The FBI warned people traveling abroad that attackers are targeting users on hotel networks by tricking them into installing malware under the guise of software updates. The agency’s Internet Crime Complaint Center says any government, business or academic personnel traveling abroad should be especially wary.
The FBI issued an advisory this week alerting international travelers about attempts to infect their computers with malware when they log on to hotel networks.
In an intelligence note from the FBI’s Internet Crime Complaint Center (IC3), the agency warned that attackers have been targeting travelers abroad when they use the Internet connection in their hotel rooms. According to the FBI, when the victims attempt to set up the hotel room Internet connection, they were presented with a pop-up window notifying them to update a “widely-used software product.”
“If the user clicked to accept and install the update, malicious software was installed on the laptop,” according to IC3. “The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.”
The FBI recommends checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor, and advises travelers update the software on their laptops immediately before travelling.
MasterCard is investigating a possible breach of cardholder account data involving a U.S.-based payment processor, the company said Friday.
“As a result, we have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk,” the Purchase, N.Y., credit-card company said in a statement.
Law enforcement officials have been notified of the matter and an “independent data security organization” is conducting an ongoing forensic review. The U.S. Secret Service is investigating the breach, a spokesman said Friday.
The company is alerting card-issuing banks regarding “certain MasterCard accounts that are potentially at risk.”
“MasterCard’s own systems have not been compromised in any manner,” the statement continued.
A MasterCard spokesman declined to say how many cards may have been compromised or how many banks it is notifying, the Wall Street Journal reports.
Gloom and doom is the predicted forecast, but that is in regard to U.S. cybersecurity instead of the weather. Four top government cybersecurity officials have basically come out to say America is getting her hiney kicked in cyberattacks by nation state hackers.
“Your government failed you,” testified Richard Clarke, a former cybersecurity and cyberterrorism advisor for the White House. He said that to Congress about 9/11, but now he’s warning the people that we are defenseless when it comes to cybersecurity; our government has failed us again. Clarke stated, “Every major company in the United States has already been penetrated by China.”
To begin with, the “United States government did the Stuxnet attack,” Clarke claimed during an interview with Smithsonian. After dropping that bombshell, he then moved on to cyber espionage, stolen intellectual property and imported tech tainted with backdoor attack tools. He warned not to get him started on “our supply chain of chips, routers and hardware we import from Chinese and other foreign suppliers and what may be implanted in them — ‘logic bombs,’ trapdoors and ‘Trojan horses,’ all ready to be activated on command so we won’t know what hit us. Or what’s already hitting us.”
“My greatest fear,” Clarke says, “is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen by the Chinese. And we never really see the single event that makes us do something about it. That it’s always just below our pain threshold. That company after company in the United States spends millions, hundreds of millions, in some cases billions of dollars on R&D and that information goes free to China….After a while you can’t compete.”
The Federal Bureau of Investigation’s top cyber cop offered a grim appraisal of the nation’s efforts to keep computer hackers from plundering corporate data networks: “We’re not winning,” he said.
WSJ’s Devlin Barrett reports the FBI is struggling to combat cyberattacks by hackers. “We’re not winning,” FBI executive assistant director Shawn Henry said. AP Photo/Haraz N. Ghanbari
Shawn Henry, who is preparing to leave the FBI after more than two decades with the bureau, said in an interview that the current public and private approach to fending off hackers is “unsustainable.” Computer criminals are simply too talented and defensive measures too weak to stop them, he said.
His comments weren’t directed at specific legislation but came as Congress considers two competing measures designed to buttress the networks for critical U.S. infrastructure, such as electrical-power plants and nuclear reactors. Though few cybersecurity experts disagree on the need for security improvements, business advocates have argued that the new regulations called for in one of the bills aren’t likely to better protect computer networks.
The recent increase of ransomware infections in Europe illustrates the fluid nature of cybercrime. Some groups of cybercriminals seemed to have recouped and looked for alternative means of income because of the initiatives done by law enforcements against FAKEAV. One of these alternatives was ransomware, a threat that was origainally rampant in Russia. We believe that the sudden increase of ransomware incidents outside Russia and across Europe is a by-product of the dwindling FAKEAV business.
What is ransomware?
Ransomware refers to a class of malware that holds a computer “hostage” until the user pays a particular amount or abides by specific instructions . The ransomware then restricts access to the system when executed. Some cases of ransomware also repeatedly show messages that force users into paying the “ransom” or performing the desired action. There are even ransomware variants that may encrypt files found on the system’s hard drive. Users are then forced to pay up because the system becomes rendered useless because of the file encryption.
Recently, the cybercriminals behind this threat also made use of online payment methods such as Ukash andPaySafeCard as a way for users to pay the ransom. Ransomware attacks were also frequent in Russia.
After hacking into the email accounts of Christina Aguilera, Mila Kunis and Scarlett Johansson to procur naked images of them, a Florida man pleaded guilty in court Monday to nine felony cyber crimes and was immediately taken into custody.
Christopher Chaney, 35, of Jacksonville, pleaded guilty in Los Angeles federal court to nine counts of computer hacking and wiretapping for the unauthorized access of email accounts belonging to 50 people in the entertainment industry.
U.S. District Court Judge S. James Otero ordered Chaney taken into custody following the hearing.
Once Chaney got photos of the celebrities and other information, he forwarded them to another hacker and two celebrity websites that made them public, according to a plea agreement.
During the hearing, Chaney admitted that from at least November 2010 to October 2011, he hacked into the email accounts of Johansson, Kunis and others by taking their email addresses, clicking on the “Forgot your password?” feature and then resetting the passwords by correctly answering their security questions using publicly available information he found by searching the Internet.
Mexican drug trafficking organizations are increasingly demonstrating a desire to make money from cyber-crime, attracted by the high profits and minimal risks, offered by such activities as fraud, theft, and piracy.
These gangs lack the needed technical know-how within their ranks, which means they would be desperate to recruit programmers with the expertise to break into the world of cyber-crime.
Read more at http://resources.infosecinstitute.com/mexican-cartels-infosec/
Microsoft is raiding malware operations around the country. With the help of US Marshals, Microsoft on Friday busted outfits in Scranton, Pennsylvania and Lombard, Illinois, seizing servers believed to be running botnets used for identity theft.
“The sweep was part of a civil suit brought by Microsoft in its increasingly aggressive campaign to take the lead in combating such crimes, rather than waiting for law enforcement agencies to act,” according to The New York Times. “The company’s targets were equipment used to control the botnets, which criminals, known as bot-herders, use for ill intent.”
“The botnets are infected with the Zeus family of malware, which uses keylogging to go after a user’s financial information,” reports The Verge. Microsoft is reporting 13 million suspected Zeus infections worldwide since 2007, with more than three million just in the US.
Read more: http://www.mediapost.com/publications/article/171036/microsoft-raiding-malware-ops.html#ixzz1qNASfSAo
A team of Italian researchers has discovered and patched a Denial of Service (DoS) vulnerability in the Android operating system which could allow attackers to render a device “totally unresponsive”.
An exploiting application targets the Zygote socket in the OS’ Linux layer by forcing the system to fork, thereby flooding it with a large number of requests for dummy processes and using up all of the device’s memory resources.
In an effort to help users get a better idea of the security status of their MySQL databases, McAfee today released a free open-source audit plug-in that provides detailed database activity audits and helps satisfy audit requirements for the wildly popular open source database platform.
McAfee promises that the software-only implementation is easy to deploy and is highly scalable, and ideal for protecting and monitoring MySQL databases in the cloud, with key features including:
• Visibility into database vulnerabilities: Insight into the security posture of each and every database in the environment
• Real-time protection across all multiple vectors: The non- intrusive plug-in requires no changes to the existing database and network architecture and offers reliable protection for databases from malicious or unauthorized activity across all threat vectors
• Compliance without downtime: Using McAfee virtual patching for databases, security updates can be made without having to take applications offline