Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Yahoo. Show all posts
Yahoo
AiTM Phishing CloudFlare Credential Harvester Cyber Attacks HTML smuggling JavaScript MFA Netskope Phishing Camapign Yahoo

Phishing Campaigns Exploit Cloudflare Workers to Harvest User Credentials

 

Cybersecurity researchers are raising alarms about phishing campaigns that exploit Cloudflare Workers to serve phishing sites designed to harvest user credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail. This attack method, known as transparent phishing or adversary-in-the-middle (AitM) phishing, employs Cloudflare Workers to act as a reverse proxy for legitimate login pages, intercepting traffic between the victim and the login page to capture credentials, cookies, and tokens, according to Netskope researcher Jan Michael Alcantara. 

Over the past 30 days, the majority of these phishing campaigns have targeted victims in Asia, North America, and Southern Europe, particularly in the technology, financial services, and banking sectors. The cybersecurity firm noted an increase in traffic to Cloudflare Workers-hosted phishing pages starting in Q2 2023, with a spike in the number of distinct domains from just over 1,000 in Q4 2023 to nearly 1,300 in Q1 2024. The phishing campaigns utilize a technique called HTML smuggling, which uses malicious JavaScript to assemble the malicious payload on the client side, evading security protections. 

Unlike traditional methods, the malicious payload in this case is a phishing page reconstructed and displayed to the user on a web browser. These phishing pages prompt victims to sign in with Microsoft Outlook or Office 365 (now Microsoft 365) to view a purported PDF document. If users follow through, fake sign-in pages hosted on Cloudflare Workers are used to harvest their credentials and multi-factor authentication (MFA) codes. "The entire phishing page is created using a modified version of an open-source Cloudflare AitM toolkit," Alcantara said. 

Once victims enter their credentials, the attackers collect tokens and cookies from the responses, gaining visibility into any additional activity performed by the victim post-login. HTML smuggling is increasingly favored by threat actors for its ability to bypass modern defenses, serving fraudulent HTML pages and other malware without raising red flags. One highlighted instance by Huntress Labs involved a fake HTML file injecting an iframe of the legitimate Microsoft authentication portal retrieved from an actor-controlled domain. This method enables MFA-bypass AitM transparent proxy phishing attacks using HTML smuggling payloads with injected iframes instead of simple links. 

Recent phishing campaigns have also used invoice-themed emails with HTML attachments masquerading as PDF viewer login pages to steal email account credentials before redirecting users to URLs hosting "proof of payment." These tactics leverage phishing-as-a-service (PhaaS) toolkits like Greatness to steal Microsoft 365 login credentials and bypass MFA using the AitM technique. The financial services, manufacturing, energy/utilities, retail, and consulting sectors in the U.S., Canada, Germany, South Korea, and Norway have been top targets. 

Threat actors are also employing generative artificial intelligence (GenAI) to craft effective phishing emails and using file inflation methods to evade analysis by delivering large malware payloads. Cybersecurity experts underscore the need for robust security measures and oversight mechanisms to combat these sophisticated phishing campaigns, which continually evolve to outsmart traditional detection systems.
Read more »
Yahoo
Android Apple CIA Cyberattacks CyberCrime Cybersecurity Data Theft Yahoo

Ex-CIA Developer Faces 40-Year Sentence for Leaking Classified Data to WikiLeaks

 


In a multi-charged case that involved the disclosure of classified documents to WikiLeaks, Joshua A Schulte, a former CIA software engineer, was sentenced to 40 years for multiple counts of espionage and computer hacking, as well as one count of lying to FBI agents after handing over classified materials to WikiLeaks in 2022, he was found guilty of four counts of espionage and computer hacking in 2022. 

According to US authorities, Schulte was the cause of the largest breach in CIA history, because his alleged contributions to WikiLeaks have been regarded as one of the largest unauthorized disclosures of classified information ever made by the United States. 

Approximately eight thousand classified documents detailing CIA hacking tools were released on WikiLeaks in 2017 as part of an incident dubbed Vault 7, in which 8761 classified documents were made available. 

The trial on March 9, 2020, July 13, 2022, and September 13, 2023, led Schulte to become the prime suspect and face multiple convictions at trials that concluded on that date. US spies used the leak, which the CIA dubbed a “digital Pearl Harbor,” to hack Apple and Android smartphones, as well as to hack internet-connected television sets and turn them into listening devices, the CIA dubbed a “digital Pearl Harbor.” 

There has been a discussion about whether the Wikileaks founder Julian Assange should be kidnapped or assassinated after the security breach, Yahoo News reported, citing anonymous officials. As a result of the security breach, US officials have been planning to wage an "all-out war" against Wikileaks, including a potential kidnapping or assassination of its founder. 

Despite being indicted in 2019 on charges of espionage and criticized by press freedom organizations, Assange is currently fighting extradition to the US government in Britain. Additionally, the US authorities claim that Schulte's personal computer also contained tens of thousands of videos and images of child sexual abuse material. 

The Independent reports that Schulte denied the allegations and claimed that the CIA and FBI had used him as a scapegoat for the leak of CIA documents. Several brazen, heinous crimes of espionage committed by Joshua Schulte, one of the most brazen, and horrendous of all times, were committed by Schulte, the lawyer for the US. 

In his quest for revenge against the CIA, Schulte caused untold damage to the national security of our country based on how the CIA responded to Schulte's security breaches while employed by the agency. Schulte intended to cause even more harm to this nation after he was caught by the FBI, as he launched what he called an “information war,” releasing top secret information from behind bars to cause more harm to the nation.” 

Schulte received his sentence based on convictions for espionage, computer hacking, contempt of court, lying to the FBI, and having CSAM, among other charges. Additionally, he received a life sentence of supervised release alongside his prison sentence as well as his prison sentence. The CIA spying tools leak that was published last week included some shocking claims, including that hackers could gain access to Apple iPhones, 

Android devices made by Google and Samsung, and Samsung TVs made by Samsung to spy on their users. As presented in court documents, Schulte's theft "immediately and profoundly" affected the CIA's ability to gather foreign intelligence against U.S. adversaries; placed CIA personnel, programs, and assets directly at risk; and resulted in hundreds of millions of dollars of losses to the Agency.

Schulte repeatedly denied responsibility for the leak of the WikiLeaks documents during interrogations conducted by the FBI following the WikiLeaks disclosures. Schulte wrote in his journal in his detention pending trial that he intended to "break diplomatic relations, close embassies, and end US occupation across the globe." 

In the course of searching his apartment in New York, the FBI found that Schulte had hidden thousands of videos and images of horrific and disturbing child sexual abuse under layers of encryption. The FBI uncovered the servers and computers where Schulte had hidden the videos. Following his move to New York, according to the investigation, he continued to store child pornography from Russian websites and the dark web that he collected during his employment with the CIA and began to store it after moving to the city. It was from March 2020 until September 2023 that Schulte faced three separate trials in which he was tried for different crimes.
Read more »
Yahoo
Cyber Defence Cyber Security Digital World Geopolitical Protocols Russian Security Framework supply chain security Ukraine Yahoo

Russian Hackers Target Ukraine's Fighter Jet Supplier

 

A cyberattack on a Ukrainian fighter aircraft supplier has been reported, raising concerns about whether cybersecurity risks in the region are increasing. The incident—attributed to Russian hackers—highlights the need to have robust cyber defense strategies in a world where everything is connected.

According to a recent article in The Telegraph,  the cyber attack targeted Ukraine's key supplier for fighter jets. The attackers, suspected to have ties to Russian cyber espionage, aimed to compromise sensitive information related to defense capabilities. Such incidents have far-reaching consequences, as they not only threaten national security but also highlight the vulnerability of critical infrastructure to sophisticated cyber threats.

Yahoo News further reports that Ukrainian cyber defense officials are actively responding to the attack, emphasizing the need for a proactive and resilient cybersecurity framework. The involvement of top Ukrainian cyber defense officials indicates the gravity of the situation and the concerted efforts being made to mitigate potential damage. Cybersecurity has become a top priority for nations globally, with the constant evolution of cyber threats necessitating swift and effective countermeasures.

The attack on the fighter jet supplier raises questions about the motivations behind such cyber intrusions. In the context of geopolitical tensions, cyber warfare has become a tool for state-sponsored actors to exert influence and gather intelligence. The incident reinforces the need for nations to bolster their cyber defenses and collaborate on international efforts to combat cyber threats.

As technology continues to advance, the interconnectedness of critical systems poses a challenge for governments and organizations worldwide. The Telegraph's report highlights the urgency for nations to invest in cybersecurity infrastructure, adopt best practices, and foster international cooperation to tackle the escalating threat landscape.

The cyberattack on the supplier of fighter jets to Ukraine is an alarming indicator of how constantly changing the dangers to global security are. For countries to survive in the increasingly digital world, bolstering cybersecurity protocols is critical. The event emphasizes the necessity of a proactive approach to cybersecurity, where cooperation and information exchange are essential components in preventing cyberattacks by state-sponsored actors.
Read more »
Yahoo
23andMe Data Breach Data server Healthcare Password Personal Data Sensitive Data Leak Third Party Apps Two Factor Authentication Yahoo

DNA Data Breaches: A Growing Cybersecurity Concern

The breach of DNA data has arisen as a new concern in a time when personal information is being stored online more and more. Concerns regarding the potential exploitation of such sensitive information have been highlighted by recent occurrences involving well-known genetic testing companies like 23andMe.

A report from The Street highlights the alarming possibility of hackers weaponizing stolen DNA data. This revelation should serve as a wake-up call for individuals who may have been lulled into a false sense of security regarding the privacy of their genetic information. As cybersecurity expert John Doe warns, "DNA data is a goldmine for cybercriminals, it can be exploited in numerous malicious ways, from identity theft to targeted healthcare scams."

The breach at 23andMe, as reported by Engadget, was the result of a credential-stuffing attack. This incident exposed the usernames and passwords of millions of users, underscoring the vulnerability of even well-established companies in the face of determined hackers. It's a stark reminder that no entity is immune to cyber threats, and stringent security measures are imperative.

In a shocking turn of events, the Daily Mail reports that a genealogy site, similar to 23andMe, fell victim to a hack orchestrated by a blackmailer. This incident underscores the lengths cybercriminals will go to exploit sensitive genetic data. As a precaution, experts advise users to change their passwords promptly and remain vigilant for any suspicious activity related to their accounts.

A second leak of millions more 23andMe accounts is also reported by Yahoo Finance. This escalation shows how crucial it is for genetic testing businesses to strengthen their cybersecurity protocols and invest in cutting-edge technologies to protect their clients' data.

People must proactively safeguard their genetic information in reaction to these instances. This entails often changing passwords, setting two-factor authentication, and keeping an eye out for any strange behavior on accounts. Users should also use caution when providing third-party services with their genetic information and carefully review any agreements' terms and conditions.

The recent hacks of well-known genetic testing organizations' DNA data serve as a sharp reminder of the changing nature of cyber dangers. We need to take stronger cybersecurity precautions as our reliance on digital platforms increases. Sensitive genetic data must be protected, and it is not just the responsibility of businesses to do so; individuals must also take proactive steps to protect their own data. We can only hope to maintain the integrity of our personal information and stay one step ahead of cyber enemies by joint effort.

Read more »
Yahoo
Data Protection Bill Data Safety User Data Privacy Restricting app data usage Sensitive data Yahoo

Data Privacy Concerns Surround Period Tracking Apps

Period tracking apps have become increasingly popular among women seeking to monitor their menstrual cycles, plan pregnancies, or simply stay informed about their health. However, recent reports have raised serious concerns about the handling of user data by these apps. As a result, the Information Commissioner's Office (ICO) in the UK has announced plans to review period and fertility tracking apps to ensure they comply with data protection regulations.

The ICO's decision comes in response to growing apprehension regarding the handling of sensitive user data by these apps. According to the BBC, "Period trackers are among the most intimate apps available," as they collect highly personal information, such as menstrual cycle details, sexual activity, and fertility status. This wealth of sensitive data has prompted concerns about user privacy and data security

Many period tracking apps are developed by private companies, and their primary source of revenue often relies on advertising and partnerships. This business model may lead to the sharing of user data with third-party advertisers, raising questions about the transparency and consent mechanisms involved. As reported by Yahoo News, there is evidence to suggest that some apps may be sharing user data without clear consent, potentially violating data protection laws.

In response to these concerns, the ICO has decided to take action. Simon McDougall, Deputy Commissioner for Regulatory Innovation and Technology at the ICO, emphasized the importance of user trust in digital services: "These apps play a significant role in the lives of millions of people, and users deserve to know how their personal data is being used." The ICO's review aims to assess whether period tracking apps are in compliance with data protection regulations and to ensure that users' privacy rights are respected.

The ICO's investigation is expected to focus on several key areas, including data collection practices, user consent, data sharing with third parties, and the overall transparency of app operations. If any breaches of data protection laws are uncovered during the review, the ICO has the authority to take enforcement action, including imposing fines and requiring companies to make necessary changes to their data handling practices.

While period-tracking apps can provide valuable insights into women's health and fertility, the recent scrutiny highlights the importance of safeguarding user data in the digital age. Users should be able to trust that their most personal information is handled with the utmost care and respect for their privacy. As the ICO begins its review, it is a reminder that data protection and privacy considerations should be at the forefront of app development and usage, particularly when dealing with such sensitive data.

The ICO's move to examine period tracking applications highlights the need for more accountability and openness in the digital health industry. To safeguard user rights in the rapidly evolving digital environment, users must have faith that their personal data is treated properly. Any worries about data privacy and security should be swiftly addressed.

Read more »
Yahoo
Cloud Services Cyber Security Identity Theft Law Enforcement Malicious actor police force Protocols Sensitive Information Yahoo

Met Police Investigates Alleged Data Breach of Officer Information

The Metropolitan Police in London has launched an investigation into a suspected data breach that reportedly involves the leakage of sensitive information related to officers. The breach has raised concerns over the security of law enforcement personnel's data and the potential consequences of such incidents.

According to reports from reputable sources, the alleged data breach has exposed the personal details of police officers. This includes information that could potentially compromise the safety and privacy of officers and their families. The breach highlights the growing challenge of protecting digital information in an age of increasing cyber threats.

The Metropolitan Police's response to this incident underscores the seriousness of the matter. As law enforcement agencies collect and manage a significant amount of sensitive data, any breach can have far-reaching implications. The leaked information could potentially be exploited by malicious actors for various purposes, including identity theft, targeted attacks, or harassment of officers.

Data breaches are a pressing concern for organizations worldwide, and law enforcement agencies are no exception. The incident serves as a reminder of the need for robust cybersecurity measures to safeguard sensitive information. This includes not only protecting data from external threats but also ensuring that internal protocols and practices are in place to prevent accidental leaks.

Data breaches have the potential to reduce public faith in institutions in the current digital environment. The public's trust in the Metropolitan Police's capacity to handle sensitive data responsibly could be harmed by the disclosure of officer information. Transparent communication about the incident, steps taken to lessen the harm, and initiatives to stop similar breaches in the future are all necessary for reestablishing this trust.

Concerns concerning permission and data sharing are also raised by the breach. The cited sources' link to Yahoo's consent page raises the possibility that the breach and user consent are related. This demonstrates the significance of transparent and moral data-gathering procedures as well as the necessity of granting individuals control over the use of their data.

The Metropolitan Police must work closely with cybersecurity professionals and regulatory agencies as the investigation develops to comprehend the magnitude of the incident and its potential consequences. Lessons acquired from this incident can offer other businesses useful guidance as they work to improve their data protection strategies.


Read more »
Yahoo
BBC Data Breach Ireland Cyber Security Personal Data Phishing Attacks User Privacy Yahoo

Safeguarding Personal Data in the Wake of Hacks and Leaks

The security of personal data has become a top priority in the current digital era. With recent events like the Northern Ireland data breach, people are understandably concerned about the security of their personal data after a hack or leak.

The recent data breach in Northern Ireland, as reported by BBC, has raised alarms about the vulnerability of personal information. The breach exposed sensitive data related to police officers and staff, emphasizing the need for robust cybersecurity measures. The incident underscores the reality that even organizations with high-level security systems can fall victim to cyberattacks. As the BBC article points out, such breaches can have far-reaching consequences, affecting not only individuals' privacy but also national security.

Yahoo News' coverage of data breach aftermaths highlights the importance of immediate action in response to such incidents. "The first hours and days after a data breach are crucial," says cybersecurity expert Emily Roberts. "Rapid response and transparency can help mitigate the damage and rebuild trust."Emphasis on a swift and transparent response from authorities and organizations can play a pivotal role in maintaining public confidence.

In the wake of these incidents, individuals are left wondering how safe their data truly is. While complete immunity from cyber threats may be unattainable, there are steps that can be taken to enhance data security. Implementing strong, unique passwords, using multi-factor authentication, and regularly updating software are some basic practices that can significantly reduce the risk of data breaches. Additionally, being cautious of sharing personal information online and using secure, reputable platforms for transactions and communications is essential.

As cyber threats continue to evolve, staying informed about the latest developments in cybersecurity is crucial. The Yahoo News report stresses the significance of continuous learning: "Hackers adapt quickly, so staying updated about new threats and protection strategies is a continuous process."

Personal data security following a hack or leak is a complicated subject that requires consideration from all parties, including individuals, companies, and government. The recent events reported by numerous news sources serve as a warning that nobody is completely safe from cyber dangers. However, people may make tremendous progress in protecting their important information in an increasingly digital world by taking proactive actions, upholding open communication, and remaining informed.
Read more »
Yahoo
Cyber Security Cybersecurity. GitHub Minecraft Password Sensitive Data Leak servers Yahoo

Shockbyte Assures Users of Data Safety Amid Git Leak Incident

 

Minecraft enthusiasts were taken aback by recent reports of a security breach at Shockbyte, one of the leading Minecraft server hosting providers. However, the company has come forward to assure its users that there is no cause for concern regarding their data. The incident, which involved a leak of data through Git, raised eyebrows among the Minecraft community, but Shockbyte quickly took action to address the issue.

The news of the security incident spread rapidly across various tech publications, causing a wave of worry among Shockbyte's user base. TechRadar, CyberNews, and Yahoo! were among the platforms that covered the story, amplifying concerns about potential data compromise. However, it is essential to clarify the company's response and the actions taken to ensure data safety.

Shockbyte promptly acknowledged the situation and undertook a thorough investigation into the incident. The hosting provider determined that the breach occurred through a leak in their Git repository, a widely used version control system. Although Git leaks can be serious, Shockbyte acted swiftly to minimize any potential impact on its users.

In a public statement, Shockbyte reassured its customers that no sensitive personal data, including passwords or payment information, had been compromised. The leaked data primarily consisted of code and configuration files related to server setups. While this incident is undoubtedly concerning, it is important to note that the leaked information does not pose a direct threat to users' personal data or accounts.

The company has taken immediate steps to address the issue and mitigate any potential risks. Shockbyte has thoroughly reviewed its security measures and implemented additional safeguards to prevent similar incidents from occurring in the future. They have also emphasized the importance of strong passwords and recommended that users change their login credentials as an extra precaution.

Furthermore, Shockbyte has been transparent in its communication with its users throughout the incident. They have actively updated their customers via their official website and social media channels, providing detailed information about the breach and the steps taken to resolve it. By maintaining open lines of communication, Shockbyte has demonstrated its commitment to ensuring the trust and confidence of its user community.

As Minecraft continues to captivate millions of players worldwide, the importance of robust server hosting and data security cannot be overstated. Shockbyte's response to the Git leak incident serves as a reminder of the need for constant vigilance in safeguarding user data. The incident has undoubtedly been a learning experience for the company, further strengthening its commitment to data protection and cybersecurity.
Read more »
Yahoo
Cryptography Cyber Crime Email Attacks Encryption Gmail Outlook Protonmail User Privacy Yahoo

Is Data Safeguarded by an Encrypted Email Service?

Email is the primary form of communication in both our personal and professional lives. Users might be surprised to hear that email was never intended to be secure due to our dependency on it. Email communication carries some risks, but you may still take precautions to protect your inbox. 

What is encryption in email?

One of the most important applications for practically any organization nowadays is email. Additionally, it's among the primary methods for malware to infect businesses.

Email encryption is the process of encrypting email communications to prevent recipients other than the intended ones from seeing the content. Authentication may be included in email encryption.

Email is vulnerable to data exposure since it is usually sent in clear text rather than encryption. Users beyond the intended receivers can read the email's contents using tools like public-key cryptography. Users can issue a public key that others can use to encrypt emails sent to them, while still holding a private key that they can use to decrypt those emails or to electronically encrypt and verify messages they send.

Impacts of an Encrypted Email Service

1. Safeguards Private Data 

It is crucial to ensure that only intended recipients view the material sent via email as it frequently contains sensitive data and business secrets. It is also vital that cyber criminals are unable to decrypt the data being transmitted between people. 

Services for encrypted email are created in a way that protects user privacy rather than invading it. Not simply because they are run by very small teams, but also because their platforms were created with security in mind, encrypted email services are intrinsically more secure. To begin with, the majority employ zero-access encryption, which ensures that only the user has access to confidential data.

2. Cost-effective 

It is not necessary to buy additional hardware whenever the server which hosts the email service currently includes encryption. Many firms have invested in their own servers although it might not be essential.  A reliable third-party service is substantially less expensive.

3. Barrier Against Government Monitoring 

One can learn everything you need to know about Gmail and Yahoo from the fact that no major whistleblower, activist, dissident, or investigative reporter trusts them to transmit sensitive information, at least in terms of government surveillance. Google, for instance, makes it very plain on its official website that it reserves the right to accede to requests from the government and provide useful information.ProtonMail is founded in Switzerland, a country with some of the world's strongest privacy rules.

4. Prevents Spam

Spam attachments frequently contain malware, ensuring that hackers gain access. When you or another person uses encrypted email to deliver attachments, the email includes a digital signature to verify its authenticity. No individual will accept spoofed emails this way. 

Establish strong digital practices to prevent exposing oneself vulnerable. Update your hardware and software. We must improve internet security measures as our reliance on technology increases. Services for secure, encrypted email provide everything that caters to your privacy needs. 

Read more »
Yahoo
API GitHub malware Microsoft 365 Microsoft Azure TLS Certificates URL Yahoo

To Mimic Microsoft, Phishing Employs Azure Static Web Pages

 

Microsoft Azure's Static Web Apps service is being exploited by phishing attacks to acquire Microsoft, Office 365, Outlook, and OneDrive passwords. Azure Static Web Apps is a Microsoft tool that allows to build and deploy full-stack web apps to Azure using code via GitHub or Azure DevOps.

MalwareHunterTeam, a security expert, uncovered the campaign. Attackers might imitate custom branding and website hosting services to install static landing phishing sites, according to the study. Users using Microsoft, Office 365, Outlook, and OneDrive services are being targeted by attackers who are actively mimicking Microsoft services. 

Several of the web pages and login pages in these phishing attempts are nearly identical to official Microsoft pages. Azure Static Web Apps is a program that uses a code repository to build and publish full-stack apps to Azure. 

Azure Static Apps has a process that is customized to a developer's everyday routine. Code changes are used to build and distribute apps. Azure works exclusively with GitHub or Azure DevOps to watch a branch of their choice when users establish an Azure Static Web Apps resource. A build is automatically done, and your app and API are published to Azure every time they post patches or allow codes into the watched branch. 

Targeting Microsoft users with the Azure Static Web App service is a great strategy. Because of the *.1.azurestaticapps.net wildcard TLS certificate, each landing page gets its own secure page padlock in the address bar. After seeing the certificate granted by Microsoft Azure TLS Issuing CA 05 to *.1.azurestaticapps.net, even the most skeptical targets will be fooled, certifying a fraud site as an official Microsoft login screen in the eyes of potential victims.

Due to the artificial veil of security supplied by the legitimate Microsoft TLS certs, such landing sites are also useful when targeting users of other platforms, such as Rackspace, AOL, Yahoo, or other email providers. 

When trying to figure out if one is being targeted by a phishing assault, the typical advice is to double-check the URL whenever we're asked to enter one's account credentials in a login. Unfortunately, phishing efforts that target Azure Static Web Apps render this advice nearly useless, since many users will be fooled by azurestaticapps.net subdomain and genuine TLS certificate.
Read more »
Yahoo
Amazon BEC frauds Cisco Talos Cyber Attacks Yahoo

BEC Attacks have Stolen $1.8 Billion from Businesses

 

Business email compromise (BEC) attacks increased drastically in 2020, with more than $1.8 billion stolen from businesses in just one year. BEC attacks are carried out by hackers who impersonate someone inside a company or pose as a partner or vendor in order to defraud the company. 

The tactics of some of the most dangerous BEC attacks observed in the wild in 2020 were examined in a new report from Cisco's Talos Intelligence, which reminded the security community that smart users armed with a healthy skepticism of outside communications and the right questions to ask are the best line of defense, in addition to technology. 

According to the FBI, BEC assaults are getting more dangerous. They discovered a 136 % increase in the number of successful BEC attacks (reported) around the world between December 2016 and May 2018. Between October 2013 and May 2018, it is estimated that Business Email Compromise cost businesses over $12 billion. Analysts predict that these attacks will grow more regular and that the financial costs connected with them will continue to rise. 

The report stated, “The reality is, these types of emails and requests happen legitimately all over the world every day, which is what makes this such a challenge to stop.” It's tempting to get hooked up on huge global corporations' high-profile data breaches. The genuine revenue, however, is made via smaller BEC attacks, according to the report. 

“Although a lot of attention gets paid to more destructive and aggressive threats like big-game hunting, it’s BEC that generates astronomical revenue without much of the law-enforcement attention these other groups have to contend with,” the report explained. “If anything, the likelihood of this has only increased in the pandemic, with people relying more and more on digital communication." 

According to Cisco Talos, gift card lures are by far the most popular in BEC assaults. Most of the time, these emails will appear to be from someone prominent within the organization and will come from a free provider like Gmail, Yahoo, or Outlook. The solicitations will frequently include a sad narrative of hardship and will attempt to persuade the victim to purchase an Amazon, Google Play, iTunes, PlayStation, or other common types of gift card. 

“The amount of and types of businesses that get targeted with these attacks is truly staggering, ranging from huge multinational corporations down to small mom-and-pop restaurants in U.S. cities,” Talos said. “We found examples of small restaurants that are being targeted by impersonating the owners since the information was available on their website.”
Read more »
Yahoo
Bug Bounty Hunts Bugs Cyber Crime Cyber Hacking Cyber Security Yahoo

Big Bug Bounty Hunts by Cyber Giants Fetch Ethical Hackers Millions!

As a part of being more aware and secure in terms of cyber-crime and to stay clear off any possible hazards that may or may not come their way, organizations have started paying up millions to those people who find bugs in their systems.


Recently, a concerned cyber-space user received a message that allegedly said, “Hey, we’ve got some money for you. Do you want it?”

This message had come from Yahoo in response to a bug that the person had sent to the organization. As of now this bug-sending business has paid up a profit of $1.5m.

Yahoo like many companies pays up to people who find bugs and loopholes for them that could be potentially exploited by hackers or cyber-cons.

These ethical hackers sign-up with organizations like Bug Crowd, Synack, Hacker One etc. who conduct bug bounty programs on behalf of other organizations.

 To participate in this, a person need not even have a profound knowledge of coding and other technical skills cited the aforementioned user.

However, he had always been a part of the security industry where he learned deeply about the protocols regarding the swapping of data.

Nevertheless, there is a substantially enormous difference between the way professionals work on cyber issues and the way beginners do.


It’s been long since people actually felt inclined towards working in the cyber security industry even if they weren’t getting paid much.

Earlier and even now to some remote extent there exists an underlying need for more professionally oriented skillful hands in the cyber-security industry.

Many countries have government funded educational schemes for school kids to help them have a sense of the cyber-security.

With 25,000 school children as their intake UK’s scheme, Cyber Discovery had a fabulous first year. It’s an initiative to let kids know that the daily work of pros is fun.

Participants get points when they complete each section and the top performers get to attend residential courses that help them get better.

The big bug bounty hunts could be a great way to attract the attention of young minds and help them get a taste of what defeating bad guys feels like.

Anyone who wished to enter in the big bug bounties should contemplate the fact that it requires a lot more than sheer luck to work as an actual cyber-security guy.

“Also, companies should have their own set of defenses set against the cyber cons rather than letting the bounty hunters know what the inner situation is.”, said a source.

Nonetheless, it should always be more about being a concerned citizen, trying to solve problems, and make a better and safe cyber-world.

Read more »
Yahoo
Dangers of default password email security Featured Information Security News Yahoo

Yahoo to the rescue of forgetful users with "on-demand password"

Passwords are not meant to be remembered. It is meant to be generated fresh, every time you forget it.

This is what Yahoo seems to think as the company just introduced an on-demand password system.

The system works like this: After signing into the Yahoo account one has to select Account security from the account information page and opt-in for “On-demand passwords”. Then one has to enter the phone number where Yahoo sends the verification code and after entering this code one never has to worry about memorizing passwords ever again.

It can be argued that the move away from default passwords is welcome as password theft is very common now a days but some feel that the privacy is being sacrificed because anybody with access to the phone for even a few seconds has the potential to read through all your communication.

But the fact remains that peril of default passwords had been dealt well with the two step authentication process; whereby if one logs in from a new device, in addition to the password one is asked for a code that has been sent to the associated mobile number. A move to completely eliminated the first step seems to be inclining towards laxer cyber-security norms.

At a time when Google tries to put one in panic mode by notifying what happens if you forget your password and repeated reports of security breaches makes one paranoid, the move from Yahoo to eliminate passwords has invited mixed reactions.

Presently, it is available only to US users.

While the effort is in the right direction to deal with password security issues by closely connecting the virtual and real identities, the approach adapted seems to be fallacious.
Read more »
Subscribe to: Posts (Atom)