Uncategorized

The email servers were hacked and luckily,  it seems that only 6 clients were impacted. Deloitte has since implemented multi-factor authentication and contacted law firm (Hogan Lovells) for advice and conducted a forensic investigation.

They didn’t know when the hackers got in and where they went and the trace left is complete. It remains me the intrusion detection classes I took that mentioned a similar case and the importance of backup.

 

https://www.theguardian.com/business/2017/oct/10/deloitte-hack-hit-server-containing-emails-from-across-us-government

 

According to researchers from the cybersecurity firm Proof point, they recently discovered a large-scale malvertising campaign that exposed millions of internet users in the United States, Canada, the UK and Australia to malware infections. The malware campaign is being conducted by a hacking group called KovCoreg which is well known for distributing Kovter ad fraud malware. Recently KovCoreG hacking group initially took advantage of P0rnHub website to distribute fake browser to tricked internet users and steal their personal information for illegal use. The hacking group also tricked users into installing the Kovtar malware onto their systems so that they can continue to find out more useful information for the users.

 

https://thehackernews.com/2017/10/online-malvertising-attack.html

This article talks about the advantage that Google has over Apple – the hardware. The earbuds for the Pixel phone acts as a translator for when someone speaks another language and vice versa, the Google apps such as Google cloud is much more integrated within the phones and it gets better with the AI component, Google Assistant – it’s much more smarter and way ahead of Siri. Google is using AI to make the competition between them and Apple right now a runaway with Google far in the lead.

http://www.businessinsider.com/google-ai-advantage-a-weapon-to-totally-embarrass-apple-2017-10

Traditional AV is still used widely everywhere, at home, in office. But there is a need for issues with new attack techniques, such as bots and other automated tools. making it nearly impossible for outdated solutions such as legacy antivirus (AV) to keep up.

The article states that about 50% of file-based attacks are submitted to malware repositories. Of those submitted, only 20% had corresponding signatures from existing AV solutions—in other words, typical endpoint security solutions are flying blind 90% of the time.

 

https://techbeacon.com/antivirus-dead-how-ai-machine-learning-will-drive-cybersecurity

 

http://www.bbc.com/news/uk-41481307

This story concerns something that happened several years ago, but was just recently resolved and I think is still very much relevant. Back in 2011, it was revealed that MPG (Mirror Publishing Group), a group of daily British newspapers, had been hacking into the phones of celebrities and prominent figures to gain personal information for stories. The original case was a broad investigation known as the Leveson Inquiry, which was closed in 2012. In October 2016, comedian Steve Coogan, among many others, brought a case of his own against the company, citing personal attacks on him by newspapers following his testimony in the Leveson case. Coogan has recently settled the case for an unspecified six-figure sum after MPG admitted to running stories on him using personal information illegally obtained by hacking into his mobile voicemail accounts. While this is not a strictly technical article, it does highlight the growing needs and concerns about mobile device security. As more and more aspects of our lives are run from our phones and mobile devices, it has become painfully clear that strong, layered protections are needed to secure our personal information, as even the smallest gap or vulnerability can be exploited.

 

http://economictimes.indiatimes.com/tech/internet/hacker-puts-info-of-over-6000-indian-businesses-up-for-sale-in-massive-data-breach/articleshow/60925964.cms

Recently, Seqrite Labs and seQtree Infoservices in India tracked a DarkWeb advertisement for the sale of stolen data from over 6000 Indian organizations, including government agencies, private companies, and ISPs. In addition to selling information, the attacker claims to be able to take out the network of any of these breached companies, for a price. Allegedly, they can corrupt the IP allocation pool, rendering the system unable to function. If true, this is very disturbing news for all these organizations, but most of all for the Asia Pacific Network Information Center (APNIC), which investigators are all but certain has been compromised by these attacks. They have ascertained this by posing as a potential buyer online and obtaining sample e-mail lists. As for the identity of the attacker, it seems the persona being used was just created recently, a more and more common tactic used by cyber criminals. If a network damaging attack were to be performed on IRINN, an ISP identified as being breached, it could have catastrophic effects on IP allocation and therefore internet access in India.

https://thehackernews.com/2017/09/blueborne-bluetooth-hacking.html

So more news about this – it’s a wormable attack, once the attacker gets finds an active Bluetooth connection and can spread it to different Bluetooth devices. It can spread ransomware to devices also and it finds vulnerability in old software on Android phones and Apple. Apple phones with the newer update are fine, Android and Microsoft have applied security patches.

 

According to the article, it describes that researchers from security firm Duo Labs analyzed over 73,000 Macs system and discovered that a surprising number of Apple Mac computers either fails to install patches for EFI firmware vulnerabilities or doesn’t receive any update at all. The Apple uses Intel-designed Extensible Firmware Interface (EFI) for computers that work at a lower level than a computer’s OS and controls the boot process. However, the researchers found out that Apple limits the EFI updates to their Mac systems. Furthermore, the article mentions, Apple does not even warn its users of the failed EFI update process or technical glitch, which leaving millions of Macs users vulnerable to sophisticated and advanced persistent cyber attacks

 

https://thehackernews.com/2017/09/apple-mac-efi-malware.html

Splunk is one of the popular log management systems will be expending new tool to beef up the ability to locate threats using the machine learning techniques that Caspida has developed. Threats such as compromised credentials are difficult to detect with signatures or rules. It’s where machine learning techniques come into play.

http://www.ehackingnews.com/2015/07/splunk-buys-caspida-for-190m.html

 

 

 

 

A new email scam is targeting Netflix Users in order to obtain access to their bank account information. According to the article, Netflix customers have been received a fake email that appears to come from Netflix, and the email is requiring the customer to be reactive their Netflix account. Besides that, there a link in the email takes users to a fake Netflix page where the users are invited to input bank information.

http://www.ehackingnews.com/2017/09/email-phishing-scam-targeting-netflix.html