Tag Archive for: Royal

Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware

/in


Royal Ransomware

A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware.

Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569.

“Observed DEV-0569 attacks show a pattern of continuous innovation, with regular incorporation of new discovery techniques, defense evasion, and various post-compromise payloads, alongside increasing ransomware facilitation,” the Microsoft Security Threat Intelligence team said in an analysis.

The threat actor is known to rely on malvertising to point unsuspecting victims to malware downloader links that pose as software installers for legitimate apps like Adobe Flash Player, AnyDesk, LogMeIn, Microsoft Teams, and Zoom.

The malware downloader, a strain referred to as BATLOADER, is a dropper that functions as a conduit to distribute next-stage payloads. It has been observed to share overlaps with another malware called ZLoader.

Royal Ransomware

A recent analysis of BATLOADER by eSentire and VMware called out the malware’s stealth and persistence, in addition to its use of search engine optimization (SEO) poisoning to lure users to download the malware from compromised websites or attacker-created domains.

Alternatively, phishing links are shared through spam emails, fake forum pages, blog comments, and even contact forms present on targeted organizations’ websites.

Royal Ransomware

“DEV-0569 has used varied infection chains using PowerShell and batch scripts that ultimately led to the download of malware payloads like information stealers or a legitimate remote management tool used for persistence on the network,” the tech giant noted.

“The management tool can also be an access point for the staging and spread of ransomware.”

Also utilized is a tool known as NSudo to launch programs with elevated privileges and impair defenses by adding registry values that are designed to disable antivirus solutions.

The use of Google Ads to deliver BATLOADER selectively marks a diversification of the DEV-0569’s distribution vectors, enabling it to reach more targets and deliver malware payloads, the company…

Source…

What is the BCS royal charter?

/in




For you

Be part of something bigger, join the Chartered Institute for IT.


‘On 31 July 1984, Her Majesty the Queen was pleased, by and with the advice of her Privy Council… to accede to the humble Petition of the Company praying that ‘We should constitute a Corporation incorporated by our Royal Charter…’’

Since then, as the holders of the royal charter for computing, we’ve worked with organisations, government and individuals to raise standards address the challenges facing our profession.

What does chartered status mean for BCS?

Having chartered status means we’re leading the industry and responsible for building a skilled, diverse, inclusive and ethical IT profession that delivers a safe digital future for society.

At the core of our charter is the declaration that everything we do should be to ‘promote the study and practice of computing and to advance knowledge and education therein for the benefit of the public.’

It gives us the power to ‘establish and maintain appropriate standards of education and experience for persons engaged in the profession of Computing.’

This means we promote safe and positive interactions with tech, for all. This is summarised in our motto, ‘Making IT good for society’.
Today that means we shine a light on big issues such as the persistent gender gap in computing education or the value of professional standards in cyber security, as well as working with our members to support events such as Pride month.

Read the full Royal Charter here.

The BCS royal connection

HRH Prince Edward, Duke of KentPrince Edward, Duke of Kent has been Patron of BCS since 1979 and in 1982, BCS’ silver jubilee year, he became president of the organisation.

Our jubilee year was also known as ‘Information Technology Year’ – or IT82. As Computing History reports, ‘recognising the huge potential of IT to transform almost every part of society, including business, health, and education, the British government joined the drive to make the whole country aware of these benefit.’

In…

Source…

Royal Cyber Security Significantly Increased

/in


A growing concern for  the British Royal Family are the threat from hackers and other cyber criminals who pose a security threat and it emerges that Queen Elizabeth has taken the decision to increase the royal’s cyber security. 

Her Majesty’s cyber security experts have outlined in a report that the risk of unauthorised access to the Royal’s data has increased.

Throughout the coronavirus pandemic and subsequent lockdowns, Her Majesty has engaged in several video calls as well as video chats with people around the globe. But a new report has suggested ‘the Firm’ is now a high rather than medium risk of being hacked.

The warning, written by Keeper of the Privy Purse, Sir Michael Stevens, is thought to refer to hackers in China and Russia. It warns any hacking on the Royal Family would cause “reputational damage, penalties and/or legal action against the Household or members of staff”. In 2015 Oxford University Professor Sadie Creese was hired to instruct the monarch on social media safety and Queen Elizabeth has now ordered that defences against hackers be strengthened after learning the Royal Family is a high-risk target, resulting in a number changes to the Royal household.

In particular, ex-MI5 chief Andrew Parker was made head of her Royal Household and Elliott Atkins appointed as her first CISO  in a bid to prevent online attacks. 

In 2020 the Queen carried out almost half of her 2020 official engagements by telephone or video link and the over the years, several members of the Royal Family have been victims of phone hacking, including Prince William,  the Duchess of Cambridge, as well as Prince Harry. The Duchess of Cambridge had her messages hacked 155 times in the space of a few months between 2005 and 2006, including on Christmas Day and Valentine’s Day. William was also hacked 35 times, and Harry nine times. It is also believed personal phone details for Prince Charles and Camilla, the Duchess of Cornwall, were found among 11,000 handwritten notes that were seized during a Scotland Yard inquiry in 2006.

In August 2020 Russian hackers allegedly stole “hundreds” of Prince Harry and his wife Meghan Markle’s personal photos including…

Source…

King Felipe VI of Spain’s health data exposed in major security breach | Royal | News

/in


The royal was among thousands affected by the computer security failure of the Madrid health system. The breach meant people’s private data such as their telephone number, social security number and address could be accessed by just having their ID number, Telemadrid reported.

Their vaccination data such as when and when they received their jab and which shot they were given could also be accessed.

Thousands of people have reportedly been affected by the glitch.

The security failure has mainly affected people living in Madrid.

Felipe is among high-profile figures whose data has been exposed in the breach.

Prime Minister Pedro Sánchez’s data has also been exposed.

And former Spanish prime minister José María Aznar and ex-deputy prime minister Pablo Iglesias were affected.

READ MORE: Teen Spanish Princess Leonor holds first solo public engagement

“It is false that any citizen can enter the web pages of the Ministry of Health of the Community of Madrid to obtain the Covid certificate and that confidential information such as clinical data of the king, the president of the Government or other former presidents can be accessed.”

They added that “in any case the incident did not affect clinical data and, of course, did not compromise the alteration of any information in the databases.

“In addition, to access that information, the ID of the person in question would be needed.

“We insist that this gap is already blocked.”

By mid-afternoon on Wednesday the data was no longer visible.

Source…