Tag Archive for: Web’

Sensitive data stolen in Okanagan College cyber attack now posted to dark web, ransomware group claims

/in


Hackers believed to be responsible for a cyber attack on Okanagan College earlier this month claim they have now posted sensitive data onto the dark web. 

On their website, the hacker group Vice Society says they have extracted and published over 850 gigabytes of sensitive data, including passwords, photos of passports, social security numbers, and credit card numbers. 

“Data that appears to belong to Okanagan College and its stakeholders has been posted on a dark website belonging to a criminal organization,” said Okanagan College in a Tuesday statement. 

The dark web refers to a part of the Internet that is accessed with a special software that allows users to be anonymous, and is often used for criminal activity. 

Okanagan College first warned students and staff weeks ago of the breach that occurred on the morning of Jan. 9 by an “unrecognized external agent.” 

 

Brett Callow, a Canadian cybersecurity threat analyst with the company Emsisoft, says Vice Society is known to target academic institutions with ransomware attacks. Ransomware is a type of malicious software that threatens to publish the victim’s personal data or block access to it until a ransom is paid. 

Callow says these demands can amount to tens of millions of dollars.

“Any data that a school district or a college can hold can potentially end up online,” said Callow. 

“There is money to be had from these attacks there’s no doubt about that.”

Okanagan College said they have alerted authorities to the incident and did not entertain conversations about paying a ransom. 

“Regardless of the amount, even if we had paid a ransom, there still would have been no way to be absolutely certain that it would have resulted in the destruction or even non-publication of any stolen or compromised data,” the college said in a statement.

Accessible by anyone

Callow says law enforcement is getting better at identifying culprits behind ransomware attacks, but there is little individuals can do if a company or public institution has been…

Source…

The dark web gets even darker

/in


Ransomware first came on the scene in 1989 via hackers mailing out a floppy disk.

Called the AIDS trojan; if you put the disk in your computer it would lock up. You were then asked to send $189 to a P.O. Box in Panama to restore your computer.

Times have changed. In recent years, ransomware sometimes asks for millions of dollars in payments to restore infected systems.

Working in technology for over 25 years, ransomware is the worst cyber threat I have ever seen.

The cyber threat group Lockbit is now the No. 1 player on the ransomware scene. They are behind almost half (44%) of the reported attacks in the world last year, according to Deep Instinct, an Israeli cybersecurity company.

Mind you, this is not a rag-tag band of digital thieves; they operate like any legitimate large business. They utilize a network of subcontractors (they call them affiliates, like Mary Kay) to distribute malware by selling ransomware tool kits on the dark web (RAAS — ransomware as a service).

Once that happens, an up-and-coming hacker goes on the dark web, buys the tool kit, and then distributes it (via email attacks and other hacks).

Once they have a victim and receive payment, they share it with Lockbit.

Having a highly effective distribution system is not the only corporate similarity. They have a robust PR team and they do interviews with the media.

Let’s not forget marketing too, they run ads online to recruit affiliates. Shady forums like XSS (Russian hacker forum) have some of their ads, you can check them out here on this non-dark website.

Lockbit also invests in R & D — speaking of that and Russian dark web forums, let’s go back to what Lockbit did in June 2022 when the pandemic was heating up. Lockbit sponsored a contest together on the dark web with a cash prize for an innovative paper on new methods of cybercrime, hacking, viruses, malware, etc. This is the first time I have heard of anything like this and it’s a frightening indicator of the people behind this gang.

They sponsor hacking initiatives and by doing so are coaching up the next generation of hackers and separating the script, kids (hacker lingo) from the real bad actors.

Envision Credit Union in Tallahassee knows this…

Source…

Corporate Web Security Market Pegged for Robust Expansion

/in


Corporate Web Security Market Pegged for Robust Expansion

New York, Global Corporate Web Security Market report from Global Insight Services is the single authoritative source of intelligence on Corporate Web Security Market . The report will provide you with analysis of impact of latest market disruptions such as Russia-Ukraine war and Covid-19 on the market. Report provides qualitative analysis of the market using various frameworks such as Porters’ and PESTLE analysis. Report includes in-depth segmentation and market size data by categories, product types, applications, and geographies. Report also includes comprehensive analysis of key issues, trends and drivers, restraints and challenges, competitive landscape, as well as recent events such as M&A activities in the market.

Read more about Corporate Web Security Market here: https://www.globalinsightservices.com/reports/corporate-web-security-market/

Corporate web security is the process of protecting a company’s online presence from threats. This includes protecting the website itself from attacks, as well as the company’s reputation and brand from damage. Corporate web security encompasses a wide range of activities, from ensuring the website is secure and up-to-date, to monitoring online activity for signs of malicious activity. It is a critical part of any company’s overall security strategy.

Request free sample copy of this research study: https://www.globalinsightservices.com/request-sample/GIS23449/

Key Trends

There are a few key trends in corporate web security technology:

1. Increased focus on data security: With the rise of data breaches and cyber attacks, businesses are increasingly focused on protecting their data. This includes ensuring that data is encrypted and stored securely, as well as implementing security measures to prevent unauthorized access.

2. More sophisticated attacks: attackers are becoming more sophisticated in their methods, which has led to an increase in the need for more sophisticated security solutions. This includes solutions that can detect and prevent advanced attacks, such as those that use malware or zero-day exploits.

3. BYOD and mobile security: With the bring-your-own-device (BYOD) trend, more employees are using…

Source…

Deserialized web security roundup – Fortinet, Citrix bugs; another Uber breach; hacking NFTs at Black Hat

/in


Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news

Deserialized web security roundup

Our second web security roundup begins with news that a brace of network security flaws in products from Fortinet and Citrix have each come under active attack.

These attacks were respectively enabled by memory corruption vulnerabilities in the FortiOS SSL-VPN as well as a critical arbitrary code execution risk in Citrix ADC and Citrix Gateway (CVE-2022-27518). It’s unclear whether these assaults are linked, but their occurrence can still be said to underline the importance of patching SSL VPN devices, which have previously been vectors for pushing ransomware onto enterprise networks, among other attacks.

Uber this week suffered a data breach as a result of a cybersecurity incident at a third-party vendor, resulting in the exposure of employees’ personal information. The incident represents only the latest security breach to impact the ride-hailing app firm, which was previously faulted for the delayed disclosure of a 2016 breach that exposed the account records of customers and drivers. More recently, back in September, Uber’s internal IT systems were breached by a social engineering attack.

Over at Black Hat Europe, security researcher Nitesh Dhanjani discussed the impact of floor prices of non-fungible token (NFT) collections and how attacks focused on business dynamics have the potential to wreak havoc on marketplaces. Dhanjani also spoke about off-chain and on-chain sync algorithms, and how the disparities between the two blockchain-related environments can be abused.

I also attended the event for The Daily Swig, reporting on a keynote in which security researcher Daniel Cuthbert said the industry’s fixation on zero-day vulnerabilities was only a partial solution to making the internet fundamentally secure. We also covered some of the top hacking tools from the event.

Among other stories on The Daily Swig in recent days was an Akamai WAF bypass via Spring Boot, SQL injection payloads being smuggled past WAFs, and a crypto maintainer rejecting a bogus cryptocurrency ‘vulnerability’ submitted with the help of ChatGPT.

Here are…

Source…