The deadline for filing taxes in the United States is eight weeks away, but new research has shown that small businesses are already being hit by tax season–related cyber-attacks. Research conducted by Proofpoint indicates that attackers are “aggressively jumping into tax season,” with the deployment of two main attack strategies. The first strategy is to send tax-themed emails
Month: February 2020
An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered. While anomaly detection and reporting are the primary functions, some intrusion detection systems are capable of taking actions when malicious activity or anomalous traffic is detected, including blocking traffic sent from suspicious Internet Protocol (IP) addresses.
by Lisa Vaas Recognize anybody you know? (Anonymized) photos leaked from PhotoSquared’s unsecured S3 bucket IMAGE: vpnMentor No, likely not. No thanks to the leaky photo app they dribbled out of for that, though. After coming across thousands of photos seeping out of an unsecured S3 storage bucket belonging to a photo app called PhotoSquared,
The dawn of the DNS over HTTPS era is putting business security and SOC teams to the challenge In one way, the proliferation of domain name service (DNS) attacks throughout the world has helped to raise awareness about a deep problem in the “plumbing” of the internet. The infrastructure behind the DNS suffers from a
Smart doorbells and cameras bring a great sense of security to your home, especially when you’re away, but even a thought that someone could be spying on you through the same surveillance system would shiver up your spine. Following several recent reports of hackers gaining access to people’s internet-connected Ring doorbell and security cameras, Amazon
A 19-year-old American man has been arrested for allegedly engaging in a six-year cybercrime wave that involved swatting, computer fraud, and the stalking of multiple victims, including a New York schoolgirl. Tristan Rowe was arrested on February 12 after allegedly threatening to kill one victim and bomb their school. Cops say he sent multiple disturbing messages to
by Paul Ducklin If you’re a regular Naked Security reader, you’ll know that we’ve been fans of HTTPS for years. In fact, it’s nearly nine years since we published an open letter to Facebook urging the social networking giant to adopt HTTPS everywhere. HTTPS is short for HTTP-with-Security, and it means that your browser, which
During a 2018 incident response engagement, Secureworks® analysts discovered strong evidence of a Russia-based espionage group using ‘man-on-the-side’ techniques to install malware on targeted networks. The threat actors used the same techniques in other incidents as well. This type of attack can undermine the integrity of the Internet’s fundamental communications infrastructure. What is a man-on-the-side
Other leaked records include videos, facial and body scans, as well as a range of patients’ personal data Hundreds of thousands of records belonging to plastic surgery patients have been discovered sitting on an unprotected server and accessible for anyone to view. The records were stored on an Amazon Web Services (AWS) S3 bucket database
A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed “Fox Kitten,” the cyber-espionage campaign is said to have been directed at companies from the IT, telecommunication, oil and gas, aviation, government, and
British police have been investigating children as young as six over their involvement in sexting offenses. Figures released by London’s Metropolitan Police Service reveal that between January 2017 and August 2019, a total of 353 children aged from six to thirteen were investigated in relation to sending and receiving sexual images. Sexting investigations involving children under
By Securing, managing and monitoring an enterprise IT infrastructure requires meticulous planning. Rather than create a framework from scratch, there are several publicly available methodologies security leaders can adopt to benefit their own infosec programs. One of the more high-profile examples of available frameworks is known as the zero-trust model. This model differs from other
by John E Dunn Google has abruptly pulled over 500 Chrome extensions from its Web Store that researchers discovered were stealing browsing data and executing click fraud and malvertising after installing themselves on the computers of millions of users. Depending on which way you look at it, that’s either a good result because they’re no
The LYCEUM threat group targets organizations in sectors of strategic national importance, including oil and gas and possibly telecommunications. The activity observed by Secureworks® Counter Threat Unit™ (CTU) researchers focuses on obtaining and expanding access within a targeted network. CTU™ research indicates that LYCEUM may have been active as early as April 2018. Domain registrations
The same hackers have also got their mitts on social media accounts of other high-profile sporting targets OurMine, the infamous hacker collective, hijacked the official Twitter accounts of FC Barcelona, the Olympics and the International Olympic Committee (IOC) on Saturday. The La Liga soccer giant, for one, also ran afoul of the group in 2017,
A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs. The vulnerable plugin in question is ‘ThemeGrill Demo Importer‘ that comes with free as well as premium themes sold by the
The alleged source of a series of information leaks that rocked soccer and sparked an FFP investigation into the finances of Manchester City Football Club is to be tried before a Portuguese court. An appeal lodged by Portuguese national Rui Pinto to have the accusations against him dismissed as “unfounded” was rejected earlier this month
by John E Dunn The contentious case of a man held in custody since 2015 for refusing to decrypt two hard drives appears to have reached a resolution of sorts after the US Court of Appeals ordered his release. Former Philadelphia police sergeant Francis Rawls was arrested in September 2015, during which the external hard
Secureworks® Counter Threat Unit™ (CTU) researchers continually monitor the TrickBot botnet operated by the GOLD BLACKBURN threat group. A key feature of TrickBot is its ability to manipulate web sessions by intercepting network traffic before it is rendered by a victim’s browser. TrickBot has targeted hundreds of organizations, mostly financial institutions, since it began widespread
That’s for apps from third-party marketplaces; another 790,000 policy-breaking apps were stopped from reaching Google Play Strengthened app safety policies, a better developer approval process, and enhancements to its machine learning detection system made the Google Play Store an even more secure place last year, according to Google’s 2019-in-review blog post this week. “Last year,
Here comes the second ‘Patch Tuesday’ of this year. Adobe today released the latest security updates for five of its widely used software that patch a total of 42 newly discovered vulnerabilities, 35 of which are critical in severity. The first four of the total five affected software, all listed below, are vulnerable to at
A report into the spate of data breaches that ripped through America’s healthcare industry last year has revealed that more breaches happened in Texas than in any other state. The “2019 Healthcare Data Breach Report” published yesterday by HIPAA Journal shows that healthcare data breaches involving the exposure of 500 or more records occurred in
by Danny Bradbury A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to cookie-stealing cross-site scripting (XSS) attacks. The GDPR Cookie Consent plugin, created by WebToffee, claims over 700,000 users. The plug-in is a notification app that begs you to accept cookies when you first
Indicator Type Context mlibo.ml Domain name Hosting phishing website used by COBALT DICKENS for August/July 2019 operations blibo.ga Domain name Hosting phishing website used by COBALT DICKENS for August/July 2019 operations azll.cf Domain name Hosting phishing website used by COBALT DICKENS for August/July 2019 operations azlll.cf Domain name Hosting phishing website used by COBALT DICKENS
What are some of the most common warning signs that your online crush could be a dating scammer? We’re living in a fast-paced era, and it’s become increasingly difficult to juggle a career, have a social life, and find love. People are increasingly switching to more convenient means to find a connection, like dating apps
Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers. These extensions were part of a malvertising and ad-fraud campaign that’s been operating at least since January 2019, although evidence points out the possibility that
A Chattanooga, Tennessee, information technology infrastructure and cybersecurity consulting firm has unveiled an $8m expansion plan that will see its workforce double by 2023. Currently, the Conversant Group operates with 46 employees from its headquarters on Cowart Street. On Monday, the company’s president and chief listening officer, John Anthony Smith, revealed plans to relocate the firm to a new site
By Published: 14 Feb 2020 Few technologies have been as important in IT and enterprise security as encryption, using a mathematical algorithm to scramble the contents of a file — or even an entire disk. Without the unique key used to encrypt the data, nobody else can — at least, easily — decrypt and discover
by Paul Ducklin A trio of researchers from Singapore just published a paper detailing a number of security holes they discovered in Bluetooth chips from several different vendors. The good news is that they disclosed the holes responsibly back in 2019 and waited 90 days – a sort-of industry standard period popularised by Google’s Project
On May 31, 2019, the developers of the highly profitable GandCrab ‘ransomware-as-a-service’ announced that they were retiring after earning over $2 billion USD since January 2018. The news was met with interest and skepticism within the security community, as multiple affiliate groups regularly conducted extremely successful GandCrab campaigns since its inception. After analyzing the threat