IBM has uncovered a sophisticated malware campaign that uses malware, spear-phishing emails, social engineering tactics, and DDoS attacks to target enterprise organizations. In a recent article published on the Security Intelligence blog , John Kuhn, Senior Threat Manager with IBM Managed Security Services, explains that the campaign, which is able to evade two-factor authentication measures, has...

According to a recent analysis of federal energy records, the nation’s power grid experiences cyber and physical attacks nearly once every four days. The investigation revealed that the critical infrastructure of the US power grid sustained 362 attacks between 2011 and 2014, causing outages or other power disturbances to the US Department of Energy. In the majority of these instances, the suspects...

The evil twin is not just a schlocky plot device for TV crime shows and absurd soap operas, it's also a threat to your company's data. It's relatively easy for a criminal to set up an evil twin rogue wireless access point that mimics one that your users and visitors connect to, whether on your premises or in a public place, with the intention of stealing usernames and passwords. That's one of the...

An Immigrations and Customs Enforcement (ICE) special agent has subpoenaed reddit to learn more information about five users who frequent the subreddit r/darknetmarkets – an active chat room for issues pertaining to dark market websites. Special Agent Michael McFarland issued the subpoena on March 11, 2015, asking for information on these five reddit users: EVOSMITH ( evosmith ) NSWGREAT (...

Recently, I attended the O'Reilly's Software Architecture Conference — these kinds of things are both inspiring and de-spiriting. I am inspired by the speakers, their ideas, bravery and charisma. Being inspired, I cook up my own ideas for which I have no clue how to find time to act upon… sigh. So, it goes. Without adeu, I present to you my (rather long) summary. General Impressions, Executive...

A new Trojan-based campaign is targeting energy companies around the world in an effort to gain access to sensitive information. The majority of companies experiencing attacks are distinctly linked to the petroleum, gas and helium industries located in the Middle East – including UAE, Pakistan, Saudi Arabia and Kuwait. However, businesses in the US and UK have also been targeted. Known as Trojan...

Tripwire recently hosted a webcast entitled, “ PCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan: Real World Cyber Attacks and Protecting Credit Card Data .” For our presentation, Brian Honan (CISM, CGEIT, CRISC), an information systems and cybersecurity specialist and a member of the Advisory Group on Internet Security to Europol’s Cyber Crime Centre (EC3) on breach...

Uber credentials of thousands of users were spotted for sale on an underground marketplace for as low as $1 per stolen username and password. According to a report by Ars Technica , the logins are being offered by two separate vendors on AlphaBay – an online black market operating on the Tor network. Source: Ars Technica One seller reported more than 100 Uber accounts had already been purchased...

I know that I am not the target demographic for CSI: Cyber. Just as I assume anyone who does anything remotely related to law enforcement isn't interested in watching a cop procedural, I don't generally watch shows that feature “hackers” – not just because my perspective might make the viewing experience frustrating, but because “hacking” is incredibly boring to watch and I'm probably not going to...

The popular coding website GitHub was hit with a massive denial-of-service (DDoS) attack late Thursday night, with some users experiencing intermittent service outages. According to security researcher and blogger Anthr@x, the ongoing attack, which intensified on and off for more than 24 hours, appeared to originate from the Chinese web services company Baidu: “A certain device at the border of...

When I was about 10 years old, I read a book about Kevin Mitnick, Pengo and Robert Morris. While their exploits seemed very interesting, each story ended in jail time or at the very least, derailment of career goals. My unsophisticated Internet searching circa the early 2000s led me to the same conclusion. Hacking was a neat skill to have but the price was too high. It was many years later when I...

A new type of ransomware is encrypting victims’ video game files in addition to targeting other documents stored on their computers. According to Bleeping Computer , the ransomware strain, dubbed “TeslaCrypt,” was first discovered by Fabian Wosar of Emsisoft earlier this year. TeslaCrypt mimics other ransomware, including CryptoLocker, in that it uses AES encryption to lock victims’ files, at...

If you've recently found your web browsing plagued by pornographic pop-ups and irritating adverts, there might be a simple - but dangerous - explanation. Maybe hackers have hijacked your internet router ? Security researchers at Ara Labs have warned of an active campaign which has seen attackers changing DNS settings on routers, causing unauthorised ads and adult content to appear on virtually all...

Banks regularly undergo mandatory stress tests. These tests are clearly defined , and the results are used to determine how well each bank can maneuver through an economic calamity. If we apply the basic blueprint of a financial stress test to an IT infrastructure, we can loosely define it as: “An analysis conducted under unfavorable scenarios which are designed to determine whether an IT...

While I work in security, when it’s quitting time, I’m a gamer through and through. My home is littered with consoles from Sega Genesis and NES to PS3 and Xbox One. My last two PC purchases have been strictly gaming machines, and I even bought a game pad for my iPhone because I enjoy playing (and streaming) Asphalt 8. This year, I’ve casually streamed a few times because I took part in Extra Life...

Ransomware has disabled a New Jersey school district’s computer systems, with the attackers demanding hundreds of Bitcoins as ransom to restore access to files seized in the attack. In a post published to the district’s website , officials at Swedesboro-Woolwich School District explain that the incident, which occurred on March 22 nd , thus far indicates no signs of a data breach. “The files...

Over the past decade, the role of the Internet has moved beyond just email and websites viewable from a small window on a heavy desktop to something we now carry with us in our bags, pockets and strapped to our wrists. It is now a driving force of the world economy and is creeping its way into every aspect of our lives. For better or worse, we are now all connected. Individuals, as well as...

One could argue that cybersecurity is by far the most important Homeland Security, National Security and Public safety issue of our time. In the age of terror specifically, groups like ISIS, Al Shabaab and AQAP have managed to use the Internet to recruit and successfully spread their message with little to no counter narrative of merit. Cybersecurity has been rightfully picked up and vocalized as...

A vulnerability in Cisco IP phones could allow unauthenticated attackers to remotely listen in on the phones’ audio streams. According to an advisory Cisco published on its website, the vulnerability (CVE-2015-0670) results from improper authentication in the default configuration of certain Cisco IP phones. “An attacker could exploit this vulnerability by sending a crafted XML request to the...

Earlier this month, Tripwire announced Computer Criminals Brought to Justice , a continuation of its 10 Notorious Computer Criminals Brought to Justice series, by investigating the story of a young man who was recently arrested in connection with the 2014 hack of the U.S. Department of Defense. This week, we continue our series with Aleksei Shushliannikov, a hacker who is responsible for having...