In a major hit against international cybercriminals, the Dutch police have taken down the world’s biggest DDoS-for-hire service that helped cyber criminals launch over 4 million attacks and arrested its administrators.

An operation led by the UK’s National Crime Agency (NCA) and the Dutch Police, dubbed “Power Off,” with the support of Europol and a dozen other law enforcement agencies, resulted in the arrest of 6 members of the group behind the “webstresser.org” website in Scotland, Croatia, Canada and Serbia on Tuesday.

https://thehackernews.com/2018/04/ddos-for-hire-hacker.html

https://thehackernews.com/2018/03/window-remote-assistance.html

A new vulnerability affecting WIN2012, 2016 and 2008, WIN 10, 8 and 7 allows remote attackers to steal sensitive. Not only do you need to be suspicious of giving access to your computer and a of the person’s machine whom is connecting to you.

Always nice to use VPN for more security…

https://thenextweb.com/apps/2018/03/21/alphabets-outline-lets-you-roll-your-own-self-hosted-vpn-for-free/

Fresno State data breach, 15,000 affected!!

This article relates to the data breach of the California State University, Fresno. According to the article, “the personal information of more than 15,000 people” have been compromised. The information includes, “names, addresses, phone numbers, dates of birth, full or last four digits of Social Security numbers, credit-card numbers, driver’s license numbers, passport numbers, user names and passwords, health-insurance numbers, and personal health information.” The cause of the data beach is due to the stolen external hard drive. The university believes that the hard drive was stolen during the winter break.
Further, another article suggested, ‘School officials began contacting affected individuals on Tuesday. Free credit monitoring for one year will be offered to people whose Social Security number, financial account information or driver’s license number was exposed.”

https://www.scmagazine.com/fresno-state-data-breach-15000-affected/article/749459/
http://sanfrancisco.cbslocal.com/2018/03/06/fresno-state-university-data-breach-stolen-hard-drive/

The article talks about how Goverment employee believe that they are not responsible for the secutty of their work equipment and information. This is a scary statistc casue even though they might not directly effect national secrutiy they are goverment works and any information that could leak out could make a connection to someting else somehow. If for example their laptop gets stolen that is an easy in into a goverment system. It is very important to keep the information safe at all times and to have a mind set that will allow this.

 

https://www.cnbc.com/2018/03/16/only-13-percent-of-government-employees-take-personal-responsibility-for-cybersecurity-survey-finds.html

Recently, hackers used software to penetrate the German government’s main data network. This system is used by the chancellor’s office, ministries and the Parliament. News sources are claiming a Russian hacking group supported by the Russian government is behind it. The hacking group is called Snake or also known as APT28 or Fancy Bear. However, nothing has been confirmed by the German government. The German government was a specific target and the attackers were seeking specific information.

This attack came two years after German security officials determined that the Fancy Bear hackers were able to breach the German Parliament’s data network. This led to increased security on the country’s most sensitive systems. This same group has been accused of breaching computer servers of the Democratic National Committee in the United States,

Investigators with Palo Alto Networks stated that the ones associated with Fancy Bear used “malicious emails targeting foreign affair agencies and ministries in North America and Europe.”

In the 2015 attack on the German Parliament, hackers succeeded in breaching the system and stealing 16 gigabytes of sensitive information. Patrick Sensburg, a lawmaker with the governing Conservative Party, stated that the most recent attack appeared to have a clearer target.

Click here for link. (Source: The New York Times)

https://phys.org/news/2018-03-spain-captures-alleged-mastermind-12b.html

Spain arrested a person reportedly involved in hundreds of cyber-attacks in which billions of euros were stolen. The man is considered to be the mastermind of these attacks. He used malware like cobalt and carbanak to loot the people. Since 2013, the gang of this person attacked banks, e-payment systems and financial institutions of more than 40 countries. Now the mastermind has been apprehended.  The cobalt malware use led to stealing of EUR 10 million per heist. So there was the major monetary attack on the financial institutions.

Criminal used to send phishing emails to employees of banks with some attachment. Once the attachment got downloaded, criminals could access the infected computer from remote and could access the servers related to ATMs. The person is identified as Denis K. public-private partnership is necessary to take the menace of cybercrime. The recent attack on Atlanta shows that public networks are also vulnerable to cybercrimes. Arresting mastermind is an effort to be lauded but the network of cybercrime is very big. It needs to be pulled out from the roots. All the organizations are vulnerable to cyber-attacks and IP are at risk. There is need to pay attention.

 

https://yourstory.com/2018/03/response-cybercrime-major-challenge-businesses-ibm-study/

According to the new IBM study, cybercrime is on the rise but the response to these attacks is not adequate. Ponemon Institute, a leading IT firm conducted a study in association with IBM and it has been come to known that 3/4th of business organizations do not know how to take the threat of cybercrime.  Moreover, 69% of the business organizations said they do not have any measure in their firm to tackle cyber-attack. Indian firms are equally vulnerable to these attacks.

Though almost all of them admitted that cybercrimes are getting severe day by day, nearly half of them have only informal or ad-hoc plan to tackle the issue.

Many companies consider investment in artificial intelligence a barrier so they do not invest in IT network prevention much.  The high attrition rate of IT professionals and lack of annual budgets is another factor business organizations do not go for securing their data from the criminal breach. Another study was done on Indian firms which report that Indian firms recorded 12.3% more data breach in 2017. No one is spared; all the countries and business organizations are vulnerable to cybercrime which is increasing with the passing years.

http://btob.co.nz/tech-talk/cyber-crime-rise/

According to the new survey, cybercrimes are continuously increasing. Norton SMB cybersecurity conducted a survey of more than 500 businesses. It is found that frequency of cyber-attacks has increased from 18% in 2016. The actual monetary loss has been decreased in 2017 but the number of crime is continuously increasing. These attacks have the major effect on small and medium businesses. SMBs have become more aware of the potential of these attacks so they are taking proactive steps to protect their IP from cybersecurity.

New Zealand is on the verge of introducing the privacy bill. Hopefully, after the bill, the SMBS will understand the gravity of the matter and will take cybercrime as a serious threat to their organization.

Here are the steps that businessman can take to prevent themselves

• Do not wait for cybercrime to happen. Use proactive methods
• Businesses need to invest in security and backup to reduce the incidences of cybercrime
• There should always be up to date software.
• Consider employees as part of the project. Effective participation will prevent future attacks.
• Do not use easy passwords as they can easily be guessed by attackers.