Leaked documents show how the firm supports Chinese hacking operations
A tranche of documents posted to GitHub five days ago reveals that Chinese contractors working to support Beijing’s hacking operations are a lot like office drones everywhere but with a twist: They complain about the low pay, gamble in the office and also help to break into the computer systems of foreign governments.
Avast Slapped With A Fine of $16.5 Million For Storing & Selling User Data
Avast, a renowned cybersecurity company recognized for its VPN and antivirus solutions, is facing significant scrutiny and a hefty fine of $16.5 million from the Federal Trade Commission (FTC) for breaching user privacy. The FTC accused Avast of tracking and selling user data to third parties, including advertisers, without adequate consent. This infringement has been ongoing since at least 2014, facilitated through its antivirus and web browsing extensions. The company sold highly personal information, such as financial status, health details, and location, to over 100 third parties. Avast shut down its data collection arm, Jumpshot, following investigations by PCMag and Motherboard in 2020. Despite Avast’s claims of removing identifying information, the FTC deemed it insufficient to safeguard user privacy. This violation is particularly egregious, given that users rely on Avast’s products to protect their privacy. The FTC has ordered Avast to notify users of the data breach, delete collected data, and cease selling user information. While Avast denies all accusations, it aims to resolve the issue swiftly and continue serving its customers diligently.
This article goes over how companies are spending more than 30% in access control and cybersecurity related tools this year. Some additional investments are facial recognition, intrusion detection, digital evidence management and visitor management. There was also a survey done by a security software company, which surveyed people from all geographical regions and responded that it is also physical security, end users and consultants. It also showed that these investment trends are on the rise on the cloud side of the business as well. 44% of end users said that over a quarter of their physical security environments are cloud or hybrid cloud. That shows you how important it is to learn cloud security and will be in the very near future. The article says that these trends will continue to grow as AI-driven applications grow as well. Believe it or not, post pandemic age, the physical security industry is still facing challenges including rising cyber threats, supply chain constraints and HR issues.
Secure Access Control In 2024: 6 Trends to watch out for.
I found this interesting article about 6 access control trend in 2024 which includes:
– Zero Trust Architecture
– AI and Machine leaning in Access Control
– Passwordless Authentication
– Blockchain for Identity Management
– Enhanced Privacy Controls
– Unified Access Control Platforms
PayPal has filed a patent for a new method to identify when “super-cookie” is stolen to limit account hacks based on session bypassing through authentication tokens. Super-cookies are Local Shared Objects that contain a large amount of unique identifier headers from a user’s ISP which are then used for cross-site tracking on the same device regardless of browser. PayPal has identified a way to calculate a fraud risk score from the cookie authentication mechanism to potentially identify fraudulent login attempts based on these super-cookies.
The breakdown of their system is as followed: The cookie stores a value. Then, for each storage after the initial connection, an expected value is calculated based on the previous location. The system then assesses a risk score based on the comparison of the cookie values for the device’s storage locations. The request to access an account is granted or denied based on if the assigned score for a storage location exceeds the risk tolerance for fraud. These cookie values are encrypted through public key cryptography so that they cannot be tampered with. The patent was filed in July 2022 and recently published this month.
I recently watched Last Week Tonight with Jon Oliver and the feature story was talking about people falling prey to “pig butchering”. Pig butchering is a type of confidence trick to get people to invest. The victim is gradually lured into making investments in cryptocurrency “fattening up” the victim by getting them to invest overtime and disappear when investors what to cash out.
My article talks about a bank CEO who embezzled almost $50 million dollars of the bank’s money in cryptocurrency. This turn out to be a pig butchering scheme which once discovered the bank was eventually shut down. The CEO now faces up to 30 years in prison for his actions. During the investigation it was discovered that the bank ignored protocols and policy that would have “prevented and detected” nefarious activity.
Article: Exclusive: Feds to offer new support to open-source developers
CISA is now setting up methods and practices to have more hands-on interaction with open-source software developers. The goal of this practice is to provide more direct oversight of the currently more “wild west” approach to open-source software development and use. With direct oversight from federal agencies, risks such as malicious software injection or dangerous code errors in more commonly or uncommonly used open-source software can hopefully be mitigated or avoided altogether
LastPass Hacked: Password Manager With 25 Million Users Confirms Breach
A new article I want to discuss this week relevant to this week’s reading is about LastPass which is one of the world’s biggest password managers with 25 million users, The security breach that happened back in August 2022 where attackers stole portions of source code and some proprietary LastPass technical information. LastPass implemented a zero-knowledge architecture where master passwords are never stored, which prevented attackers from gaining users’ passwords.
LastPass Hacked: What You Need To Know About Password Manager Breach (forbes.com)
Summary: Microsoft on Friday revealed that Kremlin supported hackers known as Midnight Blizzard hacked into their systems in November and got access to source code as well as internal data, the attack lasted until January and involved unauthorized use of information grabbed from emails. Microsoft claims systems accessible by customers were safe but it is still being investigated and they’ve confirmed they’ve increased security measures to better protect themselves. The hacking group however is quite prominent and had been recently using stolen credentials to attack supply chains.
Link: https://thehackernews.com/2024/03/microsoft-confirms-russian-hackers.html
The Okta breach, facilitated by social engineering attacks on administrative accounts, underscores the critical importance of robust access management in cybersecurity. Human errors, such as poor password policies and privilege creep, significantly contribute to security vulnerabilities. Strong access control measures, including comprehensive access management policies, are essential to mitigate these risks and protect against both external and internal cyber threats.
“New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics”
The CHAVECLOAK banking Trojan targets Brazilian users through phishing emails with PDF attachments that lead to the installation of malware capable of stealing sensitive information, including banking credentials. The attack utilizes contract-themed DocuSign PDFs, misleadingly prompting users to download a malicious installer that employs DLL side-loading to execute the CHAVECLOAK malware. This malware monitors user activity, particularly targeting financial and cryptocurrency platforms, to exfiltrate data to attackers. The campaign’s sophistication is highlighted by its targeted approach, leveraging document-signing lures and advanced techniques to avoid detection while focusing on the financial sector in Brazil.
URL: “https://thehackernews.com/2024/03/new-banking-trojan-chavecloak-targets.html”
This article talks about how the number of school cyberattacks are rising, because they are behind on cybersecurity protections, making them a prime target for hackers. One of the reasons for this is because they will usually have older systems, need computers everyday, and don’t have the resources to hire cybersecurity personnel. What makes these attacks worse, is they bring doubt to the parents, because parents don’t feel safe having their kid at a school where the technology is hacked. Add on to the fact that recovering from these attacks are expensive. This article does however, mention a couple of things schools can do. First, use more difficult passwords, next is multifactor authenticati0n, then constantly updating the software.
https://thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html
A recent malware campaign exploits a critical security vulnerability in the Popup Builder plugin for WordPress. It allows injection of harmful JavaScript code which has infected over 3900 websites within 3 weeks. The attacks originated from newly registered domains. The attacks involve injecting malicious code which redirects the website visitors to phishing or scam pages.
Michael Obiukwu says
Leaked documents show how the firm supports Chinese hacking operations
A tranche of documents posted to GitHub five days ago reveals that Chinese contractors working to support Beijing’s hacking operations are a lot like office drones everywhere but with a twist: They complain about the low pay, gamble in the office and also help to break into the computer systems of foreign governments.
https://cyberscoop.com/isoon-chinese-apt-contractor-leak/
Ikenna Alajemba says
Scammers posing as Drexel University professor dupe student out of thousands of dollars. PHILADELPHIA (WPVI) — A paid internship scam cost a local college student thousands of dollars. Clayton Justice said he answered a job listing that appeared to have been posted by a Drexel University professor.
https://universitybusiness.com/scammers-posing-as-drexel-university-professor-dupe-student-out-of-thousands-of-dollars/
Chidiebere Okafor says
Avast Slapped With A Fine of $16.5 Million For Storing & Selling User Data
Avast, a renowned cybersecurity company recognized for its VPN and antivirus solutions, is facing significant scrutiny and a hefty fine of $16.5 million from the Federal Trade Commission (FTC) for breaching user privacy. The FTC accused Avast of tracking and selling user data to third parties, including advertisers, without adequate consent. This infringement has been ongoing since at least 2014, facilitated through its antivirus and web browsing extensions. The company sold highly personal information, such as financial status, health details, and location, to over 100 third parties. Avast shut down its data collection arm, Jumpshot, following investigations by PCMag and Motherboard in 2020. Despite Avast’s claims of removing identifying information, the FTC deemed it insufficient to safeguard user privacy. This violation is particularly egregious, given that users rely on Avast’s products to protect their privacy. The FTC has ordered Avast to notify users of the data breach, delete collected data, and cease selling user information. While Avast denies all accusations, it aims to resolve the issue swiftly and continue serving its customers diligently.
Link – https://techreport.com/news/avast-slapped-with-a-fine-of-16-5-million-for-storing-selling-user-data/
Jeffrey Sullivan says
In the News
Cloud, face biometrics investments for physical access control on the rise | Biometric Update
https://www.biometricupdate.com/202402/cloud-face-biometrics-investments-for-physical-access-control-on-the-rise
This article goes over how companies are spending more than 30% in access control and cybersecurity related tools this year. Some additional investments are facial recognition, intrusion detection, digital evidence management and visitor management. There was also a survey done by a security software company, which surveyed people from all geographical regions and responded that it is also physical security, end users and consultants. It also showed that these investment trends are on the rise on the cloud side of the business as well. 44% of end users said that over a quarter of their physical security environments are cloud or hybrid cloud. That shows you how important it is to learn cloud security and will be in the very near future. The article says that these trends will continue to grow as AI-driven applications grow as well. Believe it or not, post pandemic age, the physical security industry is still facing challenges including rising cyber threats, supply chain constraints and HR issues.
—
Samuel Omotosho says
Secure Access Control In 2024: 6 Trends to watch out for.
I found this interesting article about 6 access control trend in 2024 which includes:
– Zero Trust Architecture
– AI and Machine leaning in Access Control
– Passwordless Authentication
– Blockchain for Identity Management
– Enhanced Privacy Controls
– Unified Access Control Platforms
https://www.tripwire.com/state-of-security/secure-access-control-trends-watch-out
Kenneth Saltisky says
PayPal has filed a patent for a new method to identify when “super-cookie” is stolen to limit account hacks based on session bypassing through authentication tokens. Super-cookies are Local Shared Objects that contain a large amount of unique identifier headers from a user’s ISP which are then used for cross-site tracking on the same device regardless of browser. PayPal has identified a way to calculate a fraud risk score from the cookie authentication mechanism to potentially identify fraudulent login attempts based on these super-cookies.
The breakdown of their system is as followed: The cookie stores a value. Then, for each storage after the initial connection, an expected value is calculated based on the previous location. The system then assesses a risk score based on the comparison of the cookie values for the device’s storage locations. The request to access an account is granted or denied based on if the assigned score for a storage location exceeds the risk tolerance for fraud. These cookie values are encrypted through public key cryptography so that they cannot be tampered with. The patent was filed in July 2022 and recently published this month.
https://www.bleepingcomputer.com/news/security/paypal-files-patent-for-new-method-to-detect-stolen-cookies/
Erskine Payton says
Erskine Payton
In the News Article- Unit 8
MIS 5214
Temple University
https://www.cutoday.info/Fresh-Today/Report-Says-Bank-s-Shutdown-Result-of-Pig-Butchering-Scheme-Involving-Former-CEO
I recently watched Last Week Tonight with Jon Oliver and the feature story was talking about people falling prey to “pig butchering”. Pig butchering is a type of confidence trick to get people to invest. The victim is gradually lured into making investments in cryptocurrency “fattening up” the victim by getting them to invest overtime and disappear when investors what to cash out.
My article talks about a bank CEO who embezzled almost $50 million dollars of the bank’s money in cryptocurrency. This turn out to be a pig butchering scheme which once discovered the bank was eventually shut down. The CEO now faces up to 30 years in prison for his actions. During the investigation it was discovered that the bank ignored protocols and policy that would have “prevented and detected” nefarious activity.
Andrew Young says
Article: Exclusive: Feds to offer new support to open-source developers
CISA is now setting up methods and practices to have more hands-on interaction with open-source software developers. The goal of this practice is to provide more direct oversight of the currently more “wild west” approach to open-source software development and use. With direct oversight from federal agencies, risks such as malicious software injection or dangerous code errors in more commonly or uncommonly used open-source software can hopefully be mitigated or avoided altogether
Link: https://www.axios.com/2024/03/07/biden-admin-open-source-security-promises
Mariam Hazali says
LastPass Hacked: Password Manager With 25 Million Users Confirms Breach
A new article I want to discuss this week relevant to this week’s reading is about LastPass which is one of the world’s biggest password managers with 25 million users, The security breach that happened back in August 2022 where attackers stole portions of source code and some proprietary LastPass technical information. LastPass implemented a zero-knowledge architecture where master passwords are never stored, which prevented attackers from gaining users’ passwords.
LastPass Hacked: What You Need To Know About Password Manager Breach (forbes.com)
Alex Ruiz says
Summary: Microsoft on Friday revealed that Kremlin supported hackers known as Midnight Blizzard hacked into their systems in November and got access to source code as well as internal data, the attack lasted until January and involved unauthorized use of information grabbed from emails. Microsoft claims systems accessible by customers were safe but it is still being investigated and they’ve confirmed they’ve increased security measures to better protect themselves. The hacking group however is quite prominent and had been recently using stolen credentials to attack supply chains.
Link: https://thehackernews.com/2024/03/microsoft-confirms-russian-hackers.html
Kelly Conger says
https://krebsonsecurity.com/2023/10/hackers-stole-access-tokens-from-oktas-support-unit/
The Okta breach, facilitated by social engineering attacks on administrative accounts, underscores the critical importance of robust access management in cybersecurity. Human errors, such as poor password policies and privilege creep, significantly contribute to security vulnerabilities. Strong access control measures, including comprehensive access management policies, are essential to mitigate these risks and protect against both external and internal cyber threats.
Nicholas Nirenberg says
“New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics”
The CHAVECLOAK banking Trojan targets Brazilian users through phishing emails with PDF attachments that lead to the installation of malware capable of stealing sensitive information, including banking credentials. The attack utilizes contract-themed DocuSign PDFs, misleadingly prompting users to download a malicious installer that employs DLL side-loading to execute the CHAVECLOAK malware. This malware monitors user activity, particularly targeting financial and cryptocurrency platforms, to exfiltrate data to attackers. The campaign’s sophistication is highlighted by its targeted approach, leveraging document-signing lures and advanced techniques to avoid detection while focusing on the financial sector in Brazil.
URL: “https://thehackernews.com/2024/03/new-banking-trojan-chavecloak-targets.html”
Hashem Alsharif says
https://www.npr.org/2024/03/11/1236995412/cybersecurity-hackers-schools-ransomware
This article talks about how the number of school cyberattacks are rising, because they are behind on cybersecurity protections, making them a prime target for hackers. One of the reasons for this is because they will usually have older systems, need computers everyday, and don’t have the resources to hire cybersecurity personnel. What makes these attacks worse, is they bring doubt to the parents, because parents don’t feel safe having their kid at a school where the technology is hacked. Add on to the fact that recovering from these attacks are expensive. This article does however, mention a couple of things schools can do. First, use more difficult passwords, next is multifactor authenticati0n, then constantly updating the software.
Akintunde Akinmusire says
Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites
https://thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html
A recent malware campaign exploits a critical security vulnerability in the Popup Builder plugin for WordPress. It allows injection of harmful JavaScript code which has infected over 3900 websites within 3 weeks. The attacks originated from newly registered domains. The attacks involve injecting malicious code which redirects the website visitors to phishing or scam pages.