Tag Archive for: signals

How Mobile Phone Towers Could Reveal Earth to Aliens



Coinbase phishing hack signals more crypto attacks to come, says security firm


Coinbase has increasingly been targeted by scammers with phishing attacks, according to security firm PIXM. (Photo by Marco Bello/Getty Images)

Recent phishing attacks on Coinbase and its customers revealed how these campaigns are not only becoming more sophisticated and multi-faceted, but how threats to cryptocurrency sites are on the rapid rise, according to research and analysis from security firm PIXM.

“Since its rise to prominence, [Coinbase] has been increasingly targeted by scammers, fraudsters, and cyber criminals, due in part to the fact that its user-base is so large and mainstream,” said the PIXM blog posted earlier Aug. 4, “it is assumed to cover an audience of casual, generally non-technical, crypto investors.” Coinbase is “arguably the most mainstream cryptocurrency exchange used globally,” having added more than 89 million users to its platform since it began business a decade ago in 2012.

In their “multi-layered” phishing attacks on Coinbase, cybercriminals sent out spoofed emails purporting to come from the cryptocurrency company in order to steal financial and personal data to resell and log into users’ legitimate accounts to steal their funds in real-time. The attacks combined email and brand impersonations to steal from Coinbase wallet-holders, despite their use of multi-factor authentication (MFA), according to PIXM’s analysis.

According to Chris Cleveland, founder and CEO of PIXM, this complex and sophisticated campaign involved “surprising tactics to steal much more than just passwords.”

“After stealing a user’s Coinbase password, the phishing sites used a built in two-factor relay system to enter the user’s password into the real Coinbase site and then further solicit the actual two-factor authentication code from the user, [which] allowed the hacker to bypass two-factor authentication and access a user’s Coinbase wallet.”

Bad actors typically sent Coinbase customers a notification that their account “needed attention due to an urgent matter,” such as being “locked” or requiring a transaction confirmation. “Users were prompted to enter login credentials and a two-factor authentication code into the fake website,” according to…

Source…

Quantum computing and classical politics: The ambiguity of advantage in signals intelligence – Center for Security Studies


Quantum computing and classical politics: The ambiguity of advantage in signals intelligence – Center for Security Studies | ETH Zurich

























JavaScript has been disabled in your browser

Source…

US pipeline hacking signals growing cyber-security risk for energy system, Tech News News & Top Stories


WASHINGTON (NYTIMES) – The audacious ransomware attack that shut down a major fuel pipeline and sent Americans scrambling for petrol in the south-east last week was not the first time that hackers have disrupted the United States’ ageing, vulnerable energy infrastructure. And it is unlikely to be the last.

Across the globe, cyber attackers are increasingly taking aim at the energy systems that underpin modern society.

A February report from IBM found that the energy industry was the third-most targeted sector for such attacks last year, behind only finance and manufacturing. That was up from ninth place in 2019.

“This should be a wake-up call,” said Mr Jonathon Monken, a principal at energy consulting firm Converge Strategies.

“When you look at what’s most likely to cause disruptions to energy companies today, I think you have to put cyber-security risks at the top.”

Despite years of warnings, America’s vast network of pipelines, electric grids and power plants remains acutely vulnerable to cyber attacks with the potential to disrupt energy supplies for millions of people.

Dealing with those risks, analysts said, will pose a major challenge for the Biden administration as it seeks hundreds of billions of dollars to modernise the nation’s energy infrastructure and transition to cleaner sources of energy to address climate change.

Regulators are increasingly poised to step in.

Last week, Mr Richard Glick, the chairman of the Federal Energy Regulatory Commission, said it was time to establish mandatory cyber-security standards for the nation’s nearly 4.8 million km of oil and gas pipelines, similar to those currently found in the electricity sector.

“Simply encouraging pipelines to voluntarily adopt best practices is an inadequate response to the ever increasing number and sophistication of malevolent cyber actors,” Mr Glick said in a statement.

The risks to the nation’s energy systems are widespread and varied. Many oil and gas pipelines, for instance, rely on decades-old control systems that are not well defended against more sophisticated cyber attacks and cannot be easily updated.

And it is not just pipelines. As electric grid operators harness a growing array of digital…

Source…