Posts

TrickBot Takes Over, After Cops Kneecap Emotet – Threatpost

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360



TrickBot Takes Over, After Cops Kneecap Emotet  Threatpost

Source…

U.S. Takes Part in Multinational Efforts to Disrupt Netwalker Ransomware and Emotet Malware | Alston & Bird

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


On January 27 and 28, 2021, the U.S. Department of Justice (DOJ) announced two successful operations to disrupt two different strains of malware, Netwalker ransomware and a banking Trojan known as Emotet, which have affected victims around the globe and caused millions of dollars in damage in recent years.

The law enforcement actions against Netwalker and Emotet are the latest examples of successful cooperation between international governments in fighting cybercrime that transcends borders, as the U.S. partnered with Canada, France, Germany, the Netherlands, the United Kingdom, Lithuania, Sweden, and Ukraine to disrupt the Emotet botnet, and Bulgarian authorities assisted with the operation against Netwalker  The DOJ announcement regarding Emotet notes that, “Now, more than ever, international collaboration is an imperative… This investigation will be a paradigm of effective international law enforcement cooperation directed at global cybercrime.” Below we highlight key aspects of each operation.

Netwalker

On January 27, 2021, the DOJ announced charges against a Canadian individual in relation to Netwalker ransomware attacks allegedly involving the extortion of tens of millions of dollars. The DOJ also announced that the law enforcement operation involved the seizure of approximately $500,000 in cryptocurrency from ransom payments and the dismantling of a dark web resource allegedly used to communicate with ransomware victims. Bulgarian authorities were able to seize the dark web hidden resource, and web visitors will now find a banner notifying them that the site has been seized by law enforcement.

Netwalker is one of the most common strains of ransomware and has affected victims in a variety of industries. The DOJ notes that attacks have specifically targeted the healthcare sector during the COVID-19 pandemic. Netwalker is frequently cited as an example of ransomware-as-a-service. According to the DOJ announcement, Netwalker “developers” create and update the malware, while “affiliates” conduct the actual ransomware attacks. If a victim pays a ransom, the payment is split between the two groups.

Emotet

On January 28, 2021, the DOJ announced it had taken…

Source…

SANS Cloud Security Curriculum Takes Flight

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


BETHESDA, Md., Dec. 7, 2020 /PRNewswire/ — SANS Institute is pleased to introduce its new Cloud Security Curriculum. The curriculum has been launched with 11 curated courses written and taught by world-renowned cloud security experts. These courses combine hands-on technical know-how with cloud security-specific knowledge.

SANS has taken flight into the cloud security space with a holistic approach to address public cloud, multicloud, and hybrid cloud scenarios for the enterprise and developing organizations alike. Whether new to the cloud security space or experienced, on a technical or managerial cloud security path, SANS has a course to suit anyone’s needs along their journey to becoming a Cloud Ace.

The future of cloud demands in-depth security knowledge for each big cloud service provider (CSP). Stated best by Margaret Ray, Federal Reserve Board of Dallas, a recent SANS Cloud Security student, “I likely will be assessing environments that use multiple CSPs and services for one system, so this training is better for me than being certified in only AWS or only Azure.” Focused on the “how” of security, these courses utilize virtual machines to provide deeply technical labs that are re-deployable again and again after training. Developed through a consensus process involving industry leading engineers, architects, administrators, developers, security managers, and information security professionals, the SANS Cloud Security Curriculum has the right training for the novice through expert.

SANS Cloud Security focuses the deep resources of SANS on the growing threats to the cloud by providing training, certification, research, and community initiatives to help security professionals build, deploy and manage secure cloud infrastructure, platforms, and applications. We provide intensive, immersion training designed to help security professionals master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. The courses are full of important and immediately useful techniques that students can put to use as soon as they return to work.

Learn more sans.org/cloud-security | Download our Career Progression Flight Plan |…

Source…

Horrifying Hack Takes Over iPhones Just by Pointing an Antenna at Them

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Passion Project

During the coronavirus lockdown, professional hacker Ian Beer, a member of Google’s hacking team Project Zero, developed a way to remotely hijack iPhones — simply by pointing a homebrewed antenna at them.

Beer’s technique requires only about $100 worth of equipment, Motherboard reports, and granted him total control of whatever phones he targeted. This is Beer’s specialty, but the fact remains that his comparatively-simple hack made the iPhone’s security measures seem disturbingly trivial.

Public Demo

In an eerie video, Beer hijacks 26 iPhones at once with a single broadcast. The hack sends out a WiFi signal that will work even if the target phones aren’t connected to the internet, according to Motherboard.

In a longer and more technically-dense video, Beer explains how the broadcast works and how it can be propagated among iPhones even beyond those that were initially targeted.

“There’s something hauntingly beautiful watching all these iPhones die at slightly different times, as they get a WiFi broadcast packet of death,” Chris Evans, the original head of Project Zero, tweeted.

Locked Door

Thankfully, Apple fixed the bugs that Beer’s hack targets with its May release of iOS 13.5, according to Motherboard, which was released earlier this year. But the hack still poses a security threat, aside from the broader implications of how easily Beer was able to develop it.

Not every iPhone has been updated, and cybersecurity expert “Ray Redacted” warns that iPhones sitting in police custody, previously inaccessible, could be cracked open with an exploit like Beer’s.

READ MORE: Watch This Google Hacker Pwn 26 iPhones With a ‘WiFi Broadcast Packet of Death’ [Motherboard]

More on cybersecurity: The FBI Forced A Suspect To Unlock His iPhone With His Face

Source…