Tag Archive for: start

Russian hackers attacked Ukraine more than 1,000 times since start of invasion


Since the start of the full-scale invasion, 1,123 cyberattacks have been launched against Ukraine.

The press service of the State Special Communications Service of Ukraine said in a Telegram post, Ukrinform reports.

“During the six months of the war, the national Computer Emergency Response Team of Ukraine CERT-UA, which operates under the State Special Communications Service, recorded 1,123 cyberattacks,” the report says.

It is noted that cybercriminals most often attacked the central government and local government bodies.

Among the main targets are also commercial and financial institutions, agencies of the security and defense sector, enterprises of the energy sector, transport industry and telecom – all essential public infrastructure.

As Ukrinform reported, since the beginning of the full-scale invasion, Ukrainian cyber police have repelled 83 enemy cyberattacks and prevented another 300.

iy

Source...

Start as you mean to go on: the top 10 steps to securing your new computer


Whether you are getting ready for back-to-school season, getting new work laptop or fancying a new gamer’s pc, learn the steps to protect your new PC from cyberthreats.

With Windows 11 making headlines for all the right reasons, it could be a great time to invest in a new PC for the family or the home office. But any new household computing device should come with an attendant safety warning. Hackers will be after your data the minute it’s connected to the internet. And they have numerous ways to get it.

That’s why you need to think about cybersecurity even before plugging your machine in and switching it on. Take time out now to refresh your memory and make cyber-hygiene a number one priority.

What are the main threats to my PC?

As soon as you’re connected to the internet, malicious actors will be looking to steal your data, encrypt and hold your machine ransom, lift financial details, secretly mine for cryptocurrency, and much more. They’ll do so via some tried and true methods, which often rely on cracking, stealing or guessing passwords, or exploiting software vulnerabilities. Top threats include:

Phishing: One of the oldest con tricks in the book. Cybercriminals masquerade as legitimate and trustworthy sources (banks, tech providers, retailers etc) and try to persuade users into clicking on links and/or opening attachments in emails. Doing so will take users to a spoofed site requesting that they fill in personal information (like logins and/or address/financial details) or could trigger a covert malware download.

Drive-by downloads and malicious ads: Sometimes merely visiting an infested website or a site running a malicious ad could trigger a malware download. We may think that well-known sites may be less  compromised in this way as they are better resourced and can afford enhanced protection. But there have been plenty of counter-example through the years showing that it’s not always the case. That’s why its essential to invest in security software from a reputable provider and ensure that your browser’s security settings are…

Source…

Getting A Head Start Against A Ransomware Attack


Over the past few years, the headlines have been peppered stories related to companies, states – cities – and now countries dealing with a ransomware attack. As we close out our 2022 Annual State of Phishing Report series, we address ransomware as it relates to phishing. While we very rarely see ransomware delivered directly via an email campaign, there are plenty of tactics used by threat actors as a leading entry into the organization. As we have repeatedly addressed, we can’t stress enough that credential phish, at 67%, remains the number one phishing threat today. Preparing organizations to identify and report suspicious emails has become even more critical.

Resiliency is key to defending against Ransomware

Author: Tonia Dudley, strategic advisor, Cofense

As we look at the attack chain specific to ransomware, there are several precursor steps that take place before the ransom note is delivered. The key to building a resilient workforce is providing them with relevant phishing simulation training that aligns to current threats hitting their inbox. When you’re assessing your simulation program, putting focus on the right metric is key. When it comes to defending against a real phishing campaign, reporting is key to early detection and mitigation. Therefore, your phishing simulation metrics should also focus on the report rate and how quickly users are reporting.

Zero Days are in play

As threat actors in the ransomware community have built up their resources, they are now able to step into the zero-day arena to further their attacks. A Microsoft zero day published in late May that has been weaponized by the QakBot group. Recently, researchers have been able to determine a link between QakBot and ransomware groups, shifting the dynamics of the uses of the campaigns.

Don’t forget about older malware or threat groups. Cofense has observed a tactic that we have only seen twice in the past five months. A banking trojan, known as IcedID, is being used to steal information such as credentials. What’s interesting about this campaign is the fact the threat actor leveraged an email from 2017, also using the reply-chain tactic. A reply-chain…

Source…

Keyless hack can unlock and start cars — including Teslas


Tesla Inc. customers might love the carmakers’ nifty keyless entry system, but one cybersecurity researcher has demonstrated how the same technology could allow thieves to drive off with certain models of electric vehicles.

A hack effective on the Tesla Model 3 and Y cars would allow a thief to unlock a vehicle, start it and speed away, according to Sultan Qasim Khan, principal security consultant at the Manchester, UK-based security firm NCC Group.

By redirecting communications between a car owner’s mobile phone, or key fob, and the car, outsiders can fool the entry system into thinking the owner is located physically near the vehicle.

The hack, Khan said, isn’t specific to Tesla, though he demonstrated the technique to Bloomberg News on one of its car models. Rather, it’s the result of his tinkering with Tesla’s keyless entry system, which relies on what’s known as a Bluetooth Low Energy (BLE) protocol.

There’s no evidence that thieves have used the hack to improperly access Tesla vehicles. The carmaker didn’t respond to a request for comment. NCC provided details of its findings to its clients in a note on Sunday, an official there said.

Khan said he had disclosed the potential for attack to Tesla and that company officials didn’t deem the issue a significant risk. To fix it, the carmaker would need to alter its hardware and change its keyless entry system, Khan said.

The revelation comes after another security researcher, David Colombo, revealed a way of hijacking some functions on Tesla vehicles, such as opening and closing doors and controlling music volume.

BLE protocol was designed to conveniently link devices together over the internet, though it’s also emerged as a method that hackers exploit to unlock smart technologies, including house locks, cars, phones and laptops, Khan said. NCC Group said it was able to conduct the attack on several other carmakers and technology companies’ devices.

Kwikset Corp. Kevo smart locks that use keyless systems with iPhone or Android phones are impacted by the same issue, Khan said. Kwikset said that customers who use an iPhone to access the lock can switch on two-factor authentication in the lock app.

A…

Source…