Tag Archive for: real

Security firm now says toothbrush DDOS attack didn’t happen, but source publication says company presented it as real

/in


Update 2 — 2/9/2024 6:30am PT: The security company at the nexus of the original report that three million toothbrushes were used in a DDOS attack has now retracted the story and claimed it was a result of a mistranslation — but according to the news outlet that published the initial report, that statement isn’t true. The reports of this story are not based on a mistranslation by the media. The publication claims Fortinet presented the story as having actually happened and approved the text of the article, which had been submitted to Fortinet prior to publication.

Here’s the Aargauer Zeitung’s (the source of the story) statement on the matter (via Google Translate):

Source…

Planes dropping out of the sky. Your mobile rendered useless, just like your car. As a Netflix film portrays a nightmare that security experts insist is a very real prospect… How will YOU survive on the day an enemy state switches off the internet?

/in




An oil tanker ploughs into a tourist beach. Planes fall from the sky. Driverless cars run amok. The internet fails and the mobile network dies. Feral instincts take over as people fight for food, water and medicine amid the ruins of civilisation.

That is the nightmare vision depicted in Leave The World Behind, Netflix‘s recent hit film starring Julia Roberts and Ethan Hawke as a couple battling societal breakdown when the technology that underpins civilisation collapses.

It’s fictional, but it touches on deep-seated, real-life fears.

The film is produced by Michelle and Barack Obama‘s company, Higher Ground. The ex-president was closely involved in shaping the plot, which dramatises many of the cyber-security issues on which he was briefed during his eight years in the White House.

For our 21st-century lives are almost entirely dependent on complex technologies that many do not understand — and that can so easily be exploited by our enemies.

Maintaining a car, for example, was previously a job for any competent motorist and their local mechanic. Now our vehicles are computers on wheels, their inner workings a mystery.

A scene from Leave The World Behind. The film is produced by Michelle and Barack Obama’s company, Higher Ground
A nightmare vision of the future is depicted in Leave The World Behind, Netflix’s recent hit film starring Julia Roberts and Ethan Hawke as a couple battling societal breakdown when the technology that underpins civilisation collapses

We used to navigate with paper maps and landmarks. But with his car’s satnav out of action, Ethan Hawke’s character Clay Sandford is unable even to find his way to the nearby town.

Our telephone system used to run on sturdy copper wires, with handsets you could fix with a screwdriver. Now it is a branch of cyberspace.

So, too, is finance. Remember when a credit card’s embossed number left an imprint on a paper slip? Not any more. Our payment system depends wholly on electronic encryption.

What use is cash in the modern world? In the film, with the internet gone, it becomes a prized asset.

If the technologies we rely on break down, many of us will be as helpless as Hawke’s Clay Sandford. ‘I am a useless man,’…

Source…

Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware

/in


A threat actor infected their own computer with an information stealer, which has allowed Israeli threat intelligence company Hudson Rock to uncover their real identity.

Using the online moniker ‘La_Citrix’, the threat actor has been active on Russian speaking cybercrime forums since 2020, offering access to hacked companies and info-stealer logs from active infections.

La_Citrix, Hudson Rock says, has been observed hacking into organizations and compromising Citrix, VPN, and RDP servers to sell illicit access to them.

The hacker, the cybersecurity firm says, was careless enough to infect their own computer with an information stealer and to sell access to the machine without noticing.

This allowed Hudson Rock to explore the cybercriminal’s computer, which had been used to perpetrate intrusions at hundreds of companies. The computer contained employee credentials at almost 300 organizations, and the browser stored corporate credentials used to perform hacks.

According to Hudson Rock, La_Citrix was employing information stealers to exfiltrate corporate credentials that were then used to access organizations’ networks without authorization.

Further analysis of the threat actor’s computer also helped the cybersecurity firm discover their real identity and their location.

Advertisement. Scroll to continue reading.

“Data from La_Citrix’s computer such as ‘Installed Software’ reveals the real identity of the hacker, his address, phone, and other incriminating evidence such as ‘qTox’, prominent messenger used by ransomware groups, being installed on the computer,” Hudson Rock notes.

The threat intelligence company, which notes that it has knowledge of thousands of hackers who accidentally infected their own computers with malware, says it will forward the uncovered evidence to the relevant law enforcement authorities.

“This is not the first time we’ve identified hackers who accidentally got compromised by info-stealers, and we expect to see more as info-stealer infections grow exponentially,” the company notes.

Related: New Information Stealer ‘Mystic Stealer’ Rising to Fame

Related: North Korean Hackers Caught Using Malware With Microphone Wiretapping…

Source…

Real estate and cyber liability

/in


Spencer Macalaster

The past 36 months have been unprecedented with respect to society, work environments and political dictates. Entire companies pivoted to remote work environments in a matter of days. The consequential strain on the IT infrastructure was also unprecedented. One consequence of this new paradigm was system vulnerabilities were exposed. Every day a new company is added to the list of systems affected by a massive data breach. Hackers responsible for these types of security breaches can hold a company ransom or worse destroy their reputational credit. In the wake of the Silicon Valley Bank and Signature Bank failures, we expect bad actors to take advantage of the events to intercept wire instructions as clients and other third parties work to reroute funds to alternative banking institutions. We would like to reiterate the need to be wary of requests to change / update payment account information for invoices or any other payments to be made by the company and encourage you to remind our clients and other valued partners of the same.

Real estate owners, developers, and asset managers are in the crosshairs of those bad actors looking to monetize on cyber vulnerabilities. Massachusetts requires companies to provide comprehensive data security to all personal information stored on a server. In addition, regulators in 47 states, the District of Columbia, Puerto Rico, and the Virgin Islands require that individuals (customers, employees, citizens, students, etc.) be notified in the event their data has been lost, stolen or compromised. The most recent data breaches introduce a new twist to a company’s cyber liability exposure and potential for exposure to extortion and ransom.

Computer hacking, stolen laptops and fraud scams are the primary culprits leading to cyber liability events. Settlements can include monetary damages, credit monitoring services, hardware and software restoration, business interruption, reputational damages and ransomware payments. Companies can incur millions of dollars in expenses to secure compromised networks, assess damages, and notify customers.

Protection on any corporate database will never be 100%…

Source…