments for Fair Use of certain music, not to mention streamers that may be using game music from individuals or companies that don’t mind their work being up on Twitch. In the case of the latter, this is where scammers can most insidiously insert themselves into the mix.

And, what’s more, even the lawyers are telling streamers not to counter the claims without getting an attorney, so fraught is the copyright landscape.

The action also prompted a response from advocates like Ryan Morrison, better known as the Video Game Attorney. Morrison advised content creators not to counter the claims without speaking to an intellectual property lawyer. “You are quite literally telling them you are going to continue what you’re doing unless they sue you,” he tweeted. “Don’t threaten billionaire companies to sue you. Lawyer up.”

So here’s this newly thriving ecosystem of Twitch streamers, creating content that is not a mere copy of anything, but may use some copyrighted content in streams, and a huge chunk of it could get disappeared either out of legal compliance by Twitch or proactive fear-based takedowns by the streamers themselves.

All over some clips including background music? I’m trying to picture myself explaining all of this to the framers of copyright law, but somehow I don’t think they’d get it.

Techdirt.

Tag Archive for: notices