The Monday Media Wrap Up: Verizon Breach, LeakerLocker Ransomware, and IRS Phishing Attacks

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

Articles from July 7-14

A robot and cyber nightmare

Axios | Steve LeVine | July 13, 2017

From robotics to cyber-war, developing countries are being lashed by the powerful new technological forces sweeping the globe — and seem likely to face worse. Why it matters: Cyber security experts are now increasingly looking to the developing world to discover what malware might hit the more sophisticated economies next. These second-tier economies are a playing ground — a pickup basketball court — where cyber criminals can practice. The economic side is perhaps more worrying because it means exacerbation of a dynamic already in play — what Harvard economist Dani Rodrick has called “premature de-industrialization,” in which poorer countries barely or never get to see the fruits of a manufacturing economy.

Microsoft reveals two big ways to stop ransomware attacks

Yahoo Finance | Rob Pegoraro | July 12, 2017

Microsoft has had quite enough of ransomware attacks like WannaCry and Petya. But if the company is going to get a handle on the problem, it needs the help of customers, businesses and governments around the globe. When it comes to individuals and business, Microsoft has a simple request: Stop using Windows XP. As for the world’s governments, Microsoft’s ask is even easier, but may be a tougher sell: If you see something vulnerable in our software, tell us instead of using it to hack our customers. Neither task will be easy, but the alternative will result in continued waves of malware attacks that steal or destroy data and leave millions of computers immobilized.

Millions of Verizon customer records exposed in security lapse

ZDNet | Zack Whittaker | July 12, 2017

An Israeli technology company has exposed millions of Verizon customer records, ZDNet has learned. As many as 14 million records of subscribers who called the phone giant’s customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra’anana, Israel-based company. The data was downloadable by anyone with the easy-to-guess web address. Nice, which counts 85 of the Fortune 100 as customers, plays in two main enterprise software markets: customer engagement and financial crime and compliance including tools that prevent fraud and money laundering. Nice’s 2016 revenue was $1.01 billion, up from $926.9 million in the previous year. The financial services sector is Nice’s biggest industry in terms of customers, with telecom companies such as Verizon a key vertical. The company has more than 25,000 customers in about 150 countries.

LeakerLocker ransomware blackmails unwitting mobile app store users

SC Magazine | Max Metzger | July 12, 2017

A new strain of ransomware might call for an entirely new moniker for the extortion virus: Blackmailware. Leakerlocker has been spotted by McAfee locking up Android phones and, far from charging its victims for renewed access, threatens to send their information to their contacts if they don’t pay $50 (£38). Lee Munson, security researcher at Comparitech.com, told SC Media UK via email, ”LeakerLocker’s business model is a potentially far more lucrative one, ensnaring a massive potential pool of Android users who need to hand over a mere $50 to avoid being doxed.” One the ransomware infects the phone, it shows its unwitting victim a short message saying, “All personal data has been transferred to our secure cloud,” including personal photos, contact numbers, SMS’, calls and GPS locations as well as browsing and correspondence history.

Russian Spying: Emails Show Possible Ties Between Kaspersky Lab, Russian Government Agencies

International Business Times | AJ Dellinger | July 11, 2017

Internal emails from Russian security firm Kaspersky Lab published by Bloomberg Businessweek suggest the company has much closer ties to the Russian government and intelligence agencies than it has previously claimed. A number of emails, dated October 2009, show a conversation between Kaspersky Lab founder and CEO Eugene Kaspersky and senior staff at the company. Within the messages, Kaspersky details a project the company undertook at the apparent request of the Federal Security Service (FSB) of the Russian Federation. In the emails, Kaspersky describes the project, done in secret during the year prior, as a “big request on the Lubyanka side.” Lubyanka is the name of the building that houses part of the FSB and was once the headquarters of the KGB—the security agency for the Soviet Union prior to its dissolution. According to Bloomberg, Kaspersky was referencing a piece of software developed by his security company designed to protect against distributed denial-of-service (DDoS) attacks. The software was used by a number of clients including Russian government organizations.



IRS Warns Tax Professionals About Risks of Phishing Attacks

eWeek | Sean Michael Kerner | July 10, 2017

The U.S. Internal Revenue Service (IRS) is warning tax professionals about the continuing threat of phishing emails that aim to steal information about clients. The IRS said that in the first five months of 2017 there were 177 reports from tax firms or professionals of data thefts. Those thefts were of client information, involving what the IRS referred to as, ‘thousands of people’. Data thefts from tax professionals are still occurring, with the IRS noting that it is currently receiving three to five data theft reports a week. The primary attack vector in the tax professional data theft incidents has largely been phishing emails. The IRS warns that the phishing emails appear to be coming from customers or companies known to the tax professionals. The goal of the phishing emails is to trick the tax professionals into opening a malicious attachment or clicking a link that ends up leading to some form of malware infection and unauthorized data disclosure.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
138 Followers
About DomainTools
DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at http://www.domaintools.com.
Promoted Content
The Distribution of Malicious Domains
In our previous reports, we profled malicious domains by describing patterns in theirregistration details: top level domain (TLD), free email provider, Whois privacy provider, andhosting location. In this edition, we compared the distributions of malicious domains vs neutraldomains across a measure of age (both of the domain and of the name server domain) anda measure of the entropy of the domain name. We also examined malicious domains acrossregistrars to fnd additional clues as to how and when these domains were registered.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel